Overview

overview

6

Static

static

1

ORFEO _202...56.eml

windows7-x64

6

ORFEO _202...56.eml

windows10-2004-x64

3

email-html-2.html

windows7-x64

3

email-html-2.html

windows10-2004-x64

3

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Resubmissions

23-08-2024 15:04

240823-sfqtbstdnr 6

23-08-2024 12:46

240823-pz1absxcjr 10

23-08-2024 12:35

240823-psg56stfqf 6

Analysis

  • max time kernel
    360s
  • max time network
    361s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23-08-2024 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    email-html-2.html

  • Size

    10KB

  • MD5

    7183ae1a2edc11e5dc3de23887add2cc

  • SHA1

    ef0715dda4271bc9918e032fcd734a1c1e405c8a

  • SHA256

    c54c717ccac46230fb0ed7b0c773a889659de0b3039825c0fbf20bd5544954d5

  • SHA512

    06007bb9703d65fe0d5aca44190373a8dce830e04d8a08694c34d0ffdf06e0460c9214eddd15ae9733e6d31c496ce0c2c4fd7c255ff944ed746ed8db41731bfa

  • SSDEEP

    192:fEAVKRzRqIQqWxDxI9xxz8I9DZ8aT5sdg3wp6vc3cdcgPToPVx3BPBvBhBOcRcOk:3VKRzRtWxDxI9xxwI9D6aT5sdJK0EZ8m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b6c18ca5c6b4acf395592af861b62b19

    SHA1

    613b426063e023e59140bc528964145d39658c32

    SHA256

    d7bb558b416528a64ac99779f386028c983b83f8f255053456282dd4cb2c711f

    SHA512

    34ed1772d174bccd0b62bb6beab3664211aeaeae7890b75f1b3f8bb8f427a813d5c349e475b798a27febea7bbac3f2b9eb7fd1aff49b588c1bb82c26ad3d2bbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    be6866bd7a31ddfe5d658c3ed89290ea

    SHA1

    3f6b77fa959c42791c84d036aee531e2b84a6dab

    SHA256

    10503fa34da00a56242aab83efcae66798439f22928a67b7fa10941f01812cc7

    SHA512

    c580a1d58ab18f8c3f9452d03ebaa467a13cde1eaaf99120cb1df2d5b137e2d5124d75694ba1361dac3cbf85275d505a3a619c4d2d87fa5d25fd8cbae7696efe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e8c85a8daf8c88139af25c398794a8fa

    SHA1

    06db1f9a5f60d5efc621aa79412e2cf61a2859a4

    SHA256

    cc8baa99f161a1088c37892bc8f5cf443ef0fb3a6701d4c2a9fe736e4ceee162

    SHA512

    824c9606bc8207fbb994dbbc03741bb5a00079a6508c59944d9588741f7d2b47350d9441f04054f05acc16d8604f57b8fd3ce0b4667585bbaa0083928b351968

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    239951b313032db2c871f49e79b94453

    SHA1

    f9e9f3a84263985ae0ab97701234e9763a4a250b

    SHA256

    734b105fe2617f1200c7d346fb5465a74cdfec8345c2f540fc2c5a60dbb7ced8

    SHA512

    271af3f3d309b6a53c9c130ffe0fdd2390ad4bc2ae01794c6f274300d34f4d308e1662d4a202a499927b1a27d30e7dbd8cbe2815fb5c9abf03df1411c8a11688

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f5d0ad103809b1662fe60062487186d3

    SHA1

    2e01f7249b0e2206d452730da58f7bfb39479b13

    SHA256

    6166bc360fac909faf1083770a87fd7836b20e77c3b1d5e9529cbd1bdba7a670

    SHA512

    8cd798e5922dd1bd35b8caf554418ed8584f85b2bc6608b4c8f0365db8e78b3dd23d0efeb3027e265dcab972db53159ca8b1dc79924460aee16565521a181d60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    581373c8a4ec012e9e0bfaf4b9e7640d

    SHA1

    2cd3901d713f01b0e3194f15166a28cc8b544018

    SHA256

    b588dd5ef1bafa6fd4b59a8d8f517c03fe94c22cd9c8824aaaafa892d9890478

    SHA512

    4ee5abac6dd724652bcba61d3632c052bf3b311093ac0df97024a678e471a13f11704ea6111199aad7832bb82588a85fc9370169a4057d547ccde9ef0130ff5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c9f42d50a849178ee51f5625694e64c5

    SHA1

    1998f5e73aa1edbbfa449f0a1a5365fad1cc984b

    SHA256

    9c7b673974db82911a796df757e587f2862dac59073c24c57b7d775b8d93bf1c

    SHA512

    c3167d96d5a9ea2fe6048a5564335646041f4232c7f79182b51690a7d2e5a74f48fecdec17b0be1f2d02f3080b2e169813d0b3ba5cae929c412deeb1f6824949

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    249769117e57fbe4ec18f16a6616e13d

    SHA1

    d63f11ad3ae1233cac9dd4f15a388a471b0e95f2

    SHA256

    b39b72a71de50ce5c3a096915e2241cb1d70f2368233d0c066d9ba5cdc4c18cd

    SHA512

    3554c93da98d8793abb3ed397be0f49177a0d4d33526d3b4dbf4856c7e88c9317bc405035afd51501b3495421b6062be5e49b051a7a106a781f2c9aa9a4f0635

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c6b7cb113c98661dbd6ce9342db15b55

    SHA1

    0d48765efb02aa9135f049fdb9f9b44aa440687c

    SHA256

    f817506d1bd6bdcdd034c1bc79ebc2b22878d51afceded2cd33e314add8f0ddf

    SHA512

    054bbcde8b5b3764e277745747c42825c9fbb0bdfda6972f6ff3b52914496fa02f334ee04ac2ede525791afe60468af83d9c91d543b79ae3198c47c7a236f774

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cf908c6f8bfdd3fd66b83b483e15b233

    SHA1

    f1c2990932adf869d87d7c7d4d9a5e873d6f2e66

    SHA256

    447f25ea17023b5a9bd0e5c6019527c74a529ec122d3568553043c8b1217ba38

    SHA512

    9fbae580ffb2afde971c0d2d55ebbf906aaf1c0c5874aa8343060ffb5e22ab8e29a75923d0e5af15fb75ff73c7e0a968a97bdc4ce6008d65ac3725f83b7b7dda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3d2effb0c3b588837745ef9c04aaa6dd

    SHA1

    5d207c7904602a42773282657cf77b34e260e4b7

    SHA256

    ab5dd95d25cb322bd63ff974352f3a03dd8615e64ddeece250924ad98fb91760

    SHA512

    e4fea6dbd0a7c61d01a14fd250c5bda38c74da5db679f8fb1934b9c7ba78a77d1d7d2460c8ac882e124af4021fbae56de7eaa133b5d98976ca93e428db01c8fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    40ca8a1d9740821353bfa26d2c5c1b11

    SHA1

    0bdbc7b0ef8feb753ec632e883132bf70f96d6aa

    SHA256

    8e93547d9137ffa709c554be618e5b5ea7ce0d1322bdf10457c1eed628b71e30

    SHA512

    cba65118374d71d887641c8e22b3deef1bbaba593ccf26d9cc5458870949f161db8834614959f45e7dababf4fd6dc83a3e3d3fde0756483c19fd0e3a0171ab98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    154da1075f4ab0ca64aa1636e8afe207

    SHA1

    2cc63b3844c100305dd19a301ffeb4dcb1e9ddae

    SHA256

    2c13aad5846810319856ad199661cb55f512380701894d7984d037da7bd7d3e1

    SHA512

    07782a38a47b947c2c75562b8e2eb526ff2fe32160b2ad663db669c04986a3b3ad2e468c6044f64a910ce46d36c374b979dcb333e30b632536d0ee84093bbcc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4e4030eabb3137f42289eeb57e034725

    SHA1

    f8e31b172a4238e087fac45b4a7bb49ee785eb55

    SHA256

    a18fce201fdd1b1b0fc05bde4cba7e87ebdaec50a3bcda76b10eabba97da182e

    SHA512

    91af5969e333bd148fa5988f67e7052b1d374000c9185580ae8457f87bd6252cdc75f3b7bfca657cb3671e994439be823f3c2ea8c69324edf07e804efd0c0014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    295bddc49d4cc9a23c3b511ea9513be9

    SHA1

    bec77652fa9eac2e87252f7c7c1d0e1b1c02a661

    SHA256

    d54770dbfc8fb9b61ff8769d6486b1b50b25af9d137f6cddf016bd566f6459be

    SHA512

    8aa1ec46663885ca562e152653897f0e2945f6f3b2ed4a5a35d1578d244985f51e324badfc2c4fb9859ecac301d235f85203285906332376a3524a50907a8021

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAA2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB51.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit