Overview

overview

4

Static

static

1

winprofile

windows7-x64

3

winprofile

windows10-1703-x64

4

Analysis

  • max time kernel
    193s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2024 22:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c387bfbaf4936c308dcb8166004206b6a37bf1528f4d7343afc578fe28d7d34.html

  • Size

    4KB

  • MD5

    65e79962ab80574fb31be9a4740a8361

  • SHA1

    422cc563ac5bc9620c1d38e739af8cbaa6771a62

  • SHA256

    6c387bfbaf4936c308dcb8166004206b6a37bf1528f4d7343afc578fe28d7d34

  • SHA512

    7f33c1ff1a773267c6de23d82f492723fb56be8a82f7d4837600f50156512474646f4fb58fa05f6155641014fd63e2077b5d950abc57fa7af530c0ab88e9e444

  • SSDEEP

    96:1j9jwIjYjUDK/D5DMF+k1qvJADh/pRsOrRb9PaQxJbGD:1j9jhjYjIK/Vo+kqRADh/pmOr19ieJGD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6c387bfbaf4936c308dcb8166004206b6a37bf1528f4d7343afc578fe28d7d34.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2836

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37dbd33f51ec2281442e53cd8d46fb61

    SHA1

    3a73aa0c926da14fb3d601cebd58e47308b42b06

    SHA256

    b85e82bbafdbe8f41f82ab55b7ddcdc7dfcd95e7c000af0508f032dcd0fa9327

    SHA512

    78573bd43f1dbe693a30fbe5b8e75ba8fbe616e55cdb24fd43ca9d0729ea77479b94be7860d1c5a4e8c153bbd8bea1f444462d36d335d67c7bfc9b152aea0d87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e3727ff9cbf374bcd13dde565a3179f

    SHA1

    433819c4ff98b71227ecfc0d74c46456fe07b2ff

    SHA256

    17dba308b68038f9c6edb325aaf45e1253cdc778f7f94fb402d117304e5f8321

    SHA512

    411eabad9893634e332cf821bc34bf592c9ecd15bf0307f0319ba99b1239d775ef5e1eb731f558f8e0ce91823ef8c577c490cf0bb6801abf7fdc584615d9c044

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c1c32abe72f28bf2aff04fecc927f18

    SHA1

    2670581eb1a6141b33412706b8e5092bfe4d7063

    SHA256

    789fba4dcd9c92a78890116dbd5eb39c864d92c63c54ed9afff4ff1f7993fe01

    SHA512

    7e6cfb6e2e1356573254ece35f80c2c740faea5ec63ecbeb292833576aa8ff603639aeebd95e491742009f25d6aa1b2d4836ee12604c03771460d7213a7a8a79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b147a9ec6262635fece65d8aef68d50d

    SHA1

    e0fc53cb198b8fae2c9d5f381d85acb23b0744ff

    SHA256

    f51e184d86969661496ade4f2b9e8dcbc042495f25366c0d4a4f8ac736165e50

    SHA512

    c5b00df75bd0eeabdaea7d4fbfadcc76b44d4893eb8cbebfd4d5cf8cbcede09c43e75b507a05c44ae250c841622809478f757ef7d94d651cd3f77f9f6643a9cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ca26a4455be42231d6089a3424f8ebd

    SHA1

    830ada5a1bb1f19e56ec9e3ade93a93341f2809a

    SHA256

    b24e27fafcbaa7f7e3530a294ea0362839db321f064861b0fbbd0d6fd46a4ad6

    SHA512

    604920f2313d98e331235e3cb23699beb445e2a61614f743a2ed6f8fc4ea0512adc0e72a96859f04c04d61cf39103968dee32cf328cbbafef7c2eeace8266aea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb549e8a8c8bb1f705d38271f8d433c1

    SHA1

    5c07c0a2a815d16f74c76ba48b786042527100d3

    SHA256

    d8494c7e9e97fe18d04fad61845173c1c76f7cb272088038ad52a4e7d024d3fe

    SHA512

    cdb20d2f5be15cef74093ad747a8f91abf5b4070bbba96f2d2fbbd201e00f20a16e4a6d7753813c2bd512274ed5fa10ef46b7648f3618b17f8d00bb966827ace

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    385fc3e1251d9008adae8c49af91da15

    SHA1

    6172c0a6b6bc005031e2af7e9f2e289bc3d25fe9

    SHA256

    9399ec9a8cfb4c6f1f2cc6fe9d2a4c278d8fb4f62bc4fa03cdfd92e361f12182

    SHA512

    e125bd6f7c3c7b8775424e5004f8cd0a69cffb4949383176fc055313535444296b4fb989c93991e24fa4e9d5392c36e7802992d7934eaa128847c6a75b2773a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4440ac3f1355defe309ea0e0967c8a06

    SHA1

    2818d1c419118810c95ca6b78309023e7f31e6e7

    SHA256

    d9a6d102d7688960213cf1abaa00647b67ede6f1fcf5daaf245317ab9f6a1115

    SHA512

    b96a02648cb9913619dedf6d85dc09bc6e2089f9f67e3ab5aec2e0905783ef83775016a5fa1ff97faff500025ed512926ce4d04f5802febfd6a1e487e5acd8e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9944a3b0a5550f2f43bc9d73edea6524

    SHA1

    ca628041e2490a1169dc26236e248de762df7771

    SHA256

    7141a9e0da606ee685e00a49e9b30c62b8690c1fd114423b2c06579dc25e724f

    SHA512

    74d16ff764547099eb0f50980c4f63ba3f421d12ad9ed4354456a0e86967e6c1698d861764a0973d953d8b59d36df9b90691e6ac290c84e9e9e2221cda77b27f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dab0528fe43b1c3091ae34d5e4ca2b6d

    SHA1

    9597f9122f36bebd4bd69dd94a189bde74ae5ebb

    SHA256

    42e132d82979e5b5c40ff066a017b736105031c5520975e1822ae8c686157cf9

    SHA512

    1357f5dd34acddd2c6639f8816febf1862eab886621e044cb1aae8910407ba3f81d0dca144cc5ab76394c2b1a5651bbb54795e38bde6667eaf42e077c4ed58f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    933f605ab14f39b41b79e060dd148a2c

    SHA1

    32d492819a58d91711e152de271b5edd6c290e29

    SHA256

    c7c1d1b479f424db8a60e7d0fedc66cf20a99ece5ff2cd81e8a3eba39d833951

    SHA512

    2febb2ef0707d791921e12d6d532c004e7352ff670e89580cd47426e71fe210f4766b18050819e1bfe2d10754e1d2b7829a6ebb939660c776dd1c7658118ab63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    414cfd83fcc40cc9e8f23bc9b18052ad

    SHA1

    b83e5978c6f4190a65d8427c60e48d1ec768c018

    SHA256

    f763d3103e1cd3f434975c9fcea68d3fd11eae876bb20e50c9667a2b551657fb

    SHA512

    019aaa0dad1b0c68f0fb8b6ea1daca02576cadeef18efc4fa2371c702d16c0cb8b8338ee1bfa84b46c0be40ac1b29f87c610a24ea2d2a62f3f6be74de5f272f4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab785C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8933.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit