Overview

overview

3

Static

static

1

43716e724b...2e.hta

windows7-x64

3

43716e724b...2e.hta

windows10-2004-x64

1

Analysis

  • max time kernel
    2s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2024, 10:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    43716e724be3c19ef3688d1106eae22e.hta

  • Size

    70KB

  • MD5

    43716e724be3c19ef3688d1106eae22e

  • SHA1

    9a38507ce5afb5945900f4916b8ca9d191cb288c

  • SHA256

    57b809e580e3504b299e0e82f11caeab3f17bf683b06e6ca64039adf0ebfcdac

  • SHA512

    1931f2a55df4caf5cc66e559c5bb85f3582c4e72b8964affa9d74c839fd32a31a1cb5fa1d17ecdb62de3907a26a8573ba93608ca41eaf674939bf44336273201

  • SSDEEP

    384:G3DgcgPLjlNG2QBrIo8oIo8SIo8mIo8Ws7ZIl1dAA6ozlOy2WV8OX:G3zF8oF8SF8mF8nOGoQyd8i

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 20 IoCs
    adwarespyware
  • Modifies Internet Explorer start page 1 TTPs 2 IoCs
    stealer

Processes

  • C:\Windows\SysWOW64\mshta.exe
    C:\Windows\SysWOW64\mshta.exe "C:\Users\Admin\AppData\Local\Temp\43716e724be3c19ef3688d1106eae22e.hta"
    1⤵
    • Modifies Internet Explorer settings
    • Modifies Internet Explorer start page
    PID:2064
    • C:\Windows\SysWOW64\mshta.exe
      "C:\Windows\SysWOW64\mshta.exe" "C:\Windows\winsys.hta"
      2⤵
        PID:2748

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Penis Enlargement Pills.lnk
            Filesize

            278B

            MD5

            4cf2c505e2bd014602de6034a2497921

            SHA1

            0f6b07c5139a0f4291a139998451d384a299c95c

            SHA256

            e35fc066b4bbc8990afe39e91d68a6949eb760045c6242d3a2abb96ee5d58f05

            SHA512

            b70e4cebf7f5ae9129f5d37050ee245ade5a1dd46a50fb7741ceaa40249d2c9bd5a5000f997028641e5e31a1dfe98b0047f047ace7556207b3ef8f2aac8d186d

            Download Submit