Overview

overview

3

Static

static

1

IikUmQ4a.html

windows7-x64

3

IikUmQ4a.html

windows10-2004-x64

3

Analysis

  • max time kernel
    8s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2024, 03:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IikUmQ4a.html

  • Size

    2KB

  • MD5

    c1ab7a98b45187f8e11cc01a171d0ccb

  • SHA1

    2f0e3f7a3207eb9c75e803267f200c319ee085a3

  • SHA256

    80b1bf58da8f02fd10455f52bf2e3ea66a8ee685eed6d357c2ce4959d8c33f11

  • SHA512

    b024daece995ceddc1c343b449000b6ece9425538f2ced0de833ecfeeef2ef7be2625b0721632c7cba2ad875a56f2e417b6a09d9a3016151aa2ca485a0909000

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\IikUmQ4a.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68b73a1b83973a3da91073f78993e84c

    SHA1

    1b4c6e1da7e6c84bbdecb04ced9328f0446ab3d9

    SHA256

    2a04b85ca07a8104578a0ac64742a2b177765ff19b0401fc2c5255c29d36bdce

    SHA512

    2f4ee4a760ca390ba560ba492a8de6cce14be311e9340b0b4a70621a359d841ba479d5afe96979ce8cf1f20a53d7b90df51431c58d6a540b677acacfe5dc9cc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01eee9548ee20b773ed83b997aa632e6

    SHA1

    3bb78f4ba6475fc3df869ddc912fccf468f8903c

    SHA256

    fe4cc2d799328e9234877ea531d4726d26739f16daf641b22b742f1f6c1424d8

    SHA512

    598ea512211c673f860f0156fa3128db892363abd8f36d9dd182c56c8b5e6120a6f5fb08fa43364c731cf015e4529450d3a8be81af2176b0ccceddd867e7dfe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bda9081833f66809aa0f2a0606365c2c

    SHA1

    d95ba777acbaef12e633738b391ab806c74abea9

    SHA256

    4170e09a38c1bbd97912da978e0305229cff95871e33df93f4b7e843878a3071

    SHA512

    e04aafb377186be0fb0c7d8af3b2952454411479a30489d15620c05bfbf9646ba4883facc232dda18e26b8b079e11b73bcf915143fba8af073a3447422beb402

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a65baf654abc6464f9df4a98ea9aa496

    SHA1

    e861e43cffa5794f0ac8e0e0289ad89aecaefaeb

    SHA256

    e1bcc3489d55477edefffc36daf3a1f8e4972e91b375c37add20e6c94ce0d807

    SHA512

    bc2c9cd9ca31bfad7c3ffa1a08cc2e67f7ec5c088e14fc6b83090bd7aebfbfe13de3750432ad864de606f5f59e48da3992915f0c724d001ce1e9c658c0ec1333

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8b10dd84b19664a4589d5176da931b8

    SHA1

    2d564bc65f1fabec394b19d1857e39e684eba4a0

    SHA256

    eeceebbac5a32ce650f8cfc663026f849d01e4b23252cfbcaff6365f6ebbc2c2

    SHA512

    3e7808aa58ed9726b39b39c45237b716a6baa8c407ca0edbe7311735b1dbc5a372f2fc87c90e827ace37036d41565cc928c924b0c7bb95ed48a016de43da521a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e898b7805a7ce7bd1bd22238f1721055

    SHA1

    993dd022d82778edab93e16d36e8f35b401e5e83

    SHA256

    794512bc2ad36ff1728a1c6f8e91cbac1fdaea97063d64d2329f8222e04cf8fc

    SHA512

    9980ac3a474861e610f1b8026b80decdb3358d4b7fe387bc7772cf93f0fb9bc3d838cee7990bd9f671509ab47ab68a296bf2afb42be98697826948c674609f56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5192ba61386b9decd2eb79b11f307f46

    SHA1

    ae4c6ed431f31722a87df196c05a637f6249e033

    SHA256

    af67ee3255c43523e577531113f28ae0dbfea2e6d6f2ac78653ac9540cd719d9

    SHA512

    72bf22653eb23ade4a58c49df600675cecba46f59cbc2ba358a7611d2c23328f02c635104a85b1f8de76a338881efacf56536f4eddc2acbbcb9d131428b0676e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    250b7f8650bfd111b9545874ae728a53

    SHA1

    b8df756e772e028056a52e9c8dcd852fa0f57505

    SHA256

    1209b73db98911b4d70fa6be329dd8226e7727b180e04eb7af5cb8715953a141

    SHA512

    3dc916e3ac2b3d36182ec86222c680249439ecb720987396dfa19828699e5909bb129747b32fe1a89ef2b2144a86128557bfd584cbaab9eeccdf8a888d9405ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0d287ccfa608ecc6e3ee7e648394570

    SHA1

    2bdaaf5003cc064d253bcea248641e019064e687

    SHA256

    2a16cb76dd8bff0bc3dd4c5e412649bc3a019eac8369df4917ef3aec47534577

    SHA512

    3be20cfcd8f79d58dffb3565dc3473d3fc9ccd8f1ce253407d86c1b03af19b3cdd4646889683ec5850e51823a64d0b202ea81caa7e0a4b6d583c531b81948143

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab538E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar546D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit