Overview

overview

3

Static

static

1

ZlOyJk.html

windows7-x64

3

ZlOyJk.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2024 01:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZlOyJk.html

  • Size

    510B

  • MD5

    82fed29a614bcbf8845ea32eb960a37a

  • SHA1

    4c512487edfb272bff02f79efb2b2c07620cdf3d

  • SHA256

    be7e7beddd24f60f10d7b03777cf53fcc7c796ed7bd0aea6cc18ab0bb2f4666d

  • SHA512

    9de6d67d66c198e0bb0702557529c4c566d35900634c6468a1c50399ab209929b72f76156ad4c62f69263923368dbd0d89d309e34e4a9cd8cf393e5000e259e7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ZlOyJk.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b9f1ba4e58418b27817ce0a4e3f5127

    SHA1

    e80ad3a3515c3b1960fce0008c7832d637200533

    SHA256

    c9a2e42b5c3b364a47629b7bdabc9770e022795a81e59f7dbc7ac007f15ab409

    SHA512

    327efb2b44c3e50e813f9d72b5eca2500e38d561a3560a3869baf542eb4bdcfa250bd890491526734d6a91e1c6fb82b74416b87d8e90090912dd75ccffb35842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67eb8aed385abe4081f9844eb96426b7

    SHA1

    adc6477a2e32acd32ba0915d7ccaccb2b70f5e96

    SHA256

    f1bc2ebf876a0bb9faf7eb5242f7bf7f5bef9c8292cb5566b2f24efcb25fa527

    SHA512

    58396c169ae17ad35a0aca5cb126cfbafa1940b4c0f041d503f8672d40ae298873074ebf59d5fb23bf2c7dbea07ab2f106db3a56e83a6c4b386fe571b38a116c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09f983f77c90804ea50782783d1ce041

    SHA1

    d3f429f768fede05aaed61d20569b115c552117c

    SHA256

    0607487936446ddeb5dcb8ae6b7361288a3c2bfb54bd16b377dc018c8f746499

    SHA512

    422b08609709e24ec158fb558fdd5621b948ab9e963e9a6eb6e672868ef2de3ac6dac61f359274599753da91fdaba85ed59538b18a17accb21339f409fb2f899

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dec662051fb0e03e20baad1ae10393f0

    SHA1

    c2b34e55154a6c21dec2fa9ebc98c26742adcb6e

    SHA256

    ed97ab01fd4b7d8f9813d63ccb700d35f623f0c026253991cbfd469f1d885daa

    SHA512

    6c7d1e7af1064583ef8f6ce44f199fcce12026cb517d09fe9499ccd0534aed06a83f9fa89a48cd407218e6cea1ab6d4390534f2898b95ebaaa3216f02a266397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5f94f08e4a1ffd499190790b19eead7

    SHA1

    036f1b8174f1004a7774a80f1266ed0e5156b1d5

    SHA256

    8e72250bbd7f2c91e2adc304c1442b7d4a334cbb43d0523e22df5641e48ab405

    SHA512

    62da05af9f545d76e65fa29fee976c94ef071ff399ffac49d626e15273be8b2da6b720f4ee1a62207c3dd45d55a6f61f41c51906fc0c89868eeb9ded8cd98de3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31b7dc109a86bbc5f07c8be09a21345e

    SHA1

    dc94eacc4b1234bb07d5cee542b86376d3d2d18d

    SHA256

    a5b94ed4a91be0171c31e4bf52cebdc4b52acfdf16e94e837faeecf39bcf5e0e

    SHA512

    5389b62ab764d1a6875b3bd7673d897817e5bbb6d30fd9d8a839c7a913a15a9e3e35e2b6295ac3c08e315fa549f5ad8814591b44cd37c7365e92d17ae300c24a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e0a20587b2077740b99bed9f81a931f

    SHA1

    a7a7dd0cdd87eee400a377e1fc6cfa0db6f1c0f6

    SHA256

    4402fcf374859ad3446616ec12fc9bb907b1e213212dc967380b3d0bd03d1b82

    SHA512

    dac3529a18f7df44050ad9e56c2e2950f0a03b3e99d8f62640b949eb77d3e237dd4c3825035a64ece4acba4d4f8c3d8860fec6daa94767af5dc690fe4c78e809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    820a312446523b4a4e7fae4dc589c3ad

    SHA1

    c1fc15fdd7a125eeb1679b09a21aea6a28dfadd9

    SHA256

    c711cd3a2579abb24e8f742b24dc7052e91a60bd1a3055120edfcdca6b902c99

    SHA512

    ca4f587f407a4182f4139274d069868d6ea309b5cf4cd1fee857fda3a7ea0abb5de56bc45c9e8cf7672caa708bdf8241fb6cc302c2ad2f7724ef6e8eb3e66cdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f6b1e0d6fa060e4aa3f8c22906703fe

    SHA1

    da11523820f266af3d479cd4b657fc98e7dc9f28

    SHA256

    f0f2ee3ad58285faca88120766f92b85477b5b6ab845356717d696d9b75f6d27

    SHA512

    dba439bfb75c01304e2950e7135855db308f90d2ddf68e3d666e8964a40b4ad8ebfc71da1b3c997775db98bf41e4f5f6e679bd12951236a3befda9ce97f15c40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab6298839318537fb32f43fa8071402e

    SHA1

    96ef5ac27aefce2a05c57842b7d99562b5762841

    SHA256

    2d36eb8f22a49aeaf32cb44fe57ba8c5342aa7566cef2b5378108235015489a2

    SHA512

    4592318e2b9e3ca27562d0306dba47bd2ab8df6566196803ae099f28cec8d3a9b6eb92626767380ac5e6b5aa75d2f188e25ebcfefef83df000398d197fabd87b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9F0E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA099.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit