Overview

overview

3

Static

static

1

2sKMHA.html

windows7-x64

3

2sKMHA.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2024 01:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2sKMHA.html

  • Size

    560B

  • MD5

    6928168fd4bffb97a159d83575c56479

  • SHA1

    98ed9d93491567c7e8ac735327c6a9f6768f9426

  • SHA256

    d342390956c28eaff5f99424ef38decc550a02d0bc274d21b9f463e7e900093c

  • SHA512

    018f2f2a1f1b24af9f0a04dff8c0d3cb90e4838660295729ad6b8b569cb6b6ed2f784717509406147520e72ae01a70d55f52a84e1336458e7f99d22998cd231b

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2sKMHA.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1672 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d97fd479b7b80ae3bf37b786def3b40a

    SHA1

    d90569adb3a51a861452277fe0a18d4cc135804b

    SHA256

    7888317cc5150395c44b30884544068678fa3c48cc22628cd6790d00456450e1

    SHA512

    4bccc3ae5927c2924152a93b9d96b050aeedfb3fea01b16e49529a4886d412caa2305c72b8f719c459e99b547568055e877dd51264d334a01632bfe7762ee1ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f7032564b9b5bd69a661c8be83cb027

    SHA1

    d54db86c3f439ac86b7516c6f04ff80b120b2113

    SHA256

    4cff6f515a1d3508b7487cb027700ae957029a0685ad13eb926a24df048a69e5

    SHA512

    e8c9b42a78126f921ab40a4691037db6aef8e2ed92050c7cad5e77f00ca7077d321dbc85d0dd8322e36a136b9f0941b32b46bbed04843ca9725f5f7563dcc84d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61b532d618b4c72f5db6375235543bcb

    SHA1

    ffe6135b5ea380175216d1696ffa5bec9e8f9e3e

    SHA256

    8f60a56372616ef0c293ef4912322399549c305ccdbfd34d07907f253fe78845

    SHA512

    57b4ade2f3256ed3bb60e1356c87a9f98f417548bc73c49752dcdb80ce9b0cd08ba0875ed2bf5ec0c518b20774dfb0fb7c0644e395a694f12177bb072f34d389

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e1f126a037e83641c571728eea512a1

    SHA1

    481c69d04a69e632a75a4329d6db4c6a6cfed93e

    SHA256

    88598f672f8ba221a7f61e9e538d1c5dbd1879a54f1a7142e06a997002b0a7f5

    SHA512

    79a3bb636931460885211e7bf6463a8b795082f3673cd8df1c3bbcddb1e598dc8cafeb5da4ac91e01b23ff347839a723671ef2691cd0461e4d6523b2dfaf24b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3919fb6f89b70bac71bf6106cc46406c

    SHA1

    fa55dd88b5f05e9c5f9eb3bb5775fb7445dd167a

    SHA256

    11010fba4c6cdeb558405fc074780b734f3b7b69ff37bdcd2e93e9d8b5f1563d

    SHA512

    c5fdd7aa515d481a030c08cb0def52e1a02e81b13a2b481f0854af24c212127714139a428b7deef2d28cb74b30c593c21224e4f4f8cd2a55d1cbd4e82e15b709

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8033eac991cc317b4bca49f379e3544f

    SHA1

    5bab38468825c5c745d8eea805f729975ffd48be

    SHA256

    cbe6ebeddd5ec107a962ed77e02ad67d558572de7dafaaa9b57329a83148fc9b

    SHA512

    8d06889a8b303d82a1a60754526135f0a5b50d380639836b3588d218112014d49d695058ec45166f0dbd6f837ed4d809d61edce9fecdc5cb126f0c26896ea376

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8192.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8646.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit