Overview

overview

1

Static

static

1

c1fbdbf803...6.html

windows7-x64

1

c1fbdbf803...6.html

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    12-03-2024 00:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1fbdbf8030e0158a4fe723d2bfb82e6.html

  • Size

    170KB

  • MD5

    c1fbdbf8030e0158a4fe723d2bfb82e6

  • SHA1

    980cc56e2b96b06587b02378626d5a32f5431c00

  • SHA256

    30bbf2a8af11ee52724764e73b83b16756067d41027434a2313ee9fa14bc2e22

  • SHA512

    14262c77e6ee6874222b68e6a16fc38b2e17dba4bfc7d1d5f09e59ed67a47c810b6a73b99dd226de31bbb9f9b75520a7bbeeed64d01da55498cc30eba6f3160b

  • SSDEEP

    3072:JfoDgNGroirAFaXF65HsW8KLhywJ80F49qynV4Fj6OmKPYEyE0mtn2i4asw9BEWz:JfoDgNGrooAFaXF65HsW8KLhywJ80F40

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1fbdbf8030e0158a4fe723d2bfb82e6.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    120ba17fed39773aaa7447dddd35c43f

    SHA1

    c904bd36748477d61133044020c175896e32dd87

    SHA256

    704647c7e7cb70d2a0fc77c4a7d2a368639937d7aa9b50e81740e47c1258e5ee

    SHA512

    70d90fad9d7962e68ed3c19b174926305a64f9c74ad3cb53f1e62910a2da523047e59684163380e59768788cd2d24fbefde10b8bf41a812528cdeebf3f6ee05e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6238f1ec39785990bdf9f41c789fad96

    SHA1

    e2999d24d08fa9c49c653e77f8d7babf90c23939

    SHA256

    94b0edc0e056d4da8a7578ab57d39274d68f00048677e51d6e177289d3f892ae

    SHA512

    64d78ef614de048e3f3e3c9754d2a5b70517c334ba323f43e0cfc65b4e44dd39bb087832bfd0a44b2ae9f16869b8044083a7fb7c36ffe99ca06e9990e94b75ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    68391414cc30c6cdb1dc15f61b8aa401

    SHA1

    9b4f4991d3ea5817b05c7f0770a1b7f7f863eb9b

    SHA256

    901c80d32e78b60cca5ef7bad2de588878e736be25c3dfcde2aa68962f50a6ca

    SHA512

    92bbf33616bc8263bb1dce12d5b94a953555b2e0c036ce95ae7e46cabde713fe65fd49d3ae0daf86a4a92108cdce449bd2635755f4ee1b061191b5e099db61f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    99f30e1fe615403a62ad39f239ae5574

    SHA1

    dbff51725a51410086b69d44e9adecb63c50896c

    SHA256

    bd2c4691d438e65d8f50ae553e8f62c713c8dea9c5d47de0acf5890fa98b6865

    SHA512

    3a6d87aec00ebbfc8d3c81154dc33142bebcbf2860e70b9c23dfab28ae752bccc19fd20349365e07e4a645127b42ba37674ff469fef2c741dbd2c2a887cbf268

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3286.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3F2C.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit