Overview

overview

3

Static

static

1

Anwb.nl_re...6.html

windows7-x64

3

Anwb.nl_re...6.html

windows10-2004-x64

3

Analysis

  • max time kernel
    75s
  • max time network
    67s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-10-2024 10:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Anwb.nl_reff_965851088210_a6Ohvf8GD6.html

  • Size

    613KB

  • MD5

    0afc45e1173ee037974ebb13816362cd

  • SHA1

    0bcd1d55886176651e55341b7174ba2b6ea22c64

  • SHA256

    3c66cae33fde4209b0225b14491fe60ded1b4ccdaee9d21a145d976b06c92f2d

  • SHA512

    613119f5a5c964df3addd7a5e10f8c6248431cb55fa3ac75673bfae9dc6ffc1e51ecd7e6f0e23a93259121ead7954b70a02c45f668aa9a72addf07b2820025b2

  • SSDEEP

    12288:/MdJYJ8+mu+ItYC4ur4mGC9BV/iztJSQ8D366x8GKnUhtrpEw/t:/Czfu8mGCbV6pJShD366on+t

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 50 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Anwb.nl_reff_965851088210_a6Ohvf8GD6.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2816
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    314e7ef565bec28a16e46a477a5a6804

    SHA1

    422b5b8c09a627ab0c8a1b513abde1c040baf8d7

    SHA256

    4501750e58a3e5c0e36d607d9165ee2cb1ea4b5e6af95022ef314e8b5ae13570

    SHA512

    eb105e384621e5a5fcdf1752fea0b4cb78d7ff6d771bbe60e5d6b66ecda5503d1b75d73f5c1d155a5a2b78fdfc167b5737683b8b6337ad71d9132619996bf1e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bedcc5363fb0e61f02f7320cf87d6804

    SHA1

    581bdd0369d86f665f4dcde9c2492d56d1068e73

    SHA256

    268bde60812a8a7601990bd322962585d116762710e6b89da5e9ddb5579592a9

    SHA512

    7955cbf133d07e35e93e3bd6ef3aacaff879ee740458ad6364d3cfcfb394ddb7fe748cceca7da20be1d1d08fb2dfcfec54f09252a7c939238f65920556dadd41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80c88ae89f4861c9b1236788e32e3e1a

    SHA1

    e0822ac8d736e09b670be61cacc75fe5de234c1c

    SHA256

    82ea7f5ccd4eaea711f3dcba4f860328e7d6d9d666deb1c712f135ec98f4e692

    SHA512

    2f99b68adb74f0a4a69b259815bb77954a261f364e68823233b1720557cf4f7d5cf1ebe81c26668e53d48ccad428f43ed6487be5a6247120ec1382a3a71bd804

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    974a324336aec2d8b0c4ff141959e763

    SHA1

    391a30ccd3e2624214953aeb9fa0ed7b4f87d504

    SHA256

    d015218faeff49643bc5fec99f84a98a0ca7b8f7fa36782f1d02cb3771b96303

    SHA512

    a98b8454c24d6fbf2ff4b14dd64371beddd21d4c12449e0cd3510e35bd507cd9e121a13459704a807ef286f07d57c55cb72d7ee73e8172b1b310b313bfdb458f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91d62ad6e1751f9a4b949b6ce62baf16

    SHA1

    ef0aac7f951fa9d2f121df6cef13d62710491a3f

    SHA256

    462775fd7474a35acc055e33841c07019132305562ff4c4f81f3696d6e02ebae

    SHA512

    f5b87194ea482dcbcc381c8889a3c310b531106641b8a2d1af5d72d5d6b26f0d15e1dc1b6f99b3a4c074507253455dc4cd59032b611461706e9d98be8fe580a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8537f5fe15f343998e7d491dd060ff1e

    SHA1

    768c66abc7ebd42554c7cc25726cd770ca7fa759

    SHA256

    9aee324cef409d072a339e7115bade65ffcc02418c539d7029e8bef6d471688c

    SHA512

    4638ad1d6b08beba614b9697c3d2ce6bd8a2b016a0c4bbf061e58e4e38edcf47cd9e0c90241d296970529275820233a9e9b127463b7d17f3533d2a2351e4cbc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba1b4e6506d7141318c7a180220250e8

    SHA1

    c29ff127791f85a400fd03767c4a76db96d114e0

    SHA256

    5c5d1d94d6c980ccb29fe26ef7d116c83b0742b81bd477f819b6cb458df4c32a

    SHA512

    ed6518db2ba43e0bab026659f28f774a836be8c4464805f86168c1b42b310abb51ef384f3fbd0bf4064f7d928cb484971fe4f7fea61a76a2260c0a0e1c715485

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c747983420b793eaab6e3e60746cf05a

    SHA1

    32e02e3720488762ff4c59c857366626c17d45e6

    SHA256

    3231ee19ad4a5c381f6325f8e1a4b2a01dbcca84cf820dafe509a4ace619fe43

    SHA512

    d10d432238b076a419ccbb1daf21b3d93d74299b40c2fc30fcf7072de2fca583ba80a53be863c1f1b32e1ce2a5a9ccaa6e054cc26803973bb0dc50cb023b9750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75a7421dafce501b4c2ade9ee3ed1dbd

    SHA1

    cb616dabdaa9d4e666ec68d30700bede30c42482

    SHA256

    f9f06d2bb6f771969093a1fd08f42c98841f7cf9316242b6fcdf319b9974da07

    SHA512

    0f75a44fdaccb1679be67bf982fd9da7fc370c8ea26b1d7c7bd23976849cba49f2f640ef1da3e5594ed22cea19261f2d43cc6c4bf3181f4ad13db852aed69d97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7eebcc9531ffa2449cbc04775ed74cb

    SHA1

    5f8a69e1395a9b25debd6c8ea4e077f6fd373270

    SHA256

    e7a87e76befa385441856e4baf68839a2e22382dfa17f9aeb970a966061f1610

    SHA512

    b4df9dc3ab440426fae9ebee1c824a4967b72f2525f792fa178edf70349a111e01808779bb60b718fce23d23a3bf61dfbb48aec2b1b4dd8a13b6ae51b2d963db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fe4cef0f57a53e732245fe61435efdf

    SHA1

    ed9164d6f4055427cc2a4e79502f2f5bb01c0117

    SHA256

    d93003c0c91be26dbc166c9e5114d4d95ec1912810ac0c7c6b7be87782cba386

    SHA512

    c46df54c968a672ae21b8e96589110634cbf5ce87a3561c1e3699539e39819a234b0d60892a56e7ff0f75b1be47c07f890ca44e012ce6337f1dcff13ee2e6437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c1116ac099eb1fe7fbc8093ff0d19d5

    SHA1

    311d22cfb686d02650d82bd277399e0823c183f8

    SHA256

    6bf220425a87e7808a8c88a236779b5e21d11c358e1325e41c3425f366fb3ff1

    SHA512

    3008e76717b7d15eacecc631db67a32b6deefd4ec0dc3e14dc4b0490657522162b87b29a9a5156abb3c6aed22fdef4bb8fcf6db1951054d95da566cf88a4604a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3d0e387610c64e73bd984ed10cc794f

    SHA1

    eb78fc0fb770c691b26ede1f00032e418d67902f

    SHA256

    6bb9cc1e58476292f981916093ca0bae620ec8249bf8507657492a6f5c775ee4

    SHA512

    4c7404a13b34a7ecf16f5759bd6469660a442ab91e764bbc0f8d85625704a122af38bce75253913646d3da642655c10d0ec91a8661389146b8942b54293985a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFF67.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar36.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit