Analysis

  • max time kernel
    38s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2023, 22:00

General

  • Target

    Secured Shared eDocument.shtml.html

  • Size

    2KB

  • MD5

    98bfeb92a94db298f73e81ff7cc4e88f

  • SHA1

    c715aa535d5a4b03d6daba268af26fb123f97188

  • SHA256

    ccacc08e93cbdb9a8d4286987a450df2c5c2ffef20b6ee53cbeeeca0306bf781

  • SHA512

    024fafcd65ec2d40eee8d68dddeece7071582a60b5a1fc937e0a5174b7f7c01cd7f099729562c269d503893975fe361f869c1e36077a5e515e56a68901c774d2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Secured Shared eDocument.shtml.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2768
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2768 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bf333150ee5ea04a71b32aeca3fb5a64

          SHA1

          a903e1764546dd4811b78d032c1b6dede2c8f191

          SHA256

          9a7f0a30455e2fa840981b400a6d488cec97b66783e4d7e289a0d578b916c9c9

          SHA512

          586d1990c0822ea63e9af44eca0a154e07efb6e92e1d659fbca7bf06f3f60e26dcdcb69ba69a70b6945c86f1200fbaf0b31dbe2c67dabb210ed3dcb44dde22d4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8ea995150dde11eb8d3ae20629dddc40

          SHA1

          dc2c3dc43b2c3bae8aac70752c3523577aa1aabd

          SHA256

          3b93157a92a1b9f1b39e7dcb692b5294960a6710438385275cbbead59d52f01f

          SHA512

          4668966300941a3c9a57adea5b9c453bb646e6271056ce73d999cd6cd0515ec17295c62813961e0e42a6b73356c996134c4bdaad6a656bae775785f061a31019

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3b66c195cc92891e76d82b46d5890d96

          SHA1

          0ebff4a6fa3499f47fe983880aefca62e01d14cc

          SHA256

          98cdee4f76dff1b539a21f0a92607549d5402622a06f8dc4c039e41dddf6ddd9

          SHA512

          6e69764e5dd0c630381f85f3f2501c0d642b5ac087b1fd9957ce82dacfea3d82dc0a8c9b270e1e16319b26ead4e5329d6cc713b79bd610df0f32b486699c1d44

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6ba38b3f79a145792d19358489ff4ed5

          SHA1

          8a5e3d33418ea1ee8d951a4d3ab265a6de5cf0ad

          SHA256

          b08e0d9810776b7123310ae704ca881cb88a661a53166edf6d9e86fc645ea0c3

          SHA512

          aff8394f56abe66ea777aa4a35185f96546e7df64946b5c85f2911b2962d549a68295b282274cac0f3d371869d45e0e287fc4feb1961381fa6a498f3e5734504

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1f499b3847d12618e68d3b3a57369897

          SHA1

          c8fab16efa761d51d093ab405dd3e1774cff92c8

          SHA256

          6b35ab26f6c9936e169c91c34bcf9ecf3d2d67b84b1a02941006ae58b42d5ec8

          SHA512

          485809b482df9ac8dbcfa1f5042adcf0acb33b661bf21913e68d488e46cfd72a70314d07274b698d34f6a58c9e9f090a8fe23f48cf124981222e82ff9c35370a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          92bd7b29fa30907479b92f98edebfa97

          SHA1

          c66bbab60d79a87f67d9bc31327cc82d7ba86a72

          SHA256

          964e2e1b96f46fd1c6e12bdc16f198fe740581e782f10f836a9661f6133069a3

          SHA512

          59989c6ab27f1eee2dae0852c76631cedf40a241e6bd4a3a6c5f9a801c89f0197872ec5ad8ddc38dd6e8543a0805b0c836586c2c4b0ab618a0c59c7dce38699a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e091dd45bc3610f30b0e79168ab80362

          SHA1

          d88413abb06b5b7da4911a96c69dfb384305e682

          SHA256

          bba169cb1ec2c010b490584aae53dbaf7489206cf73014043fc90955dd6bc7d4

          SHA512

          087eb8c9ffbc26b21005495e71271b0667a6eedc577f65893df43d6888829bbbba00491315716e64a91600a95218d0de485323d96d125eceae9ab17b87b88f61

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bf4dfdfccd547c03cd8f6e5c87ac61b3

          SHA1

          ed0be01743c75ac6d21b4d9c682d10c713170769

          SHA256

          9f5e97e45e25fa3a0ab11041045f890125dfd544e12025419091d77d2e3856ea

          SHA512

          e681f4cdbcbe66e8d36d7f126a5c2451ed87896ec71028403b4d0ab2f9c980d7f98acd6fb404666ab6690d1f288c72c1834c41939b3c3658048a7e86ddae22ed

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          73b1874a5ef7923dba3b3f5f808dfd4d

          SHA1

          8fbc10376b7527ab33d653b243edc6ca4fe51c04

          SHA256

          e9dfa8e1448f004f0e2a7915520efb7d381c7f4d0c4aafe6ad4ad9eb960e0f5c

          SHA512

          13f2e1295562ce988363d3c1b2d2819786dd8e23beeed742ad5c20fbcf4a8c8a5da544a16fec9d71950f2b0b8e5e1d163b2f83ea6d4aea22420c3767b4e52e31

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7eb0d52e432d4bbd4b99d1f3b00075e1

          SHA1

          f8c15799664dec1f3736c1113dfe45d8b0da1874

          SHA256

          f4053602bae11c61ed2696f65b94f9598aca3d953ae09cbbb5e15671470f20fd

          SHA512

          5a558a76db787458df4e2ccb5248ab2a3cb4b156fdbfcb4bbda4a538d01316b8099996b5548fa05dc6e5858154caa54799f85748c06c38216e93c5d294f3e161

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          15cb2de0cdb47435518e0e8053ddc306

          SHA1

          cc02599ef260a3d401ee1e5aba11df11cb800404

          SHA256

          505ae6418190939f3e89e5b3b48cb634a565052a5d2f5ba11207e331bcf575cc

          SHA512

          208ca702876d6df9ba667a2dea6ae941a71c31783cf625b44e8dfb643ffdc519ac21abea4d6e4c69f100f637f2ae2863146d8bd8b383836cd4ae6c038faca4d1

        • C:\Users\Admin\AppData\Local\Temp\Cab76A8.tmp

          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

        • C:\Users\Admin\AppData\Local\Temp\Tar7757.tmp

          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf