Overview

overview

1

Static

static

1

OrderKindSvc.html

windows7-x64

1

OrderKindSvc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 12:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OrderKindSvc.html

  • Size

    4KB

  • MD5

    4dc0c875ef95b22c502514ba70c5b728

  • SHA1

    ed75795ccfc136c5577bc0a6e3bfc46b89225621

  • SHA256

    a5ed918074de854e485bd2cae711aa10b012cebfd4cd315aee882842609b368c

  • SHA512

    17ee276a5172a39078ac1e008cf5014816f32eb8f0d40274a2324fa5a58323aa52d4e9c890a39878d4017adbfdb56bdf6ce744c994937a61f096970cd67fc0f1

  • SSDEEP

    96:oSTJBHBJDJgJLJpcJhCJz+aCJzkvJd1JzUJcJzLJgLvKIRbRDT4R7P4CFREyRUsm:oSFNVM9OAOUdDs4JAvBRtsh5n2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\OrderKindSvc.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49b3315f3e5dd5b65d6d4025ac492823

    SHA1

    4155ba0c8cdc2c2b7fd69bb3e41c3ccf048449de

    SHA256

    cdf9617e61dc0b7a2ab9e3342646df97fd40c94ad08c87995f4c317ff14be941

    SHA512

    8e2e7ae851925b866e7cab98781ea856ba9fa123ba3b37eebb6609a5c805f9af3ba2a96a74298eb1bc28979625b6db969e2879d3dd9db149a8a7c9908f8ac367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8de4a74100a334bdc96392335b43824

    SHA1

    19bcc355c3d8c9995c4c3bb48f83e799747edddd

    SHA256

    a4294f88bd2c42b37db170155cef0aa50ce731a92d06f759e36cd215e485ff68

    SHA512

    f342bc84be22f0aa52b99a32cd1004361d6d32d8fe6c5f4fc6840bb00fa18be9bf1268b92ef1384b842d98b096c0bed5ba5f3f34767a910be0163c66067088c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a79774c9ba30e88cac33dcfe0f9ef79

    SHA1

    bd2d2b5c031a22bb796603a473e8ea761cbf3838

    SHA256

    b1bdacb0f01f10ff233fbf50be43384dff32a85e4c59f8c7ebed7227370b899b

    SHA512

    801a70a77e05b559dad5efd72276eceb0d6e4b71a58ac2c0925aba6c1dcf29ddda158903350c105b82658c4a564e259cd30d42bc22782d5dcdbbc54052ee4dd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a6e766d4b5f4a510ebd518670370a89

    SHA1

    42391dbf515f120e91844a60a6c328ff4df45437

    SHA256

    78ec1327e41a62b0cefa325b6f6a2cb1d89c130a97d67c04cf0045efbb4459b5

    SHA512

    0577d08d812dee04800d7ed3ba20b3f8d6acecd90e5f77681baa3ff01831038970c15babd54f83463743f86f41e131f0ec30a3d096301ca4f5506f6f2977af7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c76c8184f799e52bad654ada99318c7

    SHA1

    0f04b19c0923de20ecc539b3c63181f42305064c

    SHA256

    9be45a3e9c02e1395ec17d6f38013ee6767dc1ebf9d91f137655c70afe684886

    SHA512

    9a448af0cb9a77c0642a407f51e5cb6d7473c341a19fe1d890594c87b6c8a9b3af8fad391be9ac9fb1f60c48135e1e4ef6d3f92299fb0ce505b716250e470805

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7f898e6eabafb628713d956ff758177

    SHA1

    907dcb57b872f457a39c869d1dad590cd67609f9

    SHA256

    5ec807d82df43be26ca9cedc5b5648f7408709fbdc9df3d97e99af23755d5255

    SHA512

    686f43624489fa00871b3479cb503edf46c4535d9bedcf957355ab306d2a6474b5bb78246d02d1c6b6dce02f4a82a4729d4ed8cf3bb56f2a8335a85cfd745339

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c244696520def081e47162b40f094812

    SHA1

    be9e662ec571423144230f5f5eae2baef8498f8b

    SHA256

    242a23d0ab0761c26895d5e8549152ac1f57f3548cda8fcea8ed1faed9a5e7a4

    SHA512

    0c1451949b194111558a3e4bb428811d53e32c24f9b2a3050e3e81f07c759368b31e30fa85524a3f5021ff0035d260e09221dd0aefb234c0065e1b77c789fd07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23868458de94f0101a777edb1de1fa6a

    SHA1

    df8626edbfa0ddcc6883cd1f993c30caeef8543b

    SHA256

    f82911c25784ff559ada5f9415ac1763ea1e4ac770e41f16ebfac8180757a8cd

    SHA512

    43cfe3e335e49df8be3307f1bbbc05fbb9dbe5162355d6d92adc707a7033be65829b3e58cff3ebd210262ea139ab19061480a4029ffd425ad17ba7d6227815e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae6c0dd56527a9268cb8d4a9871da52e

    SHA1

    ae7653079f4477feb0815d9f9fdfacc3639d1223

    SHA256

    95e7b0843e1e94343b1dee3e27ce78fae84c99781b2d504de16b1d4f87d42b0d

    SHA512

    b37eb927168980b11e74c1da72d4cd94480ff7e77aa3eaff2c7859b735090c4b3d6e3dbca59fbf8aef3f17645e9c1ee5992493e0bc92e98834dd9787ea91dc36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b868a76220c53421d59e66fe2730ddb9

    SHA1

    7d94f62598e2a8906c924bef4e4109de54f8abd3

    SHA256

    227f8d2b3a9eb2433ffa02674aef6efd12af05b7bc992a9ba87298476c907e39

    SHA512

    4e85a77da734b3a7548914783e9d16b2492446b906bdf5cea7dbd0367001103fb3af4336ede55081259a025e698400815e8e4543568582ba92eb8dc592d27639

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1a0622d27b633b55d7f8a5fe51cb73f

    SHA1

    d5902027785df7350e54baa96055ae7c82c9e584

    SHA256

    343905db55a2cbf50317b565a1a95aa86e0264304d227d68df45b7677ab89509

    SHA512

    d99def50fdf6123c94b60b41a8a045546f845c05426d8e369f1c7819aab18ccb7f56e9fdc849a1cee19db5130fefb859f75287fa6b1e761b8a72e683723d4446

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b6d034402bccd70e03722f5ce9e88e7

    SHA1

    e5e90d0e01589a28cc8c5d426d41e330fb8e2625

    SHA256

    1f0cdd5bc3fff974761bf8bcccde6d89fb7b43030448b4e6749c7e6c79acd1ff

    SHA512

    4da8e20f137783ea8644e557eb7dba73f6cefb6e3425a94357b904ce56afd6ec71da70c6982f5aab2fc10e18532844b10eb28ba3ed6cf2df47e5fac49671685f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2142fe7db6285448283057702c81aaee

    SHA1

    601a350f266decc4bbcead37272ee1dc7fd86ba6

    SHA256

    26d61e268724a48a9c6b446047a2c5c94f81f37709353ca7c0ebc001e6e9ca28

    SHA512

    6a952f1c2df220d3de558d5391dfdca1a4704a3ba8f3d05b923b2b5b5f6df02228660afc9ec1c536f445d7ef4a65ba5bc84c3014cf7eb44b21f6cd3262426f24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fc9dd07a207a0354c1364be10559258

    SHA1

    97778d8efb8cb0f66329c1db9400d0c613b73afe

    SHA256

    fc490e519d26a9919df1ebd52a2f1f40a1ad315dbd192ed0a3743d29d7f53197

    SHA512

    fea8520249ff2b9f5bcb1fe924e5bf4507f5317d19bced88ae9693cd5571a13a8a77bf747dfb2aa5f51b086d8eb296e32143babdb046c3d20b91a3ef87efe276

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72b131bf152c135ab70892f990314245

    SHA1

    0907b7ab9343bde65562ba0d97c1d966fe5ae4d8

    SHA256

    01e0527cd1ad9b11fb78bc8fd5a5a067eacbec828ed34a389d02216b75308f37

    SHA512

    418d1f17de9e376588493469f13390deb9bc61c2d6ce4614db998f3f70c0d980ad3f88acd9dc576ca3a5c982b935b2620bec4af891176030ce495687d37e71c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f6d80ff466a3c4392f4f11d0441d82b

    SHA1

    94cefcbfcd8bbe76642c586b3a93403e325a380c

    SHA256

    0ed2c7021e998c73ec2b4b3dc9d30aa54f6309811a3f9d5d132d4c6b146b1105

    SHA512

    8f491d9c92d6b211ff796e8c8afbf3d3a278075b5eeece8ac26680205c8d7e2b81f3bdf64262e8816d1190bac1d3b57a3c9ae00eaf9f88eb5bbcca751b8d0d80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e33b282348146d46b5259d590e75d313

    SHA1

    2f8a3a55d37a228130cfb65453ea7b4a91ec3013

    SHA256

    ea611246860417652a9dee88c88a088596babb982591cc715418d39755596510

    SHA512

    24cf9ba77d5fa2c2adb43773381077195583ee425b0716691b842ae6850c5727b3f2174801768723d38581fd4e1c50d00ea4594047657883c9b205c8c3ce1999

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC91B.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCA08.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCAB9.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit