Overview

overview

1

Static

static

1

h.html

windows7-x64

1

h.html

windows10-2004-x64

1

Analysis

  • max time kernel
    51s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-02-2024 21:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    h.html

  • Size

    83KB

  • MD5

    2852f1e101d1da20b01f7a64e6d72f11

  • SHA1

    a35a1bd5974b2db3693a9a5bb41d291bfd62491b

  • SHA256

    87cbef589bd6dd8614ec7be7ce65ddc624c891b27b760e771e0e793ede14c694

  • SHA512

    0bd06aad6c6afa200b83cb1275fe911d104f688001d159e873d4e7996d4c3b7eaf79f6e642511a198d762112e24bd84cb4dac9f881f66b22153653547a359bee

  • SSDEEP

    1536:MHDdhlZqp+rgL9RdNZnq85reg019BiojEbGyKSKNCfw4KmAdAg7ZAUYtNRAyk:MNnKgzYPk

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\h.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:472081 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    896c193a6a6ac0a532083e9799fe4540

    SHA1

    b56d41fe21c1302b49b3f0695ebd251c106db4ff

    SHA256

    2cd9530548d2182eb899a12dc3a358f36cbcf7c401c8aaf0f7ed84169234b37d

    SHA512

    c365e0e9fbce8a877bb21f782405ac87c78d10e6ce38e248e279379fb490d283b533b4c4fa56617b3534dc1cc2be8b97a8001cb6c2b45864b2273efc0780b809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e30a49677e394de3fa709e02331c8195

    SHA1

    df6ab2de06cbcea7a99002a293d790d356c920c9

    SHA256

    755fb107e98787e40dd217239e36daf9c3f298b24f76cb1675e7015eed23e83e

    SHA512

    90c5c146894a5d8846cb0878adcda924c3080a7b5c4d945c040f6da208d18788cb8a5d0af82e26185a39df8afb5d52ba15184a98639a9165cb38db55862df375

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7ab6e55a463fca7b63b3653b770c43f

    SHA1

    f6423e30bce24640da1af16017ce0582f3ad9f68

    SHA256

    b24f0cc9d475ff4a1e452583d2edff1f59a8793377cda3e81a4e715bd1ae680d

    SHA512

    44f8736d7bdb89705398238e07cce966d5419ef670f1b14c63d2d5b733399c88c57ffc29eb0f6958999130d935630c11d9d7f284cd6b9703ffef10f0c690a7d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93cb6b74b4b76c994e75b76c2c6676c4

    SHA1

    54e790c2e6843cb58324112741f6dee37966890c

    SHA256

    19dca7c369ae2897da31806362e6288e5249ad29f50ba241a5feb063161d1f4d

    SHA512

    73de806c7bf1b0153531eb6ce289b6e06360fddd28e172aae33ed475d002dfe1ebe6e1a8ae97aa3b3f3eeb2c2e24c7e5cdea60919b1ff531fa26f4a28e4f21ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d3dcfb12225ac354173b587f2551c6e

    SHA1

    59c0837f4ad497b27900f97bbf1c83a654832753

    SHA256

    cf1a11ecf0f0f6516b900859ffc00aed10c07b07140d219d0910c12f34394dea

    SHA512

    c0f49cc729dc189fbb9f6f7d75740a3ada15b72c77840cd0636a20ac83583cab7db0a5ab7084416981f53566583c4acbe20e7275a8d01aa13585f21e86699b28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb654c8eb5c48243cb7bd3d3fb8a0475

    SHA1

    c057db2e8fb47f63bb9da95b764a26fa258786d1

    SHA256

    279a02dfe42fd86618e33a5f2b81403a84b1cd6378603181bcf33ca378fea5ed

    SHA512

    095ffa1a5af5adaf6b3d7f882dd7be22b6efd0a96cbab02653fdedfed79d8bbd6582bca214110089a88435c1267789bc8aae66332baf08431e2de814cc895097

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0e64c8896bc385ca8a5fe491200bb8b

    SHA1

    5172a6ccd4deb0fe2c84fed029b974d236294f68

    SHA256

    af750bbbddc04f8f57f0efcb8f18637d68a2774129d85e9551a43653eeacddf6

    SHA512

    c4dc792b0e91eb404efbd0be7592a17beced76bc1c6e94dcf05809f0ab287af8a90eadd8010adf2913f650acc48a763969b1f3759c430f6974cc8a460ffc0a06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1332e4df7e01b30899dd50cadac70106

    SHA1

    9ab2ae1e818c29271c0a5401e1fcf06a2edca4bd

    SHA256

    1e0ee0ebc86df2c0b83ea08d7161cc8c80244c13fbd1f293bf46c67ea6b9d97f

    SHA512

    1ee24df2f75c7be7f32b834f8424b2f80bec8e2f3833d300b3cee9631c81b6c6ebb65e37eaf29911eded741d0181529d5f86007f6f499b4f2362aba2b67409d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38c5e94684d1beb7c4411328be903e4d

    SHA1

    a845951ba9c6a9ccb5ccb0d648b47d68b13b4cf8

    SHA256

    a091746b6c4311f6050b1b5a4af8b2328d4dc5d9badb208b466c2ea24248765e

    SHA512

    f862e3233074598f55cf50ec3b2d69dcf0dd64c26d18abdc9df184fd469db1fc0ddaa7c3767bfd3b0bd6181d3c7d95980deb0e2a9fbf14f0b2122ced59cbb6d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    396cfb5ae9e18f6d7afcae810da84136

    SHA1

    d40e53eff2e71a42ce6cec38a2ebdd413a6d82a8

    SHA256

    41c00b37a75c60a2f2990dd2849a6805cfefc063666bbbd118ca8fc1da82fe95

    SHA512

    a81bee090d190c07e7af197ebd948e771c62f9eb945678b971f9fe757c4b62d288037094a1b31820c7fea10b1a26d2e733f825adafb6cdf4949bc15a80a63f4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d00e3077e764550a5dbded0419d5810

    SHA1

    9d7d2982c318499cb0727b4ad528653ea63e715c

    SHA256

    da026514bd8e92ae8514ddf269e31111844ba8704ecb3d3d12690f45b100491a

    SHA512

    08d04b76baf0fbf64c0e193422d9206c47b04067a98ff98dd839f410c01426c07326837a95bfb3d75c307fa39c278ce83cdc1d5d40e21c47f6d89bd445c87f20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcfba047305d5ef020d7075e579933be

    SHA1

    482cb83e0e18abaad3000429f69f71dd1fd2e3ec

    SHA256

    44f2821c4ad175f4944c7b22688ccfa1b2373a5d6668cb7f018368ff5589a330

    SHA512

    5579c9836177d863aec94bc501c72aec09384586272bae157018066cdc946143b3675250390268353fd7baa89c2f45eabee85c0e39eea3847b0ac00173b594cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6CDA.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6CD9.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit