Overview

overview

5

Static

static

1

nunyt.html

windows7-x64

3

nunyt.html

windows10-2004-x64

5

Resubmissions

12-01-2025 16:22

250112-tt83hazjbx 5

12-01-2025 16:18

250112-tr73essjgl 3

Analysis

  • max time kernel
    16s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2025 16:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nunyt.html

  • Size

    21KB

  • MD5

    01b1cb3f786b3b2e00ccef5623228148

  • SHA1

    dc7ad30c6f5c5d495f68eb247a7a33a902df4151

  • SHA256

    fc16aca65e569048e1b768dc59093f9737f6d32f5a1db75182468f804f9c45d4

  • SHA512

    453614e9d39156a1292a476ea2c58fad05edef6b58eb7d5c4c42430d74530d3f314679388c94ac0193bbb71b669c76a5c5a381ee2b40f748735ff61f5c36b05d

  • SSDEEP

    384:EIbRBaATO0ZDgVKiHuKKzzN28j4Npa7go:EIbRkAlZEVKiHuKi53jmsv

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\nunyt.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1240 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1240 CREDAT:209931 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b93a7722a2fdc3f7644ce6465d7aaf37

    SHA1

    471a81fca8408a8a71aa77ab9ed70bd2d6b0c0a0

    SHA256

    df04f62d5c266835373fa0125f3fbcf3a4393315cd49c998c79079714d490ce9

    SHA512

    cfa5e515afbea025c80c1db98884b72e6841ea862aba5cf392268889966ca35307130871bc4dc1d742e1afdcb33f8192b125e56c4d9a046e8a604e5cc8f5b740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e48c1dbfe7e027beecea9287e3689b1f

    SHA1

    4abd65162c59c24c6f1ef2d18e88fd55b51e1ce5

    SHA256

    511dbad0d540bb4a2b1535b26c7fe6b3f901abbd07ccfd28fce29da52023b231

    SHA512

    309b19e77a6388a4829bf2041ca5beb9792dd0da26cf8cd0b98d407435c48127ec7531b789963c8686d30baa3128439c479bc7f630cb1767fe322790b1fdcfbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b129f054702b13d74779e43d9a82b35

    SHA1

    f9e6f94379d9869fb45c207418bd3abc3b5dc8a1

    SHA256

    c47001018f9f03ebdab1ddd0a65a39dcb26a58c067bd5d26742d0a5f16b11419

    SHA512

    70524541bf4fa625bd0c45b429a7db0a19883545f179af4427cf00fe8c070694758bf15e8e707a09a0238d505cabdc2a48d4adcffca2c91c6cb8094cc8adc7ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d6d95321ebaa864eb7fa13e199b81f6

    SHA1

    df039fd10a7dc483783d29984259574fe1469f0a

    SHA256

    7cc631d4bbbf103f252123df73177865960109cbf00652a06ac886e9f59806da

    SHA512

    3d80ee157f22c0e926f19c0840c54d5dc0b924f2e833322e6663831c0111e96f75ab82d06b1202ef90bd8e295c99b1bdb947e230cfb261d21753d0b51f30247e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    276e55e457523f993d4a9663cc6a445e

    SHA1

    078b8e5f61e8dc012234a689dc508355bcc394b9

    SHA256

    c3401b98e6db5307ea912031b7bf2f72d23d3d9d6b94168b978d37eef120863f

    SHA512

    fac844e114db897f1366f002d87f977f12e277f137531fc2ffd01f75a3dca4ef8cb9d6a9a88e63e6efaab80886a6ce620fdb279f1453475403f621002fac713b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ace3cfed2dfb69c06583ffc5cdb91f7d

    SHA1

    2f9ad8e9192ff78c2ea4335714d89d6bac8270b2

    SHA256

    dcd72a369f4f6b690b8c437ec0d113aade88caa5773a373d8f089aa040916ee7

    SHA512

    2eb8b31017103731cea61efa858e1b0687f33945d7912f13dc462d9c57e18f751c92ea69af37f1f35b6244fb3864da231d4a9202e2ac4e5718ee9063cd2f221a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cec4a7c6f09c81ac1109ce78ab3408bf

    SHA1

    dbb69a4f6337fdf30f28514517db7de3cd2b0290

    SHA256

    f093373febeac0dde63c6d9fc0665a154966a4692b4c4e9cb95359f57561f5ac

    SHA512

    a1c5c81cb53ca1af26b46de6d1b37a3e0646d172ed48fdc988ef17eda6cb9c77d36a7f9e0fff7b48af37dfa43a2b302e250dcf3019831381df375c8001d05f31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ef6a9ee2105676de4d86640b0ab28fd

    SHA1

    c14e01492675f28d80dd9a20588dfe1fbc3b0293

    SHA256

    f640fdd50ab969e2e03c3b25c1a97cecb6a2591c93e4885c0667913eee68026a

    SHA512

    6031bb0dbbf8a26e4343c2a2cf237693e93d232648d22d14b1ad4783ef9698ba6d488dfb18663d12a217738a3e4d8271728cdef39eb5f49766dcd07a2ceaa4ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d023fbf6386e142a61a667773a77bc2b

    SHA1

    1b8d4924e5e584781b4c61a12caf99aa6d95f212

    SHA256

    9e889279c3dd318ad40f91bc64d77b9ec65551516144b2b4b222abb091c46a04

    SHA512

    aed901ce85a63a6841fea030710aca341a39f6779007dd9f7a6d4e12e4f4941fae1e4d842d8a8facc18e594a53419d2888fc61ecca00218121a0e1b3c343707f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDA3C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDAFA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit