Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/01/2024, 16:59

General

  • Target

    6d8b5dee21646bda3dcc782ec4e53200.html

  • Size

    181KB

  • MD5

    6d8b5dee21646bda3dcc782ec4e53200

  • SHA1

    94d0a243cf198b5ad35c1daf4daec9c226697892

  • SHA256

    24ddcc76afdc2b1703ca88a7802f69d6deb1d7c4b2f69f6ee4cb4071bd3d0a03

  • SHA512

    87d3d11849794d126bf23871b2792b61a5135a4e4ede76ef14ed2878f64241b53d05ad0732503ec3c15350077d1e78dfb053f4443a901aa49a07f3df9ba435be

  • SSDEEP

    3072:EqRcVhIVs2LQegU0Dzvj40MZEPjLpUxAfYxslxNcl8CLcXmNRS/HDeAmcTBVxohK:pcjJ/jXmNRqBboA

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6d8b5dee21646bda3dcc782ec4e53200.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4636 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    ecbee8be1b3e68b8e56274a975f204a9

    SHA1

    1f1c78785a4971aa3f1bb35fe28417795ecfd6a4

    SHA256

    39266a7cfcf244879b79c5d99dd6b259063f954bfc47640558e773810eab1be3

    SHA512

    eabc00ddaa5d31c3b80515f9923ff193e89c1561e3f65dadde2e52d91ad249f6c215d34971b58e54d2643368e3712a01c1dfd7ec362f651f8ac3cb4bc8aeea3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    d6e28b968e14bbcbce169cedb89563ff

    SHA1

    ba9e1b270cdc5dc29963398ccb882470440cf017

    SHA256

    a301fc07defa1b75165f5af1a0c10a4d8c746eedf526e2b4adaa3714450407a7

    SHA512

    b9f0a44ff91e82b3bd7b0d5a5bd786da085676f1c00b3b5b3a75de977d4086f6cf013efab3e7b263ffc95e7373d2d685eed8a2d2e48c18d378344b901e51dea6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_33A22DC5622FDF6383E749748D25F47A

    Filesize

    406B

    MD5

    e4976564ef49eab2c49b3dd778448290

    SHA1

    22c0f46a920997bab31b601f09464dc2fb4a37ea

    SHA256

    a48f9f41e8678e2d6e1a2e6ea79c5dcb46a06036b218c35b736debca80447c8e

    SHA512

    6e239bdc0716c2ea4de255ad1e766a861c56807f2d35f2af5677a636ae7d2ac6d1f6c7ceafbac3f48e0af14b9868feb8bd20de7d7b97e848cb2a328f40997eba

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BPK32G26\plusone[2].js

    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BPK32G26\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DV2I56HE\f[1].txt

    Filesize

    36KB

    MD5

    b346103dbcb5498b0b284f8af6fbc6bc

    SHA1

    f808b26060513f751f0d6e43cd5ad927f4303238

    SHA256

    cd39df47b7ffbd4d17bea4d842f47fabe5e5984df1485c74bf2a924929619faf

    SHA512

    479733f1ccde7eca16112e36c10589562f3a04466c3e435acec04a7d1dc75ba496b80484c8827e641c5306803df60ffef2e91eb8ea7a196f6be7a7992b270fed

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\M4T5ISGA\cb=gapi[1].js

    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f