Resubmissions

23-07-2024 15:35

240723-s1kg2szfka 10

29-06-2023 09:07

230629-k3r1xace55 8

Analysis

  • max time kernel
    99s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2023 09:07

General

  • Target

    index.html

  • Size

    2KB

  • MD5

    c47e547317b7bb5e658e51e8365de51e

  • SHA1

    9ec15432e758ef206763cc2998535f191f7f1250

  • SHA256

    4c00d65514559acae2dec195d67f348c1387b45f9ee523df467f80a826778ff7

  • SHA512

    7a924086fb2b735338115044bc8c10284850930a4b0c28696964c1a88ed2c890d98532afa2257d6b863021ac16c3c94956675dc9b82233c3def22629e88b1b33

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1064

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    727877b3fa7290a8bc76c439f13fbaf7

    SHA1

    3d782fb53d8c24c8b4904758c67427ea1af0b5f2

    SHA256

    356ce1552fa8aa305fd563207552b7f9f3f9685c73d67afa1d81624bc9eceff5

    SHA512

    cea07f1305fccc1ce8fb8e4cfccdebea8b6a9e529f6b8f94fefeceb59e8bc4079d2c51a62b5a7e14d01311be28752167670d422039e595f4ac6964b2fa8384d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cf0019d8c8a7448a7d703f64c0989ef3

    SHA1

    648173698c203a47db990ef0f3617054fc028b48

    SHA256

    5c140a92d7e289a6b5081888a7d8276f423bcbf691bc02e6b409b8424a8542e2

    SHA512

    305c36d3401bce9a276dc90603b78ce34c33c800c94da40e134ae91b8539130e5464df9c1dac15680fb3dff1f2e86ba04ca73d33e4801ff40c04a76648f6a5c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1755e0e528b00842835e61a85921997e

    SHA1

    ddb9f588a955478f83f89ccae05bc9a837dec877

    SHA256

    330816c1ab822b0291f918917d3b0d2589fbba34ac6bcc37a691600149ac6009

    SHA512

    baf895cbdd8079ae4724431b6642bc9366de6bbc470ae1b937e4e2e9f7cb083e5300bcb55c1edbebc7024b2d3dc867f7605920111d33a9aa4081d17f3b575696

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3074d443f89b405c8d322e82ea872ea6

    SHA1

    e550e76c47277faf4f14633475758608a9534258

    SHA256

    357fc5e592fd6ed3c7f376a631a58e2419a4a7778f23955263436ea8254ff81d

    SHA512

    2fd442367fa6a2fa94765a2065167a268a6be0abd402bc3c026606db3bb31d1b4536722476d0a7c5d36dc61d3c96f2c8062a4aef7701167a0731198735b380fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3aba46845975c00c6a67dfcccc4275ce

    SHA1

    7933d0ee8ba5c6ee922500c717ed4d28699de74f

    SHA256

    2f9c9fbb5f41319dd0c1cb4f8b74d6d5034c285d2afa1c23ba4fca993bd9007b

    SHA512

    0cbd6e2a5b7de1ac24f61314697c4943b9a8e492f0c0401f4e4e1e796f8a85bd4883c0682f30708edffe78feb5b9ec222c52c3105c6110947c4e2002ae2a66c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9551f76cf111314ffe82f9ba0a29cb88

    SHA1

    3cf8e7e3377f9f47ee3a2d4a5c6c3f6920724373

    SHA256

    95640c9c2427495d42879056d437bc9d17b349140deea0cd610da20fe824866a

    SHA512

    3b83505156734a2494f50ed0f4b4013bf876495b2701c1469379248fb935457ea283762486b549baca72edbe0e307511910bdebe8402c989554cf588895f9bda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    60c20201e5314dd4d0e649b11fa17ebb

    SHA1

    fc276a11757d38db82b3b910da984e88fd913ed8

    SHA256

    d6d0421112f31f78d0803cbce98a2c998ab5ceacf12b2834dbc8597026cc240a

    SHA512

    095c9df43a079aae4b098fdfb37e7bcb483721f2828eea4edefa4f6c5c9b4e6a585f0b0069f53036005f009a60a84eefdfd458e2ef7cd93575d68d1d8d8afd66

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQLKSAYN\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Temp\Cab894F.tmp

    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

  • C:\Users\Admin\AppData\Local\Temp\Tar8A10.tmp

    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\OHIAMU2M.txt

    Filesize

    608B

    MD5

    10704472d401a9c87ae95502fa836a7c

    SHA1

    6a80372df436231421695fbd43daf1d94c2ba127

    SHA256

    14165f3482ff2cd124aab13ac9b2b19c8dd4c07ad5ae21591c2c4c1894e36d62

    SHA512

    be3dbbfb2c3393fb5deb8b1b1e237e9677a882108eaa0e6dd9e597fa542fad4fbaacdfc5868f4e3588ecc4e336ef70fdac90f6a41c6cbf24e2469e3cddfb676c