Overview

overview

1

Static

static

1

739ccef1b6...4.html

windows7-x64

1

739ccef1b6...4.html

windows10-2004-x64

1

Analysis

  • max time kernel
    130s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/01/2024, 03:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    739ccef1b6d3953b2317d1ca61813154.html

  • Size

    174KB

  • MD5

    739ccef1b6d3953b2317d1ca61813154

  • SHA1

    efb56f314ff8b54885f8460b3e7db3aa44579269

  • SHA256

    b079b796ef2d949c6e7c02ea12732f97b99f160c137c08947fc3ac21762496dd

  • SHA512

    587b655d79ebc0ce13ffd8dd2a343245249e3eed66b36b552415c9449032406a45846ba4f4b0ace319115006247fe1b70bf8549e2fc75497efba070150c53a3d

  • SSDEEP

    3072:kF3SF3z2UP13G4k5QhLpOatVxgieWbbFE/fNbYaaLStRacxWUu/v66sbsGon4G5j:QCr3G4k5QhL8atVrFufNbYaaLStRDxWn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\739ccef1b6d3953b2317d1ca61813154.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:432 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4576

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
          Filesize

          4KB

          MD5

          1bfe591a4fe3d91b03cdf26eaacd8f89

          SHA1

          719c37c320f518ac168c86723724891950911cea

          SHA256

          9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

          SHA512

          02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          6c9b222cd1e44e41ad93ba8d2fcb6512

          SHA1

          b00df12a3bb2efd842f545c288b4bc948fc0de8f

          SHA256

          4d9577e0b9cdb6fd342f66ed39177a482fa460da255f954dcd6a32b88385727d

          SHA512

          809faeef601ca22eba46491747fc7dbb4ce292aaff753ec0041cd85121fbf914f78a23bed0882ce89712a0ebdc52d3aaedad71e9e98e194c62289577c82f5507

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
          Filesize

          338B

          MD5

          637adff00a3fabe3ecbc2702dfe0dd3b

          SHA1

          631d03ad6753d2a0558221f8a68d279e47924dc7

          SHA256

          25751d0b7e73c2d34ddb46224209206fcd562eda025894ac279fb81f66ef2470

          SHA512

          9a7ad8b11d261e9586917331e233908b1ad20bce7e5be913a2282568c6b1a69a52f9cb1cf3ee992d26c44885eac627d33b90185a9a4abb35ac8003ee126966c1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          481bbd9dcfd1fdc5c9616b07066bdab3

          SHA1

          a0cad3b18f31eccd4dc737dff9ff629f03ff0ba3

          SHA256

          e4b5373c5c3776a2a3eda53da5915465f2eb66853a01a562917a6d028a5b2040

          SHA512

          f1eb39fe68b7f138aca6163f752b581ae2577d26e10226d4a844c064e4058682312d11a5a0f96ad4c0d54deb5f341e76905ceafbb7f01b20145ff985bb1ff92e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\NSWVVUXL\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QSO8CY24\3OTZWBJW.js
          Filesize

          157B

          MD5

          67e216a27dda24bdcb086c2385b0cb99

          SHA1

          17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

          SHA256

          9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

          SHA512

          802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QSO8CY24\478691279-postmessagerelay[1].js
          Filesize

          12KB

          MD5

          92169c8a0fbf6e404267d0705cdbdf42

          SHA1

          a5cd88b74ca5ced239cdbfb458fe25540d671f46

          SHA256

          dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

          SHA512

          8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QSO8CY24\rpc_shindig_random[1].js
          Filesize

          17KB

          MD5

          f019fdda31635d2a31b151ad8ad56c7a

          SHA1

          6adcbec55f66ffaef83d9a134423aa98eb2a2189

          SHA256

          c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

          SHA512

          fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\R977VUU4\cb=gapi[2].js
          Filesize

          133KB

          MD5

          288c5ba5b7001fe841c32f690f62cc93

          SHA1

          29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

          SHA256

          c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

          SHA512

          e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\R977VUU4\plusone[1].js
          Filesize

          56KB

          MD5

          1944af3661da46249991197817b6cd8b

          SHA1

          f952df40ec79fafc7c798f37aff92878977376ed

          SHA256

          63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

          SHA512

          0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

          Download Submit