Overview

overview

3

Static

static

1

.html

windows7-x64

3

.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-09-2024 08:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2154f95dd0473d7f2c5aa6e5ad011f7e

    SHA1

    abbd01f0c6a643ec23f11c718c84893cfc82df79

    SHA256

    0eee903f4cf6616a2d723a47fd65b4ce5bdf9a2774e252afeb82b4fb5f997ae8

    SHA512

    1f23241135abd916fb208c94e3aa199bb7d4b4d9b9320a888e4ffd865881b250315028ce30e84e4e1b7c9812f6c360445622088baf33d87809768e7ed48a4b74

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ce67bc44ff3f917f35da95e22ca2b54

    SHA1

    6f6b5a0544d4a7fc8d6c78fec6f508ceda4932b2

    SHA256

    d8d5fb5c83f09350ae04c680673cb877b8b209d12e7ef1b44899b7e48c0fa4e9

    SHA512

    998827b89902962528d984807892663b007ae14583fca381a51f4c43336cfeb0f4cec2a167f082cfb3ce13346516c5528b3b1495b0b02af9ce038c834e80990e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e17fb3b0195faa49ff58376e95a18177

    SHA1

    9274fd2f4710623c5283f55d947f70e267240e62

    SHA256

    09131fb435dfec468d4f0cd0fb92b179a5a58ce88e2c946a903e1bb0ddf0c2bd

    SHA512

    6ce95d18192db5abae747230b74ee16bdb469e6b7eb933a4cf79e7c165c6161f88493caabe5943bda6efa587d0e39fd08ec2ba082c7809d36e0aaaea41b3e1f5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a91769812455b4634d910e80224dcab6

    SHA1

    fda3853d532d94fab71fc960321674f232816c63

    SHA256

    79cbc71669d7447d81453ece05b2782f92e8d25905ca6085e9b1e789d7900217

    SHA512

    6baead4d8c06c6ca0835d06ae4323734866d27686e952f4af46d738fb34ea9b1f29740847c9d78051533586f930961ae46cc3d92b8f0e6f48aef94f47e77772e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa2dd937eb27db179ebf1abd4ecc07f4

    SHA1

    239430925b2da30af6ac340f9039249a4a08c8aa

    SHA256

    3ee379d957b08ac978216bac314c3f431484a79689a3fb49ee57e5fa406431a9

    SHA512

    00684315c9ab1b97f77cdcb3eb749e62535f66d2c753ac021dbb8fca0b796a2bba9eef385deae8cbe901a6db37ac712100ab55ac5b118a2910379777040f4553

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ab605fef3af4e2a7c7e58bbc709c139

    SHA1

    70b9de9314f8b8f6676d2cbb1c8d2c67c1f0c1e8

    SHA256

    4d4cfb7d4e14a4d6aac072c2a2736f1117ade662b1a9d8af43a737115bd4c325

    SHA512

    bd8595bee932170922a6d528225ddd781b0ccc0d0537447dc65608dca37f3cd639fab382c39498a33728beb0e61f5aeec6e052fd1cb2763f9444be17068be1dd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    413430e847709e1ce7e70ea226139d76

    SHA1

    01da9ad56b2f3238f0389dfa908b0d942bfd9a20

    SHA256

    354f0cbdee2e0717094f7b4486c9a9e2ba8b8b948933a864535f10ba8b3bf966

    SHA512

    830232638b65d12bce8b69f7b965a6046ce5fea8aee107449adc57293933bc4eac356f98c051e894cb304048fc2f4b8061310974e4e3c94df46349d9a35902f3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24bd6bbc3024ebca78b0bc47b40d6d67

    SHA1

    a1b3e754447712c56c66e610342886c3ebd96476

    SHA256

    664c2115c45018e538fbbdd3aea163864fdf75a9fdba92e98fc0b53da21e3139

    SHA512

    4ce5c622018eb417f174d144679b5a29e8eee695edca6abee6cc2fb6ada1d90a8eda051366395536c1d02f074c65df196113455c49636043d5fcdcdcad7954be

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b624a7d3503d575f7d7631fafc7b26f9

    SHA1

    da6880e15c67622d418d2b53f466719bd1ca83c5

    SHA256

    48fbe03241bf9237b789dad50e446b185680dcd69206f64a60df85b944e45d32

    SHA512

    4cf79b046f786a00ccdddc381aae2381eeb77ccce9c3ea0c5d4a516e49a850a5312b3066e39b7e533bf46d2d93801a72a64403cc6a8c68ce86e928cfec743bdc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4544bc607fa6671bf2ad38ceb81a660

    SHA1

    4c0fe311b61958fba851b91d57b1b8b8cfd11d67

    SHA256

    8d9dfeb85132cd13babe9c87478ecfdbf49ac4c3a4c9fd4d34adf8d43530723b

    SHA512

    a01fbdce6043a34473ad19bb5a4d1591cfa355e93fa114870982a58bd84c0e9437bfdcc14f1ab216607203dbea0bd5ea53a821d1fb9e271d796902a55705a23f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    415f03c8b5e0d4531b6d724b71d322cb

    SHA1

    6738fe4f822851e1a1928025c7a8ba8ec06772e5

    SHA256

    1add21cf7e118d0d0e98a94eb29e21595d07bcece03362fc2a8b0fccddf20de1

    SHA512

    f3ea6cb915a3fb1d749e7005df132201e4273eb913e9b893efc4296c71fb6ac42cc8be280da77804ffb941b5571e5e4ce90c4d57325b9cdf82c38b47961930bc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ed09089081cc326ff558179210a82ef

    SHA1

    167cb094f3fed1783b3218b4d495afe48337c075

    SHA256

    df0ca8b4879e022c40e91ec46481b50fc92e263922ccc41c8e3b1edfd6409e36

    SHA512

    9398b5bb390ef9eb5f24fd73934736d604a06c5cf5f710ce2b30cdc320d820d86a08f1ecaba2fe2372088056c1223a1862fab0776c62ed438394acac80e22737

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed58a8d7944b9e69cb2e480b03e86e00

    SHA1

    1a5cc468e6d4852de9284cd2b26b9e4f83445ab4

    SHA256

    5e73734a0cc8e09174adfe31dc0957c23864b1d0e25fc91f438194e9bedcf09d

    SHA512

    2a576e8bf808d1fe06c308898b861ed60b08a16d2761ca34be478708f9c9715792c364f22da2f0499a2f9fc028c3a3e27e433aaeac4a4659df0904fb72a33b09

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5ceefea08768239aa03900553bd47a3

    SHA1

    54677d5392e182343d379f7b3097d1e4458c2120

    SHA256

    e0337d8a26373698ea14765195a116680b1f522276d217523a665e9a7e961b63

    SHA512

    da5a14959e7d960d2e52e37b630315b985267e46381c31f3f0a826e971e610fd108db3e86d7b91318724e03612b25b2adc80b15728940e4f12fa518bd683d7bf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    491d015f007fadbeb11a263488908a08

    SHA1

    1927918779196183af887a1b15d7532e8c5f5f16

    SHA256

    ba51dd508bb1849988d43f19fc600c7b5b8788768b14cb3f569b9c545eded397

    SHA512

    01651fd9fe684d56460bfaddef51dad6bd41369da017b34601f391a6675395dd0eabac9e0e084c7601c71d7182f12d4c08ff3673ab31b24a77a29050fab08d2d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabA97C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarA98E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit