Overview

overview

10

Static

static

1

redirect.html

windows7-x64

3

redirect.html

windows10-2004-x64

10

Analysis

  • max time kernel
    1561s
  • max time network
    1561s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2024 15:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    redirect.html

  • Size

    6KB

  • MD5

    93b8b59320af83c53bbaab1661137a09

  • SHA1

    2cfa0c10a0ef87cd9630ac3d92fedfc3f550358c

  • SHA256

    7f2da7f0f82b191709e85c12f6bd369f2f17ce687083de9bff14d75a1c94f3d1

  • SHA512

    b24a83a1e568fc45232abe2dd141467ec8757494ad9bd4fd12c9fb7146ed810c33ac154eb16adc6ddc48ed62dc522be32412d2247bd8cc631ec97f04c03f3a58

  • SSDEEP

    192:diHLxX7777/77QF7Kyr80Lod4BYCIkZOVXn:dir5HYK0+CIkZOVXn

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\redirect.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2076

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d989fe1d854aba5defe49b2282cbef71

    SHA1

    6fd1d2993af5a3e901197b4cccff48e148095dbc

    SHA256

    58849554cb3f9d291a58ba641bbd04320772f0ec6109a05699d65651022a1945

    SHA512

    af54b08aa1aedf51b225238a42695bc1b555e0edd18d3142049ce800dcb6683c5b029d06dd68b19e8b84bc1c9e55c066eccbb23dd58283f31accf710e6a73f18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8d9ae7e7752ac44fe577e727e920c92

    SHA1

    0f55c50c20fd48bba82bf0acafaa6b9ebd7f07fa

    SHA256

    838b72cb2827ee229d1923426cfb190cfc525ac2df1839eecff189aeeead0cdc

    SHA512

    d5fa17cf5dfc773f683fbaa98aa5284434a45192b3cc0d6df122c55b0b7c5fa7567a2fbe1d3b55599ca4ce2a54f9a51e6640286b2c3d045cb4f17a052b52872a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db42874263499a4c1e5dffaca9ae2b4e

    SHA1

    d4d0af1d14c8e925cd244a43715b45e574774493

    SHA256

    b09e3fcff17d4c3d4d338d37fa9d696fb42e784080d2a9c9c332421bb65bcb88

    SHA512

    f1fb3227f4cb1b2e5125a99254e055bfa2c8f23e3cb50d43ed568d7cac14099f2b0b94dadf65fb34d855f1f5fce1f8ffe34501548191839c21eb78ab5a60e9b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18c8dfaeab5d278f1b2d3c7327604c6d

    SHA1

    28b3202cd27e02d02e8f08e8a9a8e7ff6ad7d6a6

    SHA256

    a33334a1f83fce71c416876f33a2dd34d0f83e9d4e39f0962a6882de83f3a659

    SHA512

    ff98e3870f867a0707278a9ff8de2b8599ca7f985ec90cbfa6fe7c98551b21af47ff99695a07e42baf0e0d51707e064351ba9f03b6a8aa4f55099bfdbba48216

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c79ea245c80208a206d09dbcd0deb422

    SHA1

    127387a0f050707ded159d88906bba0ae6341bed

    SHA256

    4d7dd8f0d78f64420c8dc706c049e485dd6807aadb5acd889fda6af0158ea5f2

    SHA512

    fc11ab8fb5551fc53119a7779876f058ac68a05ef8310699e21793da6a86f5809620954d8bbf5dec5303a376d312ab41b6acec37bde5bd7941ee53145023cdd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    162c74edb244fdde94f49f2e120ff925

    SHA1

    72220497a460b67e5c960c7de876325ff6444e14

    SHA256

    8ea22fab6f1dcb492decaf8c9e444db18e49a19b6a728382c175128dad803ed8

    SHA512

    45c7b994e74041803e95fa6d25aedbd8e3ed94c0ae473c27193695f2c93f5facbe89150f9fb60a383cc93e91a0aadc15bd3f22e69e2cf53e3c49009103748394

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e35aef431f72d9e3057d922cad1a3376

    SHA1

    58a88e408e00646f706e8a2e6f8c2c42baf9c00c

    SHA256

    715f301978b7cab74d44cbc825b9324ba1b060c69333900470a4a9cb83f9ceb4

    SHA512

    90ddf2dc7ef6a1dc1aa798cff7ef6b3138b573c09667d278fe3fb469fda52eee64c72f557bf7c3dc9494e21df114a24700872c3f6430d8e870d56d958a5af4cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc6a3fed8ea18f79791bad3ff91a99b6

    SHA1

    d74dc6072bbed0ac7686dc0566f3cd75c8677907

    SHA256

    77cbcfce69b1b0fcc3168bcd0f029eede516a8015e5843a9dc2834cfee809976

    SHA512

    a5e6c6d77fc14daae024f9713dcf1b1cb83d4346d8348f160c67492a8b810e7e1c3e28e43f704a351a554a154f9508e39b22eb50339bcae485d07c48150ecc6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a82e16d580e8ba95b7e5e68ef847b3b0

    SHA1

    0cb73ffd42f97f3e445a7d368ef21565784965cd

    SHA256

    2eb47aec5047ca242a4814a4b24411bab6077edbbe700a42cffa00dcc516d4c0

    SHA512

    5422a866ac210aa8a8b8cf1b370c8207aafe7e906a68d45197d4b0e239d8dfa8eada3a278ad32085e5786f2a5871a44a06e84e93c1787bf749c50fe3e26b6c61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    268904fccb295fe8c4132d91017824b5

    SHA1

    5b46b1c1465b7900297842293d4bf1e9945e9f57

    SHA256

    0e729503e15537dc9a70afc7e776922536163ee3d1a82ecad6994cbe28cf5afd

    SHA512

    48700d989bb4f7d0e01ec5ee807d87b9bd82443037cbcee820bb2d27e957f014d98d7735eece5c488c4f802b047d01412b0218b2fcb26c477b6058da0009c2c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ccf446444bb893c4bcaa1e940b60478

    SHA1

    741178aa5656cc51bf79426634253864c659af6b

    SHA256

    5069982e6c1f7a2299098b7f0160a112d73511e64d64a7784b788e22b6f09f1a

    SHA512

    ae8f5db42ba3c778deea6ce57103dd8ea30e11543798ac9b8e4d790173e8a4e469a1664c9e5cab0f96bb72995253098fb0a9eb81314060a683908ecc24e4342b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82e9ff35c59c8a968d638f5bd76a92b4

    SHA1

    03a71eeed916d4735d00148c3a03b557cdd83398

    SHA256

    90e2c30f92b6d0ee45053df1df9ad53b432ef93076be572fdf5eee40a722ca4f

    SHA512

    ed3a7e06f9b7fa44f27ca211542afcac9bbf28de93f1311c295bc2f43cfefba81cd19adc105394d729790b99d4f97be1a45121adef4a5e324be29c17a8458d5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b0b787720e3bd9bbd87fe28b5dd833f

    SHA1

    ef237c0992e972c751cef5670764d41e340e25b3

    SHA256

    dbb08ab1a9b8d3e5689cab36ee91270e7bba87108ce78032676f6ee8f28f75db

    SHA512

    68d424a0d900754d3d6a1f263484b0a2a0668c01bb19e9361fa90f969e74352ec18b04e9b05ecc08ff0a8dfd79f2c98b36af4971373de90dd75e0b4f9f43b81f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62899b452f03fc7b83ff620394635195

    SHA1

    cea03e8a3455b12c2369c0b627e170312f0f54b0

    SHA256

    e7647135005d0447ce016fc1c2cdc90b51244e3de05c96831c97f650e9fc5568

    SHA512

    a759544e2e7ee02af12a58719b30e16497171be10df1690df956a98c913a232f6aeee983ceeec596a28648b74ad14755c5da352a685a45641519b40ae908ff83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67b2e5274bea8bb8f54d7112a263ca9d

    SHA1

    5628401c6a1ba4f82cea521e4f37b6deddb9ceab

    SHA256

    c557ce6a6fa21712d372163db444dadb0661a57fcdd8ad3a3ed26f82096bd95a

    SHA512

    086b54822dd6d2f0e06cf6a8780ffdb75612864749007045babc5841fda1bc1efef1b4de7e90285dc2a7bc63ace0fcc8398008f178a4e5a310a5346e3645e7b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d509485ed4572ca1c1030d963960c42

    SHA1

    146bf913eb6ef44898051f8b1370f9c378e327e2

    SHA256

    0dc95eb455964fd01fa0675b4fbb8893f86ad66b77ba19dab74dd9e597959e80

    SHA512

    5bf13f8a70ebab868c94f258e39fee6484c3fa02634e45c6fb2d674cf13471014a178c08052f26e886a09e1c4563c5c228867009d9f7c38487598128cfa12f60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7674b74c78da4e62a631d191f7cd7a7

    SHA1

    2def0e5ac42777b96f9b562ddb2c58fb0faccb3f

    SHA256

    021b365e73f9a82c78b81b6edf2fc422c31c791ea10c589299415e422db734e5

    SHA512

    5ab39bcb24f4910b6788c298c21522e96662fd1a9e06755dd8263ce842d419537dd47cfd7468adeaf0deb15380d5da90decc5537bd45dc93a159085192ff69ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC796.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC7E7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit