Overview

overview

3

Static

static

1

PO_09465468367.html

windows7-x64

3

PO_09465468367.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    07/08/2024, 11:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PO_09465468367.html

  • Size

    2.1MB

  • MD5

    791476a811169e262e1810c73a25f888

  • SHA1

    72f24db64d8f04723090a48855bbc5ebe94e3f26

  • SHA256

    daef74c0d8c48ab839946b98b09056991618c2c0b34dedaba269f2be52b0d0e2

  • SHA512

    9855e35ddc01d6fe6a20a19fe67a4ed69766b26000c2403d73c936fa8cf6dc732cd12ce616bf26ad2a9111de80b3c6f3b8ccd10d39e788d689d48e780fb41891

  • SSDEEP

    24576:YNx+vMYMYAlChR+uwMIQxYaed3yx+cLk8lFDI5BXpdhd++Fx5UQqPat8OQmDBEaQ:Jb21KxXedgT7oBVP2QIQVOaboyjyz

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PO_09465468367.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1520 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1b42e190a7b3e09ff3888556b992206

    SHA1

    11cc22ff42f8618eb9af7b067df978b25159c739

    SHA256

    33cc72d1ab10f0dbf7ea360ff950a99eeab1c1dbe98acae80b5acd45826f231e

    SHA512

    a1f3c5d620a7a9f442effb68281bbed4a51b538e003d98f8874ef2e12e26d8105d5e1bff3f8a6119f79f7984b2702a9eeffdc58e2c0eb867b86229accd55eef7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a28b055913af7d6f7e6318896018d96

    SHA1

    4c34d03efb1be3d760bf60ac3d3d7c7e753b2b93

    SHA256

    bfe0208861fdd4e0e536f259f667d4f897e8ef88cfe9b93f0582d1eb88c6fae8

    SHA512

    648a9523ed31c79b76260c2bb6cd12e47179383e9348f44a7c5f12ce0872ac7541dc40d7f51d01bd4427b17cf92da087624133c9693fc8334930bb322496feb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e198126cc5391d8fd0b9baed4a99e266

    SHA1

    ed62942a9b9324e800595ba6d681af4008f9eed6

    SHA256

    b6c3749253947f033ee8e0f7409d3f44bb8c269e2735382c91b1356055e9ce29

    SHA512

    6c821daeba3977da95f7c79043e52be93fb549a79a6059ee78ed12ce436d7ac143cca6574b2df9a436b2d1afa8c9e2fe1df0fea713c9281455ed791651a0a99c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18ce4a1c0afd495bf968daef9bdbadeb

    SHA1

    c71fc6ed69c9c3c25cecb8381686c0e08ead29fa

    SHA256

    6c9ea87590930cacdb77e5d69b9d30cd89ab65d99a4b144ed552e832d7b5655a

    SHA512

    4e2b23c6f5b005fdc7df59e41e394f955c6950fdb11ea498ffe2df3f26a61f69b617d475d85dd29db33158e44c0226fce6d84ec4979a4c0d7173804ac06fb54f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76904fd0b0ee3a46e5db108f948c5ab7

    SHA1

    b0da3667cae09a3211ce5de32437cd79ea5bdaa5

    SHA256

    9619bdb23033dabc7b8133a618d25236f198ef1c99e39e975c0cb9a42ebdb617

    SHA512

    fb5e91188deda790c3ac0f56489e140399ba4b70be94cbba651304d4e0c6526dedbd1eeb718e8df888c0db1a68b628c95ec98d2b238c171705d11a23f0d4c81b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e272bd799b647d83d71942eb66208f7a

    SHA1

    3d41f48963418c6d3711b5f7db61d9ad3a64aa7f

    SHA256

    6d630ed961057cc2f8b5f244c1095ffe910ff6fdff7ecd9ccca78394dd10e3bf

    SHA512

    cbd7f7a62df2b6f57c491dcf13a1a5a65b24d4d72e4788d73a656d88355e496f19346afc33b4c5f26c3acdfef96efee035749f64c276e428e2522acfc24fc513

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0be3d6e3b5e0edf3b2ff6eaa272021d

    SHA1

    ce174de55a70bbb3d9c61181101f6633af241533

    SHA256

    379928c95e6172bae9d5ba82649911e34400e2a87cf8f9f4f4d0c64c446396a3

    SHA512

    11bf306b05951028a76f2c57e830350512f0e4d00b130336d894c7f51c962ec9675c781d5dd988afef9350d5b0e5f9827d87419d819b522dd9a9641cbcf29aa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a92c7d373c07095cd5b422ab68bf112

    SHA1

    0e20de10d7b67a0f2a5651c9fb77e1a9a22da770

    SHA256

    1868be20584a343c4af3b1e0f3ead2125fca01d7fc18589f185e8e8e1c71e821

    SHA512

    905395e295be75e99e017ca95384b268539216f9fb7da5891917f10b776dfade65b740b7f2a6f5168634c77252108724d270a6be6e39cd55700ed754f456c5ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ad4296ed4ed3d2f63e7a84cd3b89850

    SHA1

    c38bb557117baf548ebeac7b0a4f7ca6a7b7e060

    SHA256

    b0b554306857c66ba06512521848b6527aba6cd2611cf9020aa23b2e53156aa4

    SHA512

    0d8b52fb51dc02a51f7045292f04936c717d4bc020b841beb395865cd8438377fa204d89b60e391138bfb70e46ae94b1006089dfc72ab6f75661bff79844750d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c97fb9f443ebaa9acc73c85d073db5c5

    SHA1

    66009532bea681be5f53570a90125699c8ade1ce

    SHA256

    daf46e3493f0e5a2f0af302b78453b077f096d9aae02c18d6533119b894ed65b

    SHA512

    a7a556925f894e73b84a07f7a694b71d29faebf4a01724079c5668e1b25eef5c3e8a545e79b85321a88446eb1f22f03eca7f38a21cefba2d99ecad5d0ae8c51b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0dd9e7049c958f8e6ae1d4017e5df2b4

    SHA1

    08a97f2779d40ca0b8397a242e135d82aa481961

    SHA256

    43572c8f13c63673e4adeda2bd438e2046e93f5fa73232479b90b4d8dcf102e0

    SHA512

    cae70fc7ddf7c1ca60a3efaebf6f6d835b4f7a1973e9e38c7e3e24bbe68b24fc9401121fb7549a7f0574c3341146c1c69c2b194f0bf6ca24ed9da29eeab7622a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bde054d3f03db52d8d69487ec431e345

    SHA1

    d2f02126e5ad786d1dbb66c8b176a8d18decdafd

    SHA256

    52443830486c529d858676b2f00590d4efee55472b8ed4c90cd08f0f20a5b85d

    SHA512

    f5d4d1a9ea7f3f78217f4c3aa381662a23ab2a16e36b378753fb3127820fff46c728401f96bb037d1db269deca299cbe7c4475796a8c1bc157a88acb263aaa89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5de5eb65ca0f1737a26f643f5c86e08f

    SHA1

    d5260e00a366f48acaf2634beebe90a7d4f23a15

    SHA256

    5b842b7974e79fb5107a6e143feaf4b18c4db80952ded8c65d8e9daf2895432f

    SHA512

    4259744d813d6dbef940937908dfdf6d629e88c6d342e480e978d3b101a100bfec4f0639d50555eafeb482aae2a9c16efe0f4f73b506e1f1e647841b66c0f528

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7c872c4d6daa23e39750fac4a457044

    SHA1

    1b42b0cef9b7b1c87a1ce02e9be9f94955528cfa

    SHA256

    c87124852878d1e4d3fe5693b0892cfbd356510192fb0a67316e6ed6edabc178

    SHA512

    056338c7b7bd8bfc6157ac3e67eb53919d58da1c5bc66ad2386d6ca1f7ef341a47815a5e3407da4cdc4c0732c0d9247ba7c319b5cca997a8c1bcd215c606646c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    832b85c590f367345b84ff8bf340d329

    SHA1

    fbd9e2ae8a72271c80754d2639ca9777ff6e475d

    SHA256

    c9cc7ad78100bdb52d5f3ee54c5762ed4e052e2f11018f3d26183affe26b98bb

    SHA512

    1b62dcc2776b0ebacc5403681a4e7ea5c55e5ef62d0ff6e2e181622fbec78838cfdc0370a0848564bfcf8079189123353d984269974d052bf83fb2f27b18c334

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e343ab3cc3001f5e4f35a7f8576559d

    SHA1

    61b3a5d20090ce84c1ae8a15a6a34de1f1a8aa0e

    SHA256

    65f82f205d7264e06a159dce352bc0fec005d3ba6294077e9229e35d2a3bb4a1

    SHA512

    898e8bb774cf015fe33c62a24293b8e91a3ce1660e189eba2532e9bc7a1f76943f8b5d126d49e4624276526d9e3148749388dfd12568506fb99934c61cc81717

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed4ac4d35331f3692c0aa31a07157219

    SHA1

    170fecfc39498e791ed3898740047f971e404530

    SHA256

    bc358a997ec337a1f3e070c9dc672564eeeba809c3f4fc2e769cfe034b385675

    SHA512

    484fa2e56861979eff60eca3ec9423d9c88de7aa81f31d8168d5241ee2191096645d7383c2f443aa768c88845d215a3297902957b0be41fe71905e55ac40f100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7da908bd3a691c3dae13522d40781880

    SHA1

    388873ab993aec35ff3ead20331559e0db166752

    SHA256

    e635c6c7b83e79982446fd8e72155e8f143d50cf3e3cbd2b0a1993fd685d5801

    SHA512

    0da1c9774d41af2eff2ca7478150c6830992b079899f8c9c1840e6b28b7f5edc3f9fb814ebb06bcb709d176ab139d6e1a679df5204a8030569abbeea81a2fe81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d8f549d0370de771d33e1975a98bd26

    SHA1

    37f448c49ff78b36af33c96ec18b7e2b2f4a93d7

    SHA256

    6964988c701e4a484c45ae1f2810993e8a45b86d3336695133ab89a494e9e4c5

    SHA512

    0d92f9fb8562655d0ff74aea5be5447cc91ff208610a4daacc96a258d607d6e28aa41c85c097e36b0c35cc23466ca3aba7d7a33de9178d976565ddc44175a20d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c525794a2ac8f81ed62b6c59f8ba5403

    SHA1

    1cdb947414387df349fbdfb5cf2c6cf3a7f5ee2f

    SHA256

    b62d358d082174c9ee1988a438c11b8b1d30bdc1b544ad4d62ea9614f3f0e98d

    SHA512

    5e714eec001fb6719688f5e185b585117eca6143e602312012ea1ef2d3bdda9010be78c708194c3fa15547957bcb891ea27453581dcb79fd7516a9dcf22bb6c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58ce64fdde987ed6fd505983208ea0ea

    SHA1

    a27f9800e082abb2b48adc3e61cce95dcf98666e

    SHA256

    7b2153c4156e46ee8bb5dfdb799d1c9202ee8e37e24b5c86452ac2b6a7e8f276

    SHA512

    925df67b6289ae82ae0c86b1d73de8f9d10f357767737470eab28495611bb62a17178a854b9f9b81baeca70feaff879b8f9fa9f8d967b75d8599dd0f260cc38d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCB4E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBBE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit