Overview

overview

3

Static

static

1

b4e8ba79-1...e.html

windows7-x64

3

b4e8ba79-1...e.html

windows10-2004-x64

3

Analysis

  • max time kernel
    70s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2024, 12:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4e8ba79-125d-4730-1675-08dcb6872dbe.html

  • Size

    86KB

  • MD5

    9ab660279bc7b8bb74c396b97fd0fa66

  • SHA1

    3788d6971253907e73249b94b4c13894dfae4c87

  • SHA256

    deb0476ee688950b1cf29f8d076c9200615abf90cfa10b5e2654bcba8c3cf933

  • SHA512

    cfbbefa94d5bb76e779439cfd3baf6694e99694d2b318948d68608b0800005eb2c60c9fc783e0b6d4127fbbc08ac0030a39b6ebe1ab21113d4e3b530599aac8c

  • SSDEEP

    1536:H0ejckb/MbMPpFCm2wySzCX0W5zbnkGTrWRDDLQEYAAnfwEUiCiSxazhi:Huy/uMffCX0W5zbk8rUD/b0C34hi

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4e8ba79-125d-4730-1675-08dcb6872dbe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1048 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2272

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e077d852a80a98585de014a95ac23048

    SHA1

    59fe95b8ddf3629c33875a7276b9a23213200dd7

    SHA256

    e9d4d7628d9d2c9f5cbb5da38f1219d694ed72c0e61fd59906c7945a83c4bb87

    SHA512

    c33fad4714ccec36955012e754d5c304a816076967ff9283485853687b69f0b411d0aa84c74e53a393992277f16794bb31413a25238b505a7f6e5340044c77a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8839eb3c4bd92c33082f2b6e43bf65e5

    SHA1

    a86d7fcee13dbfe2639da138d2254db6dcffad85

    SHA256

    f903476843f1680d00d2cf1f36148cc4dcf7e6f40c507046e9584ce5f910f6cd

    SHA512

    16bcc1d3cd1b0638d35dfee0652345fefb86a9d31daa64c52d40190dff4163435e0520f8a3bab795a3d4b82bf955f66226ef272af33950df3cd6f4eeb4d4b197

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    603972c73caba477b198ab5e3fc92c92

    SHA1

    f1a348daaf42d9fe4eacf1c061dab34f1acd0b61

    SHA256

    b3f1febce399b3504b7f37bf384fa8f288fddec4ee4000d281c6d6d4b64d2d3c

    SHA512

    ffb12da8a9a9b2fde13c57019a8f5150b93e18ec247ef74d5ca46e05c9b2df4ad16a0ecf11071727dfd6d475d6525f6d556afeb43c6aaf6d65d9a5481882895a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a9ecf5e9bf3eac82f480d4a05a79cdf

    SHA1

    76ecf245e2fc047ce46cc0c8f698db8c323613e4

    SHA256

    d785bfa363ffec742bc836ffe302b6a87c9d14c3131163517864e2aab094fdf3

    SHA512

    1178f1194cb36eb278fff91e7e797a226738993357011afe1302b298f995889288de54705514cebbb353d484f9e067b024ee7a3e12e2ea55cd6734d442f3464e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a18d53dd93a9ac9d842f5e85c1e97525

    SHA1

    57e06038d81742c107a38f2dc51702048a210b57

    SHA256

    6ad481984d492bad804a0f224a59724da7ecef343edff8f3338f8773101ee2b8

    SHA512

    4db6362289abff51069334c813241f095a2671de3040b299475b528b288166f910cbe246fb11cb884dd9748d771fbfecf29add4b682cb280ae1be33d962b3132

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89f7277448130442c16a6d883d0b3c9c

    SHA1

    def3a3ee1b79c6142a3cbcf0e6ed82632dc189a4

    SHA256

    8eaf761a401ceff9cfa5b600f018e1543f5eb6cd45b922af94fc4f02f66100a1

    SHA512

    df78bb1c0c13a3752e26089a71ea0fd67bba7e69c818712154acb2dc2a12804a89782d496eee67ed9ac9fcefe164070079bbda755995f43b2ce7f894cf93d882

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3246b970ae132c88cd4e2cd48d532d17

    SHA1

    e86e68bfcdf148deaf725fe34801de5174ab415d

    SHA256

    c28a3ba594d10fb442e3649f23193e2a1d32b56ecbdbe533c6b1d9de8f7c658d

    SHA512

    c045eb186752bf03d4b47312799ed7e739bce9c499dc085809991d5480dc6320906ab702e7393753d4c7d30859e5283fdc7698012fd8e8e5b5aba78a7f6ff551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e6d9385ddaecd7e0956ae6c7e0b7030

    SHA1

    adb996cae80f00f53bd9170eb4a4211f9c4501dd

    SHA256

    ecefdbcfd0c765301c166587851acc95016899d5a604f5acfb615f10a7d711f0

    SHA512

    441f7a809b8538fb85712009a3dd086682f9e440ccdf74805a9306da3868429caae39f13b42e60f2d25f5f8c43e308c5cfb5149b18b670e4411780c4026c2282

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7758138641d7681c1c5276c2ef5a6d84

    SHA1

    8f3e16820e85dfb9640160e5c29d53585e922271

    SHA256

    d5e88edfbeee9bc219c7f729439fa76d207ba1fed2ddfcc8f6bad558f566dc40

    SHA512

    cf65e97114c5e55f0fc8c39c74274a34e2acd5cef4c86ba2f03b86fda8930b8b6c080abee3cc8d2e2f292325b352c824f6d738c382d2877b1bf96bc6b6b6a073

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24442df725a8485380a8cc05a95b1e3c

    SHA1

    1e2245f2d85f0942de2f90b3cf7dc11c0984b9b3

    SHA256

    4a3feeba8fa524e11af8e20846abacb49890b0a559471c6d58cc9657ff5ab0bf

    SHA512

    3a7cd96e527a7b68478ac98f3578fca1388493838719f64a06ea647329666588ccbc309cd51ca1f0859895dd8a47affa49d08a1aa9696b5d6fd31411146eb348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a3f1157755a62f19867bd9ea13f3fc2

    SHA1

    49fb51617df5fa535ffe71d0ef44a3bf38623434

    SHA256

    1d3ded89ee154c4ca8d994faea4b2896b2b706e89eb373e07fdc429f2130172c

    SHA512

    ac8fef99ebb86c64f852647bbf90b6fb6320b3d18f6fa4e43675937309e18bc0e7fe3ce144b1f8f410567c0e4c1806d9d8b353872910d085967c6539902c2806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bf253c87321619b6b21166d17db98f8

    SHA1

    3e5eb55fa17c6eae658fbbd47679414b92d372c5

    SHA256

    abe9f190d2235d8b5f15c918b1101183d989c032db1ac8ef6c56aa4df4aa6139

    SHA512

    84a32bf7568c633cab26b1fa67f7421689077fc54561e1c94b5539d175a00a979da2d30fec24a64f09a5048e7bfdb1db7a8498943d9a63bff992288688ff53da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0f65c0a06ca65cecd531738b7996c68

    SHA1

    9be195b217df191c6353b9f0d895b92fa271325c

    SHA256

    dfcd0553feed607bba27138651c77eef9478fe947bbc108927e68d3ad52df178

    SHA512

    24e0fdbd27a1118a153c3f87955c722cb12723b157deaa1b9d28f67d7e9124e23ccef72bfcad2fb88521e8228e7b11993b0d84394e8157cafdcd38f833f0f3ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cef7bcf1320d3a52921a042f6d4708d

    SHA1

    6e8d250cd573f97a34581ed0a4283ead0aa0b805

    SHA256

    6b1726b9c119fc0bf80b7639e41df09c8e662cc1a044cad39e5eb7d6525b8b9d

    SHA512

    e358e89d7e49ba4f59350ad05d23d8837ac9ab652cecbd528b46c5734997292d2cf82fc5a9a60030cf98dd7c657810ab8b32577d371430febf9f6ce9b21ae263

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fd6f75f9e5876a5a44ed7ae4db0db6e

    SHA1

    93cb9dc6ed4ed736e06192e55ac36cc8806922c3

    SHA256

    5b94f671f20753da43304621ad7d12a952bba0f75bbba3dcdd76470af3941e1f

    SHA512

    5854b283c838ffb46125c9b8ce53dcf296ee8a10512183fab7d7dc3f8cafab8880c139fcd9d7840a4ddc4657414cef14b93a2056bd40064bfa58e30485144265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0018b6e8cbaf12290d08ec02aa40db1

    SHA1

    04e555fe2027d14185d3fbb945a5bcc370e0bc22

    SHA256

    bd14f151304494d13b8ebaf615698a650a2f4ae44561926749836a2a0d5dc75e

    SHA512

    f64b9010d6f05e10a48f8ad3b6b2004eb5aca844fd4a16371ca4f3c6787b18f887934711462e549e2a823bee5b431bba7365b106020b3d1640615c8aaadfbb63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ed0c5ea739b20ed62a89d17c5b1a0fc

    SHA1

    adf521065b3ceb7a05d3d3e854c426dcac5916ae

    SHA256

    bcf07591eb769baa383f2ac12b7210e1d09e7aebd260d1204bfcaa536184a878

    SHA512

    cf2df1aff85c4716aa0e325ff962474ec3a1c968d8ca7843c1ae09f396dedb716ef684fcc375b3639f4c1523d2f0d0490ad4366985b6092abdf2786e8af448e9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC2F4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC307.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit