Overview

overview

3

Static

static

1

nsw/data/U...1.html

windows7-x64

1

nsw/data/U...1.html

windows10-2004-x64

1

nsw/data/VXNbusy.htm

windows7-x64

1

nsw/data/VXNbusy.htm

windows10-2004-x64

1

nsw/data/aol.htm

windows7-x64

1

nsw/data/aol.htm

windows10-2004-x64

1

nsw/data/js/global.js

windows7-x64

3

nsw/data/js/global.js

windows10-2004-x64

3

nsw/data/j...min.js

windows7-x64

3

nsw/data/j...min.js

windows10-2004-x64

3

nsw/data/js/popup.js

windows7-x64

3

nsw/data/js/popup.js

windows10-2004-x64

3

nsw/data/j...box.js

windows7-x64

3

nsw/data/j...box.js

windows10-2004-x64

3

nsw/data/o...65.htm

windows7-x64

1

nsw/data/o...65.htm

windows10-2004-x64

1

nsw/data/other.htm

windows7-x64

1

nsw/data/other.htm

windows10-2004-x64

1

nsw/data/outlook.htm

windows7-x64

1

nsw/data/outlook.htm

windows10-2004-x64

1

nsw/data/yahoo.htm

windows7-x64

1

nsw/data/yahoo.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 12:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    nsw/data/outlook.htm

  • Size

    2KB

  • MD5

    65b5df3f72c939fa04dbe3bb97b83826

  • SHA1

    9ce637e5817e44eb93c25f86c0e96ef2430f3b6b

  • SHA256

    d096d1201d323e0893d3bfb6fe2e5bc0a7de73f92adc3b35c0d23ba174c50fe1

  • SHA512

    dcc13bb679f88344d2a40c7bea357f7f0370075abe4247b548a7db4d3b2fd8fa6b3b8408217535ce9ea03ae38ad46fc957af02378bf9a85ba2fa6618c3a791cc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\nsw\data\outlook.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:772 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2436

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c08795e55497e545c1e80719d486e360

          SHA1

          7c050019839dbcf22052751708e8c84b523e99f3

          SHA256

          51258237f87d28dc79d6fd2cc649ac989631554a4c36babcf9c6e47d42448395

          SHA512

          8ee2501f8e9a706a5a84341a23d2decaf97cb9c05de2338b64095674151b09a40354c22d04ac185c1175a69c89b706bf6835343146f5e45329d28335d41fa79a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          819c6ae75d3b4fbd4b6c388162730c5c

          SHA1

          ae162406039fe7a859131a5dd90088bbcda8c9d2

          SHA256

          8775ba4310ae8d65f6c0b5908b266307dc3327473fe029a69cc402e465dc8d1c

          SHA512

          c288ba3910dd4fa39a561f0147254c71aa26b6cb55c944975678ca6f7312b95cb6c605b6efcc09b0beec2b6badaf192a44119cabe5b8825ef58016a89988739b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b264efdd54f6732bf480863217ab87ea

          SHA1

          5c52cbaf9254b540e52aecae6907f1a89abbc6f4

          SHA256

          a429a4e1006585637ce1b83539e75fe89c31221ce3ba30f9cbdb554794b9cd98

          SHA512

          3f47aa5386f1c8d7de10fd2aba085d3a59729b22a9908f756a3dc9b194348ad94fcb77892412bcd4710de30e77fe5a64cac35a6712bafebc12b3a020b34c547a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c38c4ae8a10e2644ba53e1fd67e86705

          SHA1

          06028cdd5d21e74362052b7168a5172eee6bf949

          SHA256

          140264bea7562e3c9cda3f715345e79197c873b3f42beff00ba049300ad5b5a8

          SHA512

          d8b278984d3d02c3c7eeeacf613b6a2519a20f6d35f1b955df4d078065425d3f623b34051632bb9c7030fb7042288a54052728487955cd1b7e083aabad2a0ac9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9fb2e43a1d69afbdd084d9e88869562d

          SHA1

          b5219d0bd3a0d55197b374f53d483dc750dddc43

          SHA256

          8f31ef5b0fc7eadecd2cb6882a2c147fe1bf70e971dae3d972daa95b1f80273d

          SHA512

          82d6f1328a0bb7a0b95855fdcd51b874ce2dab2ba3739ecf6dd34edfc4ba5a8c5338ca114a6bf86e396ea58a1dcbb6a38fbee1b56d17e45b6f02748e0b0e7bb6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          91e9162f55ce8743099aec29e8b5e864

          SHA1

          22bc322d6f45799aca5f68921430da2a06d0e692

          SHA256

          81dedd4aae48a39ace025e2aab414a73c2df2de6674c7ddd3eafc346a04becba

          SHA512

          6c920c59a7fb33b0a3334c64b70d44043176a647310d329f99b6a43d59318201419a558ff97d8d7620fc982390b241b5a5a7a7a09b332d48519b9bd7dfbf8be5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d5b85e11494a159097787363cf47852a

          SHA1

          5ed7d05747e4443682b3c08868403151c788243c

          SHA256

          89793ec062daca5d9bf1e1b7be74d0fa0ca0de10550685ce1fa483eed9be2f11

          SHA512

          eb8cad44b686334130d3b307796615422e81fc74dc8c3cbb66e4665f1a64df80e25664cf14a7ec993cf45179a7873feb346c72f6af835d7b5b7c7981eda73db5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          80e63dd9abc58e780a39ed8bda817b6a

          SHA1

          a2c3ca13366b8e18e409c2cf24399259ebb1dcc8

          SHA256

          c3c374c313f06b57570a1339ca603834cbbc0a88f3c0f0c4f90e6c3db0e2ce3d

          SHA512

          d4250be44e09fd3b1e016a6ae1c447d7707454e0f332c614c509e60a75b13b5cfb8c74d0b95e8d3f5af55a31a44f780b3ff2f2fdce001efc56bbb56e65cd1223

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          184e0d089f197b75dcafbc5e2d8972d8

          SHA1

          c662b38790e48fdc96c3125d11f8d1423f609c4e

          SHA256

          4848eba012030d46d851f30a0f3f22cf72efd0d4920b72abe02d4e134e3feb09

          SHA512

          6f2bef982882d95c1938033f9098f6ac35f986d7e40c8c69eab5bbc522da7c5b6caa94636f2fcaa7ca26344a258520f83218df43d0cd80abb3dc28e47787dfef

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabEE0A.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarEE4B.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit