Overview

overview

3

Static

static

1

5xo6u56prL...m.html

windows7-x64

3

5xo6u56prL...m.html

windows10-2004-x64

3

Analysis

  • max time kernel
    201s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    03-09-2024 19:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5xo6u56prLhh7pbndbRrHc3Y2BxCjOoaziztckSm.html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5xo6u56prLhh7pbndbRrHc3Y2BxCjOoaziztckSm.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2808 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:628

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Modify Registry

    1
    T1112

    Credential Access

    Discovery

    System Location Discovery

    1
    T1614

    System Language Discovery

    1
    T1614.001

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Resource Development

    Reconnaissance

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b319df3a19e3eae16b5d84f0eee37c6b

      SHA1

      626e67d5bfc61f7c467382a3c50f00a6eb8b8aa3

      SHA256

      df3c0168d5eeffd934772fbe73becf5391310a68a84b4435cf50b71875e391aa

      SHA512

      1f504fbedd2d72d06abb3799143911a22c9700d43470ee32a459912f7fe37d1bb12c2df27f0bcf7ebda4b21c7ffe825a5f91c4c551f55517db5355333b79671e

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1d9f15f84311e5358f05691a0d9618d8

      SHA1

      f90b324dde99a6edc11bf902f74985dbaa1a5fbf

      SHA256

      a90a9cfd442f692853437fddca5f3c1a26fa9dd933a16b4b11b2e783b5e8de51

      SHA512

      c3fae5d47af657c371653d2fd885bdf6e796626ca9668320522d593cd4ec380e5622c50eb7997944770ffe0bc8f6d6f2e790e60bea27cb1d8f64a7876806191e

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c72bef768e0b00340c336f64fb3cfca3

      SHA1

      15dd01c7878e83490bca0f5ddb115acd2054ba77

      SHA256

      d4c95757724469aa89db806da9b6616e29fc6d86408c1a0023455ff38fb82c2e

      SHA512

      2eaa61907424ca34aa07a477957ba18d9073b2430a779d203b2c7ae9cdc98350208abce4851c2af44869deca381d7afcccfea7fbdc6271196e2d0e3e124b1115

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      0651ac8417e2e55cdeef332d7f2d4804

      SHA1

      990719a83c249a8132914bd6427d1b269b56022b

      SHA256

      019955ce4d2aa4e36c81fbb5f812c74bd94e120b3dba9a80ec5f13a5bc2127ff

      SHA512

      1686fd8fa82967b56c1c9009b6b94e0ee4a385a45fc57d230d324cff12c87bdc9d1779175c8f1752d2def9380e49927b5e92a8bf88cbc2bd97aeb52d197440c0

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      36f9a0a39b7d3767bd6b99c0216543c8

      SHA1

      0d3eb9eb369793b668225ea873d12492765de7cf

      SHA256

      200d0a280b93c9a936795bd42e6914a6fc0fdd33e40c5be45e6fd2d70f19df86

      SHA512

      2e88385991425ff934ccf3e4251a04cfce157d7ddf7aa4c9066ac7b36b373af018e17f845f6ffab050a415a449114f084be14d02e29835dd0e39f880beaedf4b

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4d2a0a80c35bcee03dbfd06cd0fe13ab

      SHA1

      5bcfe1423bca0286035a1459c46a120eb743a83a

      SHA256

      f3bc07dd6b3e218f9935392d77bdeb0fb3d6136b65275d2d9b394d38dc4ca999

      SHA512

      f24a88236c49ab893ada204d8eecac586abd7b2b2ff72bada07e078a88e2e3b3fb03159d7292a5f035370a40146bee15df374a9a9b777fd218fca77b5273df6d

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      e4ad3e15cdc54324d8c7cd07e521ee6c

      SHA1

      3e9b665e11b5083e7102d894eb25edbfab09389a

      SHA256

      5e0ad876b4b4faff01e227d3ba2ad4906c49478bd4330d7b182ec18309ffa0f2

      SHA512

      8710849f055415ecab08d57938d78665eaa80c3a92529267ce206d419ad09db7825d464739b9ad4070f74ec87601671580b8ae0b8c7aa0dc7219d043fd802bd1

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      40b77723b99145919b915c2ac802a8df

      SHA1

      5c06fe4719135465b6e6ab21bff2a7ff009aeded

      SHA256

      1419904b05b6b7c8e8dec41b46842d1ad564c58d1d7e9a75c9d537062fb40960

      SHA512

      9c0c883348c2d782d56fab5b0241b49540d2d2184bee612bb1c22e003f14975241830b74aa224d1e0bae4b911f0611b695aa70767a428966e46c183b72bb7424

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7a83e3d171f6865cb181a1e02bdfdae6

      SHA1

      5f1baae0652e0a97ad61d44f42cdec428bb3a1dc

      SHA256

      6e64a5e78ad14435787d534632dcb00660edca9e273b149d3b57ff9edf7003bf

      SHA512

      4a28a0380d7b7522c6adac74c1ea9493ee01106b972678ea06bf163c11171bd7a09339e590dfeab5781395f80be24c4e15d9302f39927d1608bf8c3088219a12

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      aea93da4c1a317c3cecc05f06e21b00e

      SHA1

      355e283ab1bf8cfd44b96fe24cb5baa8f6584ac7

      SHA256

      ea8e6c38da3e021dd69f4bdaf41f03ab79382f431464f92560030c555437e441

      SHA512

      15df4a8f1344a81738a06b6fd914eb4f336ebb5a3a4d8c00c1517657b577ce587264fa78780ace33ea48f993a2862d4fae47ecce8836ebc8dee6d890a6ea3276

      Download Submit
    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4cc7e89ca49f95f5ec07521a476a1c26

      SHA1

      db632e0a290169b9ec1903245de56228db23c298

      SHA256

      3da04caa2c7510d0fdafdd893831515a3836045d7266be87960bfbfecc7d3724

      SHA512

      090c5106037371f1e236d9f007bc410fa8b761deb361e01b0cf13c7cbc6bcac614850e40c7438b4750e2f1485d6e8828a6348dad59e9a701a96ad408f89f7b4c

      Download Submit
    • C:\Users\Admin\AppData\Local\Temp\Cab7F20.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit
    • C:\Users\Admin\AppData\Local\Temp\Tar7FEF.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit