Overview

overview

3

Static

static

1

redirect.html

windows7-x64

3

redirect.html

windows10-2004-x64

3

Analysis

  • max time kernel
    10s
  • max time network
    10s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    24/07/2024, 06:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    redirect.html

  • Size

    6KB

  • MD5

    26fdd87e00285d4dfaf8ee0abc5c70a1

  • SHA1

    bc74f3f6cca92c5b4ee5e076cf5cb32917d0f10c

  • SHA256

    2ee74188850ddf640e8fa542807b75ebb0794403563777337722ad7b7577bbc8

  • SHA512

    83f6b84af10d8741b135050633766dd0097f6f071c2e9590088b5fde133db7971524021dc42b7c9ceea5415670d043790d9b358bc7651cc26c0cd6c46222d576

  • SSDEEP

    192:dN0HLxX7777/77QF7myrjs0Lod4BYCIkNOZX6Jjb:dN0r5HYps0+CIkNOZXm

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\redirect.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b39fd83c126edad5023410e2fae0979c

          SHA1

          5c1727edb9a40cc32b4d3d830163a9f60555d468

          SHA256

          f92b8e017b7e033c2544e29b454a5d5a98db86fc1655c0144f2e3437dddf6ac1

          SHA512

          91365d50b0eb037a88733bdc816132fd62615e9e96cf7129fab255600e0f5ae4d44e13360a1accdc2d722fcc467e2302c25e1d12c616e9c2ccee152c4e9f0b78

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c55f611941b9f72592b879e2ca5f9e82

          SHA1

          d427dfef3d04f9c24dbcc5b29c68aa8ed0576594

          SHA256

          233cedb9f1f3d39f1582790ae273a946fc1f754627a0c5954f2f4eb97b180ac1

          SHA512

          102a48922cf0f8dad6e040a70e40b7e5c37ffabb4ee8a510358d7cf341f64d31b99af9b90bf6136b87fc8aaaf7e84ec4b30a0bd863ed678e96de4cf68fa059d4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          661c29ce9ddf60544496e6d844d59db5

          SHA1

          67ca7dddd14f3f47f25c2ee34ecf9cb00a696c9b

          SHA256

          91dce6907991b1da3d2657470d98907d033f3ca521d73fad6b16ff402f33854a

          SHA512

          a7312e269792bc778036f963378618600ea2ec9bbf6d1b6f795696a52754c8f2c71818fd202858c132a2b442949a4d378f40ac709d12bf03e2efa68cedf980b7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ee7468ecfae6d962d2daefda5bff0764

          SHA1

          cb679d4afc341b56c586c12fdebf92a3a5fe6797

          SHA256

          bce998e05bf9f63f04465fb8c48822402394068159af3abefe44252c7fc6a835

          SHA512

          4304fb98fee176532f79e63d43a2717346d3e7bae1b9ad9091e17f8c3b7c3ed701b256f92e526297e269d8956bfc21508504cb44fd63afbc9d3cc5abc43f22f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          051e018868e3fa4de63324ea748668ce

          SHA1

          243d9aad58eeeeebb616de98a724d3dc550d5bec

          SHA256

          2561a1fae9cae798c7f202956065f8c4b06bc46dde30355486d5bc32e8bad6b9

          SHA512

          059cb3eee9588fcaf09c27ed7644d1d3f192428462fde3e56fcaa2de2d9320578eb262aa3ed03e86166039e4952d449d20d90f81a80a264ca351401172b9e882

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b934dfd360f006cf3aefa8dff066d905

          SHA1

          dba4a17583981ba5aaad9be7edceb5839795cc6f

          SHA256

          4951f89d264a168436faecd37f3d56c17b9e1574769b306dd30c89e14f1cbf38

          SHA512

          664431fe6b9a1de8569116d52c46678731b8c0e0756938970a0f7d373a6975b4740766457797c50137a2a7841f6bb4dfbc5ad284f150620d7009f2f65af8da57

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f723ebc614212f78416b4a00d62658b7

          SHA1

          1f4182dbe43225414e04ab3a6cd0dfed26898bc9

          SHA256

          05a3ff90e88ea9487d213ae11cddf6bb3e6a9279cc4a0f88b03255823513f7f6

          SHA512

          2b3e6dac98183841ce75ee034790932cf703b6e496f8e245d4164188e4eef8c5ba5fbe93776530f323fcd7da22b4bea099ace21810276eb8785e4d33e5b97ff0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE16B.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE1EC.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit