Overview

overview

5

Static

static

1

FW_ ShareF... !.eml

windows7-x64

5

FW_ ShareF... !.eml

windows10-2004-x64

3

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2024 22:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    email-html-2.html

  • Size

    16KB

  • MD5

    2b6a29baac55998a0ad0f31c88bd595f

  • SHA1

    968d1993772a0b62936154687eb2e29cdafec11b

  • SHA256

    c108f40a75937d0cc87764eea3807cf62041e071d21a2c382865d010de5065de

  • SHA512

    a7453fbe985f55d972769ff462a2ce6191d965c0e47d548b5fe190df7643c780e4c71c029a46bfd195a497ad537fc048ff99bbb42b14d3919d6a66aa96549f6f

  • SSDEEP

    384:yO9ty9r9qfQoMnAzdtahU5YoINnVEwU5IWxSVSEAr3S991mAiz:Oolm/UEALdp

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2260
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a20a70d067fa9311306df89187c8d20

    SHA1

    d36c1fac6f7f0f549c8807683333f22d68b972d8

    SHA256

    84bea998580cbce540f2359adaba27e3c146020e5320aa9062dca3cd012ad251

    SHA512

    f5b85204e95c1fb303a01461fe8308bfaa9493bb6d40347b5c41bf3480a9b35021f83adb1e7fd966719102449d56e5769857791d2ed9d8b3d5edbfc7658190d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40422072dd9edc30fdcf83a5c576322a

    SHA1

    cf84e0ded4bad6b6514f0e08f312638222004204

    SHA256

    19fff73d5c8f94ad6e2c5a5215f1347175b7bbedb7ef6b992c6e576e3ff9aff2

    SHA512

    7a4ece5302a72aec63b46008645c1da5a4a2f8b72fbb6703458c6d386aa1a934ece6f67bc0c7a700c6bb244d401d52bb181404f8695c5ffa71c6ae72e270084d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b8214c44a9f24d5669c23aacacbf53c

    SHA1

    b486a21914844f78d6abf48ad804a0845f517375

    SHA256

    cb058b45dd7b655ce8928409e5639e73fca2cd8aa6359fe27ce9eb033a9a01a3

    SHA512

    417e903a06fdcf3056e47afccaa3bae4418da3075a45c9cc45180ca157cb650ebf52c51b5df8d8d2a83802ba8c9145fb620a20b76bd7fe1c10057d1ab428a26f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3c69abfa2fe059b3c21f2aeea2f8ad4

    SHA1

    ceecfaa3e8ed1583a05cf2a2768d89295eb1fc59

    SHA256

    c23a53b5f30c1124a474977ea29b2ebd76b893a40fd78e58be2cf6c740487a4b

    SHA512

    726db8389b0e2f31320715ed0b6aa127e632cd1853bcd25e49e7354d64cf40f807f91b40c6027698252cb0309583387776508e0872708a5ad9c783c092bd466e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e9bb164b146c19816ac495f855016b7

    SHA1

    b40b2a834964ddbb60c2f4bf2846e4359cb7b92c

    SHA256

    80a4805ad9852c7d437a7ed43ce0b9ff4ea113af30227fea01726ad46256724b

    SHA512

    9ad49b2171a4e8c0c8edc6187ee983025a1e19a83261dec6d7cef5980409c5cd3be5170a20bda6be8b3234aa33760a893bd7b43e017ad96d25c7fefc41ff5412

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d6cde335a2300a1492935e289f8b3bc

    SHA1

    88c0378c4fd3614c63ecc01479a02c0d563d8b9f

    SHA256

    61a2b430649627a251239335d2cbbfc160ae5ea7a3c5375524ae948e66ae0415

    SHA512

    08e4e6e36fe5c10a89cf55915e6d8c1b4d6277c443d883438d09a92c4b2e83f404328bd0b2cbe15bcf53861227766590b95743531b35e08b673f247e7d09a1b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aedc32bf6e71cdbbc7ab5571af801997

    SHA1

    1fbc096df0a1afc01cdc95889fc5ffaa84610f1c

    SHA256

    3d3f39f805a91d3abc79222c15ec57b0e7e1077162c799c02c36926c5ff1da61

    SHA512

    a7f13f395ff376966f18297ce6a24320738f0352b220a48e0c3b5589fad1e1088c960d40fefc61001bd5132dad07a7df3e4d652f043fc672b3e3048826aab391

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71a4c84b58c5d38fd4b2268ede436d8c

    SHA1

    24c3fdc064606c543540774f87f18d88ecdf2017

    SHA256

    ae527aade5b89265d93b58b4e1decf5398e047414d82bc14c091e00ecadece7c

    SHA512

    16e776f4cd4bbdeccb458e4fad3a03321e3b6188d69f23f1ece04162292e2bb43c360c156d80de635bdf5ba54f8650ac597ff934061ebec0aaf8b053be3c47d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1bc1b5ef920d643f5d2f95ca5b1ce85

    SHA1

    94a7daa012af6f90ee444d0713ebbd39f29b0c19

    SHA256

    c80937bb5c04dceef0652bf950f81d93b15865e0166e329c37a03cde1e26918e

    SHA512

    8c05c7de154675c4d71dba8ae980ea7b450e8a5bd32685f53e6f189ac330fd6b87099dda7a97b5993b3056a82491948157989a5f7a2eacaf088382c07ac1d977

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de31438a4cbef038e25fd6dd68b2dbbd

    SHA1

    d51bebbbc7ef10e023ca2947f5fa3030fca0d45b

    SHA256

    4bc63633ba966d9f34b76cf877562fbc293d05ae8c34d3a3bdd1958da9eabf8e

    SHA512

    066f69017618b8671f42b823d0ffdf105627812205d918b7d7a77a88e3e87e462f5c30540df588e48aa5ac8eef6addb78b81d2abf0caae9edb6285594a0b35bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce84c3c81cd7172e94de8dd9be96adf5

    SHA1

    6c148d68fb3b2b3ed83577a2e64998665d65181b

    SHA256

    2f6a8a484cd4dab9370a8a2fa55c19e13759c263c1f59f9ffe7815127ab78ebb

    SHA512

    8c383003c4b772998fb64d3e478242696bc1dff4d7f3bd12f49859dc8d6319809708546a16e68b404cf291271d7f29e7d291443f0677bfafbbedcdb3ced09fb5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat
    Filesize

    263KB

    MD5

    82d9b343653df88727fd27126a8b39ab

    SHA1

    ceaa9fe7512910c99760f548c9b81567ab152d79

    SHA256

    7bbecae1b656b8592246bcb39d13f4ff55d4d638e885f6cb2a7d1441d389790f

    SHA512

    39519e16a33fb0c41287776d78c1728dc557e2d427b79956fa15dadd54b2f6ce6785069bd1422aad6f96349126a1d05db3acd77151aad3f29cc2e6fec9fa2129

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YV6H14B0\favicon[1].ico
    Filesize

    263KB

    MD5

    d87946516474a72c0d993d7b7fc21cf4

    SHA1

    119b5417a6c1ca7d25ae9326dd2596c1320d24a4

    SHA256

    3001b5f993f5e990f156679f209d67dbb0f19845ed9e706c8987c32a638fcca2

    SHA512

    ca7cc0ab29b434bf42e046bff7a35083f9b710d26bf733cfbb38b9c55685947b8bc6963ee444228049c85a77725db514e96de55d4b6dba304bc1264345cd42c9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab83B3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8868.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit