Overview

overview

1

Static

static

1

p.gif

windows7-x64

1

p.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-04-2024 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    p.gif

  • Size

    43B

  • MD5

    07fff40b5dd495aca2ac4e1c3fbc60aa

  • SHA1

    e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4

  • SHA256

    a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

  • SHA512

    49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\p.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3668
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3352 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4064

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      275217601d3297652e25068c68623e97

      SHA1

      b014f56a8fb7b3bbadaf5b99e9aecce764c75e32

      SHA256

      7ce195d67e8c9cf2eb293fbcee620cae499256bc4631876de68e1d9e21bfa0e0

      SHA512

      a065582505b3383360cb002b4d8a49b7342dc5f59e68ad0f4bd1d187dd780f02fe433193a96c0e41db2dd5a6e0db26cd0b2950a7192c8da2821bbd9656ede861

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      404B

      MD5

      9d0b5040d52dd65e19e2c6f11440d02d

      SHA1

      c71cd65cdf9e35534679cd2872b746543b163d56

      SHA256

      a6b9a35fd3e410b7f34fa71433dee19ea49db2a5e2c8587ce1eb37a27d7d39c8

      SHA512

      7d88f8f1efdb754bb1a92113d45bb897480ef47a776415f4d4f0d463705e52bbb420039a18aef9eb60b2a0035b486e3d2bb6e6b2104797a799af9a38b0cf3caa

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\O8VM10HV\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit