Overview

overview

3

Static

static

1

pMWhpz.html

windows7-x64

3

pMWhpz.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21-08-2024 22:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pMWhpz.html

  • Size

    508B

  • MD5

    0e5fbd87b7a296df3cc7a4b33122369e

  • SHA1

    5383a469e56a895fe97433f8d6e1f9bf557679ec

  • SHA256

    284568e375e683ba762c00be13455a7593b31bce6526322ce239bf6a6326bc51

  • SHA512

    5f88253c9a021cce845654e428cb5f38574fc4063d92bbac00e9324dd01fa25458ffe502979e80c3de7dcfabb3c5dce64c905faca1cbe9e5a9b45194172b6cad

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\pMWhpz.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9cd19a9eb2de5ed4e06996bedb9c77f5

    SHA1

    fa31e527433b343f06e14df7a767bb0fb90c7808

    SHA256

    807b71537de3086f5f77b5642c81779b15c742035f9a3a4142872164ee56a5bc

    SHA512

    93d3cbdf7ff1f7b52b24d37a9fda8d0ebc232b6b33a9cc6b85d3b30f06eb29c01b81d5e3f8705568525bc5efc6f98991b19a03862704b7444acc6e0cca84534b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cde51146eb2e089e2fb117c542816211

    SHA1

    eb5f2484abb5b4d87ab1f1d1fb4bad514a62a126

    SHA256

    86eaa284575692fe1ad7347f3e489cdf8053a11eb6ac44cd361ba8c9500f4594

    SHA512

    3fe2a7d4f5f2eecc65baf0e3f8ea3cd23b47c41bdb2a56dc11d8ab5c5c086c1cfae17c4808125d0b52c64fd0cf01618d5bba4201e5519c5a8d5eab1a7d06489f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5815c43b8d8a685f1387910264afad3a

    SHA1

    1ecf6977301f351eb36410f4c8c03661e658667b

    SHA256

    06d6bfa5484d32a3c84923d75d7e4b8861556b1d9007e2a24421a7d11d00a24d

    SHA512

    75ed35ca6361c0254403fb2895d9ce5759520c69a570c4be8fdd3d6283cbe8272ddbf1f99c80cb318d63d673aa880505eca2e7c57d44b60d1e1af413262b4bb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5297fa0b075eefa7689c5ae5e131f213

    SHA1

    ae2e1dab8d7413ca69664cd1de9e72454d2e4698

    SHA256

    67bda2f917d333d5ba6a423cac8b1b22d8d2bba84037379a848928beafe2f814

    SHA512

    d1b2f19a26cdd5b2ffa1b00c10406d0b78cf0822052f5897a476003063b3a48a9c19cf9c6d078e92784ba80bed8a0a46a7e3f1c798518dd26897edca8f7d6de3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2f79c075809a9e1efa48dc5519c42e1b

    SHA1

    808b24f5c0291d0ad1b7b8ff29287c0bcdc264ef

    SHA256

    db4341defd09c40f2715e500bcf6430657dd1dea840915b8f9b863b9dac29d56

    SHA512

    e8d4c7255a98cfdd76c82f0c3f199fe75df9c9c758f3191611dc51cb403aead430de9059894ee7d59c344dc2ddbc1df259567da248c6489b82ef74188356a105

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5257b228571c09de227f0b8a25f1406f

    SHA1

    1672bcc71d069f3180f3dcc65ee4e1df337b51e9

    SHA256

    ae7c016bc3f883d12922d1392611dc3eb1d0d80dc66a5674c507deae837d7925

    SHA512

    d2af6541911e725fdf3755bab22bb4ec0b691437ef7e59582569fe770a37c7d583b3533962d0449b564a4adc8977b0b8c29049748a6bff144139f90781ed2579

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    83773b803b87892aa7a6fb43c523c2c7

    SHA1

    09a9feb6358b6942ef2e8c62396d82556dc5f83b

    SHA256

    3dc6c4cc710f7a819f4ce60cf5bad9d4e114f5cf79a9a06dbc9d2fc20836d0e6

    SHA512

    e474b2956950583941a99ffa7bfa1ade8095010811c18262fe6090e6145ff5d9ef6e9f364561ab95937a1de455d2b2b6544cb1a3f950387ae36609374e9c8cf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f67a6413908a3358e52b36c3b6464756

    SHA1

    3503ff3ff985ab83d2d575d473038c73a3fa26e5

    SHA256

    1b6f30cbc8979f034fdfc66737be7ba0fb0e6a973666c8f2de70ac826210040d

    SHA512

    bc8f9b7a0819912397251f5e46341d467b45d5be2ce14e248e86754544985153fec503330323dc7adaf8dd11474875e93e703d3d40179a878ba6fac420d037cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4d9f173ab1e67047252aa98737bf1195

    SHA1

    acbd5aa0380d3d1b072fe2bb193606417ff9a883

    SHA256

    03add1270b3a6017509d6299af7a1ba8baa5ad5804b5ff737fe34a0d2f133624

    SHA512

    fce7ced21dbfe8425267ca14490d4d319820744142a035e5113f00a037f47699e2f88f161c6e4d36fc9632d059dc641acf8fbdc8e390300cfba5567512ceed42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4b69fee1722b6a6c51368045fb9269a3

    SHA1

    25e3352780bae04a6725636960a6da2d1dd131fb

    SHA256

    3bf4aea8d51312f68210b503bc7ff783b60e7f0a893f0e01029686f7c2737a56

    SHA512

    a4dd51494ced86cf5c730cf5c9fd64b9d96c1f9fdd272ef3a48e863ba1b4796340dfda8723f45231d11b1e4bfef4b727da737e7310f8c80fbe98527838f8cfd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f10bfb65152e1dc3439d637be6cba5d5

    SHA1

    0d09c1fb42b3dca36d9f5c4408302573327d06e3

    SHA256

    3e9fa823645a662c3420b097241a9004e5b20fbb2ce84fe4cfaf78baf3558d04

    SHA512

    d177ff901394987893eaa1143bffd4eae9882224513905784c9cd62bcd64674b060214276e1fcb3dafe5d9325aef1ebc8f7e63c6cc29df11c403507fe2d9bee3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    62a5e92acc54ffdd4c09f0924027ca6a

    SHA1

    aa0073c9f3c034a8c06c491762c2b8cb9394df74

    SHA256

    ffc8d18f289c9b9340b244a759d32a4eba59cc6b05346d7c7ebe8953117e598a

    SHA512

    f5c9c9578d84942e8e4a186adb371831818d1c9543ad3f410c6ca9da03e257139ea229329440d6dc191112b83c59daafce075f37d01e888b552543c577c37451

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2e89e9df1347c5d07ee36947871a504f

    SHA1

    e47711443847f06cada886cdbb3df84b39fa2c84

    SHA256

    7f68a2e138c4b4de77f296cd9ccda145147232446f334965cca8279714f27e45

    SHA512

    119bc1e32c796d84ad8618844693be6f33c72b7327ff7caf70a24e01f39ba3138716a88d6794bc7e2be63f8fae543edcc2b266e4572e8d41fa6bfbd4806aee37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    41cb7124309d53518f231a8d04d510cb

    SHA1

    73b7b6bf79d7e6eb9f8ae474f89f3456537af8bb

    SHA256

    4db3919b22d51b1bc6e80ea460ffc8ac8808f8dd68701029993e5f7400da6181

    SHA512

    ff52a8a199e2743eb59fa4e56705222cb4649500add1580be9b09147f9cba05d4246c9ba859bd72c945ceffd710d5c495fed1b6c0cecaa2cbf7572d7a190bb95

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB8A6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB957.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit