Overview

overview

1

Static

static

1

.html

windows7-x64

1

.html

windows10-2004-x64

1

Analysis

  • max time kernel
    49s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 13:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .html

  • Size

    42KB

  • MD5

    3aab816df2fbde696cae55e7820515af

  • SHA1

    4c61e591785b7a0e4aa6d48b880fbe2fa52e9b18

  • SHA256

    7d5e611a692e69959e886618ab8a1fff3b496b7b3db32fae60b3755b55f3ef49

  • SHA512

    dac00236a741efa77418f4a7667413da9ab985c991a8320fe7561c6671daa84d73d57fd13498ca1be0d17c3bb57da7c5433645c5a735f7daef9c9206dd8a1d2c

  • SSDEEP

    768:WdpqmL0Id3AAYEpk7IqcdP0Mad6CZ4VWBCW3KI8iCfJkPVoEAd2Z4VWBCW3KI8in:Wd8mL0Id3AAYEpk7IqcdP99CZ4VWBCWJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 15 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:406548 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2503b3a449993f58f89cc69afc3fd8c0

    SHA1

    3c8883c97023d8df5b0b9b4f0e2e2ce9b4ace119

    SHA256

    4e4265f94bfc3182e16a856f87dd7d462a2cbbc454a4fc5d9926b30a28111592

    SHA512

    fb5822d95f276a1890947a39ddff0bf3b606aa3cf830f210098e20673258ce766108ab1856a0a7426fe0f1bdffc9f7e3ec386b0374e834249b2acbf70ce4656c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b186ffc5bb7686273cbaab3ef797f90

    SHA1

    219142c3e4fda3508120d93c81c148439517f857

    SHA256

    5a68fa2c0c5455fa891a6f53d10c56d1a5f4a149967b7152d13f24a77021872f

    SHA512

    1fecc4b78590bc9c7fdf1d81c980458ccda7482668f02f1c8a1f903bbacbcd35838f12fd71ed8d4b829ab25678765461e4f2b56a1cb82d6b02969ef80e8c2b4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93e70a003dcb87a06e6430cd6002dfb8

    SHA1

    d6861bf59500709da284329cc6bfa2ba7c797f7d

    SHA256

    6764dcd9115bc2a94edbde1b28bf5105f1c4da032d04bf0e62a5a057d9bed38f

    SHA512

    4f158b479da3456d4dc81f9db8659225c1662fe388e9f78d25f714e820b9b67bc2d12401da75db516c4eced55ac402934bfc4cd836f77a073a4affe1c5f8f386

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7CD6.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit