Overview

overview

1

Static

static

1

CertificationDB.zip

windows10-1703-x64

1

CertificationDB.xml

windows10-1703-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20231215-en
  • resource tags

    arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
  • submitted
    10-01-2024 17:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CertificationDB.xml

  • Size

    493KB

  • MD5

    396bd08e423238d54332d03e26a68b0f

  • SHA1

    4dfc4b495d7b4df082f5b7792b2a7017e7bfac12

  • SHA256

    18aab758ddc436c989f0e341f9ab592ba7cd607c308cdc5e90cc6fe7b6bdf86c

  • SHA512

    65422568b472671e719be148645cf494edb0d40160ddf465fa7173bbfc65020944c0b78a3cca50b7d10b9764cd8dedf927b00691718d2a725a9bfb973106c8a4

  • SSDEEP

    6144:75pFGWht/YXnXJBBBfKDZGGndQ9P0bHu9+231Vsafoog+qByuW8yEOqTfEzmfiSw:Zvy

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4876 CREDAT:82945 /prefetch:2
    1⤵
      PID:716
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CertificationDB.xml
      1⤵
        PID:4876
      • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
        "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\CertificationDB.xml"
        1⤵
          PID:2064

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          b186e0d421e6a4f5222d65f1149d066d

          SHA1

          3a362a83ad2e17cbc4ed2af1a034b05eb160ff29

          SHA256

          8042dc31e10c5d3093b429ec1578189b0a1037a9f055c2b09730a70665d63330

          SHA512

          1fff86207b1c873dae5de1007f005536626978d8c3f8d5991ceccc54273025377aa89522c4e701d0558315cd9af4c4f97db398c647f089106239488257419dd4

          Download Submit
        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          fe6fe957cb7e1b244731433ebb604bc7

          SHA1

          6ccae0a2494694b90bacd50104dd20be4ed4eea0

          SHA256

          246c2b904f7467615ad14f973142e8a59d87a843a65d2d6cedb4d46c23bf5a8c

          SHA512

          d4461356b4d69b5ac4b76208bfa001f803d789195bdf43cdc59552010c0da044052a66476f2c597d1cfa2d9b07f3656f35f63e27402976f98a61525f3c2df4e0

          Download Submit
        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verF6A4.tmp
          Filesize

          15KB

          MD5

          1a545d0052b581fbb2ab4c52133846bc

          SHA1

          62f3266a9b9925cd6d98658b92adec673cbe3dd3

          SHA256

          557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

          SHA512

          bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

          Download Submit
        • memory/2064-15-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-10-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-11-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-17-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-18-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-19-0x00007FFB55D80000-0x00007FFB55E2E000-memory.dmp
          Filesize

          696KB

          Download
        • memory/2064-16-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-3-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-14-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-13-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-8-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-7-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-6-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-5-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-2-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-1-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-0-0x00007FFB16B90000-0x00007FFB16BA0000-memory.dmp
          Filesize

          64KB

          Download
        • memory/2064-12-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-9-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download
        • memory/2064-4-0x00007FFB56B00000-0x00007FFB56CDB000-memory.dmp
          Filesize

          1.9MB

          Download