Overview

overview

5

Static

static

1

Payslip_Am...09.htm

windows7-x64

3

Payslip_Am...09.htm

windows10-2004-x64

5

Resubmissions

04-12-2024 20:49

241204-zl8dwszrc1 3

04-12-2024 20:47

241204-zk7qzazqh1 3

04-12-2024 20:47

241204-zkt5wawmhk 5

04-12-2024 20:45

241204-zj17sswmdm 5

04-12-2024 20:44

241204-zjk6kszqbt 3

04-12-2024 20:42

241204-zhdecazpfs 3

04-12-2024 20:42

241204-zg22bazpet 7

04-12-2024 20:41

241204-zgm76azpds 3

04-12-2024 20:35

241204-zc576swjgk 7

04-12-2024 20:32

241204-zbbl6szlgv 3

Analysis

  • max time kernel
    143s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2024 20:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payslip_Amendment12009.htm

  • Size

    5KB

  • MD5

    931df36f406e0f5495c5d77fa91bf035

  • SHA1

    01bbb0abb4f14451a48800e47d203732bc139920

  • SHA256

    09dd2d9fe7934ea2d88ab8a7d13a824bb462e73d9d2d982e26d8f9a35646e5d5

  • SHA512

    df882dd9eb3f6ed9290cb5b764653afdb3833bac947e6b18124454394380b1fc7cf6a7c5b7001108266aeb50813f6b5905e6bf94507f3116e76e66049bba1351

  • SSDEEP

    96:ekUhhhIFDkrQJoSheziDftDIhfBDIEDHhDhiDgBhDMDftDIsjNhFiDIEDIfDhyDl:6hhhIFDkrQJoSheziDftDIhfBDIEDHhD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payslip_Amendment12009.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2496
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2496 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3e5e78453ba0ed10e8a066e12b6f34c

    SHA1

    07161686140211ca95b2df5d6411466087f1ae75

    SHA256

    a61cd30aae57fb55a460ddb8430246264d7a44ae5efc8e0a989ea2e91f89bf6a

    SHA512

    c83fe37c60ef206dcaf49f1304f558842dcdd4d051527d6c604b28a7a0f63764e4149678d9f18c80b5f1bd97485bce0412c26034172f4c01df97c5e82471bc85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f389e18a6c0559d63aed3e3527c27423

    SHA1

    5d34532429dd57e084ec660adee23f8672c20cd7

    SHA256

    5ec146f43274ba3719a6721b7c69fcb9aa713ed40b231defdc31573c947bf1a1

    SHA512

    1da026b2f3b027f9b57ae8e65d83b35417dfd586c171781934148ec680b9dfa5690d23e5875a7d98825a9bb7018357d197471074004a4a021e0dc87bb26a75fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42e15f867b505c3cfc73fc159bc16e9b

    SHA1

    16324d193d98ef2ad410df398080c0ce70681390

    SHA256

    e3d4e781db909bae796dde780e3414283095d9ec2abaf33600aa1ded3c7c7925

    SHA512

    7cc1b222ea05f88e1e197cd7392f29cf45e26eadb11a8f2af8bd7475ace1f6ccd0cb1ddb9ea4f19236452f7969d3c8d79dc335e7666ca03e6c49924061c368f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    858904e0c0203f324d5213af6096bcfb

    SHA1

    cc5389a27c9c50594305d84c1d16d624a561bc01

    SHA256

    b507eb24721670fdc42d0c726f8604bc0db4e19c751463dd15b9654fcac730b7

    SHA512

    9e3456551509689552e36dd85931942a1c6d6f020b46116f012e9db5bfe13f86c7e7d75d6b31d436f1bf2d39c872e4d1caad9b980ec72e306c7902b9f92b3386

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65c18c770dbedc2a397b18583c9fb088

    SHA1

    b2ec3298a26c327a6052ba0e965d0f28a496480d

    SHA256

    5ad61edb75666a054949f0b7d07bdec40c4a3587e12176b44e706e883b895c0d

    SHA512

    e14768ea632688a7448dd1d96907d9905da00d22bd771f778c2c0c40b83bd549a0e515b5d2d76c6706b3d7c5b25e9ff616069dc9e27106db7e54efed50c1aaf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc553b04ad21fa17bdbabfef6796e25b

    SHA1

    ec1fa62c482f5a81db0bc20165fe36a878ef7155

    SHA256

    cc72b48bec09bf9fe572a8b0e87206e0f122c0411169960b12daa756ea03ef7e

    SHA512

    e3f3b53db028e971b86730d4d44da3dd0627270fd52a008f2cfa26e6122cffabef4daa1633d868ef333ff3d7acaffc570c0708c540493eda4ee11ce55b983f5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a24c2e65b6b4ffcbe9ed603758792cfc

    SHA1

    4bca45278175d6ac021b2e9b80fcd497cc3bb498

    SHA256

    99036d5096ab5a77cf40e7f50dfa6cfb8d38066a7bd5f1c96142f012bc5508c4

    SHA512

    fa1c759f8c1e097034dbe5c3c3d700b36ad0d02c637ff3fc77c8a94356e1a34f11795b0999937669b6d12c8dd607df95690c4cba6e2f94b4345e209b9ec0b1dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e27a4788eb4f1a012a41cc1061f82eeb

    SHA1

    1cb72ad575390464ce3784bd8d990ffab68ca95e

    SHA256

    07c35e32a953ef08e77c6a7ebc832151728d70a52000249f3f80d194adbd8fdc

    SHA512

    d6ad503505051cbcd74ab9a0758338e5d9deb9485b5babdaa89f24c3ad520c83639e42f3e0c221a7e9f4abb2b666cd7fc255543eb7c569afc3321bea814410fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9da385bb2799635d101665fc7527d42e

    SHA1

    b6d118bf8352f6f2017c27c4c715f1cd042403a8

    SHA256

    1ba43400474aa34d434d2163b318a436eaed9928ee20387c856f4d3dfb4746f9

    SHA512

    e245d0f58e1041f3e8409fc930c9c3f1964400f32fc57fe94a2ae8de50a18a5979c57092ace462630477490a136d15543ca04139969da523c77919bf939e597c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c799b3c015f0f89b50f77d9d7962cd65

    SHA1

    2e9334de41b6972648200d900b7ed321672cc27c

    SHA256

    11ce20291a755974827943bfd983486950c477f04a5e2224fd0eac926b8e9c6c

    SHA512

    e0b75d98b356036c8da0e935bd41c92964cb7403e65c6823f520db749c437ddef37c1f73abec32ba2280ad7e0689d76d1d04c4da2f242e4d4f2b9837c61f6099

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a422cc99a8542c1405b2c7585df93dd

    SHA1

    71271d3234da781e5c10f0a556aef81796038833

    SHA256

    9e965a9ba28972b159c92f0e1eac469437707ae0066e20d3f9f9b7042cd63887

    SHA512

    a3e14226b6c954dfb73fdb4aefd0446440c6e204a8506fcfbb1b373e13c88a7ad7c7c43eb03a76f39169487ef2ae8ed075b4b07ee8263157d4a785783870be76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d3d619d6a888cb6cfc6ca83c0fc0b71

    SHA1

    19baa4062cfa189aca6bf7d88fb15bdc36998404

    SHA256

    0db23d45795c2905db92836dc418cabcf352b402b2f4d6ad06552eeec2b0e6fe

    SHA512

    df2c82025d565d76173e4e4314e1eb26aa4da6afd9056d01af093e54abf89ac2fd6af0eee2ed8ed70719b4f3bf51b619f0f7e9312d36531201f392acae520ff5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81eff55f8a457f292552066beaa23f88

    SHA1

    0f88c946a9735b32bdfbce958c204d2042f85dfe

    SHA256

    79ddedb64adc4f7b5eb3b1928ae3d9575308bae48c996aef7f2dfc00eb702005

    SHA512

    e6bb4fdd523d193caf0ab68feebf27c326af71a67d1281132c30562c120ec2cdc437f1010751beb744b5f5f58ee54d0c3d914bca8079438205be668cf4e1b3b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA6AE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA6C1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit