Overview

overview

3

Static

static

1

sample.html

windows7-x64

3

sample.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    217KB

  • MD5

    4820e96d72492355457c66b676b5b4a6

  • SHA1

    bce7b8a9668d9e19f6a2324dd9fdd2ae388a6450

  • SHA256

    b2b53637bd94d5914b2c6651c2ac8c3813e0101415310a7c352e8b6a24027aa2

  • SHA512

    9a80e61c34c88886867a00e481e849e4692eda41fa3f3766770a947745ef731911d37745068e2e46619dbefcf308cbd9b7ad55d8f9660800e863bc0d1cc35c29

  • SSDEEP

    3072:S1L5zZBkSKuyfkMY+BES09JXAnyrZalI+YQ:Sd5FBkDLsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    403320c0f95f7ec96feb9cc6ded84dc3

    SHA1

    441f1390ce8cf842ac67ccc135a7d6bcf9083a72

    SHA256

    63d4a7a8d2097fb4a2d64727e1a321683ae6b7a14b34ef13cd159e93a7bff58a

    SHA512

    8f0c9491d8e2cec4430874dca8b31f8160e05c65e5c8cb9a7c85d4628317157a763539a6b8725eaf70573f8bc5650204b9763e606e90fde31e7c8cc7a75d4555

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ad985d49b052f5f2512a52099b3ed6d

    SHA1

    a4501665b28e9cd1fbadf5a18438a56d6a716ed6

    SHA256

    80b5b4e3f57035ce5880bad2a425fb414a27ec0eaf868923c99e105c5a791eb7

    SHA512

    013345cf1903f18971a0a7484872d9e20f0995c88cd8c4b7fbaef8ed32e9fd1dcfadff8e1b50464c3b77df66f6300643020f98a2104240172f081cdc9b9cdfb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09c8ab00f7ade6bacf8f72fbc9774eb6

    SHA1

    365bca9477ddae41fff2bde37976e52bcde682b3

    SHA256

    59e935a300b9101e9c306832ab008722dc99c9c6813cdc2dbf0c665683e7e603

    SHA512

    8cb2c88dc37ba37ad8c6fbcfa283544d821ab0828e411fca6ba83a6db39ab6e5c44990ae3d93c171267d4681a9827f4b76087d04a109649259f33e50bac8c169

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eea9872cde3b586b4c90878c61940a5f

    SHA1

    d34e7a2169be410a3e5eb65d0822b76bd9d68b78

    SHA256

    fada0c051539b4cffb027cf9c2209c9ccc330ff490d896eaafb77879f46b9ba3

    SHA512

    5ff1ef0abfde2c5593a7454a67c5f3c38389a2f516b4234e572d837fdbf3fd344176b54aa4a43aba5721c3766b0cfc5515cdbfc7abf5fc3a2099630a3d5c4c26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7592254ca34c104b55c8230c50fb2adf

    SHA1

    f35f5d4eaa42ccad50807e02f017c940b0f3aa44

    SHA256

    e390c6d443fd31727de52c572b0984c88d8ec1514a8589ac6d019cbaf87a226a

    SHA512

    42f7b4cf2890fe6a50c4c8af5d3f956f565585936488be809b2bd4896e9398356dcfbc556628686c6f0211cf55c1b26e89c054df425859828aa0f401418b8a20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14dc7587a559419624fb5ac25c8cc984

    SHA1

    6acce2ab90062bf50d68582814af240d5ee896c4

    SHA256

    2c4e39abd3de0a5391ebf57ec348c97a5fd9f7d72e077540a1473112450750bc

    SHA512

    0ea0020de5f4c8e79a1acba221675fc04b3d3bb7d63c87ec01a75d1a36557c97498e1f9a4963eb922573ca6cf81a826945be2dde6a85ed5b3abd872953568fd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c664ce4389ad31152dd9f710162b891

    SHA1

    3dd6376d8a68dc0a51e771070676576eacd77e83

    SHA256

    93d182310df8519bb86ac3acb1bde3f68f51ab9afc1107d7820cd310f3dffd33

    SHA512

    4da9c358d66af0cb7c40677a199f156eb4e13ae8c9f23fd00867b6f18282e539e6cb225812f50f8d049d0e1899d37d85eeb179ccfd30d9a61004d315703d76f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e3a91d0ed9d42269c77a6a9230a71ec

    SHA1

    a293399d8e4328d4948dad699bdc6d5199738f03

    SHA256

    84ad7ec79e39978f2654af9e7cb9c3da684fea47a51bd457eb127308f76e0cc9

    SHA512

    c743b7d1666ae6198f9ad5c8f2be13ad757878863f86298cc13a7ac2e3494b7b901d30c3977171280db5d261a4c72ac8f13d22c1e282c98a542ad0a7a7a9f21e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab98D6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9996.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit