Overview

overview

3

Static

static

1

85T7lMbrbO...Z.html

windows7-x64

3

85T7lMbrbO...Z.html

windows10-2004-x64

3

Analysis

  • max time kernel
    30s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    02-08-2024 22:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85T7lMbrbON0Fb7G42SpUqXv60pS9aY1K9GWiSlZ.html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\85T7lMbrbON0Fb7G42SpUqXv60pS9aY1K9GWiSlZ.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1904 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2072

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d6540dddfd50664d694c69934390a96

    SHA1

    2aa70c1f471fdf4245bbce6145ac289e407881ea

    SHA256

    4170c7a60d343350242b0b855458c6fd751702cac9b20211d78308cebbfe09bd

    SHA512

    91eeb3f160b8cae5a60a3f92b9d485475d78e30f57b054cba8bd781c84bf5e30e121150f797398aac9bbd5b626c44fedfbc97d2f04d2b3c3125394a4680d08a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5987752f686a04b61f3761237947668

    SHA1

    8d9ec38e7e7c074b18756930b9a59ea74d427a54

    SHA256

    773ed9c3acaba35927c871d8ea8d89b09f4287222f07cf14f25d5bd44d53daad

    SHA512

    d8e80352f8e3200e15b54d74bafd2086e0c7c01f3914f9d70fbb75dbb5c8602202e3b3d58f217c446d6dc15b0f1e9462c24c2afd3ba9608473c9564ba78e78cb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c9f52f2f5d58c9910ecfee3c28b20c0

    SHA1

    7138300dadc563d505ca48bf9f1cdb7b44a4ca9a

    SHA256

    91698a0b7769b3186725f4df8b53215ef5e1f6b7392f36f45cf2ad56bdd776c5

    SHA512

    5b156ddaa64f5aec88d575bab4b203094f310b1509901816aaaa7c66dc5fbaa1667ecb08d8e4941637fe6e866b014c1238b0b530be49670fa4c1a0730d4675e6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e15b99717865acc6995842f2c040434d

    SHA1

    daa46dd9b27664c6da40d28a6f5c7628d67b9718

    SHA256

    5d7f8776823ff6c858f0c24dd1de0a89ad700dc4b3a956b6dafedd680d166e5d

    SHA512

    f2b3e25cdb0908d8366c6b15388bb4069ac6b55defc23a2f865b10ced096eacebe8e2354e0f16706a3749e74cdfa1cafd6222a57c44680c533c8ba8af9bdaeef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43ce9edc47bff134f07e6da2010a18b1

    SHA1

    e185cc8509ed2c5b56587895b883c2836f5888d2

    SHA256

    d185c41dd814cb09c5898040391674c73a344b65d90706a950992df670b70d6b

    SHA512

    3a3cfd010ccc2e9a1c7be2bc1793f25825226b77c8419fec3f6a55c7c9749a82181c83460b171f4437dabd694bc85364b9d4fb71bfe73f691bfc9f78022834f1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b06822404a8e444240c3c77d1596125

    SHA1

    3bf7ec586be8e107546c9488291526fc4d9c297c

    SHA256

    da794ec37da4859b441906a5309fa130d80e881d0202422747cd92642d4b2859

    SHA512

    5229f0ac8559bf9f3073a5aee97037f996d7caf5fb24fd6c5103dd6ed13fb2e6dd24012118716969ff07ad738a4c9a9fec865347cd947b4ca8e1d027356c827a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d7c334208cea5ed1cbaba66641df125

    SHA1

    1fb3c3bd8800fd625d7fcea341b4c2ef5ba12d5a

    SHA256

    c35ddc14e60049a8614df43901c2e0a0f35e05e9c6ebcbada25f7a41ea52fc23

    SHA512

    03cbe520df231c82b7f7c5784c634d1be525e92ff5c1c17ffe5438f46f7e19b180939535fee9bba978388b03505da123e16ee8aeb93d0ef6a33bcd63c408efbc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5975c0e5ec03dc24364c636a4a7eb12

    SHA1

    736de6f9ecf8fb38cf0ce269420700ab19e6bbeb

    SHA256

    1ba625d002f00bd7eba4a5dadce42a210e427ce82346af6965b07785df6176a7

    SHA512

    fbb09085c5a6019144f191d10f754112987a7974b80c79d6bd522af98148664845fd002012c5532b87594896592b643ca94a2de297e8395b0972205985b6bd83

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab1B51.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar1BFF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit