Overview

overview

3

Static

static

1

HMRC 2018/...ime.js

windows7-x64

3

HMRC 2018/...ime.js

windows10-2004-x64

3

HMRC 2018/...ime.js

windows7-x64

3

HMRC 2018/...ime.js

windows10-2004-x64

3

HMRC 2018/...kup.js

windows7-x64

3

HMRC 2018/...kup.js

windows10-2004-x64

3

HMRC 2018/...enc.js

windows7-x64

3

HMRC 2018/...enc.js

windows10-2004-x64

3

HMRC 2018/...om.ps1

windows7-x64

3

HMRC 2018/...om.ps1

windows10-2004-x64

3

HMRC 2018/...eck.js

windows7-x64

3

HMRC 2018/...eck.js

windows10-2004-x64

3

HMRC 2018/...o.html

windows7-x64

1

HMRC 2018/...o.html

windows10-2004-x64

1

HMRC 2018/...l.html

windows7-x64

1

HMRC 2018/...l.html

windows10-2004-x64

1

HMRC 2018/...e.html

windows7-x64

1

HMRC 2018/...e.html

windows10-2004-x64

1

HMRC 2018/...t.html

windows7-x64

1

HMRC 2018/...t.html

windows10-2004-x64

1

HMRC 2018/...sh.ps1

windows7-x64

3

HMRC 2018/...sh.ps1

windows10-2004-x64

3

HMRC 2018/...nk2.js

windows7-x64

3

HMRC 2018/...nk2.js

windows10-2004-x64

3

HMRC 2018/...ify.js

windows7-x64

3

HMRC 2018/...ify.js

windows10-2004-x64

3

HMRC 2018/...fy2.js

windows7-x64

3

HMRC 2018/...fy2.js

windows10-2004-x64

3

HMRC 2018/...001.js

windows7-x64

3

HMRC 2018/...001.js

windows10-2004-x64

3

HMRC 2018/...002.js

windows7-x64

3

HMRC 2018/...002.js

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    01-06-2024 17:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HMRC 2018/banks/assets/refund-help-files/sort.html

  • Size

    2KB

  • MD5

    789737fdd75b1a99042469e395f2494a

  • SHA1

    938c4dbcd48ebc3891545092952410cdff770eae

  • SHA256

    2621ae89171035af8740e6b84d6e870c39c611b240d948c0dbd8415669c54968

  • SHA512

    798c04c9096bbeaa7f7dc0ab1ffefb7bd4c3c810ecfe58b8f07b0820247176179cb63509ade45f03bdec39bed824a601c9d75ecb0962778eabe16850480c96ab

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\HMRC 2018\banks\assets\refund-help-files\sort.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1936 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    6028ecb63f5393f4cc7106454e9b0f3c

    SHA1

    39d30f0058fff1a8b91183104eba3d99060c3590

    SHA256

    3c7553f463897e458c868fb647915dbe5339540fc51725ab10baad97442410ec

    SHA512

    61559f7fd9d96fc35fe3f280fda51b6c60fe74024a549196bb5f669bd1e98955e98915414ab0f62ad4fe1a3b1faca64a232f82bdefaeafb9f834d453a3b3efc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    414f95295e2f69486cd8e2db189c2fc9

    SHA1

    e60f9705afd70a3d48382dea3e5424bbfc1475cd

    SHA256

    40483638d9b52bbf0072dac223f8315cbf5a60c00cb4e7c9c8eadb7a6e648b40

    SHA512

    c4f9607075b7b470e04002ca5095e3faedf2217aaa5e1a904713e7695b7c7b3548e8efb248c2145b45ce76976c492d4670abe606ec46e2613f140f68ef42ed46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19d1cdf8a7ef2f194dfd3c18ad432ff2

    SHA1

    826fef07dd128d90e4c3014b444eaa7ddd69285a

    SHA256

    75635c43e6f763646f4db73eab9c79ed6f4dc166435f3beb07ce924018390450

    SHA512

    934396a047b082392780eef40f5cf55bc55a839c00ac7e6a07414fda0a80c3ad0840479521fd4ce8cf0057f68daf811c9661bc5e798b47926dae599f236932d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0888a93cd869a4881acfef2e395aa99c

    SHA1

    a262bd05e046138ff590ad3987ec94f583e38f50

    SHA256

    a8aab2a00a9dbb5d5d66b259714038d276b38ce6bd57f211549e3c2a51f4eaba

    SHA512

    a7f9f44776810f2e810dcc0cab1c7071d3d6609e881bdd075f1ede4c59c73d20361e08a4d51ae39b5957e444f7c0d13961c67baaf751bbfc4f8b3a9ad919e735

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bdc3f694d699a4d9852c295f97d4bd

    SHA1

    3a72995c3565e1748729738eeff7b38075a72739

    SHA256

    7cab478797a024d3ae06b74c07191bdeef868d4fe8af1116adf3269d19d87420

    SHA512

    bb337abaffd1b624c184b3d52c655abb033e2a1945d516aa5802660a95473092034371224aa3de27f930889779fca4ca84e2b2a2e240d522fb7e91108885fa72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae7aa2862e25c82beb30dde8368fa174

    SHA1

    1b1a51d4263baa700bb4d5f98bc812caacc26fb9

    SHA256

    c5e927a4d440b86632b11186d1ea2a1486845ed351976c1bfdf96c298adb55cc

    SHA512

    8b2b24a20bdcee14d191e01f770cfa2b9e02fadc68f8f9f252b391fd6c86f95b9901a76586f9d49af45628833ec2e479a1e3a7df75bbc08a92a42d42bc9bee33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    225d8524c4d2403dcab92adfd5fe2e28

    SHA1

    ec57efc8a76fe3d2b8431506ff35d6493602cd01

    SHA256

    d8b2958a5af7138c29dc7e51d4984bc46b80e0b801826de9e2628416e037d68f

    SHA512

    9de4389541c8a8a2de254e45df71116e1324e5bab8d174a026f5df3090a58b2b67e83a7f24b1e25bca4eb5c9dec6f92afa846c420e4a11569d8f20f1e17907ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03235c8f899bc1f9d4eafaa61446381e

    SHA1

    375935f81bd68af9a84097274f3a7192939256ad

    SHA256

    7e944795b554a56323c3bc5c164a92f92156e8135ee14ab3c42e6f8aab05e475

    SHA512

    adcfeb34e7243db85d53eaa265f1feb91c2039e26dd53d55abeb3364f477ca25d1451843f36b42545f93d951c7dabe2580b01f09a671a1c8b13047a790c23ea8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a42f92acac069f25777e32e41bdb6230

    SHA1

    8330200c0023b97e0800876eb834cace057fad20

    SHA256

    bf443cc4fa80c3dd98d973e5b7f1f02904456825a9bb1a0a673539d540731ae0

    SHA512

    f3bfdce037f6bc6234de77a32d3e35697790282442f9b40384f19a3d6ed9a34961563735ecd43101036973ec980491ef1017535e4f50f45418b66f86d141bcf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fbfd12a17f0a333a8703c98fac5594b

    SHA1

    e6c8c656d009483a4922bb22b41ee9adcbe089de

    SHA256

    972d6b30bc8fd953cb1bba2164c87e378f761a577ff9e80ab4993f40f2417677

    SHA512

    404f9b9c0a4ded31716d806dfe41394f47f24584a211a1f7d56722e1f38f555a71df435d674c96fe25a2f0caf94cb403285e91f371f6631e32e65b7cb8aefb7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d33421a982cbeb229a5d6336b41ed06f

    SHA1

    ee9abf61311e182214c0a1f4b5c677a7a82dee00

    SHA256

    a789cc61746a35941fb4e2456e30256c5cb80db1ee1036aa2b8d7f0629c4c12c

    SHA512

    1c2922b3078866f153438fb4a8133067b583ac689f8dd4c0b0b68a22c7911aa6db2b607d4a8955912a5910f771d043fe4a46132f4e573546f4369867e8529f66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bec3f0083b9f8fc5d7f5e9809f90ea7c

    SHA1

    1616a4a61abf92bb47e80c8d25d75abdbb86bb15

    SHA256

    0b221d95683729287553cc10e24bf249f2ea33b2a51ef71939e7598650517617

    SHA512

    4c5cf08db88b06059ecfc080af12749c86a7b2ef93dafbee753e80d37ba9ed3ead631c9b6942f209cc2cd57babeddd6a5bc665e897989f99956f76590cdd731d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4637b6bce19d73a691e167a391a830bd

    SHA1

    60769bc493b7130990c1a7d41a8ed977a6ad5569

    SHA256

    91b64ec856a9e9e7311419b50a44c5df0d762d845b9439252585d14c7f077773

    SHA512

    88db17971724fbb86ca28f0eb865be80603e5aec77cff64d4bf36563b203af1ae8ef34c700714b55df940c7679ae3a73c678af97b598494935125cb7ec57bad1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a5e044bbd15e2b8957835ea6eed8184

    SHA1

    b33afb2b59f751beba73a269f39dc013f04a1d47

    SHA256

    e70f27d16f2c18b4b3b51a0ba4748bf4e5a130f2ce0731fd7c15382c2dc7bef3

    SHA512

    5c84d2787af7f5656c341e4d3998e6bd6b9cc256dabc329f72eba72732cc2afc0e6cf8cc767b0f68eab69741a557b742b984fe9a9b8ab0eeeb4d36deebb64aec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dec0744cdbbf26d6d1b9064bb292fb73

    SHA1

    c3edcc8da2695490a601f64d1829ea3977f3fb60

    SHA256

    b7783870ba5327b6aa0bf6db085ff2939857e181ee48ced568b3e2adf3c38104

    SHA512

    e15c71ae4cbd5ae120d7f1fd36e4c83fe01812428ff789312b4d3cc434e276f44e0439c03783dba987bbcbf386c43c0c17922b9ceebf8e5a741288e1213719df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad8fa05989aafd2f33c5511dfb1af8b2

    SHA1

    97f2dc8308290e49fee420b31c38ff540fa318a1

    SHA256

    1b480155d7a5b45655274cd5d3b278d20407b864dd24f29e032eb34af08ec0ca

    SHA512

    897a4456a470ff07b70873c858a85abfa1a0a334e6634dfba51c09bc32dfca5efa4dd04e5f58eeb47cc45d41fb2a34316dad218f00dd4fb9c003ca17fade92dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b239127ae3fa7c4f4fc83d3a5274dc26

    SHA1

    8884bdcd623d7ef55c3c8bca299b09af99f7f097

    SHA256

    2c21738c387bb66415671c23c5413587951d7a21baf1f7062aa23fb93ef767c2

    SHA512

    f9bfb8e260f02e30ead672113fffa5b23b40fa50ac9607a01f9c809203046be20aea94856e079c91ca3a397cff998dc2d3cdbf4308b9014ce4c2f2a87f3687a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f33d384405fa56d635e70d08c4bd82f6

    SHA1

    c2ac5c821ffdd41405d7852cd60eb75554ae15d5

    SHA256

    20fbc80ffbc584e1c4059b9892b4dec11fb7c521c373fca24aacca7be983f73b

    SHA512

    5591d01e9e544de48a1b8800f3ff0302614a5c2a47be457a27323b7b1674f7843a8306aab48a419ab84cc91db6ef4e47a131aa8d9bbc4a58db32f561b1f9ac52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f70c4e840d4c6bfdd5d837c7319a7aa0

    SHA1

    9934daf787258cfbffc955cd3cdafa0af6bb3126

    SHA256

    bb19221ad2071afe7a7a27eb1c7de9695e830d14ab4ae08e962cb7f4169d3272

    SHA512

    06cced67894a3fe60a34eebf51cfff2c9a9dd7caea4c9dbe6ba8732782ace42dc7a6aea71090e5c2e3dd6005123830fbbd2ab1624247194814ac3ea0bfeea436

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7435962a4afaabb584e0db53bb6f024b

    SHA1

    6c7db0a216d3b3a8df0ff015e7150e826e6f5628

    SHA256

    5a0035ac87ec3cf411fdbbdbf585d1fea0a1ac7820763946a8b4bfa5c0f03d09

    SHA512

    5154e2c67a43961cf92d133c9faf234307b4ad78c424ab5e6b455699006f15193ed1df4babd2366887bee9679c402feb75f904333f29f55dc514f946faa1a477

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    2d5d745fc69b13f7a916866c04e8df06

    SHA1

    3e5033f78478fd3f7155990ecec6a5275354d5d8

    SHA256

    b85a156b4c221ec3216d456b3787078edf6618374915a7f2b2e347ed785b8c26

    SHA512

    dc26f2abd73a17aa5113a00c5758dfeb7d0a5f82fdec2d9dcbfa022f0b6fe1a86d6b1915a2d4c29f76d3892c843aa85351c7490191c37ee29c7b787456c36b4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab34D7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3672.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit