Overview

overview

1

Static

static

1

koIh.html

windows7-x64

1

koIh.html

windows10-2004-x64

1

Analysis

  • max time kernel
    1553s
  • max time network
    1554s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/04/2024, 19:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    koIh.html

  • Size

    20KB

  • MD5

    e2e1e3116a7c66632bcf7a4987961fac

  • SHA1

    04611c9a6186cf6f41d4c2d24e384b264887de3f

  • SHA256

    6027bed4a82a5215ae181ce26a054a8e983871bd8bed336230531ba8015f87bf

  • SHA512

    34629530ff96cc927e51db012b7a60792e4b20d283073e7a34e643f49799cd98f117fcb2e5227ed3398c972ec1f315766f16e1bb9d757f129a95d55d95f5099e

  • SSDEEP

    192:nQ7hEoDgqUpeWw9y89uQABYMf6ue68eZXIQhVaEa2i8ca1Wb/:nQeLyA5VeiBdaEaU1Wr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\koIh.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2532

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      914B

      MD5

      e4a68ac854ac5242460afd72481b2a44

      SHA1

      df3c24f9bfd666761b268073fe06d1cc8d4f82a4

      SHA256

      cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

      SHA512

      5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      68KB

      MD5

      29f65ba8e88c063813cc50a4ea544e93

      SHA1

      05a7040d5c127e68c25d81cc51271ffb8bef3568

      SHA256

      1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

      SHA512

      e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      1KB

      MD5

      a266bb7dcc38a562631361bbf61dd11b

      SHA1

      3b1efd3a66ea28b16697394703a72ca340a05bd5

      SHA256

      df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

      SHA512

      0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      252B

      MD5

      4415db5ccff23d802205f785e05b4a15

      SHA1

      c865c2853b1cecfcf21611831926862ea079d756

      SHA256

      d86e329cebe84cdfb5114d72f441c960123467d6e2aab257d90878573494bf14

      SHA512

      99176c7bae933030ef5a786d6c28ccdd53f9c08dd87ec78fd7d32ae585cb2a7923dfe0eab9cceb81d6add2fa18ba78e88f1e0d5b8b36c85b2520f80dfe5e4522

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      a5cd5aa7b63e378a0f833b3b480d327c

      SHA1

      0da8862891de60a4f7e7ea68e0deee8937c6df24

      SHA256

      a8ae275ababd52ad64dc1f68761f018b69f95b00e7a690a6193b31839d942f68

      SHA512

      2069d272615d737f65f76757fa4128c1cd8944c0c8941b7784329863fcf5663e807125cd0e1abc96625f9cfc61bac89189d47225efbf7fdaea6611dce068ca5c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      15185f1b517d44808bba0c571b8d2a11

      SHA1

      ab286401bc4280969b843b63b5074b92643c82f7

      SHA256

      83fa55abe35714036637d6f3caed424656ec1b0dcd7c2e4c21201143942d3383

      SHA512

      5deaeb7df3ba615f1e2b2b6d887f157759ccedcdb0e13ca0c2bfb0a8114f2e702ab5eb754a6d80976e179d56ef06387d13faf7802ac3cd456c7eea251608a6a0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      35ae982daebe36d81fba5df2cc22a3e7

      SHA1

      aee57f2188ae56ce7861e791f4438e4f2623bd73

      SHA256

      5399ff2a5e935e8cf09ee99411e936b9a793e3e80bbcc1de92d898cdc78bb9f8

      SHA512

      3b34e9e53103c0c3ae3c7c3b849b65d8cf5e975ea9b744b157ffc6a5bf40dae64cd591f6782a4a514c62601467a2ffe1c13dfae00b104392ed6f9377054df34d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c4af3ce54602694792ff2942c2021b26

      SHA1

      afa25285396ccf0707adaf375bc99c87a1e9eb30

      SHA256

      23061dd29cbb5c44751e54e709ebb466e9b7f7bbc88b900ec88503529dc6b1c7

      SHA512

      f0b28e417055eb67b376c1648ed118e8082301f9d50a0b526410810bd229b416e915a0a76e50977dcb573dad58ca811643dd5056c9d432b419206bd81a61ffa8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3736d490867f08783b2cdf978ed5cdc8

      SHA1

      2c898b2abab67500f2f3080c48f1b9edd007515e

      SHA256

      2466b96947acd49d454413c8e283c285f4b4f9939fbe8969f0b094dd0c08dd80

      SHA512

      ab6b9cad1c2606cbff14f29cbae8e85d8cb46d1bb7f74aebbb09aa59c04e915f2b143249d3235e0f34197214a543246a8868b08ccfb3370929c02aa562565515

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      242B

      MD5

      7ad41fb6178c262e812f0b3088ed8eb3

      SHA1

      4f8b6ede3dd19a80067508441353616f1b142d24

      SHA256

      1a4b7115e4dc048bffb07507326e53a77603474698dc6fcf651987683d4f6a91

      SHA512

      0e0540be57a945e1cb01d879fd0735a5711576eaa59f05877e123d56173525ce46efdefba8d180108ce06d72a660cf7464b0926ec2e889342436b5ba00732945

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab79A4.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar7C88.tmp
      Filesize

      177KB

      MD5

      435a9ac180383f9fa094131b173a2f7b

      SHA1

      76944ea657a9db94f9a4bef38f88c46ed4166983

      SHA256

      67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

      SHA512

      1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

      Download Submit

    • C:\vcredist2013_x64_001_vcRuntimeAdditional_x64.log
      Filesize

      188KB

      MD5

      08e9ba81193ba379e1beb849c220e471

      SHA1

      48e7e2b9d93db0b3def7a34f872d6dd354966044

      SHA256

      3a97e2a66eabb58eb91f64e1848067e16cdd04f751ccde6a801231c3f736cc9b

      SHA512

      3b775101c32582288244b47d94fbd628b583c2a0440fb1b7624fc90f454283a03ea2a15ea6ff37f6e28563729750af6a4b24f234aa474eb290180db06f56e84b

      Download Submit