Overview

overview

1

Static

static

1

.html

windows7-x64

1

.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 05:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .html

  • Size

    6KB

  • MD5

    543ac81966d87ac815e08eb0e436d719

  • SHA1

    e35bb4e32ccf08c11a3935084b50660feb835350

  • SHA256

    8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

  • SHA512

    0c6a8f7948f93d4d00b5fbb98f487d7e2ee15d104acd83dfbc884ef9b77826dc7daa27b906640572977750a00cb7ef590ed5cd93e2f40ef4def88b9ff92f1dc3

  • SSDEEP

    96:/J/SNi/FLQVTLKCGWz5NN5PXy0jRdoMCX4SZTdI5:/pV2RKCxnNByTMCX4SZT0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Modifies registry class 5 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30c9062398a95ab8a74f0bcc8c428046

    SHA1

    aa34f7820cf759ac8f32197e761017e88948cc42

    SHA256

    9d68fcc4c9b6e77117cd0a8469af573f5349b72c2c883682c85fd8461f9d7335

    SHA512

    43f67050c43a562a7bac71b52b38310ffe1fe1bddfd9fbc59d12abf45583b24e0fb17fa20f1039a13904b44ceaad65da3a86e1e1d0b0cf592bf457a3db230d5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a10709bf73af0c1f99b8a1d667a0719

    SHA1

    e72a2e614c033b70f0240d0a4bd03723763b55b7

    SHA256

    efc8e53a00a0a88a6ecbe8387ae46d9f5d143745f58363e3cec0250f01bc365b

    SHA512

    b37a285d0298b5e850f9fe6498a19581362ff86c0e7167804b34e7aa2a3f07b6df322bb6115c5cb681709a7ea41ac4f147f0cf9f846ed6084b29b3d9e08884cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dbc399d5cd8b2483c0a27d3b23f4084

    SHA1

    d994853888133a4ee894f70c24dd38c1dba7fc3b

    SHA256

    7c2f377e8ef204d15edb97503270e507d130f9389963b6b789ce23da65293b90

    SHA512

    1ec7f05fa0377343c3deaf2e0f4cb6caabd0308320c9ffccf67ea18e2d07b223d7f7b8a48397069086a31cb98b81933943aa44f929c5b19e8639ec6d271e14a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    740d5b3b8499379544d75b8104fd2ba8

    SHA1

    d311d850ffb10e831450db32cb224c94b97750fa

    SHA256

    30049389b10468b28d1449e85f728da191b1a80938c6362e9dfb9ab63d0959e8

    SHA512

    31288e13feabe3047f8cb1ab9b967b49def84a4bbf15a7b95fe0d52fdfa5434472ea80b2b128e5e7632d5e19eda7ed89ccdbd9ab6f294c644ea871facbe026b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5ac18d10ad733439857743de9a37110

    SHA1

    ad70246d2c2d24e8a5d3217eb60b5849ae0f9d6f

    SHA256

    ee4802070033eb9e66f558749ddff678d4197975e642daac9b0b94e0fb377739

    SHA512

    e0f2bbf24f4bf4130f443124d56119c3811585c854dfbb00d18249969893ebcd3a39209974b49340cf2195e768e618357ff3cf16f510e89340f76c9f0e8b42c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6ec2ab91f67b0fea6f53eedb297f20f

    SHA1

    20d637ca69a744bb113ea9ef52f285e18f97e88f

    SHA256

    76bb7e5abd5a0d1dfc8d14ae1904769dfceb1ceaa49fb6544748b98ef9ea6249

    SHA512

    3ddf117c8f8df12659e7c1b771e85aa5e0da18aa7b303cedf425090be5a1d9c7dddf8fc64e8ae5a895f645b0aa59472a9ebe95c7f6ab0a2e96dfd986c4a10548

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a53d6d42fbece52a2c76ec36f9d34421

    SHA1

    e3176d8f1b57d662bac5417a94378b081a4b996a

    SHA256

    360f4f6e9d2c5fc7fbe4f670c7821472921e63c37d00784f7e94a71f767deae5

    SHA512

    40d28a77a7c995f2aea6866cbafc25fea657ed67b62b2e0cc42b408805ab81f2a0b6849d8a3f7298dfcdc5f17d12d0eda04e52057b56ad18eeface1a9d477e43

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml2YDOVXBX.xml
    Filesize

    393B

    MD5

    2c9863b108a4e5e90a3451677ff1741b

    SHA1

    fe7798302ac8dfc0e12aa10379eb049cda336f8b

    SHA256

    ff234006e2fc913d4effa8de9afd156eaf9029d646e83ea7c05b09e3f77ffa25

    SHA512

    4be522f8f7e2885208105648e163467c3417cbdc287e51f170b29155d6bd29012a42c03fb90bece5cc44a67859155ccffb47da7e29b577a697d2b623772691cc

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml9012VI5Z.xml
    Filesize

    208B

    MD5

    16e6b86dfb8d270c9867db7f6d1b9ca0

    SHA1

    64cfd66f312a02be615dcd42a1ac066b92f3cf79

    SHA256

    5a4ed86b22f3ff0d9d324cdeab52c94bab99f9fc46343d0790a834ee93e86c74

    SHA512

    76708004356c05a7f97d4729ea94e7c6b9efeb1321c24bf4add5a89da26631d7fd3b09969929bc6b28a0f6295b337e8e0a3a7dc4f8f7c27a6510bfff8fa3a1f5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsmlOTNVYL98.xml
    Filesize

    524B

    MD5

    abf639d1a52ea26b1712fda6101230a6

    SHA1

    796068f2e53cba2b9146696c86efd6a2c2e19ead

    SHA256

    b4c4d1f2954606ac3c5c15c29e121a5821716d14dfd0f66745bc46a64dc04e57

    SHA512

    ce73649522ee597c8f6836b83b2e0bd830cb5245e93142fe1e235925f4f69264158d1089526542006eeff98dcfcc74cbe7e29e45483c4bdc05b6b8a6e6a9b98a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[10].xml
    Filesize

    571B

    MD5

    112fa6210a5ec64d3ed407b4a1d51bd9

    SHA1

    fe15bc8e3bacea4e47f4220bc8b975c805a0fd09

    SHA256

    d18477ad04564841670bc441e8c2b59603d7dba959f578dd01ce9087d24e2902

    SHA512

    1e3fbe505201e77dae696c5bdc2da1144c7c7a8a66bb9116f1b235856f28a1a08a4bcb863968c704db17dd9d6908c482ec3ec6a87b12e27327072f89c640d9e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[1].xml
    Filesize

    494B

    MD5

    1642e446aeff4705a258199bd41baf20

    SHA1

    5239cc00c26ee378591dd78c3a2ca4a50b14a406

    SHA256

    b1bcc9854063fac1a2b6adfce391cc76996f69d7522fee0c79f4bcce287b2720

    SHA512

    3fc9ef61465738d51dc03854449ab9bdbc79787d06771d94e8096b4f2a46d36c5edb92a173ac32b02d4544932704a3daf773f7bbcc8b953994086a8094aca0d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[2].xml
    Filesize

    480B

    MD5

    4795623734557b4ed9cd4ff86c11ac20

    SHA1

    32c3e027c69d57b8051bc66c77817215f9e7fad2

    SHA256

    1891569285975c2fbe58396a6fccf4b9fc38f5b8a1a43d95cacea55ec223ecdb

    SHA512

    3f833143ebecb4fd2b102f07d1a221c3be03637b54a28b00576cc8945d76dac8958ce3ae24c71ee9968fe7951f98fcb40cc50f48eff6df7311342d4dd10f0bfa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[3].xml
    Filesize

    492B

    MD5

    044c91982c0519019eb442ec8e615dc0

    SHA1

    9282785dc066405da961c48258a6fde4fc845f4e

    SHA256

    644921890dffdd9ae9a10339b45e34b176bf0bd59b077ec6dda380ca1ad1f625

    SHA512

    445ed52a6ef58c54c7b8e12ef30d421e989ee60f4b145696d6cac4a1c99e28a84233d98bd223e452a986e7fc5fdf4ffccd6309008bfb0eb853b10c08cd7afe2b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[4].xml
    Filesize

    526B

    MD5

    e2f8d884442fbc29d9eac8ab6543c71e

    SHA1

    bbb5d60be60d14b67b627b732388c60aa3382fb1

    SHA256

    7c490d41873bdc66266f05bdb0b64a6465d4fbd6373309682498988146f1e7af

    SHA512

    2eca15dae942cc5f050c42ce189d9ece169f3dc0f7556b9d146887225476023c964edc347d7225f64da984565d732f7fca9037330a595fe30678d951ebf734b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[5].xml
    Filesize

    546B

    MD5

    aac190e594eafdeea1cd090cdc4265b9

    SHA1

    b72ebd9bc0e95309127f366b2fa7bb51eba5a3e0

    SHA256

    b7d33734ec95854a0be5ab3ff3c925723e204cc233e27e15af515a29a986fd9e

    SHA512

    b0a70e5f924535686410694ec4119acedc0cd760d223d5f003a0c5840b5f0ff5d6594978f11fb818bfaf631a72539f60eb2d66ddb5023b1068615c0784a3ac94

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[6].xml
    Filesize

    563B

    MD5

    2d7db3eb661e3bd658f9b14dc18cb205

    SHA1

    c2f1261cb676707be213448cb791192991b85006

    SHA256

    ac5e892008f1e8feeeb84739276c31b2d7170ddc63a68b953ba9afed40e7fabb

    SHA512

    45d6d739d85ddb9c811cb2387e9c4c47ea15e1ffaaf59401107bd0e7e8025314e8098bf135bef71b8e59d755f7d3b239a2f3fa9e44ce5d89bfd3f6aa5ffa3a75

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[7].xml
    Filesize

    519B

    MD5

    9ee4af95ea55b358d16c8873d541b744

    SHA1

    100625c0b104456b2011904fe694b31094da3128

    SHA256

    fb89c4333027d6aa0b1685e3346b037d131885968c696bb547d035c726299398

    SHA512

    23bddb8ee3ffcc314bebf899d59e1e846fbcee097fdb5c2fddfbb168ec54df67ff978ad85c922e44f9e84234176a1a8078a4b6f8b3cf190b25302dc6ef6087bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[8].xml
    Filesize

    575B

    MD5

    542bd52974cfede6becbf21f593bf2cf

    SHA1

    4e82b44faf3d388a46b0d4f39e2a02cc0058c309

    SHA256

    82aaa3dea00fb8359d91af7de7b99d479d141ff08a44187186a3fd7ff6e774bd

    SHA512

    168877dcdc308079c04de2ec8b0b183ef456c3852cd2e0f8b7685ffc80f50cda7ec93fe3dd195f3c917fbc086428962b63ea903d7a25fc311b30704af31b271a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\qsml[9].xml
    Filesize

    588B

    MD5

    d37260799e419a7cf9c5c16bf179ace5

    SHA1

    42024e235584c049930d125099bc74929f0f557f

    SHA256

    062238eb2e2c5a27bcd354d30fc94a7c329d0c9f46baf256b9210761e8426b2b

    SHA512

    e379debae67ba063010d2fad712ed6e704754eeffbb802994f5d53c78cea77f3778a9af71a98d6b191d5dddb8fa1679515f717cd9b37069aa1f1c450b23b30bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab25FB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar26FB.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit