Overview

overview

6

Static

static

1

birchmore-axiom.html

windows7-x64

6

birchmore-axiom.html

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 13:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    birchmore-axiom.html

  • Size

    48KB

  • MD5

    d2157552d7d8c8f19ddbf0c0571e6d7a

  • SHA1

    c5f751bb3393c734ad4269115e61f1558cc7bc9b

  • SHA256

    02f4463f2dee9e1c9259e2b1d4918af24e72069db3f8e4d804efc65ec78ba69c

  • SHA512

    fb72edff54a803c08e37e6c04ca446344981468fa1db0c870307f5b7878ee822242868b45c974222102e88e69cb193171c078c95700e9de7506943f69783ff15

  • SSDEEP

    1536:UQQhfBCrLieIeeeeSe1e1kPe9eeeeKeeeekyeeyfg:6C/zk6g

Score
6/10

Malware Config

Signatures

  • Looks up external IP address via web service 3 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\birchmore-axiom.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
          Filesize

          1KB

          MD5

          55540a230bdab55187a841cfe1aa1545

          SHA1

          363e4734f757bdeb89868efe94907774a327695e

          SHA256

          d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

          SHA512

          c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
          Filesize

          230B

          MD5

          835e26f9433b2b48043fb9d8a7472e96

          SHA1

          64235e3dfaae1e1365e9774e359835e2f8ee04b2

          SHA256

          b1d48fcb94c55a6e5e082f45abcf22ea3502893d7bcca597770968192547e14c

          SHA512

          ece022462c2e032a43ec9857fac2d82b4333c216cd8344d4344abc66d3aeeb7af7eb54c9b5d3a1e9d96da1b03033882bc268d21c86c668867da8cdcc55d2ebb8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8681c790649784dd8ee6867fdcf4802b

          SHA1

          9742b45e6c49455c185d3491c1140e869b1ea276

          SHA256

          8f7c1e973f31128528363fcb59788b8ed3afa1166347f799ce67afd56fa2e4bc

          SHA512

          8bcae7d824719cd5cf4fd093eb88ced5aca8b5934d3f456d644ef65b8269ff833d1ea376b95793a0890ec4f714b5654fd6e5a39752cc0cc136b8de3f10bc8c6e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5110619c9ce0fa34a2b0dabb9728a441

          SHA1

          0d63d8a17e5a21feb53c54fa0448f681e98cfd8d

          SHA256

          575c1ba3d6b228e52612743561cc8ab5abb0fbcb47366ab228b533479751f51d

          SHA512

          0886078dfdd03c7cc560e9252791278a85d623641c1ebac145010d7cad37343ed76a06b907dc043fccbea204f858f8db308df8955b0a10457e3a9102406932f7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8923f2e21083845e5c8e493a5b75ba12

          SHA1

          f432edb5083518d1bf8efa353613610bbae8ac3f

          SHA256

          918d4edef883712dfa73d13e90d689adfebf8561b0dc7869449150884f6cf9e3

          SHA512

          d326c226667772ae3bca834859e771d8787f85b7d782739ddf4cecb3cfce4d407280d9d14ac5f647e9cabbfde0f9d5ea6aa4b4d457e5085d3f602a7aae445830

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cf964c39924b538b8e046b36054b8a05

          SHA1

          455cee95c482855c1f4055def51be19a7ce72994

          SHA256

          648d0faeb19c5edb1b9f9f504c0cd791595d5ef6b3464d6a95ef8dcd9fe5e8a0

          SHA512

          e20a69b83d27fabacbf4f41857ca6c84bf42794cb339b037438a356b751d4cb530fdb4133fd68c715991ee500065d07326099b6dab01fedcba2ab7b813dc1205

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a002a3658e81c6d98afb380fc4a87621

          SHA1

          fbaf441d091c8df9e2018d77f4e69e9c0fcd9a6a

          SHA256

          c8fbff7080cc41a58d5078cf12aa029060be2651861db0fba30ffd8c699925dc

          SHA512

          c339bb6882064964b4fbc2f568db63c082f80b22401d26fc355a5b91e044a05428e0520e730cf22e13c7a27cf98067a4f507565cfa05d3194365500039591dc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c716ab42e58324aff948240bdde5fd1e

          SHA1

          67b78c10ee60a02ca1ccd471d02b082f209e9e1f

          SHA256

          49a23f26b01840e7699253de0e98ce4907d4a790086942fb8ed1bbf22f49b083

          SHA512

          ca88d45d7b77a0f55b2105e718f13396fad780f5824ad0da3e191f0a4d9967d2c8c4c91417c23bf321e80f8e45844ede094b8e4e3f05e4b82c56f2c4553e9287

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6b471bca43b94bf3a59df36586448371

          SHA1

          372af46e4c483f08c4a393547ef44282d4a90176

          SHA256

          06af9f37684d0ecd7f87b2809c9281958346360e8cbce20abff4f478071b771e

          SHA512

          ba8976453a5b8e737b3bd1796df3a30172b0a9143742a43c488026d3f2913bece1842e5c8c0d0a5bce744c9a50908e0444676bbde384ee4e451ddefdb49e7fa3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          df47c19a71fd93dd68b3a79a968a2944

          SHA1

          bba74622a12dadf01cd8f32ae80a113c09922713

          SHA256

          e07061d80409f0684e6a56b5594eb8e2db6b6f966b9c56b605d6b7122f9bb702

          SHA512

          32cfb93012233c1074d86e025c07fd91e0e9512e7d337fadd12fc6dcda6fd50d498eba7ca4cad68225b0728dd919e1c74ff11ca48ab8f96480ec30db61a8c03b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          159331cbee7b788958c929949cdc40f3

          SHA1

          122d496bc19c9ba0161f868e5f1b412094d96180

          SHA256

          ef6bcc2c0d6e683b1131979ca7caa27d4dcd5bf70f5a75be04011b6f502a47ce

          SHA512

          d606c92523c2fe598845575699bbf36d4835d01b2a5c22fd86917cb75533e5596f1924b1bbfba24904f27654114cb1ed98867018d49c33dee46f28a5876a4821

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a6f394bed65112365ed07f13a78848de

          SHA1

          c323559b17abbcc0e0108f35c779910b2823c95f

          SHA256

          30f25235999f36926a61c07836a57a90162d325f1034acb4f17c04cbb3b46de8

          SHA512

          ef529020ca1812a72f77bcc933301c9d1f743da6d863c3cbcd12aea8594cfd11387e43a32b1f59f9dd073c39448be60383bc0c6b0c1fef5d92ef5f674a3fd2d7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          45dd100ac616df791b0610ab6392f958

          SHA1

          5a33949b878ca3f28f4571736b25dca5ed2f8b0b

          SHA256

          35c364a4068357df85029405a7cadb3ce29bd0a4bc357c05415992ce15c4461f

          SHA512

          90cbe9bda4ae26ee391670b3059517810f35028f21e6ee64b2843df84d69b32374e9657ed7aa483e18d686abab00da96f96d81a2497451224818638204f51a1f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c08861350dd002d40236003a9e1a42ce

          SHA1

          67c8000753cd70d79384b5f941fa89964e1c1071

          SHA256

          74aa89136185e4f7514ca54ec76c0896283b6dd91c3fc718601a81a9bb1e0c89

          SHA512

          1cb1b5f15dd143ff4316a3cbddc66488a5c7184c944de60e61febc4cf72a776634b8897d0e40fa0b0ceb6c8566bc32778e865c08db5c20655d62a6011ce6e691

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5B1D.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5C8B.tmp
          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

          Download Submit