Overview

overview

1

Static

static

1

open.gif

windows7-x64

1

open.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-04-2024 03:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    open.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\open.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1152 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1152 CREDAT:472079 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1940
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2908

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      68KB

      MD5

      29f65ba8e88c063813cc50a4ea544e93

      SHA1

      05a7040d5c127e68c25d81cc51271ffb8bef3568

      SHA256

      1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

      SHA512

      e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ed83c2621847d4d263a109881e440fe8

      SHA1

      ea15d8a4bbf64efa4017f327220482a85f11e452

      SHA256

      7d0c19baee11e20276147a3241559a2e4e0d8028e0af80d203b198b3b04c26a9

      SHA512

      ffaf87020232788d1a1eba97f1d54b444f77f79fb309003368d559eee048f73c36135da345b96c7ce2b215a9d7af544cc249f5594ab50743126ff7144e3e8ab8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b8f256c8d1e8cc95474424435717d274

      SHA1

      10fa43697178524ef9395ac98ba90e4da5c47f51

      SHA256

      fa6ade70e3a77f8cf645be25883ef745d49e51484928372260bcfc2be08a0e2f

      SHA512

      0ac2dbd3c1ed252da80d6b905105f86d5141ac825f5e23c4a79854dab4d86ef3c37afc950cd0524e81ca5acc39b133b8be4985358b49d2f96d3d5a1e2c27744d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      6574d28fbd8d524dd9ea1353023d47c6

      SHA1

      76161a29e39f69eab0b77637559793f4b543fe04

      SHA256

      dc1e89f1cb3ba058cfd700f84d0199a164b20c833de0e1b1a0df0180e40f683d

      SHA512

      691500c1fbcea3d41a655f8e6c47f3aa8ab46a91157cd7d8a02559a5235cf399d17e0cfdc19eeef6969ffc83da50388452dc6136b493349c221b277e7518f4db

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b74aeb3909f74589e32f5512e6790d84

      SHA1

      bd52280c7736f02c724037f82b37c489ed5cf395

      SHA256

      98d663f93c7388956f799db7c7868a31d0460bae9edf434f0701976f1c800689

      SHA512

      8fe584c697b831da7bc4c2931ff3f367dbe94561841d1fd3c1a6707067a263efbd0ac5826e9855a17cce0257589650a942a92b390f2b92a8e779313d87eb0515

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      72bf6258c8ed919d3134b995c9bb5b20

      SHA1

      d5082230d502c2f265161995f057754a6d6d6146

      SHA256

      b80fde71182f517301ce23d0802be79fccbd410de5563f4ad1c33e7d73bc601a

      SHA512

      a08470d243f84a10d2f9e9110ca06ab7c39a756dbe5c03e8819c54c22a8b37a324b114564067188017d0c243352c35f2083f8361a0a4a8e934d83dadc07eba09

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4e624476c812ddc633e410f9d97a78f9

      SHA1

      6b0b2947814a03af2dccbe407ff58caa7c0dbe42

      SHA256

      915e78ce9350dcf826a2f8747d7cda35fb5b54f5ff305c64c37b90e32a04cfcc

      SHA512

      e9eb98c8ea47f49c03e5a26d2b2df5a249ad6af2209db173374ef4ff7485a7f85a992d0fb19b24c5cd97978cbc4e99fbfd5cbed2781190149b5774bd024ead81

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      e5cb8c96884ec46100c5b83ccf1740da

      SHA1

      1b0a4e3a833ef1de7507d5258660bce31f480ebc

      SHA256

      a499724a6f1bcf15ede3b4cd5f0d2a7b7bb1eb278f2536cae62bba1b03dccc67

      SHA512

      dfd2fabb9beeff3a2bc135946c11bf043e509a8022b289c29014b7278028aec0ea8e64f38cb572e2c4e604aaca1ea68db3f60a32f45f8c7d06fc1db4d4db25d8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ba72beae0407a5aa24bd7a718b930729

      SHA1

      43a4b1275a8b0bade869a1d81d07ccb138220a7f

      SHA256

      a8d395ce74c96c18f15b2773f298a9afe0a0322758d2f67607e27cbf952ecdbe

      SHA512

      b95077545d11c7283654171d64273b7b13b307d3160292ec5f16a6bf3b7910ecdf67c48b0aace6747a174c6d2ff1b3351dc4ebc0c53ff79487c9bc6b2048df30

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ca0c743a755197da90eaeef9da3ce9c0

      SHA1

      496fd855da4031d633ed83f25182e000128017c9

      SHA256

      72f5776242edce299ef33c0abb110e68adfb598457d4a84aed5b66ce49d62e96

      SHA512

      8c51fd5d227ddcb6f40425cb377e8bfc8a674054e493cf199fee9e6bad2ca9a9629d3a646367a8a3a80b0a9126f8729c066798aa73230ce3f5b6816abd09311e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      cb168919652aeba59f5b556450876ea1

      SHA1

      6e3e0b2363984f95d1b0076ebd60c097b9be0cdc

      SHA256

      1c452c8afcdbca301e7f876618a59a8725d4deb6b645184406bd6134b6052e49

      SHA512

      6ddbd6ce244451ab3d249ebd0ab1c28605c11c955028951f9ba512dad1f59c3e3e94a047feff754aea2a4f7b0fc96abe649c3412fe130c42b77981ff8f432ccd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      390d4a46b6f3800b51b41d040194f7a4

      SHA1

      26682bd28e5c0a8cf530d009d9c5ef4843633915

      SHA256

      0d5216a31d4a253b8f6a08056403241253969a468f64b89c5b31f4f9397ed7da

      SHA512

      965a658762fbca1bdbcb02b040cd813e5e668190e989edfed905f05bb86c730488a32f5216785bd409c8d04d465ce2014ca82d72582b3e0ed63d2846fb3f0002

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      956f258c5d5541190bf68663e1ccd9de

      SHA1

      c6c762cbfa15f5d8dd96e33931c9ccb9d6121922

      SHA256

      6f967fde16d13e3daa77b98ed0a1a8082463059534e693380699ee6f103438c5

      SHA512

      04838892f9487fbf8176e53b555940e5371eba0329a149d494d945cf165baa67fdb2af328f4d7cf09d2e523d68416d4c773795b01d2474d6e7d0329278ee3590

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c985914ecf1c76ec2cd6a28cbfe87258

      SHA1

      820ff4dd2b2883a7fd824d04cabdbe339fa6d59c

      SHA256

      53a28b1ed193b2041d97d88f696e83937012a1e8a339f2e2e7bede6baf9da826

      SHA512

      33377d115b74bbcfac801dbe52411ed02617144788b539d614df46a8c72d2190b69edb574b73bb8269c6cfa4c4d99f0fe22e5fe85086f608052daeede5432646

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c89d5b8e185cfad2149eb113475035da

      SHA1

      05a7f0d4ebf6bb8906a0a587a35ce080680148ee

      SHA256

      d8cc67a455dd465bc4d02013b9f3e79cbafafa5436d41cc27ef0922669c00502

      SHA512

      e26bb3c87a39b35d94a29d4c2c8bcf7b4dfd5f5ee18a7652355d0857b8be835db173d4fe144c2a61d89737083e743b43dbe6090d12c0038fe5aed57bf839cd63

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4f86460c42010d87a74c7e4699453a2e

      SHA1

      684cd2c3d0db17b3ddb28103da4e2ccafdfac8ba

      SHA256

      457a43d87ae0739d498f51c42c02cbd79267478f78049ddf6ff39790bbfb7361

      SHA512

      f281af6152847e589c8802ab5a5c2f2da8879c32e7ea5246ae08e83d275866d0dd3dd8438df45d268ad5c9b8d8ecaa5c20959b95a1cadd807e4f21766f2f9493

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      0b7496a5cd023e6e3447d8d4e51a6f06

      SHA1

      0d376855d6e87edd28afb72a51905bb669860396

      SHA256

      49fad889f2ee795566098848927ea5bca74f6ad22b0cb40b40ee05ee2873c200

      SHA512

      4f0113ebafa505899d08157db449a5e3d3bc5f1f25d0ab6fe7dbc9a6d30130f49c46f378230f1851b61c78d46fe580dc32116dceea824b7a85ba9a9d6340005e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      d58806f176ff4221397795c1f68c416d

      SHA1

      6c002713b82c2af8e650add8528e06387445daab

      SHA256

      e82f25f3e1fecb8786993af27041b480067eeaf344de4c8ad40235510d20dcdd

      SHA512

      7714bcdd8942f34eb69d910bc53a7b77b1b5469c37be4529a05460b6e211341974dedb2ef41a86607e52a16d3feabca0a50282cdf909101ab0ff11ed42ff9d08

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      227b04be0420297bec35c05cd4f11ee2

      SHA1

      baa19c22f61582fe02efa1719f5f8b8931ee004d

      SHA256

      413a82db50b269ffb3b5ee7fe30a99dbf6703c28b472f97813d5a4f8ac73e334

      SHA512

      26085ad90588db56fd46e521b9694a5c93277588a23576ac9aa8210384008d9dcc784cbaeb5e6c861994e88f703b75d3b4d1b300b9e10320de465373b1599a2b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3d8f388301b365bd5c3318f4af6f7c4d

      SHA1

      6cb9b8b1095c4092881d723d98bbc2bb0d324e3b

      SHA256

      e273b817e51fa8cfb663d7e60b12f38c4c1c6b0e2b1406eb31c8414a7b734900

      SHA512

      eefff82f5d181d79aee2e0e60ac28ccc62a91583b090a5d4004434478fbb7c743bb9c5c17ac2c6332ec101659647838071f6378a8aa783be196f083aeb4d0deb

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabCB8B.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarCCDB.tmp
      Filesize

      177KB

      MD5

      435a9ac180383f9fa094131b173a2f7b

      SHA1

      76944ea657a9db94f9a4bef38f88c46ed4166983

      SHA256

      67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

      SHA512

      1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

      Download Submit