Resubmissions

13/09/2023, 22:43

230913-2m9pfsaa44 1

13/09/2023, 22:41

230913-2l99lafc9v 1

13/09/2023, 22:41

230913-2l7hpsaa35 1

13/09/2023, 22:41

230913-2l43ksfc9t 1

Analysis

  • max time kernel
    845s
  • max time network
    848s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2023, 22:43

General

  • Target

    feed.html

  • Size

    288B

  • MD5

    9034bab8201ca968dabc204d43d19963

  • SHA1

    c813a10a8654aa3d888e8c95e509836eb6ac387a

  • SHA256

    28b777e7ed5b8c789d3396bb5c0340641558bccf2a9ea352863a1835c5ef27d1

  • SHA512

    5e4a57214f55613e4c5c2c9e5c252b9065df497f71b2213fa0033ff958b21e8ba2e54b7b4f189b6291e3d8f2f4b795df9425c0a027fae2de0532747c7dbcaa10

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\feed.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2592

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1e5b25ce04a9e94618f13d6670f326e3

          SHA1

          4325c617553b492db02a786628e147c11092cf13

          SHA256

          08de60a0ebd2336de1c5e9b9f5330b83c9704009a89dcae3ee4b157dd76b95c2

          SHA512

          9353381ee66c6c42939693b967cd89c0b5fb18318890d09f9234289aad113c80b907a4219e276e7e9f14b53965717df792749f78cdad7548968f4f9c6b949195

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9d8b38a583dc4f08721a1a24698df5e8

          SHA1

          d080e2178f5c4f9b1596e510c0a253f3d76ec85a

          SHA256

          dc783dafeea48f1d21522b6508d27b7d5be467bbad146c94abc8d3a6fdee8f00

          SHA512

          341fb322aa33a9b26dc89e58dbb73d31b424134c8370ffcddd02a978eaebc7a960bb3a51935ed1399fecf5c677b89b471c409b72fb2e287af6d34122c65603c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cd42eae6f652a7ba4176109f5e08b3df

          SHA1

          249f68f9489e8d433483c70fbf1fd06729ccdc84

          SHA256

          96065f7abe21fca85ec39fa882f28acea56003af07c9ab01f215e5c1a821ff96

          SHA512

          d03256fa05146ca636a4d56b98cc1e45c14c2c696b1d3d89ab107f049f3cb62bf2a0f330474f105575b545f17d890215a0bc206c79b67ebe7cb4bdc094ac00a4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fc55e32da285335d7e2394052b3b8101

          SHA1

          eaf3cf263fb15c4c514584664a2f314777c93dfa

          SHA256

          eb17637fc2c1c353fe32fe922539f46ee6241421ce3cd66b65b7c060032a6ebf

          SHA512

          652e49c3df1e97cb6b6f696bb34a0ccb9adb497831eca0792b3354264c35149039e357eae7f05efd886ac12769335bb2bb40aeb0077b453469601244ac00e440

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d4679eece6e261489fff3c2eefe7d4b7

          SHA1

          460f5b857b7fcc8ef1dffa5ca7f4f6b2880a25d0

          SHA256

          8ad2792985eff5d147e1ea4d46a9b3b2c7bbe3684e7506118f20de98922b594a

          SHA512

          397372c980644050575aedd47eeae462b06cc44ad678cadabd8d5cc0a65290ae678031c060a987884aca9ffab616e7768d557b394f295e3a46c7914160dfdb0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2e53f3b3c156e63b7daec762f870d84e

          SHA1

          8969d98460b4af54655b3e77cdcaa05227f658b1

          SHA256

          6a44bdf0d1400c2cc034100867173246bcb67b16e943e6ac817f30756b3f49fb

          SHA512

          c6c6e32ce0c1f2ed6728b84fa928958e71257f58cce0e548f1d7e41dca29b833f8b676a5294c2cad679481dd4fcc47efb8300354816b67eacddf4eebaa8a3b4d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          312fe61324da544d009086b6e0b91268

          SHA1

          0f78f7542d05a0e4c58785138a2f5a342dfa6bfe

          SHA256

          708ad37f1edd47883996fb4574d77a614f7565bcc670ac8b34a143c0e9843937

          SHA512

          de9ebb858ce2ef55b409d0b9f339e8b1c929d2805f91b65e3d3884506db9f1bafc53d4c7c94ebc22a57db39ac4c6fd59968fae359b9da067ad20423660213aa8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e0524991e94611b69d722e1bf54e47f9

          SHA1

          7e7d95a9d447732b80fc7899f4317c7e2271e75f

          SHA256

          34584aa5406491857c5d6591cc3965a0d7d8f0ed012f2f405337bfcfb9d275b5

          SHA512

          8bb9358ef83a85e284a5bf9556e9bdfb99a89ed0ad0702bb7e3113e61af81bdaeae55f434123273c3026a4749e661bc6417a94df8cc3d2f6b04a1273f05f35d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1e579473c69a7e948999e57e4e402953

          SHA1

          d55f8668fb56ce3a5feb73ca5bb3c00f1dcb0e22

          SHA256

          c78e310d34997e793cadadabefa8419b59d29affb9cbdcd070abc02ca7f1bb75

          SHA512

          186a9b9a0a60e682f1dba3dd6c912f0ca9b3d1222cf65fa8248d8fe3ef733e6c0010065856603adb7da603c95f6c2266107f409bd0ca341bf260f1b0c07990ac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          167ab07297d719c3c9de61192ade383d

          SHA1

          08170db0d910ab31f2319013627be446bc20dc8a

          SHA256

          66e6dd58d4117087a89debb2891e19ebc1acda1eb0900917955be5bbd0e8bf5c

          SHA512

          f9bbf5ebd3d8331bb78e1b0d5087c265226eda9ff0ea119ccff3db0fa386b4771f3307656e168e5f799d678e832a0d44f77393aadc67e12042000eb06d6cbad4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0694912933b105c6e5c80ad17f0ab3ee

          SHA1

          40cab11c89ee6d8051767e0a60f12a7eadc55e28

          SHA256

          51022fa3ca3d9dbf3989a0b6c7795999351f82610a666db9afa0545354565f7f

          SHA512

          467e8cf396ad4537491fd457b23646dd0431650b04e64c2804b6d424c0dea05e5b096622fb38191eaffa08aae98744c8e795e8bbe18fa9e1f1032907f10fa408

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a4a2882449efa87f2d0ec7059a12090a

          SHA1

          23a01c2e7cdd3a95981b890a09141254995d221d

          SHA256

          ae6a60e83f047f241755cf38d70eac987d4f929a7f2787753cf3c43285dd7b28

          SHA512

          974f2e1cb2457f12dbca14599f6632cc8f871401f2f3eb3dac9159b7f18cf2f223df184bb4fc9e51ff3779c746fbf2e9f2e9f2dfe11d9382b710a2a8fb6b04d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a510d7dcf6ae658dbbff155c4af13cb5

          SHA1

          4fa0cdd899d4f49ad6c9403ebda330ebd7ceaf67

          SHA256

          228c775943b4fc1202252e463184684ee8bc60e92f2367df0294e6fc0c9897d7

          SHA512

          1654f857b457d172d011e950c76973c96eed2c36f8569288852c9e8c67fb43bf6555ee3ce5b3f5db9f6f9c5c33842edcc5f15d58de3eb55c39e203256c6b9296

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1cc0bb8b215711be9a9856a403cfe75a

          SHA1

          8abfe7bcbb3ef03068baac5f09bbcc01bf75d73d

          SHA256

          0dd2318feec8316d0a4733c16d44d69367433f7d609d1ad3005ef05db932b882

          SHA512

          d9534c9431726b201396c94cd1a0edb093a2b248fa898f015fd54facbc11b49299a4906aae31c43f4781db338e40202d487ac36c5110cfe47f2ceadbdb03ccd1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          60e99cdfe649ac0dba21af8cc2a73cc6

          SHA1

          892b7777029397f6b3b26204c1e09588bdcf7d1f

          SHA256

          7786b4ecb2aa773933dc19cc24612059e8cb81d725532b375c4f86aa87e07e7a

          SHA512

          9430cbd3558b0df3c900decaa90a77dcffe7236cd6579d87d15796a590eb7cc007ac9bb47e1be3e367ff05b4ecf21535ae587d3bcc88ee2a5bcb5f0eb938f25c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          aea0ee7f6dfa4ce2b0e9818aa974598c

          SHA1

          d41ef642328f8a15a64bca63a5efb393938a952b

          SHA256

          1e5b67ebe957e6a58e05ef1a88c162b4496d14c2aa4f20f916bab62cba24e9ba

          SHA512

          053e216ebc67a113668145bc8c5fe6729f31958407e28ca3fb65891c9e6e118c0774e0a40390428a1e1d1a2f2bdc25bc25bde042c99c8dddc760755b7331fd7c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          72a10a870b8d70f3ed1de9e11ffbb291

          SHA1

          201a288327633695f82073d2e395c04bc13e8a4c

          SHA256

          bb90bb99f5f4a3e8489aa489a92bc6ebd2358c375cb0db1e00dcc34518d7e908

          SHA512

          55e15b0f2f0ab3eca2264201230db538fd8b27de2598841df6d3ffa7ae90b506c23b788484a709a95b666514e6a708304fe9c7f2e681a1846179e131d0546656

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          91a3a9dae592dba126af3f5e96a765d7

          SHA1

          69b39a33479e4d271b025a68a3a2e4c0ed9c6485

          SHA256

          e52319593b6f846b69da0f18d301baf54e44e43ae5c67bc68420371bcebd0aeb

          SHA512

          9a7808dfd9685320624c6cfc7ed3ee26b3e435faaf925a32d9989594c27a2cb89ea8a0f11a4aa045915feee2e652f52ded5f110560ad6327ec96b55d9c939e4a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          22c50e7a02175576ea5a5882b570e031

          SHA1

          7a46fa1a844eeca7f7b75491b89967d6f00eeb89

          SHA256

          bb2ffd3e3d76de09c652852eddd3ef58836ac669e2728e3f24bc5c041183edca

          SHA512

          3a80cd95dd03240ce8fad9a9f5ea6bc2c64365f7f6e0fa51a31bec8a6a8ad4b612c6a384a7752ce9cef1f93caa06913f615eb09ae2c205b468b5411243fb2f8f

        • C:\Users\Admin\AppData\Local\Temp\Cab61E1.tmp

          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

        • C:\Users\Admin\AppData\Local\Temp\Tar6271.tmp

          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf