Resubmissions

13/09/2023, 22:43

230913-2m9pfsaa44 1

13/09/2023, 22:41

230913-2l99lafc9v 1

13/09/2023, 22:41

230913-2l7hpsaa35 1

13/09/2023, 22:41

230913-2l43ksfc9t 1

Analysis

  • max time kernel
    363s
  • max time network
    366s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2023, 22:41

General

  • Target

    feed.html

  • Size

    288B

  • MD5

    9034bab8201ca968dabc204d43d19963

  • SHA1

    c813a10a8654aa3d888e8c95e509836eb6ac387a

  • SHA256

    28b777e7ed5b8c789d3396bb5c0340641558bccf2a9ea352863a1835c5ef27d1

  • SHA512

    5e4a57214f55613e4c5c2c9e5c252b9065df497f71b2213fa0033ff958b21e8ba2e54b7b4f189b6291e3d8f2f4b795df9425c0a027fae2de0532747c7dbcaa10

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\feed.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2440

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ccd3de82c893c2a7c077d4c0abce3b88

          SHA1

          ad76a90de232038ce7ceba2495d43fbb5843b598

          SHA256

          b2be8cb67cbdf998e42378f5c484fd651cb4db3b457f91609f912ac84eeee713

          SHA512

          42c084313fc3f04eb3d5c52139529d03ef1933a07af40c0d1872ea783c888f8723f2adcc240d9bc317222f940afdca67702ab4a7fa3e804e89815d9c48a6d4d5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9d5a3bc3ccb29d88e0a8cd8d31cdd50a

          SHA1

          e4e35b33cba9edc8483b23939356eeb90bca3298

          SHA256

          b8132803545320210db86437a95ccf1a3cabcc4256137b6528773dd68504f5c1

          SHA512

          31114958f18ec7067a5feea8cdcf8932a9f5d5568f8b73f00cfad3f6b156070904c023eab1a8a3f912a573b9d3927d60caf28ffee8b330c5aad575a2be3d45a1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          62a4acbc8aff6a962d1f5b57d1f56621

          SHA1

          aec2a6dd1140b59e4b0413f4e53b0ec9fcb011ef

          SHA256

          f5797fde154abe15a5c37ae88b592ab19c8bb7bca3935ae085c90e2e601952a3

          SHA512

          ea14b5881ae0fc3c5e92c2a8bded88975035ad8047ca751bf4cde330af1601a27c0a20c76e887958715149b3411e2809dec5d396237a0e12ccec53d26a02f600

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0d2f2777ae9a8848d719e4a640abe6be

          SHA1

          5a7dd7fed3beb777e2ab3161b6d42affad55c052

          SHA256

          60dc3acbe50a62a9ce964ebb6124ca7272efc4f6cec993b3769cff0784c15042

          SHA512

          cd68b0adcbdad89650f4bbfdbc52dd01e4d32ae2c54b8782bcb430e7204d128fcb6555fe09e607970d877f8d73a498219ea5b538e1e6c6f663d5c2abcee46296

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f3c93005c7aee5aebc8a00e5acb38634

          SHA1

          5a63f592dff55ce8282887fb085d9a1469ce11e1

          SHA256

          30e6dc30349ca3bebd09cd78760aaeb98a8d3d64cf62d8a9f98d421c5ed5fe6d

          SHA512

          25234a1229b66cb94795b55e96bbe042196ba0cbc431de0f12842f77efbdae1268febc9c6a251776976161610dc7f6df1981625c47f224bf6224e78631522e91

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6b9c061dd11e358b5924c017f8980158

          SHA1

          5566e216c773c19cf78b44c44876556d75c83cb8

          SHA256

          5c231076f7345bfe2e8acc9ac747a57d83eea473e093243f9ceb2ed9326c85c4

          SHA512

          e2768c76eb956b13c59a4c40e06bc8d973af5e5a8d2ce6ca1abde0edb7ce093e08a90ecb8f46881a1c631d905f3255bc1bd25e02427742fd4feb74716b4ac692

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          402cb2db8f315d04f3a6c211dc064d91

          SHA1

          5a2e1497a06c52cdd1f0dbba92121e356a20a94e

          SHA256

          9b08eaa1ff5963a0edb38d28f3e1676c6d700dbf3315c4b7df94612b135a33ac

          SHA512

          64ad91c5ae173913ef566ed5028097e3e8b0a27700dafd6e011c289f34e9738d4fe0b89cb07783f4c4a531171a49d043fb9ccd6010f6b93a2fe197db63074a67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          06eb5abdb8188b1fffa0fbcf12f30588

          SHA1

          f908a1f8821e8f545c245498922a5168a396253a

          SHA256

          512df0068af88cb5b9763b329f2e1468819b0ed48a100cefad4edf08117a1021

          SHA512

          56a7648714d4d60ea2f8c0e28a212118be7de372baf2e146f50ae1e03677506614b755c296c125c017f55bdf7c98c3fb440547d137951bb2330e2f7779bea33d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b4f67ff97b45de336237d71966763965

          SHA1

          21c57cf4508b517e8c18ea776e65cc368588fccb

          SHA256

          6188924b24d8d54f03fc212679dfc77f2551ebd614100579e30a883df5bc9a9d

          SHA512

          382bde2fbbb8b7512565a1c9a4cb133c0d42c99fba49a4e3f6fec659a75f45e024b651b99fa43c35382defaf4215051f8cc01ccaaf659ec91dc7cc81b420e011

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0c60db0fa3f5b709dd6a61bcd417cb0e

          SHA1

          cf614852e095fdf781cdd255745114f4bc75a5e5

          SHA256

          01313f50a4baf076866e12800d43ae21d70d73e6b63adb28a8cd381475f7c545

          SHA512

          d7b474ef299a89f5db9b31723be7d1368bfbacc7b210e346ab6421f74de5b3aa8a9fae39007fdf318d96b3d68f048bb00dd1ecfeb966aa9b25e57f4168c6288b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          387959670585fdb0ecf44a5ce78eeda3

          SHA1

          0ea390284c8ef71c1a1dde337c5925a0165512a1

          SHA256

          bbfb2e57b50782f6344b4f34421f5397b64f7d19b3360c163e6977d3540522a1

          SHA512

          1755026be43ddf0c526ab34165aa756a163a29c12c9f4f6e927647e359dc03094b85c398cf65c67a56dbc493c48d9f1912d836b5a0dc4f7ce457f56de80f3867

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          01190d8b3fffd0afe740f622a7a77521

          SHA1

          bb6fa6cae5dadaaba642f25ac2e06f1819b39bcd

          SHA256

          0e23f10c4a90552369cb6930380b109a4ee6eac4dcb2f2164065ab940d8d0511

          SHA512

          9870fc2195170ae3b0ce4d9d132d6f1b7f8e6e3abf97e7834297008497afb9fa561d6979c0c92c7c92e9f920e8616c7e2aacbed299bcb3878265e2277f15d7f9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0405c7750a8aff687684e40f722e95b4

          SHA1

          d497f4e334a41db9580251cde3cccaa3513e9b98

          SHA256

          340858b8c6ee2678b5aae3138b451e89d5a0383d07d7bdd0a95ca05e627272cf

          SHA512

          9e009edf4d5399e7dc3cf4800d3cedd0839645c59e6058d62f22587ed99886a162b6e8acc1d9709b35dac39a9090db26d9885d2e05cdfe89cc6d97722a40d05b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e0eb2fd5a3f73ef0928adbc56d638ce7

          SHA1

          a66459171b8236959227f22a1a90a25217bfe7ab

          SHA256

          9fd0084b5ef7411a869c21ddca817574d6aeeed8bba745ce94045c3b42711d9d

          SHA512

          e805fa8b7fbf44e0e94e0960649e212b799ed80ee4dfb3b91beb1fc9efeed6d53d4a6cbc706c24665297e010d6b2ad2e91e5f37bf5b9b8d9b8d5af26bdaee79d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f2555d9f87021e20fbd24e87b5225729

          SHA1

          9b7c1e23fe15e7f77dc4c74988aadfdf096a9855

          SHA256

          a49b70e6c70b1a31041273b111ce90406010830e4ef8b7531ef625c9e5338fb3

          SHA512

          cbc8a58f17c2678eabed58cf8fa0c5cc05ca1dca3c33475bdd4f22f70527a2d1c6c5f840d1b1bce3775a6f560eb8e9a09cabe72e67ec4744fef0839d7428b6a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8e25aff74948eb26867efb74b3092736

          SHA1

          a4384fde6b5d291f103b82dee0cef6407224c3ec

          SHA256

          307d75190844af75cda7a313244b15ab56a32b5f8b49d9138483c9355237d793

          SHA512

          0bde5c06b6f7f26f4cdf10faa575fe278e9a045bf6f3a244854aee17385e922bfc6ed9bf3541595499d86052e64bfe7f6694ad374d26f72a80c408ba8209897e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          94a63d7efffc868209a6b1ea92d64a7b

          SHA1

          e4ec6e641cb18864db293a3a57b9d1ad93d5a373

          SHA256

          f83383a4a2dc20448e2e794f7e4010e36acc02354b02d9e6ad029c4d29015710

          SHA512

          869772adb023cc40d00dd2f83d206abc680bc0ca2318530a575c5ebc250991af344ac3541d4c9becba284e509cd9fd84daf1578b34a744dc84001459e5df4855

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9aa29a54a801d7ecae0b991ace843fcf

          SHA1

          21fb3a2f16bb14885547934d88192dc43b328533

          SHA256

          5ab04710eba1dd687572d2bdcd47df68aeeb810397d6f929cafb02f673b1d875

          SHA512

          43256746d422032b48c2cd2ba7a1ec112a96f35e04ae0239752112e8aeced71489604fd15c9cd5bd5e79b18515b5ce2603d38949448d6c3c0d1a93efc37821c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          05d545cc1f1e99a0c255eb0f546bde9a

          SHA1

          d2d7b157c4404761a558a586949c7366179b3315

          SHA256

          f20f0c1f7d180f2e00be6820415fcd0496379c66d132cff63fed367b40fd965a

          SHA512

          07ee56d56cedeb694efdee54b8e1c1474d54301a07314f068aaf51c3ddab30771dd514362ae452929113dc4e4f78a7ef2808503429bfdb2809504acdd395e544

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d77dffbf17eaacb02aa0632593cc7be9

          SHA1

          29f21688ef708264f00f817ba1ef3cf87f436dfb

          SHA256

          4dd1aca631dccbbc2b8cb56db7c1276c1c1c2bcd2516d4c37806f4f111414109

          SHA512

          a7da140544e0722b49f356cd16f26e0ea2a805f345fe9d137a4413fccf8b71fec7a7d975acb227ca13e5feae2eabc5de0a90662edcf742260362bbd60503dd9f

        • C:\Users\Admin\AppData\Local\Temp\CabDA59.tmp

          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

        • C:\Users\Admin\AppData\Local\Temp\TarDC51.tmp

          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf