Analysis
-
max time kernel
145s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
18-10-2024 08:19
General
-
Target
index.html
-
Size
4KB
-
MD5
5ddae141accb377a8e93b1cd3336d683
-
SHA1
764a599646237bcf8a252a389042ed2b9dcaada5
-
SHA256
1e3956c57206e1bb9bab9d8559456e8f0779cba7d9908ef37f5fd5c07c1d2b21
-
SHA512
eb9b9723454beffac57c325a120487e08060797db33aaacb1f654160a90beb939daecbe44506d72ba77d5494748821f24d175d14d5a4772fdbf36e2767acd092
-
SSDEEP
96:ZznRJ/ZlS7LlHJlOtY8Fi0R91FJS8d7M++3td5H5Csgfn:ZbRJ/PS7LhJQa8Fi0R91FJSkRAL5Csgf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 36 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
342B
MD5321dfe721e0678acf57042fbbb238978
SHA1f5cc04ebc7696196649b8528b42eba14c55b049d
SHA256eca0c94d3f85bf855c821b8144a921e121778a34fafbf6462d56533377c1b8ec
SHA51264244368c7bcd89879217017c41432c32496bd1b80ff0427033f2bb69f25a5c414cfcf669d223f9b52f326bc7d508a9959480e79efd96cc801af4f2f08f714cf
-
Filesize
342B
MD5cfc5d599270b663eebe9a32985bda856
SHA10b5ade8ab547f4322ce4a046046c65f3848f3c04
SHA256b5c1c6e7a8159666164b5ce9f91c0650cf4a5e74151a93db1eaecf6280e5ac92
SHA51249f41e6056dc4e98f17d032c3aaee5257967febae32f933d629ee678d11a9343f7e560f3fc3ad092cb166bfad914b9c89954aec23a53ea098f1fd3ff8c5aa967
-
Filesize
342B
MD52b19b59e56836651a10e5533e33121b2
SHA1ba7fba2877d8f89db1181846982625fa1c65190e
SHA2564fe578d83e634e2213268ee201465eec024601bea99af71dbaf55502964129ea
SHA5127133c8bb4d52084eaa3b9c2269761d1567f37e436159aa54a30e13adfbb3cd97d206646163d8818a9a9f0daf4a8d491828371caa136eba64ad9bd7a33b1fd83d
-
Filesize
342B
MD5d1a9da76cecab0adf48806b06e56efbe
SHA10580cb108f234c9c923753769698e9e727891cba
SHA256acc5851059d43fd6ec3db24af688f0449f6666d8bc6b73d987a1d34c2a47c422
SHA51225e8b5201d5536ea46dba9837e9d2d516771a3a027fa6f4d8f1ef670758288fe9ae5a65e7313e313249b6f7f3d194d0857ee9ef29c9f15466ca0fa0174510383
-
Filesize
342B
MD58a3e7021ec4517f4c604c0eeae45e010
SHA149d77f4a3f52cb774fd275ebc2d0be262387e0c2
SHA25633fedcbf084885a5f2ac59333c954cfea262646ac6f615816da5e54d9d3c58dd
SHA5124ea05f8a224f6703545a8118438e9926030b5fa1502ab309fd14c62276522fc353583af24fbcbba05aa529cf52be31c81758947734c2b66f4b83f654f8fcfa15
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b