Overview

overview

1

Static

static

1

pic02995.gif

windows7-x64

1

pic02995.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pic02995.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\pic02995.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc2188698a4f6482449778047b345d80

    SHA1

    7429ea730e4e585c61c8964ce4297c0a74f64bcc

    SHA256

    b2d39945cbf18ee34602fe0d6903595002198dce62a82694bfba1b768f3a72c4

    SHA512

    aa346458ac91384d71f879ac7bd42b6369f87c40a60ca8342b97357537d3f5ebe3d6b46e4f73874a03e6c271e4360397fc9d253d7e17b1e3302dd0df9f9c8adc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9c738d96ae1ce95ce4db8cd16b4d7a6

    SHA1

    7f3238bd32269a26dc7cb9ef67a35ff01f65ed40

    SHA256

    e94511cb28786c16e5d7335a219e3fe7ffd5560f2b6675d198a69ddd1f394754

    SHA512

    5c97f82e8cde1810c6f724a2cefc182d107807862779da740fdfcd82893ab21445fc1e75141a671e9d2c3c3d03d1fd9f29a2ae6b3cc120c27ae9aca513663e91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37bcb868138635dade53df49b72fb079

    SHA1

    da87290c5de413f3187ea26b0fb3ed39b704b53b

    SHA256

    726940f956234ab45307f521c6a085acd12e1611d90f69d45c14c588ccbfc746

    SHA512

    81e95207b5090953791ddda1d7fb1fa24aafebb52fa6c83257bebf2d4e0aa99992a7cb2c367ab60f6c00a05439e00cdf300663e14620c3a010542f804c501d7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8fb17c51410ffd8923fbf106381973d

    SHA1

    7e6a0ed81ebe3d64927cb4068d2b63842af800a5

    SHA256

    01a36ead20bd3176ba3e1acda1706b489e15026c4782d0985d61458fcbe3db75

    SHA512

    53250615ba2f75f8d231928c93c137c0e733f76511c5c1b6a8579b86deed1dd47c597fdc4ca34e9eb6f2eeb41f5ccf5f590dc8c74d322341ddc255671e9fb833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6854967511e3bcc7febdf364dd35c909

    SHA1

    aa7825bf212c19b842a2c2e601926b8bdd93baee

    SHA256

    db170645e7f52349a6940108cd09a86c65345ea3608e7d165f18dc3b60947c09

    SHA512

    c992b44c3d2fe7b778d10a4a8470019f109ee836cedb375fba14ecd74fd3388d47fe3815ba680fd5229e81dedab4b526b5e312f8651bbc00f98da18582407a1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fda00efbc66832f75eab2f0ac847d75c

    SHA1

    23031d759d0ff15b2fc0bd6b93547c90dd3b2f90

    SHA256

    43fe10c6c87d0b5da4e8765352cdf2d1d45925cd6319db435dff1ec612d5537f

    SHA512

    febba786463920ac376f237205324e6564b9f2cee8e3271de881dee740f21e52681b1d816ec5af183a4c32b6d83e1dda7ccade8cdf1c0a569a82b01b84ba09be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b763e9c3df795c8b21f53745a5e9b7ba

    SHA1

    a0c1878201d280a51dbc49fe424bac1d407584dd

    SHA256

    b62ac794f0f42c183a7f0df984568e85a374a411c951d7d84c65d902ea83e1f4

    SHA512

    c9c873a3fe92ca37c90e86cea17273eba633e27b9028673d03ac2f0e0b4c1f273033a0d06b683da8701e5f458de0df0e1cbeda1d6f724ec7e491e081fa496dc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    161287f638cc39f41c3ac1aeb1f0c443

    SHA1

    e4eb278990b2176384150e742b3c4bbd734da826

    SHA256

    01267152e20a64db2b671c549125467069b489d01da651f539570d763b6bdb1f

    SHA512

    dea7e2517cb99d47a60b6cd645b2df47554d903d5c48f47708f4d8f594a0e275763fc5250112b7bedd23ea560c240ea71cc02475f4e52cd2243c9578ce71834d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef291b1bedc9d030b1b5c5c54bdb9584

    SHA1

    51046ad2d911a73d58e425f78628baeee487d709

    SHA256

    14a09f76bcd7f340c1da4f98bd2ed1484bde1965ba034e39749c01f07ba9c2d3

    SHA512

    e512d111fcea32b2000eedf5ee4c78568a5957a3132d3aa1657832295db248750241cbadfc7bdcc1bd18737dea90ae88e6636701a5d3d658b4d7358f1c876059

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6e1c1cab18042da9f5de09e80ae0d15

    SHA1

    6821c85acd53f83b48cf82aa5d9a05396d06824b

    SHA256

    3f14e6c25a7c19ef5da4eb97b0e71da92df0328e902fb561053e082c64c3caed

    SHA512

    268d1b68ed1a867f2d2d8ad3cb939ad46a4e2e6e9f831e6e03d8ba6c1357b40ca2cf6a5ce72e8e28c61ba62dbabfa025f4491ca448a282528aea65956e882227

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7ab4c6ce8a729e4706a8723989d1bf0

    SHA1

    1c48f82a32f15338499f8853ff10b9bfe33c2abe

    SHA256

    1be764e5ed35fb08a2c2e60bc589a8474244b76d3f062370f59bb8766a26d964

    SHA512

    2c0f7318472493dc9b8cf7667d20387729f646cbd831dfff6670ea9e482119a86a4209f836ce5ffc1977441fff612816e945dcd8d859f8dae4824fff36f8e7ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa8af77b9437c2cc0a987b0c7c3a66a3

    SHA1

    7affbd93a946d57134e0862d85959e498c13e0ce

    SHA256

    fcc610f5bd3b7f8f31d5f685e7285e62090ccd77fcad64faed35906112d14910

    SHA512

    24065786cbd75774efe68e4389413628f073b4eb4febc29bfe257a29560be1825af99b28e4c5652eef0e4f446458a2408bbebd609fc35c6c6e76348856b0aff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c27ff7162b6402a7cbb16fc28de2bfd5

    SHA1

    82140fc867e2be81e312cd9e05c3f740651f4bbb

    SHA256

    e7b1a76f162d77b79eb20d65ff464176cb74ac014b90126a2d3d4cc1c68cf8f0

    SHA512

    679c0bba0d26c8a4b81fc56d67869257832e8b5356daed8f625d50fb3e1c9c20c5e424e9d772259431d72b66f5f115351e84eed534aa56042577ffc75828eecb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    043eb3a0926a4ce84a4b2f7e379f90a5

    SHA1

    316d14bf4a43d119d742cb5f76879a75a59c5145

    SHA256

    eede3fd61a8cfcf1fa991ce113231fe1f241f066ed5cfcfdcb3abcd05dad5243

    SHA512

    c45d15a51b159559cf73dc22be084090e9b040c6029af2083579d45d7ad8e4990f17001463a1f40a2b776b4375c5d8dd33f2a927e1541db6aff83f5723288c1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46cff217fbf7111c6bd69e8e7afefb80

    SHA1

    e3eda0241d9040f9ea2bad3cff31a320ac638fbe

    SHA256

    29921a234a929e52ddc6f20d6688a266e6d891a87239252803c48b69f95ab81e

    SHA512

    3f6420e967e642f409b535b282b37fff2e0f6c98c223e47611c5c540ae2adda41d2cff32d3f61ceb894fb71dee22da7142d6aa86debdeeb6d732397dc44b52d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbdf8e5aa4c1826d8dce83ced7388da0

    SHA1

    bc01705c1fdf38ae46e7bd338a0ef5e733ca6b8d

    SHA256

    e9df6511d8b3453328f84b436bb66fb20c69fec1512a9743c279feda7373b36a

    SHA512

    780b67e8b691834f80ba302f619ebf11c871ed5c15860e4def8d9b3c75a1d64386bc58b3af66559eff016e865bcce398a24f3e1060147a992bb830d33f492000

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAA46.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAB37.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit