Overview

overview

1

Static

static

1

de19b48755...8.html

windows7-x64

1

de19b48755...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    25/03/2024, 13:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de19b4875537930d34f1536dd0ef4808.html

  • Size

    67KB

  • MD5

    de19b4875537930d34f1536dd0ef4808

  • SHA1

    aaa5f53a3162b5fdc0bc1827effe8c33806d524a

  • SHA256

    0f7ce45ca9f6479dd8d35ce7f37b2191777865ca640bdd185a8fffb0f2c53a19

  • SHA512

    fb387b825cfabb121c368685c6a7ec70ba55ca8713824792d73bbd4045ba6f595a636f2aa4cdfabe0f2239169bc2b6eb76eb302c2e5d867c889b2baccb03ce21

  • SSDEEP

    1536:/8oQ9iQkIx0Y5gkRSi0FRophNltKolxLsx6siCymZq3A7jveWIv2etkhcdQO3T0u:0oQ9iQkbop0DMmI3A7jveWIv2etkhcdz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de19b4875537930d34f1536dd0ef4808.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    8c83acfd38d4d4d2d33e7125e000c2ab

    SHA1

    1d54054c7a25db47f444f63006b1c5a3b2d1ed89

    SHA256

    b8867c129997e5542162a3e70194cae69bb7ac237b4640d926b04a541aac4647

    SHA512

    c9d21b2b2a09d40214006ac181e4fdfe34f3ea07b9947a016aa0cd3559512004ec29635c2da64ff35ce2c805b7008fed2de827d38dc1dc3958b465a4897c825d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f724130ebe056fec4df6b10543f3b63c

    SHA1

    ab2e1422adf5be94b240d164d4da30ec597d3e48

    SHA256

    54b0eb8036c794e7b211984396cdbfdb127d75fe07f47fc54f2b0e677b1e536c

    SHA512

    8a4e48d1b8fd63879c670033807d6859f7648be6784bf255d7e2d8b30a23d82e1ea23b059b4ab8f0ba63684c8f9522ff9e4f4c33da7ba29d003d118d695605a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    94a17e361d21cb6a7e4d37858f0158af

    SHA1

    c583a912410495bf0af46ea28c02bdaf534a47b9

    SHA256

    ad3e8613fbce9ce5c8c41995fe5b2033b2980e30fca1145df71d84e366a619dc

    SHA512

    fee04123a5e3cd9f234849ec5bd639df1bbd39addd9c8218bfe1010dd0931e9f92e8d6d3fae02444dc5e5c169d2f48de15e9ebeb04bb795bbda8c68566193ca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    415b0dd995d42eeb82e1125b870da03c

    SHA1

    632bdecef9770989f16789824f041672786d4b4f

    SHA256

    339d2fa0fb6304a2c3e78f8b46e4feb38577352952d14bc41f5fdc28f53a6187

    SHA512

    fa58685112170e5f4f02707b6c4130ae643b9b5db9f061fb63528038f5f0cf9a8aa424694aa9ae40e542803ab5b20efd24a741e0dd05ca7ab6f2e7e002e46ac1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9c5c5ef008b32943d526ac7cee449e20

    SHA1

    5a9bc6d0ddaa0c4168faef690d2e7cc7c28eae54

    SHA256

    173fd0c0357ce7271ec0c759486d4ddd17e20bc845bb40676636da556471cc01

    SHA512

    222fa13e2333ee89fe0543d6767a12acfad6d7a545e2f0678fc545d37363e219aaecbad178e0c6d8e78759b2162cd4c67bc8d248350838ec00f22166f40449d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    43cc8b3f42fdbb8456481aa4aa5e8fb5

    SHA1

    3d13c75324b9554560f0739f38e260d4bb3903f2

    SHA256

    0e8c1dfdb1ee72f77acf1ab71bb5f1b4174c19e4633430e9c65ec7e497f77c23

    SHA512

    19e18e0bbec25193c96f2168ccf94aa6cc4de8d56ab30d0052ed577961d4acf0d09b17395948ab968f7a1b18069ec0cfe41c7ccf6e884b4be357579a615fb679

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    80a8d3680704372d75270f222ea121f8

    SHA1

    0ed5ac907cff225d4223208d02d564ba118e72d2

    SHA256

    0e5fd9e2e41bb504a28e3791b955551960f737c3003b13ee78f170195306736d

    SHA512

    50fa20d572bb2436fd799f6da4c04f6bf4a669a2acd607266d70e3317a628a3dbdc05adab2644063c7a1d92f8560237b8fabfd6da38a126ee84e787d87b66a71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    85f79ee543d130e38da05de4ccf8fcab

    SHA1

    a3abec42bc3f441a216e565d6ea4777371815d4c

    SHA256

    5e4bb6969669def364562f1fea9c35daf94f4420ce660bf5a5b6d8a5be0c27ba

    SHA512

    d60b21fc749f79d293a8d4e9d96b59582f4e8e835441ed2fdb64824787530b04bb52559005f37996ad078030675cb6ddb2a00e5d401c545ee19a1fdfc564ce91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f875bf01b5e4fc20df2244cd389f5c2b

    SHA1

    a201f4d1ab1676a606e6cdb33363d175ab5ffcc8

    SHA256

    0a83b6173533dfb0709b1504b6a6d2316b2d497ea5836453f13e5a315abeb87c

    SHA512

    558204b7381375305d3b5745d1eee711668a2db1a243c4d5ea548380b08ffdbd05a2349e5d379d6a9bffe6fe6a2fa616109e6a0c86f4ca5318319429be41f4bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    516c5625c0f057da856fe77dda03c06f

    SHA1

    b0575cc2945ac655306ab8c7d1d8704342e0e51f

    SHA256

    eeb15d3dbd5edb8a0c747044e32b94d4a3750d713fc41272b02d7b9ac1dd53c8

    SHA512

    db1c914edb3f8ae0af1a0c789d13008ab37ad55f84892a6f6450cd008a052e07c53bc395dc457420870f04c09dc9b33fa56b96ecd6fb1b6a556952dde4fd5021

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6a07a1710bce74578b3c71cac7b87dff

    SHA1

    86fc90f2dd10a36baab84738f84221ceec6dc7d3

    SHA256

    e83134c92fb3205357d00545dc98eddc8aecee4b4878498b4d82b688827fe756

    SHA512

    5d72c1f968c8dc57c0ac0b5d90d9e132e9c6c021615f64ad8e92f4e8c77001c1cd00494bf9636cbef9fe3b0f24dacbd3eef59145da288d87fc949d6339294077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    45bd2124840c71253dac9ae14cce3bc1

    SHA1

    87fe7c889e401899c724a426d646eadddede25b2

    SHA256

    b59f343885f09c054f39b15a3e38de344b84849ecc1e266c811afe0c68c52f77

    SHA512

    09fcb82cac72717a1a72187e762f1d0a770928aea1a3902c74e2c70aa83ce87046e3315eb3d1e85affae61948af971ca0ea78b44d467e869ffdb16bfc405404a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\673IEUYT\f[1].txt
    Filesize

    35KB

    MD5

    6d9c4b1b5a54b6de1b157704f528f797

    SHA1

    1f4812a433ce1e62fb2eb4572d8cf3e9052f02ed

    SHA256

    d6b97ab7559e85ab3ef347308cbe9f60592ae1c1aa23e0868578a550c69de081

    SHA512

    c7c29242505acdfc935a1c110cc61ca72612ca5affe01b90585a3d0f2cbf5dfee8dcbc0182cc6502fcaa71c326cdb3413b46697b83cf311e4dc9a5293f5a756d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\902LKC6A\ads[1].htm
    Filesize

    603B

    MD5

    2c739853e3edfa26869416e3d4e5d369

    SHA1

    c263dc1c36c954b252bc7e775e6e82865d9b29b8

    SHA256

    00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

    SHA512

    eae3df357290171698ed241a53688a1907712a53d5ac7b8ca06c618335fe45fc556c9903dcc09283a4dabb6ac896ca67af1aeafa528593db532f2e8586540a86

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\902LKC6A\cb=gapi[3].js
    Filesize

    132KB

    MD5

    c23494121f5468488a8e79a6268f4648

    SHA1

    1fc2646c75df1b8528667487997ab1f5b308133b

    SHA256

    100700c4795780ff97f999795e8477954da09fcb92a1131cd17216203914c425

    SHA512

    956f396bef9df5a542ae410256686e2259e1ae67402615f937c2f2c004ff2f3de5f5767200661c0ce204fed9b32b1a8707c26a566da1d3aa120d428901c39769

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\902LKC6A\platform_gapi.iframes.style.common[1].js
    Filesize

    54KB

    MD5

    72530b258f62bc0ba0a143ab80d07593

    SHA1

    1bb73144e175158b7f5be2eb33c552fe4ce7425e

    SHA256

    cfe0641e058ae453f2622b5faac29d00e89318b92cb99713aab70ad41a819073

    SHA512

    720412690ec2635a80c6a896a5138466937af1378f1d11afd1255bad1b2109bbd1bcd991bd5a80b65ccf1c6579d11d573ff39b84bd433d58058cf77b3ac6f14d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\902LKC6A\sale_form[1].js
    Filesize

    761B

    MD5

    64f809e06446647e192fce8d1ec34e09

    SHA1

    5b7ced07da42e205067afa88615317a277a4a82c

    SHA256

    f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

    SHA512

    5f61bbe241f6b8636a487e6601f08a48bffd62549291db83c1f05f90d26751841db43357d7fe500ffba1bc19a8ab63c6d4767ba901c7eded5d65a1b443b1dd78

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4E8F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar53F3.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit