Overview

overview

1

Static

static

1

4c20ec9f9a...8.html

windows7-x64

1

4c20ec9f9a...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 18:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4c20ec9f9a84d98435e3e36431484988.html

  • Size

    43KB

  • MD5

    4c20ec9f9a84d98435e3e36431484988

  • SHA1

    ca4b4af804bc4b0d8bf93c93831a7c678d8f8102

  • SHA256

    a27fc336664465999f7b32af2b676fd9dffe7fbd245af744232ca6cf5f8ebab4

  • SHA512

    0e528cf7dfa4f98feb5cb0b98ac386e8c2a2abc8166b7d29f7b3bc3ff039b3d3afc557587d6249a03e2c6a07f2edef48980b2ad95366dd2981d590dd2ba582b2

  • SSDEEP

    768:NDY0ghFXEh8vt88czUjLyuAX84Rf15WigwE9O/JS:NsDXEh8vI43F4Rf15WigwE9O/c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4c20ec9f9a84d98435e3e36431484988.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8b38781d66df3621e0996ca9302e44c8

          SHA1

          0b2d09c9ac955a59a93610d1893d52280c137785

          SHA256

          ba072b257ee4a8824489089a03b83cfae40997c58a6ad36cbe30490002363ef1

          SHA512

          7e70fed98f8e8c3b80c77014b49e283faef5ebd6e95a0d60ad8988b47a1f2d280e3ee9e957c57aba185f755fc86d929a85eb8c39d462e8d177319bd7a9f43443

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          498a778fe1ebbe9ad3ffa70e06862317

          SHA1

          cfb3359ef8b83836c6fa9030dd5449585ac6dd31

          SHA256

          1d4d61f8243fe2a5a413f76fe5fbd8e52e9fe9cde9c90280cd838b5914f36660

          SHA512

          fec2b184e97fa9849e5240a649dc0b065aeee801ddfdc52acf786bc92397af8563a913f3ff086a90331ee6b9029279ac754087081a42f87ce45fda7a3d2d359c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          66fac27192ecdf725c20e7bd2473f53b

          SHA1

          0e1176000648c915c23bc4668c007c4034482b48

          SHA256

          da90edb39fc1fe08737db05e85b62a9cf97548b17e33aa1b0c334666a5d4ad73

          SHA512

          764b89dcaf15110daf949510f93c1604d597903a7fa2c311b7cf34456f7302fa16afc1fdcde50c626bbf08cb202a0271d4464291238007420eb2bbd0fe1656e0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fedaa37e6d821783b70afea4a23aab29

          SHA1

          10b63cb9952cf2a7fe5aefd12d7ac9da8bc80ea3

          SHA256

          00c3c4ead93f8ddc39d6f18b503854b2030516f57a024fc8114c5862e2f14c81

          SHA512

          dd5153d9366d2853a1a30ec405894ee192a59e692cdaedbd2fc49acb94f43ed8375c3f715ff1ede85c61a3a0efc51720a466d1d7805bde5807a6a3e27e396d7e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          79c2ec3f5e61530c9b3afdb83a092486

          SHA1

          a5c5a009947e117b3695f6cca0692096517832f9

          SHA256

          37b0c9543e6daad6550005ac9294c18d662268e3ab60438007344c08f10b2cc6

          SHA512

          996b26c54b1cf1e600e0c5b543c29abf56bd5480875d89d9964cfdb950d67c492c9cc73a8834d11af617096bb27c2819526b9971a4fbfdade0d82baea0f81e1f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          18a7f9c5b240c312c317e876f7b90bae

          SHA1

          978be8aee7e9c79d3839cc4134859ec9c49ea911

          SHA256

          203155d5c8681dc1239870c52df5dc2b8dfba1c3f90a43c9302a43414d2f764a

          SHA512

          5ffad980b6fe71fb1460f6e7475c6b7de4fa5352bebfba43a699cd016dcb7e0d1045f0b7ce9a2830a82361326f99decd5a5b0fd7d87870af5e5cb8b70c7a2ecc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e401e9106b69621ea2e6f9a419e3dc62

          SHA1

          b127275954f8eeed5cce9cbb53d9f04099d95b5e

          SHA256

          2ff6b95d1d5bf3773af865f36a3c4203c1d24bbed527b858f1e4200191a5b9a4

          SHA512

          60c528618df99d5f04b1df6efd78f0cf4e07d3f4d1bc34109e572c8fb9d5ab678c3a0941c2a0925617b62debe82957646223f7c8ddb20a9a8a6ba7cc260dbeec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6f00ccb8917c3da6d99de9a870cdde2b

          SHA1

          0ea627571eee9dc2c7551884b80b7942a98371e9

          SHA256

          87f6d215ff2e402e5bbfb4686a0dbb9c34102a70920fea3ce57408ad18cb597b

          SHA512

          5506de1c00440df2623a01cef0d857f34f9b331e498892b64472560b307ce673ac6dc840b4a0c9c15625ec403a4e6156a258aa441d6db80ceea6d8b8429c14eb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0d41be36ef24c943c8eb709cd8b46119

          SHA1

          d11f4eb88efacf4b5339f929235d88574f5e9436

          SHA256

          fb8d385bad4778e325e8c85467370d48590c017daeee88e757d358700f90c9b5

          SHA512

          0d21ee9ff008e026d819b82b5de9982876eae490d187f903892f5f53ee9c33f55562de118f23774323f1c7f40ae6424c7078aff9de130430a171f651faaf0347

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\478691279-postmessagerelay[1].js
          Filesize

          12KB

          MD5

          92169c8a0fbf6e404267d0705cdbdf42

          SHA1

          a5cd88b74ca5ced239cdbfb458fe25540d671f46

          SHA256

          dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

          SHA512

          8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\cb=gapi[2].js
          Filesize

          64KB

          MD5

          ee01651d160cfc55249d6011a3c45916

          SHA1

          79d6121df6575974ad21dafce33ec98e3f2f0a7f

          SHA256

          639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9

          SHA512

          8a39dfc1ff2c58ac106225976aafdaf7befc0a28903a0c65e2c272e1967c3336af2b477ec12604400bb8e16aecee6567c9cb9d157e3d54649e28b9b2f920432f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W79VKSP8\rpc_shindig_random[1].js
          Filesize

          17KB

          MD5

          f019fdda31635d2a31b151ad8ad56c7a

          SHA1

          6adcbec55f66ffaef83d9a134423aa98eb2a2189

          SHA256

          c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

          SHA512

          fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabDEFC.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE3A0.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit