Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    18-09-2023 22:00

General

  • Target

    license.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3ce173f11a0796340af116abd61fa15c

    SHA1

    61be4cdcad7e8d43ad447cd0e8deb164d07546d4

    SHA256

    bafa366ab5b56f4b35a812f03ec8682c40b8268dee9737a7b9b120ea89a5fa5e

    SHA512

    f62461472458a2fc3c2505f58d8096d842c9a4ac353e8513e96e843a11c5bac97bedf5ee9fabc9b86b41d13f4ea9512ba9db29758c33a4316411cf6ac9398e2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8180d84171c3dcc373e345614d6a7863

    SHA1

    d04d3de7d3467e68927a7f216f14307be60bddf6

    SHA256

    21fcfbee45da2276e34863b05a193cd91b38eb35e1734d4789208af5e9fa8ffa

    SHA512

    b6844d9f9aff6f71d7eecd23c663ae35640d4e1b5f6c8207f144e3267f0fe5737507dbedd1b25fc9385238112e8667857ded6fc540c649d65bb5abfa4dc9b1a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    41f6eb0c2ea6748882df2a9d16e82505

    SHA1

    73ae993825c4b9278d26504655d39e0fd9eb2c1d

    SHA256

    bb992865a8d4189ef8316fbdc07b8db33fe21ab32205ab0603630b9c8697a11c

    SHA512

    b8842c7bd9df5864a087b1c3a2ea08c506ba0f6402925b6a25889f0247be9f3e549523d1c028307839e94adab8deedd701ede8704a215797949dae65c61c7280

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f8512159eec20f47fe547e9a2b5a7abc

    SHA1

    e28327f2fd35c2d290b52bc02f11462fa711b96b

    SHA256

    c0fa29ee75a11445cc451fe48da93376d69b7beccf6e9b54de18bb5dbbe039ba

    SHA512

    5abc221799508a0c04195e42a8b473846eb27f4463955e7c0472a0f9d871bc018be5dbbd35bdfc628f9b973773e2d48d98028a14bf06147d51e727599b181d22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b9b7f61ee1cc2b86a6229ae7602984e1

    SHA1

    eb774ac45d63ee28aad3949061b698f64f0db864

    SHA256

    08fb1808e64d3cbe5639e167fd0e28a03668016c706fa3e475ef7461e330223e

    SHA512

    6ceb4fd0d2ca1f28c0c09407453a8c4982d4446f812c49ed622fbb1ecb202710d38ad46708c14ec9cf76df1c8da40d1ccd816a0753b64be0c2bbefcc9330ea6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4b6a5242a7a1705b47a495e2ec6ba7b4

    SHA1

    9506ec6a0a4fe76b330a3245de694dd33ad1cee6

    SHA256

    10812cfc5a665054f5f12d082d3e44ef66dc4b36bc4e9adc05d18f68226bb7b1

    SHA512

    c50b62cafa93d0c47eb9b67a9d66944e02835483f4844d81046dfaeef1f90a8cbb4451720abd4d2101575917b7eeb8dae078f42462751da6143bd80712f3a091

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    1f4202be85bba0797bed13090a072852

    SHA1

    087f523c9304c6b6ca9acc61b65c0954d3a90fd9

    SHA256

    5f644fd34d599810bbcaff13d339777bc1779d8c4820c4a0ed2f8380ad9d5311

    SHA512

    9aefa74159b75bc259df74dd9024ac47bc6fcbc4598d1950f378bdaaa64a346b9d14c8f5ff68b81c5b6016609c5a6f21cc43f4496beb41b25bbbe947e352a6cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9c7a6d06ff308bd46abb6f629a52b173

    SHA1

    16f3c8b0aa4190b814810bdd6245d9e73d6de11e

    SHA256

    356f85a8c9595b2ad37d48ba49cdc6c32ddbc785b55af791be48dd31c4605595

    SHA512

    1f835436872b8622f78b8f9e3665eac40ee3734d50965507af1a4e382f3ca469629647024184e57fd5f31abf26191c2d813c38011ae6e51e0138ee96380b8537

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ba55a84e1d8a4c0585ed6d48c2f654f0

    SHA1

    e7350402bc256c42a15c7ca16735b3dcd0d74a43

    SHA256

    f7f1ab6f7b03ab5504fc45bdc7e75deedb1937a88fe154d8abfefe86bdd57883

    SHA512

    ca5b2a0fed0b77cb22f1282d1cf8a5125dbe927580238d33b54684c93a71fafa02557d7d0fbcb68164ac90ddcc35d60d5e70d31ae21c2defc05283a1fe90b1a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ac7179af38b9df74edf4458fca289d40

    SHA1

    5f119ac8ff89796a68b1f6dd4f9401f503473a5a

    SHA256

    12ab3f772930f1e35fb4292922558df2346b39ca458a51520614c8570f141ae1

    SHA512

    e72c46b71599771f14ddeaa07814c093cc374c2c7adc83fdee0096a24946e8c21e68fe339ffe6101a0fbf5b829d1778a551760759c06d0449a3a4c4aa56e1877

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d9cc3bf5a7339f04317eeb8a76540cef

    SHA1

    dd7ee3871fe586b4a36ac4f53a8502565754d4ef

    SHA256

    9e9b78847cbb031c2e39f7ec302fbe86c687c6df353d86354ffbc70a119f6680

    SHA512

    85937e16006b5222c55d7c74b2e3cb5e45a6122e3172720923ac53ba58d73a39748d6f693c8d4ac55044576f76d80f7bf025d84c91da584b13bb29015a523bdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b4bc505be0c92f06383bd6f96c57752d

    SHA1

    7fb9b0dd5aa42a063739695a9a7e842ea0ab101e

    SHA256

    b917552972c63af583a7af40046f390da4e299f8c9b4ea2f160b8ed246981caa

    SHA512

    1f5488dd254f2f316ac90e9630366a3a59a40e40fd30b3303e1e8ee72cf472f2510c2a27286c200bbf7b410c0d3d06644f0605e5cedd504fab1e7e77e6f5e486

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fffd661e747f703ee63d28d5d9c563ae

    SHA1

    182957079ea0ac01d0e94bd6ffc7b42702e05ffd

    SHA256

    39fddefe116158c2a00e463ec2621fa7f3f292294698f82484963a9078a181d9

    SHA512

    71da999ec903addc6b477b6e59d6e581925d1011d36cb5f3a10801fc17bc68e4467688a3a363fe22e224081963da7e705e880ae89b516a6bc5bde7ab2dd5461e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    999483355c290ad264be6f043e9922f3

    SHA1

    e606f339c9347b549eb1a2c54eb498d3101f245b

    SHA256

    28e4e7d43ffe445a9ed4632c01503f64f870381a3442ec4562687b9253ab3e69

    SHA512

    911e668fd089ee10a34d3c5474109a87142063b0484099b5e60c9ae915ec9a9bdf62eefcacbc88545887c3f369a1c8a5872058a5913907844121965331936b87

  • C:\Users\Admin\AppData\Local\Temp\Cab8B80.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar8BE1.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf