Overview

overview

1

Static

static

1

3aafffb498...6.html

windows7-x64

1

3aafffb498...6.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3aafffb498095819f5159c21d498e166.html

  • Size

    53KB

  • MD5

    3aafffb498095819f5159c21d498e166

  • SHA1

    09042775745bc338eccf92610b316d1c6d9785e4

  • SHA256

    e2a18fd173a0415c5024a6c49c8028d108c56cbbf4235923a21f60de68b46f62

  • SHA512

    feda452e9a28183f762c46fea9abeaf30c9d4b08dfbe0db2fd71bd62ab8c5421f29f9d8454d1ae431ee08e3d1c2969a294b4074e3158bf7c7cb7091344d935b0

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUhrunlYK63Nj+q5VyvR0w2AzTICbbPoz/t9M/dNwIUTDmDj:CkgUiIakTqGivi+PyUhrunlYK63Nj+qI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3aafffb498095819f5159c21d498e166.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d26ecc32c5d88efbf712a9556ddc7ee

    SHA1

    e4457383dc11bb7c6138980eb5ca148e5d1fa9c7

    SHA256

    faeab88a2a899ee0a090559ec52ebace0847f12894990111eff329e75146eebe

    SHA512

    79cf499e4928c957f938ded10c8a8ba737a44a70633be2b7db4b34002262275e788bac4dc18ec889043ea7b0ffe658e916aea9dbf82457b2d67736db54f2e3d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fcab4ac321bc047ecaee5c1052170f8

    SHA1

    9e7326ed960f0e0dbc3f363f93e10648ba1b0e8b

    SHA256

    e14b66c64c59c43cec66c192d7b6d987794e4156845ad069c1525674bbcb81da

    SHA512

    c25769d8ef55dee600d5853c4dd3ae14ec790647af63c7fe86d5c8360349fbbf98c713b489900c154f8297841ffb1cb4e22bcd622e6b8c1225cafab46031025f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7885b00092a215fb58f8db17829b9da1

    SHA1

    7fc4356bbcc49e6b4da3620b07d995223cb95fcb

    SHA256

    dd8b483a7643937d08c5426c2639cbb27e3c1242152291c1131561f258664a67

    SHA512

    b230b9bd4d93465b7c3c1175d86c4bcc208b51d791ba9bca671afaf111d1d19f100d16e1dab3b0169309b6880f4b5ed5efd0c862bc34f2d399ec8a60e0c05271

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54eb99d9792cf487793e352096c08d56

    SHA1

    55eecb43963b203c61809dd52c91f6dcfc148e8a

    SHA256

    6c6a65b419f57808fda10f2ee2b43a69fbd9c3d56a0246ada6b817031c9ab48d

    SHA512

    201011c8e0d41d9fc9a40deddbe6fd4286447992b7dcb90041e86722bc1484f5e2d27006723e78876e3f7c89de8607efc1bed190c318b2cb4d42855a6892b397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f5f23443df4523fe183554439c9b66d

    SHA1

    e75d696bf50892b13557fd61715926b82a9debeb

    SHA256

    2704352b43173e35808b318f50ab83f138ad2e6acf0986fff47d92488154c68e

    SHA512

    a3087f45be1334b0948f54e2390aeade28d7544954d80cfa8f44d3b979465b01666a6fd2041d62a9c2f4f09b7ab6299986d85fbf4a92a33da522227de12d1d6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a5c1e43d9f9515083304d320064c61f

    SHA1

    fc74c0e3e735e323bf6af40f9fc7b5002007b63b

    SHA256

    1a8703dd0245077014dfe7c0686b982ab9c15c92fe15116fad2cfa4dc87fbb68

    SHA512

    56210c012d20c273c38eaf28aed2ffe914e3089b49726a20bd05703ca003abf4e40dd4133c49d1f154eb34517ddff60149d96475b86fe53fe02aa22d62cd49b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fc2d5ac827f574e93d49580b2ca01a0

    SHA1

    978ef87951a2a2a13e9f3a170addba9c9399569c

    SHA256

    cf0d00706aeca4861f935afaff01c47fc82bd419d99b1fb98510cac13f2261b1

    SHA512

    37cee732e17d58fe3f07b35b50a4be7ee5d92196bc517f891c5c518b3cc1d1ec9629938f3ae6806afc0704bf41a25f86b2f84819454ac67ebd111ae621a6dc71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dd5596a4910b96cd12fdb3b80325de5

    SHA1

    9fe9af70563a550e2c3ec5431f2000ada9d3a278

    SHA256

    7ccae0de6722b615c0dc89500e1128260ac6b86888886a1c09399eff0758a300

    SHA512

    5e0721e11dbc8ff485b278eb03c95373784fff19c49fe127d64dce773b1cd6fab1d1319a300083c4c2b81d132ac9db060860793bb6d4bf25d3d954d0c7bcd3d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    903ef095b30e9301540da1d8331091ef

    SHA1

    b9cdded7c7de5c32690e596e9c33aa2a833e1723

    SHA256

    df8867aeba7fb49df716456ac2231078d463972de74570911828dc9ab3bfdaeb

    SHA512

    f5b3ed58e75edb3bfd0a5d0fa68b1ad786b479d1b70e7cd0262d434bfe3cdb81c6197349ba45c4946c4b4a4af034c6f17a0227b175ee92165c0b64545c8d3f64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22e4910551b68e7aafe570f1b1fa5a77

    SHA1

    6cc35b1203440f98f8e8b5e583a889e219986bc3

    SHA256

    65b9d05869f6b191ce73e305d20813d229d152f88ebb4caee87c55c078adc6aa

    SHA512

    f54e1014baf0c2f6d2c379715fdaf51ac7992aab06e2ec6e78f5aeccb2059116a02ed821058588e162ce7f2251f63f4ee5d2a86ac25175669ee3a67a0222f8ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    833f14a122a64d36a201f249d5ff32f0

    SHA1

    fad89f053ec87f2ed2ca7089ba47b84bb6f05dd2

    SHA256

    c03c153a9288e17060141b1506a6d3c8a151723985daa07b2d4dc393f2747baf

    SHA512

    4ba90b3c1b8891e68b96951b47eb2aebb99da59aeb7078fd28c74c43c31f9d7fa35beabaa0461afa7bb0cbef485870795e57dabed9c7b29e296481c47c0227d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\wt-logo[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab14EA.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1599.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit