Overview

overview

3

Static

static

1

Payslip_Am...09.htm

windows7-x64

3

Payslip_Am...09.htm

windows10-2004-x64

3

Resubmissions

04-12-2024 20:49

241204-zl8dwszrc1 3

04-12-2024 20:47

241204-zk7qzazqh1 3

04-12-2024 20:47

241204-zkt5wawmhk 5

04-12-2024 20:45

241204-zj17sswmdm 5

04-12-2024 20:44

241204-zjk6kszqbt 3

04-12-2024 20:42

241204-zhdecazpfs 3

04-12-2024 20:42

241204-zg22bazpet 7

04-12-2024 20:41

241204-zgm76azpds 3

04-12-2024 20:35

241204-zc576swjgk 7

04-12-2024 20:32

241204-zbbl6szlgv 3

Analysis

  • max time kernel
    16s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2024 20:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payslip_Amendment12009.htm

  • Size

    5KB

  • MD5

    931df36f406e0f5495c5d77fa91bf035

  • SHA1

    01bbb0abb4f14451a48800e47d203732bc139920

  • SHA256

    09dd2d9fe7934ea2d88ab8a7d13a824bb462e73d9d2d982e26d8f9a35646e5d5

  • SHA512

    df882dd9eb3f6ed9290cb5b764653afdb3833bac947e6b18124454394380b1fc7cf6a7c5b7001108266aeb50813f6b5905e6bf94507f3116e76e66049bba1351

  • SSDEEP

    96:ekUhhhIFDkrQJoSheziDftDIhfBDIEDHhDhiDgBhDMDftDIsjNhFiDIEDIfDhyDl:6hhhIFDkrQJoSheziDftDIhfBDIEDHhD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payslip_Amendment12009.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c449ac8ab0285f972365bed6d4fc167

    SHA1

    0177a6e3c047f7723d35fd5588a9071f9f1b3ba2

    SHA256

    e0fabcf151d4642645c3029d7158f9658321504da55d4e5b05e31e4f3ab8d041

    SHA512

    74834422b9d2dffb5061740b594feb77841ccb3d6c5b826c6b78f6293eeffcf7f4d3acb86b41aea7253595a1e8b12da48a5314c0d22f600fa8225a4ee77521bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8656f6bf9c1d2a0c09ca10dbcbdf44fc

    SHA1

    43aaa563b70803ff2e563a6ee98e9e13a4b839b0

    SHA256

    0ecbbdbe8ec62d826b721a1414aa440d8c554298a1300205a13d2b3034a39fc9

    SHA512

    3fa6474f01e797161bc7717bb5b652bc0637a4f1cb57cf15e8fcb46908709bff72f0a96cffc492bfa773632e7f54c7b076723c2670429236025b0ac58df9ae6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0143215e9589dd14124857150f1bd647

    SHA1

    b79b18411a469281ad6fe6efa8e52c5b4a08ae2d

    SHA256

    7a2d2418bbf26db9a7a6188bb2e0d03c35c49cc045f2db474d27f7ac4c225500

    SHA512

    89b87206e32f4f7a1e4af0cf95bcdaf6a99891448543c3cc21b345930ecb0633bdc52728bce826d2082372a9826e354f8499c545c8787e89abe72ee1c0d2ae33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f42b32506ecfea0d6d6f3a8bcecc35c

    SHA1

    a4044ce6a5d6145962a04d28871da6e57e42ca10

    SHA256

    5078526fcc40a4d53e081a4c2220f87e77548c0c7277b6eb1d726994d02b54d5

    SHA512

    1b4c458969eb3b704d12395036f7f6096124f89449ef5c58b98b1487c92a8782f485e49fa190761bbe34e3b40279029a52d674cbff631832f4c30aef44ab56e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c708e6c04649375b3b26da4b8b9b5bf

    SHA1

    7232fd532c8080ac162ec0b587e5a289d98619a9

    SHA256

    449108908de1c478d5b91bdfd65e2fc59729b1b095a1d35d3954cc574a6ea9f4

    SHA512

    82982474405a25c14fa83137904541ec7502d71caa9d1e77b3dbf426a8e17620eaa86ee2e7c44bcbf73327a156dea24b893241b34c3293de91368b45a20998e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8b98c550db907ebcf7a78e6353bce1a

    SHA1

    8f00555beeb533362ae23ddb55b68cc663074c7f

    SHA256

    ba794d504ddbc8a1ee48b49e01da21819682e01f756bcd598ff3563ddc20aaf6

    SHA512

    ade81e78a6a35d809a10eceabe74a59ef5c89b440bd9479b7fab6e3b7d8f128c6ece030e890b1f3351d8bf4e0c53150b8f9e760b38fb45211c552717274a7b9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ac55eea7726261b64429cc74fa6110c

    SHA1

    fcae4734e226501a1bd274469f838adf377abcd0

    SHA256

    2da29ba81b1af03d71b83cff08d3b94fc26a77aa7c896e22cecd476e4d141bda

    SHA512

    7dd3f64090fb544019a2fb05a0182e4c76073478e4cecc9a55b230df9e2e3d20351bbb8db3a71f33477edad5139682c9b10e24803cb414cd8356e8366cf6efa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0797d3cc771d67f4c006c5471eeeac11

    SHA1

    3b4ddfe381262f70db369a526fb9c9bc16beaf90

    SHA256

    7dba6b489c2ffbe26593b9f7e964e80402808216fd91b89ed00862536074e932

    SHA512

    5d180e35fd976b73f0b7e74bebdd97d6e2adad9ef9d54a610f4dc1144481ce9285872258432682d1f0ad6b5491ca5da17a16d27aec1e8950584714693797f603

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    205bf2ad25f4968013b59858de53b5e4

    SHA1

    483777c37b67c1a525642a07185069e239a703e6

    SHA256

    b986a2d3b6d18236839086599eceb03da75f313444a876dc810c6432e9832922

    SHA512

    2bc9f398e205058eb56fd1304fc7495fc3df0a553b01f6423f852a157762f64e3d60f03376084a2e1b3727ee90c22a55487bf78ae4848f81afe719454d69bfb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    733aef537df995c77f5d237ad6cb5303

    SHA1

    b79dfc9df5e565dc5b56ef034b783db8d2a07b41

    SHA256

    58bda80efd916f7a48ae3d3dfb38f9f1b499a6fa9d1523ef6901aa879d1b3e66

    SHA512

    7e1807593efea67bc4dcc260764d9c5fdf68992d81004149391b42069f64b610a356373ed0778225f94e6db6cc7f236322b73f184d19c33f356c8dbd358c4530

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCD12.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCD82.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit