Overview

overview

3

Static

static

1

f17fd21342...f.html

windows7-x64

3

f17fd21342...f.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2024, 12:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f17fd213429751556a7e8adbc6b82c71076bca9cb4df8e271d5dc0cc8ccb317f.html

  • Size

    429KB

  • MD5

    63070f06459fc5ecc181987f85ddbc19

  • SHA1

    4d87ac96a47c19b7790ceec00fdad526db2f209b

  • SHA256

    f17fd213429751556a7e8adbc6b82c71076bca9cb4df8e271d5dc0cc8ccb317f

  • SHA512

    d46e363bc313fe48a3e0ef7c4dceb77219ca3d65ba4611cfdb5e1030ba02448aa1067f21943dc53d7a0fc5fa10d53e140afcd692812860478ba6417c2e2165f7

  • SSDEEP

    12288:f0X6LCFf7XkK/ZCYIcX7f1Tyf8YYirPEU3BOe5n:Wf1Tyf8YYirPEU3BOet

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f17fd213429751556a7e8adbc6b82c71076bca9cb4df8e271d5dc0cc8ccb317f.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2052

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          566dab355e2da551ccde9b180a4725cd

          SHA1

          bc485f05b2a6ba8ad902180589141bb9a3d74839

          SHA256

          b0994b8a491dfd27342e5bb0dbc3caacafb16fdab586bfb608329cc1f36ede0d

          SHA512

          ee9af5045e8dd89eaf8dd209dce4ff64d59cf62fba5a925d38ada199414e56d51ae7e4442f1c25b431fb283ec3f036786f21e566f9473c62e854d5faa6d707c9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6DA548C7E5915679F87E910D6581DEF1_7426CC64CAF44A945BB9B5950E9EFA48
          Filesize

          471B

          MD5

          8ed6be49f511b21be8dc905b576cdf6e

          SHA1

          8fb04983676f5fd99c2ebab643e77f427e107bcb

          SHA256

          47533299eca5c1d44673b02b22cb8de3f363a4e40d2b103ebc2096815169b1d1

          SHA512

          2d092ad6a099b204a3149bc9dd885a3dd8549ffcfaec84b66d9e31ae81684d1980a8389b7f3078f8d27641a2e705a5f60cbfc8f167981f8a5d599f44ffcd25db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          01864578297e9c8e48ab4894ece31964

          SHA1

          095636b5884720a96e3d9d2421518b1065c83abf

          SHA256

          809d14918a221b6213baea993d2ddacaa887bf37a0d4e59da5f51ac9fdb2afa2

          SHA512

          406cea4a9a7fe01ab6ea6845f021fa193c7efb888695fdd9dec50e579ac30d08e71fb68cc3484113d1e4b13e8e3811b1b71fd12a64502d08c400ce31e423bd90

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d042662ba32c7edfe20ce022eaa70314

          SHA1

          4c75aff4387443a3d6f10c7244c88e310ef1a85d

          SHA256

          3800ebbedcf893a9be7a45dce7506f3ef0780da04849b47bd55bdeecddf0dd33

          SHA512

          15f064d9da8ff5e76903d58b38bb2ac7549f8899e07015ee2916e675155a369a8005492414de7a7c6620189b08aa961cd9d0fb6516df2587cb0475101515b34f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          629f06a00329e2597decf113bd52975e

          SHA1

          214445fe402ee18542515dea9f259f976505e0ba

          SHA256

          85d9707815379431f509623fb5548fa3fde990547b6bdad8bcb4615fd5753ddd

          SHA512

          328ca4f87b4ebef86465e19016f9020c2f2bd2d07df02508c4d1fa4d1405d68f379d4b803789a88adf38eb8f7aebd2b37dbfe48e82dec7a8b9d8e88170ec499e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          66d4f19d5c90c8180ecbd7900dc16942

          SHA1

          b7fbdcf56cd835fedfda5139c21d47523e304283

          SHA256

          57ee1dfe814481de4ea2386b9e00bc361d837d993824c0ea0a75ab20e50cf620

          SHA512

          fa55c48d689cb353691671521aa43d98e64c464112ebf7ae67d0deb3710615a77137f35a3b81eb87e23998fbb9bb36887d086601568a15ab305c3c8ef35aa242

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fdac9eb19ca545fffee7430ebd3b0db7

          SHA1

          8ff21b3f779f776f65117ab42092a8bcd7e2afa4

          SHA256

          0cda1352b2bc5b797d276d48b33fd274330b7df305756a64719fbdc03a3bf178

          SHA512

          51e6fb4eff0dd9aa5721c7ad8c3d5bc4211aa3a875c989299c4e78931bf0d741ba9242eee8fc48d1ae89ad049acbaf70756f8b67bccd4e84db200c164e518a76

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3e0e34ad19bbd96a8ade95614e564829

          SHA1

          cf2503bd1b987f873fd697a9ce089596a8a8ed36

          SHA256

          1fc5430bb35c69f87c6f7732862a02dd3a365d3146b0b4f2f822602959e2455c

          SHA512

          a8fea52f0982d7e0c5b860fc2655338040e8ba3ff12a2d1256d6c0ffc9b02a3c48e54d4aaa2616cf662f7afa2ffad7ebb34af764c761875e29e14b3972bcb81a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4c211fd5c98fcc66d7c2a8cd53f5ca65

          SHA1

          2b76970d3dbbe025d624b6af26022af3bea7bdbb

          SHA256

          9bd21378de04294b4e5da86f8b903e8f2851c947573108da91fe78af3275f753

          SHA512

          8172ba362f9b54aee6966182c06ce6d7c0cd79235aaf3176801bd63d839945d70f952ee7d9c098c8c90084140ce76369bc0a7f462919a243f297d03d9f7b0d59

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0cbfb0ef80bdcd59a8edf2f75f831ed3

          SHA1

          1a89173334aafe7cc39fdbf3a3405650c0360de1

          SHA256

          d5eb753e406cf639c47380ded48e5bacd41996e5bc2535767ffc6ae9567bc1ca

          SHA512

          84230d61354df7d9376f6326eae92900a7acbcbf7b5fa14999c9bded03f64c2e562a3c311b58208fb2e1e7950bb284a3b279d7d497d41cc0addaf1f0d97bae24

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          35cc35ff6a262ff288ab7f9917695c3d

          SHA1

          51999615b73078896b5686632779c8b44553924f

          SHA256

          ad59b9d777029a560a6de24b8f8c232211b300b684940f16a2b5cea24ad83cb9

          SHA512

          de6ed59e930da67d91a43dbacac700451ded7528728dcb6ba300f2d03556b560df388eda1341ce4ae571e3c97d0756070262bd23459699145a0f19069917ff43

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6aaba83ce8495c17dd41c9570fcf8087

          SHA1

          af172307e53264d0c40fe20e658f61dff3f94e66

          SHA256

          0799078c3e71132bb7e8f14a3d2a09322dc03a7b364c01ba74ce544e809d894a

          SHA512

          fbd5bc6de225f64626999861a944556f5e99813aaa63fb2ef670aaebd9228886cc4675a2037f87ec1aee8fcd3c343717534535eadc90abf69fff67440d44a20d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1ce9113dbc11f20bb57e5447b5d0dad7

          SHA1

          163ddddeb1be5a75c1e3e3d54d837e5193c40bf2

          SHA256

          71d9cceccfed8cf8f000dbddd7873c5a200775dde55c293945900817242d90fc

          SHA512

          799c8b98ab67e5b0f9c0a663ec0b1c8cbece5559e635b8f65201ee4f6bca73841444012c29d6b5ee4d63f9650769fe32b69184d3fb6a4b67298c11fe113b77bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          44a3b038ad6b4e129f894dce75966e5f

          SHA1

          7e66975ba7d505e776c8d059566bc0cd24475443

          SHA256

          894cc0fed83079161457417963d8bf63f71c4d5e6d7a9de538641b972434ef97

          SHA512

          66767aa77c702f6d1c233eb882bfe53e72817337424dfa7d3d53bfc6bef3a3f4bf5ca36d4ec222450e60972131959b23974458aebcc9cfacb199f704fec26995

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0e6c20deb58f367eab458cfbee8f3f4d

          SHA1

          d1129c6be3ec71bc871d6a1428bd809e0c76ef8e

          SHA256

          e3894c32791fdddec978338b9415d1ad6b81b36a0b069be9e781b04b5e1b88fe

          SHA512

          4389d86e008ee34677bee872d772df87e290560c9fa5a916f1bbdfa18c5cd831e9e97cb9ff847e7adf2d2ff9da3ceea85aa33293491456976f039ed0cfdc5a63

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          16ff128416ca872111615687b41cb7cc

          SHA1

          7f70a448e4a1b2fdfed264bb398197a625a190d4

          SHA256

          4d5844d4a56fab2a54e333f7f14aedbd1a93a99ad91e78728edcebe43fd087bd

          SHA512

          0633479affa95abe7d734bf651208108bb1e6c6bd8f8be6d8c69c000b0f290765141d21f7f8f3c60e620721347b7aa64e66aa1bcb3370163a2c04b7ead93b10e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          582141061ca288d81f4bc70004c1d9a9

          SHA1

          519050c41dbc2040b3e32aa21de394650b76c244

          SHA256

          f81a4f0b4a5a744426d67266fdd1caf45273c2ba1cbb3b27e0145fd982d97cfa

          SHA512

          71b125d059f2f1824ee80cc5626765140b2e6782bbac08d6167465699c3b13bf711681981f42b65a7f7cd6249df456fa6539d01ffa64256329aa366261dd4e44

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cfcef76ab4ef5496e529d2b56b3f9191

          SHA1

          36538780404b26445e0e83d5cf7b13e4cbf7eed8

          SHA256

          493c76290e50378fb44e2349d4c66abe5a87fab4535d4dc172b673a010d28fbb

          SHA512

          e0c9c402d42d9a489a6b6b30e7663a9f100c5ac8f3c3a18c8ba42fd1da74b3ccd13d09484e34250d3ae9be4563d0257bd2adac1b2aa83b5f6770bef4806fb965

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7dc6eaf8ff3c13fe706d317c2b91ea19

          SHA1

          09ddffb0e9bb6249dc32e346d89f4404ddcfe5c6

          SHA256

          a09ec288bc9f756ba6a67f0f2fe13919b4a55920ce03b63c97567b37b09042ea

          SHA512

          0630a0a51d0ff838f5ab32f54b5c75cb424e41c06d8ed60f1c461c73ee1b3515d25f1fa8416b9ef08bc06fbd6c0c4118634579c2729a03f212045482dfe4e08c

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\e1ur8h2\imagestore.dat
          Filesize

          1KB

          MD5

          5ff0850e4df91ff8ad9f8b8b7f24a227

          SHA1

          7ebffd3a20b5bbd476e9ec3e8c5e1c7016abd7b3

          SHA256

          08af7cd8680bbcf070a62a00055c80c88f1d89d3d0ec1a215a4aa96ac30c720e

          SHA512

          028e669eaad877baf056cb26c36c777995fab9f8f6fa08cfe7108ed453ac529f67335655a99fffba73df971557248030fb054ddb759816d897cc2a11c00c7330

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKZ95V4R\favicon[2].ico
          Filesize

          1KB

          MD5

          e79faa9feb027b36febbe184a5f2f213

          SHA1

          229767e3f7db847462e16fbf5b617a50046efbe2

          SHA256

          9c6b9bedb734917143447c7e83ccfe377d0a8ba6337020a046c6f41344e6467e

          SHA512

          6f2e6da65047b54d48e44d180aa67b61add28d45257a25bae2dd222edf2bcab967f03a415982fb7c72828d83a06176a6f7b277a68a83a0f7f8ad8720d26e4703

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab17F5.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar17F7.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit