Overview

overview

1

Static

static

1

MQ2ShellCmd.html

windows7-x64

1

MQ2ShellCmd.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 11:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    MQ2ShellCmd.html

  • Size

    11KB

  • MD5

    b36b771d66cc03b42f91dedfdd95db6c

  • SHA1

    9e035342e2cb1e825fd30d48ecd02dfaf9e7aa00

  • SHA256

    f343e12fa09e1f349f0deb0f845d0752a94c59083b297cbe0d8b288181725fe2

  • SHA512

    bec004fc8dca914fedacb11d267af00a9c821603d8466512430c7380b51e62c4b9a83ab3848a1e753a3cf47f3ecc01f8c91ffd717db10ea8dc56ff05f1581ede

  • SSDEEP

    192:HFtPOiFekrEKJTiV/ZVgs8rllJl5w9UWEdAigeJu+iIOfpye5nW65AamwyOyv8GK:/2qjQCOVnxy+beKVkoK6m3+Ws

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MQ2ShellCmd.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2304

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6d71bc665d37c150b87fe9d1f17a6869

          SHA1

          c366c383927a9461a44c80dd5c00cd2bbcd0d77b

          SHA256

          0f6778dd871dc227d0e28789813d5a67f1437eb524b46b2024f511d352da8219

          SHA512

          f8f44173802380a415eb3ef33034d0a25181c8490269a185a25fd9a74b68e695a5e3e356f1a879ba72bb358ef111b7ce0c166867571c6225e59347036e1441d8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          43c96fc851ed8b9fe7143ad2c0577eea

          SHA1

          5f864307b1f69e839425fb91946ddb70a317299f

          SHA256

          f9efe1011a3b1a4a71c078c234d614caab1ba0e0cd0b44c6da931a321ba4ba97

          SHA512

          ccf2f86c00d13282d69564ac8474237a170f0be3ba835e0b8ac012441480115e7139b93de12600240f25b335eef8dd572d5547677b0a4075c7a0b77177f785e4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9f91b752f8a83347730a1b19ad900fae

          SHA1

          d2cc3705dab952c1ecbd113227279e868ead8bc3

          SHA256

          d2cbfb29033c7bcf2f568d9d6c9d3197a27479947436c5455444be5026972d23

          SHA512

          528545f1ffbc8d392f0ac9317b1580ecbf83d6103368d1e18bcd539038fb85b1c31b73fae2c84635e30dd3d32c63363b6ffd817e256750a63234c4f0d8efe355

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fbb5f4c795ea000dfd69cc7e67172fab

          SHA1

          e2ee0b329aee8197d9d94a3f992722e33b7b5c3c

          SHA256

          0194544a3168cf5146adefcf6534d5ad5788204bada6972bd7776d37f2b767cd

          SHA512

          4c74f282549cc5f186a0b155e1d5db4d43cea5d497f9d98489ffceb389715523632a02dd71f8ac92e179965687ed832d27560c361a99b6b4c1bf46c0bd7ba77b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4426928da66ed1c87aff0ad31a018014

          SHA1

          5a407328a37ad4cc398f61da29d93e82d39f48be

          SHA256

          5564452341f2cfb5567bdc25af098471240f1dcb64bc12f17159b47cc47bef79

          SHA512

          2c72b0508895152f73e4ff6c34182afa588a11bf4c2b88af31684b36f36028629a3e00503acee0132dcc03a4db0b49ab5f7f29d0afd1776c8959750327aed1da

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          361d1f7acba673f25d09ac02460c64d4

          SHA1

          984ebbf6263d735c4abba43478dbd1bb1476d47d

          SHA256

          027deedda4c493a319391ab021530439be540de11935171da93cc53bfbb81b24

          SHA512

          78b94365453911a33d0028f99c3f087ac8713fa185adfa32bdc8d6a03bde6127ebf6e288c55ba9a4058cb1d436f4e1b7fb8ec55c5cccd952f6a7bac4d267daf8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b8280fbbd28371d37e44a227b5088a72

          SHA1

          15b0cfd22c527486fd1d9b7f5517eeeb10b75444

          SHA256

          6493eb35341bfaf7deb37a119818d91344a9f24d4cf07200bb74c4e28b358748

          SHA512

          6275902b118b0fb1ac16058163d0834c60d380c075154c7fee14b553375f2370de2888a1ee2f111e531283f3c5f36e5c86787355d0d602f01368f39cfabeaba3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dc9877b04cab230dbf724f59c4b1d327

          SHA1

          fff96835ab28e7cf0067f51724e05e5552e5a9cb

          SHA256

          d7e6fd4f71ba3b02390f79b50e10bb2a2effd45713d846f20e1ee789ec9fabe1

          SHA512

          33c253e6968c3323e45cd6105dad470ff9b0d0196f0724d92c5e182ff2663b5c6f0511ad0e2ea8addde409a3c056505c448cb50908bdc391e131648caa81b41e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ffa44c21aded7183c7aa997cef70d88b

          SHA1

          52bf8117dbe8f96cd115db038d2e23afb85df772

          SHA256

          b7547fdefa529a8c9da3b91bb010400bb465be1d175a6a30d5ab250a9613038b

          SHA512

          4bde6ac17ce238cac7e5e817d58b301727f47bca17d2f49c29a05be11b6b19868dacbf2b9be3a9be282e54984f92ba446339ebdc1cd1ac6363547f4ef9bf8879

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f49eba98b2aae8636ed6e17dcedfe0d7

          SHA1

          23195be97cce84015a159699d3f947d71f889275

          SHA256

          6b63539bde86e12543c5255313c9594bcee90335dd073d3c254652b008452a5d

          SHA512

          6af9f2f1728d5e7c57c4eb85704a3eef3af4c6f6b9cac5dffe495eb6c0d064bd33c5b4072b3236012ecebb234a93e27b5898100fced676f9225e68f852538fd2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          86c90bd28195e14c74259757b7a0e499

          SHA1

          2ffbfdfad3b5423e8210de9d0baaeb552a2b9ecd

          SHA256

          c6bdb43f2b4d254a5989f5d9f65a000993fb1e4b188c85f3fd4121361c8569b8

          SHA512

          0e59185e6861e0bbe4e6a3959a63e5deef949427dd9081317a49fd82bcf495e50c6dd63a93ca3c9fa5f891725f8cd1453d41c6c861054b1a616d8a39f5fbdcc3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          07cf32cae21a9e881604c3e3ae8e4c96

          SHA1

          3ec14ef29fbe01ffb4f43db5f061c6856afe77c4

          SHA256

          6741e96bced4d411a4a40b83eeecb4b8e7d3f70aa55d4dbbd1658a2e4bb32eb3

          SHA512

          cd14c98a3347c1ddac55355f52249b7789a0e50ff2409613e2472eeaa4f4f0442f8489722f19ee8ed87aa858816da53024ef600bc6f034efaeb0b1afacc30e16

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3cef39568aa352ff8d8c5b8ddf4b3588

          SHA1

          7aaa37152cb587eb53b75bf85da144710725a662

          SHA256

          5f406614d41273dc81678892c24388ae0002cb59bd84b9a470d4b26aa0b9a95a

          SHA512

          763e01e26ea35449bfd4aacca1eb252b70dd83f4e655be0bce4df9246333fa5c5c961d989a26c2384b553ddf626ee3ee9696701ccda6b12d5bdcb5be497b78b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1e61783b95dca9c635643575c782e061

          SHA1

          2d2a6259783d84f73336d61b94f30aa1fbefb0b2

          SHA256

          2b2e3fba84e64f7f1e4d6fbfb14458f7e7e256ee8e13e22f5f367b571fe87594

          SHA512

          bfeea315f1e4a39319a604f6823d09d0c7cb74f68a384ffde54e78219b575a531b9622412222bdf00a497a2708dc04528f315fafedf2cc7c06307d8ae7cf8240

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          65925cfe70291baf3b8434781563568b

          SHA1

          eb6de0484d68d7d8ef9c46fcd054771ce8dd8ca7

          SHA256

          c1d8fc8f1588475e92d29bcf88be8f901d918fb5eb3b0859d93c1c4382788ac9

          SHA512

          1f483f1d355bd0dee0ea5c86cb2328721077a25d5de1d554cffeb2d651f95557e5a503f61a43efd69135e386f0b676adaa52cb63008dd174d6017d7f27fc4a95

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          78aa515137303119ac7399dd1abd901d

          SHA1

          65ac2bcdf169db1da1a3d8f742faa450d187761f

          SHA256

          0d651ccb02ecedfd1f7c15f1bea393578f6b602402c71aed86b27621e0898201

          SHA512

          ecbed952b5ae3753def7d21c948984cb2fcbf08013c7465cc7ff23c98cc0fb878f1438b9e70938e8ab1230f37a7a7aea28eaffb48c83f1e85c045596e208aaf2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5a3bfbbf780402027a8f11b35044efdd

          SHA1

          bd376811ce5479a9dae5da9f51a98a9c5023d07b

          SHA256

          49cd35ba9ba3b23729342646c277ecb54a4eb6f2a93554cc3411db48d033e31b

          SHA512

          4c663663666f070ea59382befd5a02e0003cb2eafa83fb905c37897810989086624d325a67705dff00de6b7d503c4a92d1233ee8bd4f70a5b7b2cb8faa0ad273

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          32d47f15d47cdee6326586b02600691d

          SHA1

          1d1738c572ac5090866d443bfa0cbf8f13574756

          SHA256

          709acb229a189c486ff8a6d6c2fd4465d9b8adf3902de7d2a36ef470db81a880

          SHA512

          71da3a27643dc0feaa0d96ace985af3f3d6926357937dba2eea02c44bd9118522fea76c53ad2baa1bb64f3b399bc79fa7ea4d8adf4a809285d367bb453af1129

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b85c5f3cddd0f17004c8c033ed27b8a4

          SHA1

          8b4e7b40faedf5424cff1983c735aa2dd94a1a09

          SHA256

          ec4f23295537fc7e87e8429c1bfe876ea2cb1588a151f3dd6532c7e57a51011f

          SHA512

          b94d51bc5a3abfa2c209878db42e269938e2c2901d8849b58306da90859bc72684ea989bf0f6a91aa1dda73a78a7c550b4eebdc35cac6facbc558b4f8c112221

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab1FE3.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar2062.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit