Overview

overview

1

Static

static

1

d63b3d806a...e.html

windows7-x64

1

d63b3d806a...e.html

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 13:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d63b3d806a596f27e763bcb5b9f8fb6e.html

  • Size

    53KB

  • MD5

    d63b3d806a596f27e763bcb5b9f8fb6e

  • SHA1

    3475130b7f28e505d0037f2a7b3d73e3631bec38

  • SHA256

    5acd19820c28c2549c75e3c17d03b842aa21c58b0c1b4da9f0bc865a90a91bf7

  • SHA512

    9c051d375d6c2ecdb09a0f11f0d704e92502bb0b58073bc51acd48776dc61f4f1eba3853f14222f32e63b045c8c4a264512d717b0f61d9dcad98ace8e898281b

  • SSDEEP

    1536:S1/SopzaHHJOerE0wXgkch99uTzSWtRVn2l2Er9DKgcl/uWfAolDiXx34FKpB9j1:S1/BpWHHJO6E0Agkch99uTzSWtRVn2lD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d63b3d806a596f27e763bcb5b9f8fb6e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1576 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dc50f47fa1b350ea0f93d0f18f612e8

    SHA1

    0789147771a50072635ef506311ae55dcff55905

    SHA256

    c8d014e69ff7f390ef629f999f51533b87c0de63dcd8aec8866cf8368fca0ecf

    SHA512

    a6788923de8f8cdebf7b80fcbabcee977ce30c7994fd92d37e8249ef34281c3d492fecd30d2b02e182d54d74cac95e56772c130752cc9feb9a2a45842df1b1af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b677388f41ad61721f44966b9aa873e

    SHA1

    2f3f5a21752eae3e12d00c237b8828ec3ab29dd1

    SHA256

    c6de46a3fdc4f342aa3a6122dce2e591a9198f84d8bf6ba5ca1db272a9626af3

    SHA512

    4e8d2efac4e6a00a366ce9baa339422ec0e2ea9943b392c5b1984f955414e9bc0fbec497bbf2bb793e0bccda72ea0b60450c7911ca38de62d18ef1fb5aaad902

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad8d11284204d1b8b64a75264f0011b8

    SHA1

    ab51736cca07b998495aee62ddbf9d68c0edfdc5

    SHA256

    50c164a16df01076c3f669c2705c42665306fe8be20838ec265764848cec8e94

    SHA512

    571c6e663dca0c56577bcd5238dd6fe8c05f8f6352748530a7e59cde7c17da55391234c028a0199a64c312b50a68e7255594221bf6628509d11b58c71a337e31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37c9a2c8b263adb460a7bc1364676c87

    SHA1

    8130d2fe90916a377f70ecae4b2175c11f416e90

    SHA256

    3c866e4cba49b23e7c34d9da28e59a0da61a52aed13cd5946f38313a4728fc5a

    SHA512

    8243503834dfe972689874bbcd6365ecaa6d4084f667b1656983e178cc4e33fa2627d7fcaf236e3f45757062816834cd5535799ec1373579307238540c7ef111

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab86DF.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8F6E.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit