Overview

overview

1

Static

static

1

SAgHY0ulpF...1.html

windows10-2004-x64

1

SAgHY0ulpF...1.html

windows7-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-02-2024 23:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SAgHY0ulpFNs2qMqfbg8yFDVqT4LrAl6eycZV8w1.html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\SAgHY0ulpFNs2qMqfbg8yFDVqT4LrAl6eycZV8w1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2248

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dd355aa94b88b18a22777809f028a237

    SHA1

    5c26b74e32e1babcea45ce7bba19cfcc1ab79486

    SHA256

    cff8740701786c80607aba65d3fe89530e3844207beed3139aadc9539c2ea0db

    SHA512

    0647e41346f439f458d98217f96fcafc4a526f2731d4836d9b3cdc96884d323abcdca35faff49bd7542b18814a327f54065ab636083be0c8ed29c1a4eb171476

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2e268afb4341889d4d2f092b93a71900

    SHA1

    f6871480e574182055f0814c045dd60b781442d3

    SHA256

    9801b9a3207b49a14980da2b26588e2608cc8b916875365acf8ce97be9411eeb

    SHA512

    e064065307783c5f73928beb039b6d5812fffc8ae0e12264ad696395a38b664b65f3d7c8e7f675651fab2cf3c461da09e177583c48a4ad57fbf040cbdf52aab4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5dfde665c5c1dbf8b9cf01dfe530ba5e

    SHA1

    17338b9946ec982d2ab9821d6ebda443c11ef6cd

    SHA256

    18c4d738bd41a37fc406fd99f13ceb7cf1e48e1cd308b1f09331a9b871a1a3b5

    SHA512

    3b8f09258e252be11f815cb7f486b9220e4e87c67bed368f72371419a162bb9571da0adfdc71b0195e5d652a4b986838e06f46a6cbaaade9edcbbe9bb9f26876

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9b0a4afdfbf0f948c9473f2d26d26b9e

    SHA1

    fb6805370413a3cf81c38f658ebcf0fded5bcdd2

    SHA256

    d588e2ddb8def75f0dea87bfb6d7308a7227cf0e4bcad35426b35126a3b7f890

    SHA512

    2973adca05f200ac4d469bce28bde509d8c527df19b13fff1c7df7efd8afc4835b05692a2191543c5bd1040425bd449f27cdef9056c02e563fc73baf0c74b9b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ef0ee6272acbd956fbd9cdbd7c78852a

    SHA1

    2422349883d8683cdc8f5c5a3dce326c4c19c0b5

    SHA256

    98edd0cbff3e247efd56ff49152b649148489278c05aecc4eaaf521680308b47

    SHA512

    49548ebc94e35f5bfa51ae0db1ccb62724e2f6b10d259492f2f321486b7a5d4010149fe9a5a8e97a9bae744a802916d9f5183dba412b8d3af2e5051120d24cc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a6d4d4f69164029f1317e8c8cc21ec92

    SHA1

    bb711f5886381ab894faa741d505e8af1eeffbb3

    SHA256

    a934c1172d177bdc341753825eb72f8cede1fb1830b3d97597be79fe82a1e2fd

    SHA512

    d9e517e3199fcfbe1ff3ed76cec620a61cf5eeed43157034f9f917cebdf2c6bf3e79faf119ef4e15b048029633c090c8bda908e4bedf55c312916c38b92c13af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bc327fd1392e1a33759f11bcb46cd832

    SHA1

    27b82c30e5cd8066017c3969ff6222479e19526b

    SHA256

    6cb240d41240607a7d22ba71639e8d9ba1f2ce6b0d516704411b5f601cb9616f

    SHA512

    b6e4dc1c2117e57dfdf8d23ee8b0e8cd1776d847b8ae439763bd7ccb02e6969c707d2ba4448c5fa01ad90aa25b1160b215cc94b23595df0afa22faa9419d364f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    de72a1eaed8e8cf544225ed4fd2e1943

    SHA1

    1b3738f21e40af962b58e5a65d521714ebf77199

    SHA256

    b915ff23883742548f27562af4fa07320df67a603fdc4e5e161a25c3076f367c

    SHA512

    2308f88a195870abb265a2b191bb310ef503293057ac02b1f526df01d1a30cbff858c7ec0dfc3af1f87b41d50644eb9a0829f7fbbb348d793f1f0f41eefb9eea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    eab4cf9cb98a74a6996dcd6f2c05901b

    SHA1

    ec82cc65dc633f03b80e55095f9e3ad16658ab61

    SHA256

    ac9393ac28d1ad3ea6d3eed1c0c64b3ce08bc396703327c0d2aa3188e7148b2e

    SHA512

    75c711e0196fa810e6bf80f176ca69be5279cedc4ef91c555e59ecdaa9f3bf84beb093b970af7d25e5e61199171a78a3d1e9877655a5b3b56a25935c4326e0d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    186e858956baaab1644218563649976d

    SHA1

    aafbd6bb0ec2ea45ed0b25c63f0c08fe0721bd1f

    SHA256

    434b45b1f400eccdaca7410c32616e33c76ef338084546c5e7b6371176fd3444

    SHA512

    b1a68e0cf51d447c35f92f81985a1a293b793fa13aee84cf156af1207b2bd73f5fd3fcfa4877a2d2d0ed85e0929cfe5fc44ed5f19965715e7b0618e4ce62375f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7f213d1bd55a2e429562f3ba4423b254

    SHA1

    477925f42362f90a844f6f972f70f82f24990142

    SHA256

    67cd9ef296024aba664eb8e668a5acd081b775aaa50396dc88ccc140bed91b14

    SHA512

    56e4a55db9be63891f79cbef77e5581088b842f502fe9550f73522ebbc151e2e13226c109746cbc3c8abe9da4398a992606c8f7c637e8c68dc946e9c013afe37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    118ff46025bea87b741db61f440a05ef

    SHA1

    cd7d52752be62e4807a04e3d293289b94ea125c1

    SHA256

    1a8b9c6fb6e305ef003b44123611209d571d8f704aacf5bf1be00c4e2b6e6e20

    SHA512

    0bade7bf19e4c0303b6600d24393ef896273382956aab96f40af448bde7191d5676bc27aefb412ce05c29eefa4636f959c8bdbe9b6dc59ad728edba65d818fe4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6b3d07e21c2130b3b3c2f0045148d176

    SHA1

    74a94e74fb86b59a5398bfa8cb49821dfd3918c4

    SHA256

    ec9ce4235ca4b39e4e30dd3b6a35485e0fbbf38e80be999272e8173430ea5137

    SHA512

    f1641ef474879d3fccc6192c78500683c0b4640be6035766bf678ad15c464dd1ccd6a941513b1dc0d83a0df635835f99c8f373b335bede54b403d31347582113

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cf28607047f3cd3860586d83d40990d9

    SHA1

    6ce74362db8f83b9aedf67bb11a62a7bd2495cfd

    SHA256

    917f41061dd947fff6ae323f7606281f6dabb571a1103816229d71447bf34eaa

    SHA512

    4aa62989f786f5db5e003c2e038950115ff53471792769744f2c4c1b5953acb8c4ee658176f1c30220d97b5d33d68475bbc3d0630b8c722dfda37dc0db5a2ed1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7111252a9c1694088245ec22a4f33929

    SHA1

    b74cffa9062911eb039b0b942df9111d94961899

    SHA256

    3ae1e9b20ec7b20a0e91ed1cb7e2293c84feb9816fc1c3a327e8d2b76bb9b2bc

    SHA512

    01baa54d447494b31c2d0d35604bf5c61263ebf101eced988a9c487b951d7814b2344f6a2e1a5e4fd03e01a2aa0f806056eda0b514102aa15a2bee189247f859

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    56f72615254752ee9c4f2602f685f60a

    SHA1

    126629051b897f495829f548ddb17f2f76bb58fe

    SHA256

    c3d0557171364f6af3fc8330e6eb5f956ecf7ea38ce4fb8dc331267441fffab4

    SHA512

    74f9aa00f4019ec3f2b09d5bca5f1850d0c0e948bd85448ebb8957d42d996e45e18a0a5d988261bba5a20b13251e8d1afb5d0839817abb144952b37fb2249542

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6CE7.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7979.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar79AD.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit