Overview

overview

1

Static

static

1

c4ea3e7530...a.html

windows7-x64

1

c4ea3e7530...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/03/2024, 03:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4ea3e753082b749438ef4fcfa543e3a.html

  • Size

    4KB

  • MD5

    c4ea3e753082b749438ef4fcfa543e3a

  • SHA1

    bbc94e91abbe777f1c1f989bd8dca5cd2282cfb1

  • SHA256

    75c72683ad6ed10a43af0f8c6d43442ee18bdc5be8655938d11cb7ca25765bb5

  • SHA512

    12bba76302b572d5cdcdf90097e9f7820f728153b90bd5c07f43d9ca63cee3946d19300d530fd621fb07ef6643dd37226f347442743c3572fb82c317cf8196c4

  • SSDEEP

    96:rf9seakGiwLsvfpFFOxUEQvBUqsOeN0Eg9jag0MwU:rf9FaL7LQFIaTvBRlVEg9+g0MwU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c4ea3e753082b749438ef4fcfa543e3a.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    92.123.241.137
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
  • flag-gb
    GET
    http://www.bing.com/favicon.ico
    iexplore.exe
    Remote address:
    92.123.128.167:80
    Request
    GET /favicon.ico HTTP/1.1
    Accept: */*
    UA-CPU: AMD64
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
    Host: www.bing.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, max-age=15552000
    Content-Length: 4286
    Content-Type: image/x-icon
    Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    X-MSEdge-Ref: Ref A: 0FD04CFC1A1E485B9EBD8B31934F6D09 Ref B: LTSEDGE0810 Ref C: 2022-12-09T13:31:02Z
    Date: Wed, 13 Mar 2024 03:59:37 GMT
    Connection: keep-alive
    X-CDN-TraceID: 0.a7777b5c.1710302377.160f71f
  • flag-gb
    DNS
    iexplore.exe
    Remote address:
    92.123.128.167:80
    Response
    HTTP/1.0 408 Request Time-out
    Server: AkamaiGHost
    Mime-Version: 1.0
    Date: Wed, 13 Mar 2024 04:00:12 GMT
    Content-Type: text/html
    Content-Length: 218
    Expires: Wed, 13 Mar 2024 04:00:12 GMT
  • 92.123.128.167:80
    http://www.bing.com/favicon.ico
    http
    iexplore.exe
    542 B
     5.1kB
     7
    7

    HTTP Request

    GET http://www.bing.com/favicon.ico

    HTTP Response

    200
  • 92.123.128.167:80
    www.bing.com
    http
    iexplore.exe
    288 B
     598 B
     6
    4

    HTTP Response

    408
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    985 B
     7.6kB
     10
    12
  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    126 B
     230 B
     2
    1

    DNS Request

    www.microsoft.com

    DNS Request

    www.microsoft.com

    DNS Response

    92.123.241.137

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    f412186a670f67f395ae74d26faa3acb

    SHA1

    269182dbd127d512099f4b27eea5801b0dbd2dea

    SHA256

    d94a6c1553a95cc1d5c3db7db032828ebea52865b0848831b18d24e4268d25ae

    SHA512

    3d6ae193cbe1689eb807fd81fffd5ebd0f9ceceffee95953be5223ba1a72e741a76f13b775d55a559ab4a697cbd9ccb1a5317c9133cbb21a4e3cbbcf50c14e6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2b55816a2b1a7b3886c1b8241fae262

    SHA1

    eb26e30939ff93970b5f622f90625ad1294c69a2

    SHA256

    bf96e25429f5dbf1ab7d0bfda81326d7c5153a3e4700f9aa4ff77dc0ef1fd13c

    SHA512

    761e244d5145a7d64a7343f3cb61ba79c01342f0588cef60a80f59af6096cb18ad533da08cbd15c303d8142f474368c62ddbfc58f1dfe27ed0c9d6435d67b52e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbd6024e9a4df96bc3ec20c49a0e5fe4

    SHA1

    40e4233a1fb17a7fafa7ad92cb14b3810daeb26a

    SHA256

    9beceed18d1612c14b6495e7149bfe8830f537fef8101c8589fddbfa1d1b9a46

    SHA512

    a90985b603d6223e0ccd7c0a8dbb9dcff8fa598ed7445e096a5da0d47532ea0579b31377cbcf80315d8885a506bb9414571f7b47bbe465b428da8d87a8d76751

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d4e1f109efa1001b448fd7d60e64b35

    SHA1

    b10de2d548026e3d87f92c761fefca897e021fc0

    SHA256

    0296a4d7da47c0f0c4c8669539aa2f80fb7a79018c603df96ff666ffdfd78ed1

    SHA512

    c7c704c60179057809a7940af3d69cdbe0b2bf58741f22a9c5a409365f444a3cc00959c5833dcc1fa75a387577a47996a8f3b68325490a7e6f540fdd48e59b9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df5d1e026512f0f1a70e39c43efd0eb2

    SHA1

    6421929332d0a302a7b4872d5882c3ed8206876f

    SHA256

    8eff6470a12d809ed10aa3381440f9fb460d958ac866209d9f2af3d735bc7710

    SHA512

    224ab17c2802508feb8baa290daa0f496300354c4e85b72106a5eb8887b1cb7ee69239445056525de478e2262eb7cafeadbcafd2855ae4e19b0eb2176e72ea87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1055d24aaf811a443fcb3009f11273e5

    SHA1

    a7198e70f459a9dcbd0d38910f007b2cf8961abf

    SHA256

    80b33a47104ed4334369ecbfdd1eea8e09619e7fcdbb5f1075b991b4d681c8c7

    SHA512

    4530a43e9efcbf9326712bdf423a5bcb294d9655369eddaa0a8fd618eea41395eda9abb96ad4266f69b3e62b084fbc52cbe4282e18c60f2d6826e98d26cca178

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db1766a4b3fbbcc4b2608743ac487b0d

    SHA1

    0d7c8e55de14ec9ff0ce13f59fdea038e82a111d

    SHA256

    28564be62787981b74c01dc470377c521ae8e86ceacbb0d50626d5b45c521dbf

    SHA512

    0f1b33c66464766cbe4dd082c81e6695f978d0f41adea664f0f71bd596d8c8b1771e8f739ee5be7985ad760c803e1e0db8db544cea4e32af652eda54338d61b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    810f6d725f8652bfd2552ef3f3ba041c

    SHA1

    46cf987e0ad72a37b682ec7058d895dfc3d15571

    SHA256

    d8a5fdcf6fc69cb5bfed6a7e25adc9ed631b7ddaac86fda4bb739e211452a260

    SHA512

    c554676a7f82ad02091eecf3e8499053ee8a44839366a9a0c57402b89664b0b97885107ef9d9e31800e7164b2be470f37fe121ff86f5852e11ff21bd068e2015

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fae411c4c8d656826786310b0b75bdf

    SHA1

    eb68b0f805ba78e49bb53d0e9190b65e4d49f088

    SHA256

    ef39d6b88ea12dc51596f14a819960ef84516bf06564ffcf572de3822c20add8

    SHA512

    893f6cc8a32f76da91567736e3d9780f559627505cf57f718b8ba5184b5cff522b62d959933215acf5c82477c847618f22aba5be8ee9c51b4371b91aeae6c86e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a5590dc961ba228917a84c87d44bd50

    SHA1

    4da828d916251d15d8f9d455cf293bbfa38e9728

    SHA256

    fbc9fdccfbaeb1162e39c50a050516e4d4d8937df0ac2bff78dd4161a05d994f

    SHA512

    8ea1c2ab99ce2c8a71e5cf0a3afcaa92419038065a3cd8515e52f16a907d34b05db7f23474cf46ea6518db6201fba0ceb695f838dc93a75fef24a4dcace87f0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d06e2de3ae5f3743c29e0fd4dc3d4798

    SHA1

    6ce45c4ce8518cb5631a8f521d99778d9db63212

    SHA256

    9ae6e41513148260aafef21e6b250319788baad6478e84ca8d119328bd93f69c

    SHA512

    467f403eae18063f6f26ffda67804b6cc3eb2042214f10ff1b9cd9a13ab74c6abcdd409985d6dec9f92e27db6dfa690f879323408c15c4b47c4493448950ce5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1aa06354de6b6bb505f26a1c0f8be46

    SHA1

    6e3476a6122bf197842e0ef379804400840dd56d

    SHA256

    d3f2b0067ea0ef5d5d09c33a9c74138aeb3383f6810a8dd70539c0bf176012ef

    SHA512

    604a6bd366a1faf57864c273b6a31f6ed011ab26812b503641e80151abfaac64a232043de0026b3593233793f7466129d0eec95d7985230e8f6e2da2e0fbc342

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    938b04ae355aa6f2fa8b6e0ffdeb3fd8

    SHA1

    24cff418caa395137d665030148752675ff452ca

    SHA256

    ada413d3b6745dc950cb82aecfb0b17d1b7efbe52662bfda0d1d2c1e8a355296

    SHA512

    e1fe6917b9ccbaba7d5264331b949ad44fbb8f3e58e426fafe01a9845cbff20d431629ef4b0e4532d436010dc6e2949ffdf528626da77472ef4def7a6961ac0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3865.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.