Resubmissions

19-09-2023 08:52

230919-ks2glaaa53 1

19-09-2023 08:12

230919-j37kxshg95 5

19-09-2023 08:09

230919-j2f2ksfg2z 5

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2023 08:12

General

  • Target

    .htm

  • Size

    21KB

  • MD5

    8fbe2ebf309506ff8956ed932645e30e

  • SHA1

    95b77ca1c3a0221fa03533f8a3ba6a0cc2bc3dfd

  • SHA256

    aab4c3bd815083211783d9d73388aac5fe8123e682c7113210538d5033e86147

  • SHA512

    fcb2636a77a703e433b8ccc8e2f69872fe0f4e16283c5e0e0501eabf338382ed82728a13dfc2e963fc07faf12a007bd2b34f65813f4a1aa3deadc75b73d797a1

  • SSDEEP

    384:EMJFKIXqmayFMzdyx7y9g1LnBlULnBmNKHNTwtwL5+TRa3XXM+yLyEyKyJyTyt8t:EMv/XSyFMZYSg1LnBlULnBmNANTwtwLi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2936 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    99c89b3fd779779ac179ec38a1b0e730

    SHA1

    a0d426c02c5b0d74a02ff445e764dc24880a9ac4

    SHA256

    537afda4e6e5debbed1444f622cab0067545314f54b4e8ef64cffd3c493a4491

    SHA512

    d59409cfcc043c9a468adbefd0c3366622d86a85634ff188854ebce4f76c706476aa2448f65f5bde3a0b240b1d587b71a641a5582ebf0073602ff91d90304528

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3b0ceee65a778b4dd8799e9f0849c254

    SHA1

    61710e9b52397788c076b9a88f78b8c80db50df8

    SHA256

    99782086c7a7a768b24b806acf0c1f7fa63d69dfbe917120e344bbdb52ff474a

    SHA512

    f234b7ff8b89e272b98865c13126344075389174dbc5a305ad83515a7653e0a76aa975800b45b587df5f744eaa63598dccbba8217dcaa0641394836bc885e36f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1309bc19e9c244438007871f8bfd81b

    SHA1

    0842566c8160f4c454813b7e9dac65662c35b249

    SHA256

    9149876906c41f69dd3207d112d0afd1d3f4f4ca7087c5b806ce2e1a470dd6bb

    SHA512

    63dbe567563beb316da0541eeccbe0ec241f55a417da2a60a2f930a402d3f85600d9b139c3424e73dc22076c02dd6707deacccc250e6945296599aefa143d9a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    123021efd1dfb503fdd661b1307136af

    SHA1

    e15de7b3bd7b6448c98dd4ebae39d0188aebae20

    SHA256

    0c6b4031a56275ca382d7a7b2f606cce282b37e81912b8bd60e31dcd1be66a0c

    SHA512

    288c5291484ef274b54175a29f8c79c248616dc697a898bec597fd716420da0d175b5b5ccffb12390528789aaac70cc88edabac82e507ad69008402faef6ec6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    19c1cc33965c8e82efcc5a114a959298

    SHA1

    927a0d5d5d7021a66416c163c8fb4ec75ffb4f48

    SHA256

    8176a2abbb2d19b7593c0e55bd1f5b1ba386c2f81ad899e9a66bef17ccaffb05

    SHA512

    1196c43e3a002c357a62d936bf6ba8f0be6db31e105da8a6c9589f37dd40b4f1c56c79589cda67d8fd810bcbed8e5e8bcc821aefdd4cd1c588731c9c49e1ba66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1bd2b63f40c00ecd28a1de8f174447dc

    SHA1

    0dc5b2934bf6e493b9078e6f5f9aa3a9599e27a2

    SHA256

    9b3d3d64d1e355aa02fa8824b012e793ef981016a80e30c284b0da627c02b163

    SHA512

    d706d782add8c9906ed5d133385123414db6dccdb332ed5f032939f3cdd00b245833e542189306e5de7fb7f7c5262cfbfdd8df7aa51b72c37d3a7abc304dcef6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac0d272674d1028f8168963efa10f39a

    SHA1

    95cc514e3c3e2e718dac0a64c9f0d70f53dc6574

    SHA256

    8ebe906c508b846dbc2c4980e5333b605b93fe482aa98e2541b20f07c6df4bd8

    SHA512

    f8d9922234da34b586a2a86c2a143e6560f6c93090ee9a83ecca70061cfef275d1156d5f9360c6fa4b7f345f2b03d4e09bc99f09b0d194bf587b23dca3683974

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2cc7fb50915fe49dedcd201c960b269

    SHA1

    fca80d3644443bb76944f0a5a8877b2fe6c48073

    SHA256

    ba5d7eec9276da75db2737176941c384f3b86eb8565f590b91bbb50d8be433fb

    SHA512

    215d62161610ac507e39ced1984f26fb7eb979731ef80200538a28103cf015ee7bcf26bac7050208a5f1b0b531d80845fcbca1c615d3f38678467db0ec02c5dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    68a31cda9d8d4e4df17d9758081f2e56

    SHA1

    ad944fd10f54e872248be36db4dbea4dc5286b39

    SHA256

    4fc96baef93c0457fd5fdede74759c789f325c4abe73fe041040edab18106bad

    SHA512

    6b22c5adf52bdf9fad92eb714515cc63b6bcadcaba380edcf7fcc664a847c470c17ba7cc9b26493b5ad64fa3a603f2b924f9fcdd4d0b29094aa53a40c4b5c043

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92ab3f861bee2a6bfb848e3e6ded98c9

    SHA1

    572606edadaeedb321d49c783e5929cf6a302a57

    SHA256

    d61caa521cc829f769db002f8974b3f5b37851737a069009051fd1d18d40e38c

    SHA512

    f65050706941e2654e96017e50d051c991a80371f18927d36b1b4ef3024b4bc5d5f43afe8546ea2a557e9ba902c33ba75f2441852545391f83416ff44b49f9cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28d14f48e95096d02c7bee5ce980883b

    SHA1

    f86727085f5e705233e2b9625329dc12396d1c7d

    SHA256

    e345f319c9260d33708b1779831da7dd2371777e5dec108d1db8c5243afc2223

    SHA512

    b64d4403b0843e67ca7da06f7aad40fe998304706b369844b3518ff5863a0641a01eeebcb6c27601c02c50abff05063a41d7a87d540c40467cf61e79a6f2c6cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fcc4b9411a57c623100776690f7bddbd

    SHA1

    f57045a9c60a7595a3eb3047d46bb590fdba4e22

    SHA256

    df704cf10547d70411bab4190238c0bac34c0c9bbdebe08019051d7a8594e5bc

    SHA512

    3b845059d1b53ab76e4133d96ad8cc5375193b08759c2a3ba8754f9560df40a841d2e8371646b29ea0950382c4cfb88f1fbb82788e8aa74448d5f2924d931b1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1288055be18547fd002ebe1b0f628d01

    SHA1

    d56c80d0a52a10fdbaca6ace0f19eeff68734d50

    SHA256

    d3fa1f86be2e585c409f015c7ea08950861e4552321d4bb5834f488eb670d77c

    SHA512

    fa582edadfa9112c770babf0e7877ae4f3c948837c702b51e79e18eb30661ab4ef5d7da468367b526ce96cfd48f2ff2c34f3704f0dd7d7286a0dfb6dd67b8ede

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c2cf416acc8ea07d1d81a5e357117e49

    SHA1

    9c04fe4449c5999379796d19972864fe2d0bcf54

    SHA256

    05c5d7fed93b060ec5cf4361cee46210b231b11a7fa907b971ccfcef9e875f2c

    SHA512

    b0ed328b9957c10ee6b17e3f5f9870bb589a09d1ad7f6af9f1db8417f47e6225443b74fb84df78f59da0c79943093445b80c4414a8b7bc3a21ac8aa31399db34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a12851c30f79150b4366830bd2048f1

    SHA1

    ae15a29b2f99339beb5efdcbe0028eb94ae1210b

    SHA256

    247bbfac5b778e223204a459d27a571f9ffc92b52f2c64801dd7634cbf4ee41a

    SHA512

    0ac1a7f5510f31421957f757eaad649f821ee8ac68441167dec300a47afd49e8559efb1459b0acc4b99dc2d97b2ed44f33fe501a3404eb944ddfda4c30a3a95b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b54a2580015742f4fd4c3e158bafc2c

    SHA1

    1b65ef420b8f23c3cad2a5a581dc96d60a8948ba

    SHA256

    2c874567f944cb1a21cd3f76ea75c65390d924dae908d119d6b9aa4954c6aa69

    SHA512

    cc82e148c8fff17331efca367efaabd0d393e440a690b9de04d00288e6cc2a2b91f84fdf26b6e21a7da939fd4259ee4a86cba7fdbf7f2430d70f67dc8452aa93

  • C:\Users\Admin\AppData\Local\Temp\Cab6193.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar6261.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf