Overview

overview

6

Static

static

1

aHR0cHM6Ly...=.html

windows7-x64

3

aHR0cHM6Ly...=.html

windows10-2004-x64

6

Analysis

  • max time kernel
    65s
  • max time network
    69s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-10-2024 11:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aHR0cHM6Ly9kaXNjb3JkLmNvbS8=.html

  • Size

    8KB

  • MD5

    13309948e4d2fbd73170737aef94733e

  • SHA1

    1d43d796c19c7b2dc70717e623733014bb04b5e1

  • SHA256

    3ff4e5bf9fc949a4b2751e8b6c9fca2bfeb7142d28a6b945634de8ecf8031fb0

  • SHA512

    67c76cafd989715b1413c0e5430eb7b75ec4f44a0f077160fab79aa046c43a45bd493c25c06b55c950036572b041b1a33e9962780bfa53b3c5f394794718005d

  • SSDEEP

    192:jjj7uSMIBaJSQ8JngoGG3Ov6lZZpEbEm2sro2UXsDp/ss21umQRWz3RgXValIO53:3uHIRRgoz+AEFq28v0wx

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\aHR0cHM6Ly9kaXNjb3JkLmNvbS8=.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d979fc37dc6e40f54f08b5df2791581f

    SHA1

    34f225d97a0aa4ec8982df82d70860f0d2e41aa9

    SHA256

    9549f97efee500ff84066597645a95541af027ccdbc11c1c9c2dc65a0d77e638

    SHA512

    e2cbe8f12869013400a1dd0bc1db3a0a8246c0dc70ff28747083a66e6be4fc7388e6235abd11ced25c3ae0fdc45cf8613b496d151a40b8be1299047cda73e017

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    640b4f9dee69bcf898ba4460a818783e

    SHA1

    aae851c22101a0af060edc844a82ae8d0098a9bd

    SHA256

    6ee7810fc2510d44ca75c4559db141dadb585f6200469e964873dc1cce041e9d

    SHA512

    67f4a79e4bb415ba7ad6c80fdbe819c9041d5565cb5ad5f4dc98675640264e5681bfaccb8348e1b38ac5d13427790abc4c858c052909c80c1c5ce668631eb301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a034833c927a4160f2ad232fb905286

    SHA1

    bf4af85a271e66f54295b35291d509ca76e5a526

    SHA256

    0dadeca94311e632c64be96f084afcecceb55d4ab60a615dd4080c576b82d2e6

    SHA512

    0ee8bc41ac0cd1ea4fe403b3d0bf407406faa22aa5571bf54dde59c3ecade5bcaad37c0e6923bf2bf42754fe30bbb365ed75d8fb5814ad19abb7a611d9c7916b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba611eee33082e0165bc1bec2752e439

    SHA1

    daab952a1ae4705b90d1aba386c40aeb2d3528d3

    SHA256

    dcc6bda39b7a25fdefcea1ee73647c97d6ac6c5865acb71c1febad209ddbdcd4

    SHA512

    080318e56d4066e6dff861c0eb0d749387b3ce7c4a4d20485686d7b8e4f410fcf2e00e5afb6c9a3ed76416f3d805922dee3fdc6bd9d42aba6b373742e145e302

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    510cf3a445f67fdf1be253b3c5b26558

    SHA1

    9d86a3670769e0f0460bea3989da164681e45752

    SHA256

    0951c3d1731b5170694dc29e5041536e69cb89d8f8e2a47e3a43501766e840e9

    SHA512

    adb598a8f084c216d08d01d9bcd7e794d529931abd6db923e5ce335754848f65676c89dacc1128be0151433ff06d7f8d9a26fa08319a4dffc4a91e3e9905488e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7725db21d01a950c4989bcf5be7543e

    SHA1

    3a72b72a73355a9f1cc5bdecf483b63eed3a399d

    SHA256

    87bab21d62e3a73787be7251fe9beed033283bacef0a4924070e340af84dba40

    SHA512

    d3a0e9c2730723aa09146b82835d056a8203059cd4fc11d90d238a79d818d13502a528de5fe67d4f6e154f8d5187e5432314ab6c493abc609e8d9028774005f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    021a250b0914a96df1ad7508206afea2

    SHA1

    269c7cf4e2dee42be6635085375b3e3a0c0357b7

    SHA256

    0d0a5aa23205ed1df94d1580f18fc4ee0a95dfd9cd3ca6215b1dace179b7b183

    SHA512

    e3e7b0ecf0a0c4cebe10b988172ffcd2e8cb9b41e887676498efbabcad02d753e8b50f6d96fab469ce9b450d1e0b986f0532086a8fd948a064b7bf39aed43450

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    400ebcc8d4ed984a01a8f2f2fd796575

    SHA1

    f7986b0a4cabbc75e0a1ca5d8f545b964f15f5fc

    SHA256

    8d94de91476304a2ae73f5d1cacf05934c1fa5fea957d2aadbe05941453cf934

    SHA512

    4d4a063ab152c5579a7c73179aef9930feff18f5abd0849e7515e3c5aafead2ed953236f05ca4a021296f0b3c367aae611ab5164492f04d8c379d16fc6e27006

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    22e3038d8b1d7e57e532fcb02c92cd09

    SHA1

    83ab9e2ef89e345c09be1f68a96c26d66e9ed28c

    SHA256

    1399a079366e168987250441752e0493298a04e523497dbfd9abb2b5815b0084

    SHA512

    e0f5978ae2dc00c48ea9a3d1df507abe71022dffeb9f4972feb1853841a0f456041d999231f1ec9507ed1d6d237a4d8244814bfababd7c56fa724baf4270ab95

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab17A7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1817.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit