Analysis

  • max time kernel
    158s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2024, 12:48

General

  • Target

    3ce656f91e334ee2be53daeb79979873.html

  • Size

    576KB

  • MD5

    3ce656f91e334ee2be53daeb79979873

  • SHA1

    efdde366beb1ca3b1424ec2f8855de4e747cea79

  • SHA256

    a595438fe9c5b6dedff119dc294669f73619b21fc3a680bbd80a9a25c3e73d61

  • SHA512

    8bed14c39a85de321c687cee1bf0e0e0c32e7f3c9a5e1cbc3612f69eb3cc38c4daa92f4b7cdabf1a0b8fd9acb532ecbf593307af942f159abc767d79cb8f5751

  • SSDEEP

    6144:kcRncnl7uMCmZUf1lm2pN4CcrHEihym+cmZzNVNw:vAusU1lOrppEHw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3ce656f91e334ee2be53daeb79979873.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1272 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4248

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8PO8IKDM\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\AAZL0E9Q\lodash.min[1].js

    Filesize

    71KB

    MD5

    9becc40fb1d85d21d0ca38e2f7069511

    SHA1

    ae854b04025db8b7f48fdd6dedf41e77eae44394

    SHA256

    a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

    SHA512

    585374e3ce3ab1d28c20fe4b28da6131a5b353b629332094db8e5eb4ade0ff601161b3caf546f5f1e1be96353deaa29109687eaae098ef279f4a6964430d4035

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\AAZL0E9Q\minified[1].js

    Filesize

    105KB

    MD5

    9100b2bbcfa3063ca4e9731035bb5269

    SHA1

    ab9a568dc3718bc6b4b8e0d941e28034828b3c10

    SHA256

    19bda89ce2aaa248b227b1299518b5e739a71d30e21f4a0274e262667c0e903b

    SHA512

    8962dc5b2502a05c22947cb94c841153971284b422f04f7ba341cb0791e6c9691303b05733682925207c08e831376cd7df2ab6a375dd443d768f7493d9860373

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PG47MANB\polyfill.min[2].js

    Filesize

    1KB

    MD5

    0d34c29adbf03f78be22caa68dc47508

    SHA1

    a1094bc3dbad5282d22e3fd9410560c072d522b3

    SHA256

    4b71db2548c84c387cf54aa9d4d9777e73742a3d3e785f2d87f9f829e88c85f2

    SHA512

    c7f2ed7e377f2fc71edb14facd6b3f7640d20dfdebc48b33cbda767f8c12aa60a0d98f3b144bf4bb6f6a0176bb4ad9e04bfe9d2193bc11187226e1da136cc77c