Overview

overview

1

Static

static

1

z9f4l6n2x0vI.html

windows7-x64

1

z9f4l6n2x0vI.html

windows10-2004-x64

1

Analysis

  • max time kernel
    7s
  • max time network
    3s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    15-04-2024 10:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    z9f4l6n2x0vI.html

  • Size

    233KB

  • MD5

    f42bb73d17d3cc75a8aa0d8fa0f3c288

  • SHA1

    0301684f4e53af67701fef2f8d13cf6018730f77

  • SHA256

    9b6dc5fa78f0f0f522511f6fd66413ba75175fa670ff4a9885e6ab9f9a9450e2

  • SHA512

    65799a0107e49dc016714fccf8fe435e4e1bdcae61122ba9a5bc8b768210b2384ee6c93a06d526e87712ab7c555987eb0826cdb3493b99a33f4f4c5eda1b99ff

  • SSDEEP

    1536:IpDTqu3YCIEQFJg8BzWjT+jxHSsDOAnfnw8oXjGJ2z:k+jJCv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\z9f4l6n2x0vI.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    d1dd7a00ce73518932c811f701be1f45

    SHA1

    6ed624589a811394e17535336ff8fea311ce10cf

    SHA256

    8e9e392dc9b61b203b94259919869e3384fe634a6c76da3b817ecb1e5566c669

    SHA512

    885e1bdea6ac9f0823c13a7c5e0a5fca1e3b51d1fbdb049ca74e900ebb73ed536554db013055eb9404bc769b1b26bc14c4e96080c2fe588b234d3aab86547ea7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
    Filesize

    889B

    MD5

    3e455215095192e1b75d379fb187298a

    SHA1

    b1bc968bd4f49d622aa89a81f2150152a41d829c

    SHA256

    ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99

    SHA512

    54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22b4df72707f115f255f256fe8251158

    SHA1

    83714c2ab0c599e18de66f95d710576d181d1cf0

    SHA256

    09cfbd55ae584dc1be9fd84bf3984068b16a99b204fe77c3eb9a670ebe083540

    SHA512

    14b7a775102c33382a92276beb739145fb078a7dabfdb0b2f6e783f86716396424fcb40f9401df459aa25658b8a19f2ded69f7f80b1378b22d3268a98ad0db78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d48442e2526362235cc558ce7e47c8f1

    SHA1

    428b0b90b0a976b660b5bff5a5dd80d446eb8a90

    SHA256

    6e7c23c00be86a1a246b4757fdb90ad14b002de2162288096c23485427302583

    SHA512

    a5f2523d61dbb1a5c1be80246f10ef62829ae614d74a491710c04598ecf19d4fc7aef844b3155de989c6de1ef9b3f7f55752d47e7a270942a8354216335ebf95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_C0E9A060DFB4E460CC3576DA89FF9A7C
    Filesize

    406B

    MD5

    dbe2db45b335644137b2cf364c476ccc

    SHA1

    11de6f968a40cef841689c4448c5e98b1fce8fd2

    SHA256

    c0001ef50dcecf255c0d5bf6973be969b1d701285d2dc0aea18faeb345fecaa7

    SHA512

    25d496d9c9206de86fd27a2dd1d50bc04af85e65d750d01d0a7cd6d5dc9c4bf47fa7f95841f3f430ea30a9930e964c3d783bc4133dd15b1cdbd1c774a7b00519

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    904977fd8b5533686ac430a899da71e6

    SHA1

    1f014527f2922e00833095900dc114556ae6cd6b

    SHA256

    9f4f3019db4d1eb05c13470618bf5f1d204ff498945f8957226eefef5b9c235a

    SHA512

    f092e204d5aa5f4a3279fd425aacd127238d563670e5624e14e65b7c850ef5dbb558f392ae60db74a71b62b00bc79dd2216ad5b40711a5195593664bdefa3a67

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTDJ3276\analytics[1].js
    Filesize

    51KB

    MD5

    575b5480531da4d14e7453e2016fe0bc

    SHA1

    e5c5f3134fe29e60b591c87ea85951f0aea36ee1

    SHA256

    de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

    SHA512

    174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA62.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit