Overview

overview

3

Static

static

1

Voicmail_88201.html

windows7-x64

3

Voicmail_88201.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17/10/2024, 11:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Voicmail_88201.html

  • Size

    2KB

  • MD5

    59445a6642aa840f10e8f38dbab28d34

  • SHA1

    93aef483073df314e1382b817f863bb9870acf15

  • SHA256

    f5a24e69e997d54b812fccaa83964aef9d7781d47774260b03e6bb773b9fe4e6

  • SHA512

    07143f8814c238ff154cc9aab3443246964517875946caeee7c32a8234f26694bbdb2a80cdb3e9549032579604e46dd6c7e0945d683c107f349ba141db52c798

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Voicmail_88201.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3014ecfeaed68c41bd5297086e9a60cb

    SHA1

    f9f79bcd073b25900c82a33c7d1656170b9a0b62

    SHA256

    27c279f1022ed89cbdea65564751f80bece9c9f0b8a0b471c4b31b564791736d

    SHA512

    6cc932ccc8dc162d61e47836ced50162242b5614a0a1f7d4fe80b648f8aeb330a37fe7ad5b9de6ebc52676eec331b8f9005917c7a3be7dda776feee053d196f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f29a6edab2804f818c92947e60da92b0

    SHA1

    03e4564f694be7a04d70d0409aa7d2e928b5fef7

    SHA256

    ad202156fc446d0b9d03a8435e91d02177a320ec990a459005196f2ac24b7644

    SHA512

    2896dd334148704194cb2e4b0ca7a9c35a6c1b00396106b1a369c9afd6ba5df881adb6f6ff48b1f5a5ae56d7fc93fa837874cc97ae45e159618cd0cef79773ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    707fb0670125b09bce6806e841bc68ec

    SHA1

    14241f45b1a4bd9fa686e229b2fb899064fb754d

    SHA256

    ea17934d2d85ce822f5c7da6160c7d4766af345d7f7e3e81088b535977127efb

    SHA512

    033b459eea66f501a7a433062873a72051fe5f1abe99a062f8725ef8f155455a9130b47f5029de13dde6053327283c4ebbd2a5f8537109de9e1b2668dc23741d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52cb490ba54021cc7fc3ae981082cc0a

    SHA1

    4a36fc652d18b98d20457ed8594d61d2031b30ba

    SHA256

    6294a08e51c4b36dbeec8a2aae90e20f8b5b3514ffe2f0d48e559e26090a6918

    SHA512

    5c1b65169ce54ff4ff88364d93d52e94d8b91d3f30a85f12eeab78461fdfd551c113c2903480c6c0bef3df2bd71dede6ddb6b7d755a7e9357f46959343eafaaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c695af810cc91666a75a5655acdc4972

    SHA1

    143751381700c0ec725cfa87620669b070b52cf8

    SHA256

    e2ee55e77e433c742d505c5d8989cfe93542ec00c830df599df787ea2bf2c2d6

    SHA512

    d5d2909b83dd7a5dc668ad5d1ade80b75ac696f9d26706a5207feb7696c783f08321e7bfcd8d40bbbf7709d0a94a6fd4c0ff7066001b0ae0f00556828a7c06e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efc8a75773dec6cb70930fe0e6fe4fbe

    SHA1

    e6e5078fc6b724bbba85c944f648071610c66bae

    SHA256

    eb52e7f85d14ed8fec275899d27732cf2ec44660b6541565fecea2a62a1fa6c7

    SHA512

    eaa09a5ac2121961ce1d08466d2fb47bb9c17d073c96f27558418844e3c9514a4b9e1acbd6f2429448a0e5bb2bc6ca46ac8d4c217d2caed7e6299259fa7ac96d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2780b9a500c7d546a17afcb527cd64a8

    SHA1

    eec936834ddf1a8398ab44f1b90b0075925ef484

    SHA256

    09d4ecfd7d62c1d8dfaec3a7873493da99616ba539ab2779400ea1e8b2a9ee6f

    SHA512

    9e7d1e3538f7aff531e732b03eec6c8e871f01b4021e859a35420b9a7199837fee5fe7328acaeae163d117b1fffd2dbf726e848c4c41c6f60490d1746b872155

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93e742a94b87f08b73f9966f6e37fc6a

    SHA1

    3bd37390e111d0d348af72f81e73b7cb9edcaa0b

    SHA256

    c3669fdf89483ddb8525ec6611388336bd43964ea0fa90613b0e69112a902e88

    SHA512

    cfea2e0326e45a91d67204e09469e16c48776e61d0066ed8248b4fd2726cde1b7a501cb1f140fd6b546cbaf65893f9fa1173cd172c4750ebedc907c5cb5bccbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1888dba2fe663b36dd04060ec242e78

    SHA1

    bcba34c7ae239d56fd62fde6f9dcc3cefe230bc4

    SHA256

    e1f8f3c626d82fe1fe6c1a23564085a9375fcf81c7b04ac81ea260484ee11f16

    SHA512

    6594894d8814e33403544b51fe225e80e52c432327c1df8421e30e0ed865651cbafceebef9a005a06b999057e3e01deeaf0b6a913f1bda07c3bfb1438c2b4277

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b62f1e571c969ee5c4e4566767ae9dd

    SHA1

    3c7b78618e16701acac28fa0ad61ad1c938cf878

    SHA256

    10bc87867d22960850ff25d1b3668a8ebc2562a41e17ccd47399a4aa68d11c3a

    SHA512

    c9e61e4b265d96684e9d619baef030eeb5bfa2cf41e740ce856fd9e8df41c0522b9e6643842e32185b342ed18f7f0bf4a323fa451437be7871f25737730c2980

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d77825c67ca13cc2b9c535cfdb8482f1

    SHA1

    85511180fb8d3770bd5d6369c08f9b33f515e1e0

    SHA256

    594de87a9324ca151550365ae29baf3fe0b279c67b071b3dd3d7fffa5b84de4e

    SHA512

    7fe4af32ba897906d405ba8ba9c9a3353f571b0cf6ad5bfba20481b1f2e274a4ac95951ee8a837fc5a4b7116b7a13a0f5f1d7c80659cddb24ecd66ee2ce00a66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f4c1d26541fc53b878a09fe53108ae3

    SHA1

    993e89f01caaf31964c0ac63f741edc4a152a63b

    SHA256

    8f29a95ad6a1cc586add0689e61c7ecf412328fef70da318929090a50cd93161

    SHA512

    81953e142206ccd8dd777699470970cb7751974230551fc3d0e72f12c031c25bdd59cefda4da004b3fdc104e880c3e9f9b266ed15a5cafd342addc0027ed7005

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBE34.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC680.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit