Overview

overview

1

Static

static

1

lightshot.html

windows7-x64

1

lightshot.html

windows10-2004-x64

1

Analysis

  • max time kernel
    300s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/03/2024, 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lightshot.html

  • Size

    110B

  • MD5

    bdf1b0cb985164e30e61875d6fea2d26

  • SHA1

    7e1000ed41fec1a06bce84c6ce0afc53ffcbb545

  • SHA256

    698198475a6dadce34520e26d4d88811779ec5570b43a7c1532c2824a67d5587

  • SHA512

    d115f809cbd4c33806e17b043d8b28b5bd28a248f9488da01ff2c1ee82bc60eccc02afcf2936eae245b5488298fd173bf7081dd037d2f5a206232964f852c628

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\lightshot.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a94e2f4e8a52472d3f98969d4e78feb4

    SHA1

    4c75983ea559a4c8d7badadad892e0e69ec3e233

    SHA256

    a0ee5e81fac27ee395b84241cecb587595391ecbffa177264b9e8a20cad118d3

    SHA512

    a6bb3ee248394200ab0264553744736ef3f32ef8d9f87a2c6ece7771d95728d55b24631b20f7ae696ac22f17bece0e7124746d3f36ab87e9cac2ae43bc4d23b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18c2c29aec295c840f713c934b24a860

    SHA1

    96afbdd88bf653944c73fb1eb2c36da3efe399bf

    SHA256

    6823d97c86541302f4bc3f39ca9d7b531a2db5a4342327e001d82b5c6e727e00

    SHA512

    fd79565ed8aac27fd0fb313c689916d00ce4268166fb3e963f56b9d0a5e161307bf4591500165dc91c0693be0a16c649e45aa2ed0266477d72f1f4371031f61c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df962ddb5dbf29e2043260e6a7672d68

    SHA1

    b8f23c88a66c9da63903c62e885d905d7de1b2ae

    SHA256

    4832e8165716a4d8e404be848409a9dbb30ea0b0d84ea4d2f499f187dd10f93a

    SHA512

    4e82d88eeeea9a3e392d519689c8ad1d5d3ec35a227e8e39bdc16d8f5c0e12797f17715de8238cdfa4f82cf7fc9b83f7020ee32259607a931a0b6772aceea507

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c43057cdef037a7207a50985356e5fe

    SHA1

    1acb0fceb663af1c89676604908b586477e4bd62

    SHA256

    7b9ccedffe2cf246daa2a14dc8a1b07e97fa491cee8f490598c2d9565f9de1b7

    SHA512

    c8ea767922086b592482028724d848398410f6baafe2f4506eb01131ecf02745fcd081aac95c46351bd5bc1d88e30e3d52b738e408c036de24ca0d9221ba3c60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99a167b3e48cf8cfd40db91495b7439b

    SHA1

    4ada7fa5fcdeb630f59e243bfdd2a9d41ab4884b

    SHA256

    d7d7b01a198920fe51faef21e5347752c24ff012af70871cf869ee4fd9d9d113

    SHA512

    b0cfb932c890bbb3e52beea5857be71451c89cbe2854737ff241b04a07e6a29cc6f495f9eb4fbd4ab6f4a2018e29970577a17820e70fa17b92fd55703bdbcd88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddfbcd25f750b58ffbe3fc2c4f7c9c26

    SHA1

    ccc5188e8e358e9309dc8084452ba3816875a57d

    SHA256

    2cd44650021b25a27704a0b7334a9df92cc378bea0b66af7f2289bd31885c343

    SHA512

    f3101a10fffe2d76482df8b5128ade01c8e74a607b5aad8ab75c45361e178aa92547b782244982d4500185866e0c89a5868d9d6dbd2484c7a2f8e880263fad14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49a93a585f75fa80a9a44aa434ec2bfc

    SHA1

    0425d9ba0ba03ab1960db3b82a4bdc7d2e05c256

    SHA256

    95ca1b7be6421f03d18375a9ddf9c7e018ce74fc2e0500bc2dfee1f8666108ff

    SHA512

    9c23c2467444c5172aaeb6fadf4c9efb613dede901a04f3ce38a6b53d235560f6206af0b0366fb502023ad128f148643f137c800941d904c07511719d316092d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78b0b036df57e9a2cd7a2f646b53502a

    SHA1

    9b75d28200ff675eb36814d3ce918f8fd1d64319

    SHA256

    e0987a4eb328e4497dfd4699d16c059143a01382c9d290dbe457a178247aed2e

    SHA512

    f15dc866c6a5278ec949989268c0b6eec882bda01f120c60c865b0099f98166fd4d8df79901a50723d6c9dc4fb061fdcde6552a3fe06db7be169dd0481a4ca8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93d56083ce026cdd34a673dae27f9dea

    SHA1

    91c5054f609bc0d44ebfd952fed4c78411c2140d

    SHA256

    d3c5bec015e338fbc7c58686f2bc4bb382c77bd33998bc0ac696a8b59e3c5c45

    SHA512

    712327a9145ee181713f9cb1de9438022da5ab9016817136a056f5609f191c0a66c9775f92ad7ebd8491d8a33aebe9014d344ae24a105a045e00f7aa4b161642

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5FB0.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6246.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms
    Filesize

    3KB

    MD5

    f447f4e8f818dd22bbcd6322a0b8af01

    SHA1

    ac54f20bbf253c5736497d39835e53482f54703e

    SHA256

    902dd6dca26651e9f57e57148fd96bef808d74cd62f39d272d8a496d39d08330

    SHA512

    e702c744a83891fbbb9748b0b7d22400d1a15aa708664b72241c32362ac91b300142c91d79abfc239fefb09f8e70a85ba3c382c5ddb1d6d2012d841efa669b36

    Download Submit