Analysis

  • max time kernel
    300s
  • max time network
    245s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-10-2024 12:41

General

  • Target

    email-html-2.html

  • Size

    544B

  • MD5

    a75c1b28994005ae024f6e5c9dfd06be

  • SHA1

    7f9ec3fd1259eb1a2f4a1f1a676e0189013e4893

  • SHA256

    c528b345267c9d09ea963aac53a82dff9fa1fc70b1b7aad3b05f33c322b4bc92

  • SHA512

    a1da2db4b403711c9ed2014fac65cda3451bab9b0f71225cf5295d9d612c2fec300bc946135b838feae51b154e692e22e6931d15a5dae9eb2ce8e0daf6749623

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1868
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa3e87cc40,0x7ffa3e87cc4c,0x7ffa3e87cc58
      2⤵
        PID:1620
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2004,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2000 /prefetch:2
        2⤵
          PID:872
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1756,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2044 /prefetch:3
          2⤵
            PID:3616
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2256,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2424 /prefetch:8
            2⤵
              PID:2712
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1
              2⤵
                PID:2980
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1
                2⤵
                  PID:3896
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4556,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4572 /prefetch:8
                  2⤵
                    PID:3868
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4968,i,8743183952584962441,13084295946253951404,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:2876
                • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                  1⤵
                    PID:4680
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                    1⤵
                      PID:2312

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                      Filesize

                      649B

                      MD5

                      f3c0b8ffc0192b9b83405c75e56935fd

                      SHA1

                      fcc628a7054faa4900da8873993251e33385a8e9

                      SHA256

                      b4b6faa5a38d886249706c1d09f193bccb53add0cfe48e213feb52ff7e80355a

                      SHA512

                      4c4d85987bf6ca359342adf41cd0fa2265dd914769669f3225f7f0f7871072e794a7b842408bbc6f62f2c64aedbddd9d388b09f8f2b51366a782d24d97575188

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                      Filesize

                      2KB

                      MD5

                      877d0b0be162791bc314172d31deed29

                      SHA1

                      1a5e1fe088390546f569ef0dd4c0a8c45d1e5fd3

                      SHA256

                      d69b4df673be9b78aad4826be03e024506ab2c5df08175c649c9a83432083196

                      SHA512

                      5ea97ff094cceed4f90528c8092dfc66914d3326e909450eadd6909fd395fc70102ff9b98103048caa2c54dfc7f42000e8fa4cee2b51f5fa4c312b2f04a67358

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                      Filesize

                      2B

                      MD5

                      d751713988987e9331980363e24189ce

                      SHA1

                      97d170e1550eee4afc0af065b78cda302a97674c

                      SHA256

                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                      SHA512

                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      8KB

                      MD5

                      ee0073926afe396bd2beceabc55ac65b

                      SHA1

                      ef419cbb74addc0b595c5a594767dab02f44f610

                      SHA256

                      5f98e17b4a227cd68d9dca86995d44d220f638cb1e27c0abb613af53f8966dfb

                      SHA512

                      ac6dc5cb957ad0a90ca435f0c32873f19d658645a82eea7e126ade0a230a9e4622d6a216b78246fbd4526679fba89b80dda770d783532f7b852d13208bb8584b

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      8KB

                      MD5

                      83c06e442389d7e65156295e547c0d13

                      SHA1

                      554e77466133980f66c266eeb3506519eaf511b0

                      SHA256

                      63c021cf87d8793e63711bafa451f655fab286371832af7b9adf5521b394c86f

                      SHA512

                      ab534a2cb7a829de0b2f4c173a696c72d891a37e61ea9388f4efec9f2cc5e4aa3418e56f2fd0f5fe9dbe766a6ea59850713ddc6bfa41f3b74618ce1fcbacb1cc

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      8257223e5e0dfadd408a5170562b148b

                      SHA1

                      be207dcdbe4725f38e89c31a1c19e0635cfe8c61

                      SHA256

                      505799025dbd076c7f79aa48e6eac127c9d75f2862811275d1d547970962a273

                      SHA512

                      f3ed058727b90a6c730dd96d8d9284aca4ae8d1ce694b6bf9fbbec91f729b67717401b598dd322bfaffe3ec45144ef04daadd21ffbd76321550c3c4df6612982

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      1af3db9f77ef939654c6a7f3484336af

                      SHA1

                      8d68d7ec5a252f9dc847be59a4b7e47edc65348b

                      SHA256

                      b9e13c2f7b414113362d51f2ba93ffeb4a44340e4150f4c1761a17cba6288774

                      SHA512

                      7b25d4c2fadeac01fab3b5cdf8dd42aee261d6c6d63fb58cbfb5780b9a1eb1c1e758d22089432ef3d10d7fe9afc73a54548089b1a77bace80e9b1698b4133ee9

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      0cdc420b591c9f9b02b76b7ad718b41f

                      SHA1

                      111b47f01ae7c744003734bb7f65963781be92bb

                      SHA256

                      9cc7e9ab4a36782cedf42bbe75143edc0ff25f313f336e5217471655684384fb

                      SHA512

                      3d57362615ee801780a681aadadf481c184faa829d83d18e6df0ccbcea6d4c259bd8ff54a2e02602f04ae48a77fa069a9db7a4a63bec4b25e67917f7b360de59

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      d32eb59cc74eb13311f2af11c957b2dc

                      SHA1

                      a65c34e079cc3b0aa73951bc88d71c86a030a7aa

                      SHA256

                      aca02b17eb913a3d48c01806a2ff4b79ebe62fe22e101020eb0b4c0f69761cdc

                      SHA512

                      1b8813f152298574bd09ac0f32a65dc6d728848f0530cbd5f14d10d4baf4a1dbdcaa05fd4b03322338e8de7ac4231854e66d37d9924e6901325c42c05a235aa6

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      50cbdcc9637f6a75557f198ed2c709d9

                      SHA1

                      a36eb79ccf4d9043fc368b519be68aadf5643fff

                      SHA256

                      330b36899e5de8ba06acb8396638fb714476919960f728ab1d308c18bdbaedcc

                      SHA512

                      6855df14fae3d81a2ad517fcf1773d9649f26b1ad642f93748ce5a9af43ba612cb4e812a19a664b4e19ef6ab6ecf382f58cd1a1a15c8894b29f19573e9a61197

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      f97a87e565b8266bdbcfdab994a11dbd

                      SHA1

                      c614a0312179d641e54a52cb94040285766848e8

                      SHA256

                      2d9a0a63c3aa3b4c9889cd9e1d08a9164fdd102bca30e415a419e0253afc0e0b

                      SHA512

                      cbb06a459d1cbf82cd3f17a65d9cc05a0593b0205a821237d602c5e860db6948c9c7b40d8de9f5e378702c2fa94797a5457e5d6f947d9228fbc7e79e8134a2ed

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      72a2a4599915c192796ed32872c08c26

                      SHA1

                      22a5ae71af10c690d94ae0955b77b655d1f1c2b5

                      SHA256

                      44b094cfbac49ec7a2b444220309467fd0c92ad27d8ad723769bd958e3e97d52

                      SHA512

                      0377e70b930d85c507f8f22d99484c3a9bbcbef4c02a1aaafb36fc65dfef60a762a96f87152f1afba51c6e4a4fac8034080f0ac8d9f8c017f6a4aa729645bef3

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      fe46dd175c5da0d4d5f357bba6e280bd

                      SHA1

                      13d4d323e66824779eeca8fef38640d7445ccf6d

                      SHA256

                      0f3b6f030d3af2fef154f2f53424cbbdd42f547857232fd5957fd8762aaa3dc5

                      SHA512

                      d7cfe44e4050d4f085c56b3c0e0f920736914acc48a9436c1a720fbe78233d8eefb5f03265c66daf4cf8f961bbb03b0d3bc4338615c39e24b77604f17a452453

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      96ab3e920b198c500407f20594488680

                      SHA1

                      99cdcf8ff47701b5cabc9c1fc31f18a8c7a94c55

                      SHA256

                      0b5aca5b2b300d53ff9a5bc9a3050c2b37ed1bc4783f684e0e08d7baf8c5b56a

                      SHA512

                      94d9f31acbf23f4dd06726da07426a60c0779331a3af518f2dd960d6ee5c1df43790a6291d2fad2da369832a9d98ace301572201b790b691fcbe3b9b5142aa30

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      403b05b888af11812f6b0267dd011eb3

                      SHA1

                      689eb2c667cea934ff3d611aac8869a1fee45972

                      SHA256

                      9149aa88ae8b97d503e39d6c1ee17392174d7e54603918b7fab839e1ac392d9c

                      SHA512

                      0b37b6941429d313f073559f7df2be680ed0e8c10037334082d5530dddb559151b871df95b28dff0d920463dbeda18ae25a67de48e3c5534c49aeabdab3492eb

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      355e9389ddad81291bbd7d49a33f6d67

                      SHA1

                      1cb444430045ff40547d9b38b2a57e4a450ac49e

                      SHA256

                      289e8e13eedaebf638c525d2ed944e45a75cd12725ada3e260c0d88d93d269e5

                      SHA512

                      28c264867e15c495d20e76e57e3ad3d7a8b41cc4c0a0f26fe2afd0d6b73393d734a682679d8127b99d80d72fa87ab1143093f9a80f0dbef86afa71173f48201a

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      3f79961aba59f0c8bc53593512297f3e

                      SHA1

                      8c50689102c744c8cef332cd98ffd502215a13d3

                      SHA256

                      ab232eae26617df1e67951b723d68df0254bac84e35edde1612f212f29ac7f5a

                      SHA512

                      151ad657f6b4d7fff89ee3ea717be5a79a6cd6f2dc79be602bf8d59b494f9ec97ee27fd16da4d9d647363f3c3fca5cae909edcbd7e70d608d72dc899285d54ff

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      8c7acba93d6ada862986712b3bbeec2b

                      SHA1

                      f48ee34155e7ef4805c55886aea1c1db6b6e2832

                      SHA256

                      450fe7e925fb4b361ffa0dac1b25e9ba732c40030fd7d205b331a03305eaba1e

                      SHA512

                      27b5ddae5f0e7dceb10b58fea9dbc8e7bcdc6f85ec86f3ac02f6044613bb24d2b13f4acd090f4990ac296b2c07a0c0c4beb9c06edc5d4d34015e74470faa50bc

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      0eb10146ad35d4771a2ff7a09cdddeb8

                      SHA1

                      8db3a635ceee33a6e8d8eda45520427483996ced

                      SHA256

                      fdf64deb666e382ac1baa7ef243e814a8e3dacbed1c1b4d38c5ed78924bb22c5

                      SHA512

                      05e4cb26952ae03d98f9069fb73b5127850b96f19ba390eff8f5774685b0221b30a1ddfb5575fb7edd1270c3e3e80cbd8678342920eb885c2541a3ed646ea4db

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                      Filesize

                      116KB

                      MD5

                      6965488c1b28ec61b3302152b9929a6e

                      SHA1

                      3678c2b15bdce2efdab6401929a1ea545a024a6c

                      SHA256

                      54fa9f1f7eb5afa3a5d52718cc04272f8e11fb48e281fe9fd279e16bfcf95c85

                      SHA512

                      9b04a3915b12b8a82295047da8dde03bb1b387b8455eb3eb6815dcfb689c055c2ee6d030c249423c405bff8e59fb6f55d318df69e1cda471307fee3c72e7cce9

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                      Filesize

                      116KB

                      MD5

                      50e6856dee5ae05ef0874481a83d9eb5

                      SHA1

                      e501defc25b258fdcfa426c0beb4d722f2bdd889

                      SHA256

                      db99e3b31523fcf3dd707444ea40439ae78345cc8d3a855a629280506878bdc8

                      SHA512

                      1b944756a8497940f62a78a64616f2862816e1efe6a24e69cbca605ccdc58930f49d7d7738783b3ec5b090ca8d0db4f643f735e00c56241f81c9ae97ae326acc