Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    20-09-2023 22:00

General

  • Target

    license.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a42ea690e9d3aaef577aabf627670474

    SHA1

    bcb441ef45c52855715a22a1c362f4678f8ec9b1

    SHA256

    5394ac224186e5df54a9a4b92fe8319c12a5abc8e2ceb7fdf8f74876de3b6af5

    SHA512

    c19d3e7c39402c070432cee8695eeb35573eafbb0d0ea719d9fe47c02ad91c618f3cfa5e2789a89fdeaa13793a4093e7353151c4f03e4b3026ca14725a5c43a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    57d4183631b4bf3f3724d861544d44ad

    SHA1

    ba3deb2858174ea2d4edb5160c619898f0eb6b82

    SHA256

    e861b8bfbb405ff21bc74a2e678ea1822202a32d60030985fd19a5a5acbc785a

    SHA512

    bf65b841e85df98e5059e21b2c0cad0cd343de8b83f753ac772a17b76172fe007a592a4af10853638535f17607cf8ebf319c0aafe2b5fdb2261ef8f428f2e142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    83ad9203af54ce101a4357a3858f7583

    SHA1

    5d188216558f49af489f2fd52d28a71e58bead9a

    SHA256

    a98e6050f90c38ae5fdd053f50e7a287b38981e042a4fdaad0c6168414efcfb3

    SHA512

    afd1dbe80bd3637716d2e68d0de019d8cecef10718d12d00450f94f39cba41cfd8f98acfa70b51bc8938e72c172c5ccdd3f2151ca94bcdef4846a4416d2eb74c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d33c3ed493dfe895e51d39460be5a113

    SHA1

    a1bacad29927af374cf18a0e44441e8f14791f99

    SHA256

    378d890b57b2b6035350aa3e3fd6da1b96f6aaeedf3dde9bb4cdf76ffc6cdc1a

    SHA512

    185a44e78abdd28876f08682a5fd30576272d1b5889c8b388cc2e65dc33a8c5ce52db862b830dceeda1c452d74768cd82adc1672a9fad763b41058df373848a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fb72d33f54fdfd2db77500633bd0cd5f

    SHA1

    11dccdd52712d13e74d1ae43ecf8553ab8f67db4

    SHA256

    b86e91c7409d9aeeda2cd01cc7d05410525875e46bf7edc32a7faee3a6a35cf3

    SHA512

    0403b4827db673aea04496f5562efca82c5b6704266d71a8e6bd08513a6b69ef5f487b6744df9a5dd03c2aa5f911059f4b0d23915e729bcc6ad16dd167b0141c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    916178f2f61d0df90192d03172ab2399

    SHA1

    6021ec46c46b1184d6ce55c6e070e5c4a7dc575a

    SHA256

    03f9e0b455cfbb7bd257b7aed34115bc173f8a4972e081a0a11238090e74ae2d

    SHA512

    69f800861afc5e5b63f20c7cedebba0ec82e1f2a2c216e420fe45ed47d058911d12019900f17c8317e2c8daa0ac029a8152632fc69584a000a4c5bae4261bedf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    42c4687c37a7d4cfbd153202fc8cca96

    SHA1

    4d09134425cd151c934cf75574fbfa8e294169f7

    SHA256

    4519b76c4b8585930c04411d1837f3220c47c98516695ed68aa176b17c5dd2f0

    SHA512

    1eccf0aad3537aa694e97f12017d4d4a43ced269a8d6d29e72caf48cde2e27c4b2032d807f0c94449c51ff38fa6a82968af43d379d5a9bb49ef0125e46bcec78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f7cc0b695f5030f1aced120b6da33ad6

    SHA1

    28f109ae748584133b5e5b9d43a786477e2664a9

    SHA256

    83cb4dfbbfda1a8f6d747a30aeaeb3069dba56d99381499fee01a4bae3d3954d

    SHA512

    ccfa7bf1ce2bd76b9b68378487fd3f462544e953231064d13bf6e5b830e6cad3f22a44daa4baffd25429fc2db9861a686a55986f84bf4c2f972c2c6b7026c9b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a83b37f1e7ad864b97c2bc722129162b

    SHA1

    be317b76bc7897e2ef0a7205bf8e571d3ac5d981

    SHA256

    a3c9862e4b81599e3cf50609556b9f37a94f29f1760fef687337955135bc7758

    SHA512

    18a1ffb756c27b6fa1de7b208ce008bb6d6e08b46200dc2df40bfde47b7c0fb9acf2a396cec721dcb41414efa107a5562927b710e2472bd2798ba9d61d603b23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f4041ca7ac724aa279c916a945d0272

    SHA1

    2b5d165b9d50e7482dbb9f9748b01dbe6c4b646b

    SHA256

    870a1f6aab375080ad608a53aea567ec3ac4921fd8cbd95be3db070c0e0b4782

    SHA512

    1030cf1a85c308def1c16e95654d7821870537f7299322e8cea94c783fcd4207966fb6a4def1f4655d75e52c82860f0fd0e18345514511a45f31ed4860575499

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bb98866331e6b7cb24b9a2b26d3d541a

    SHA1

    f060775e4f90e8d8ab5900fe329389d779ee0182

    SHA256

    1f9d2443e5605ec94eb18f26744538da1aa3c395d28ff8c4ed3001fc50bef6ec

    SHA512

    2e66548a7390c8dc629b4a689e1a3b3ca65f64814e5f9fe6e450ecd8a9c67dafe80cfa145977e860209619e92b9aa72299a69c3b091278cbd0d1e87851950cc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    20b2dedeb1a7f015ccdc2ef0c69a911c

    SHA1

    12efb9d230892ba1476bd4b892a3fedfdb4e6f06

    SHA256

    75dc7688291ff05b7cdbc6e57d3a42115ef49b57378e5f837daa2fd5febd0eae

    SHA512

    3edf0edfb2fae37a0644370868024cca0cc4af18c04419a7d441e5a4e8ffac684d07c0c015ade59e28033af6768d66a1c4c62a7c67dd913b27fc33b514851419

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6e2dd6fbede4323d7a1f07298facf3d1

    SHA1

    6e28e993517e26577747644c2c57d7ec4d122c72

    SHA256

    14f1b7188a8b864cbed2d87eb7f77f727bd39697085a2e9cfba2d56580be3f38

    SHA512

    f0db1fd09204e29497f60c6ddbfcd1f4a8537f68340d6125ddffec5195d485478a7c3d321bcf1cc3d2c60ec25655a6a9ea29472e8407bfd8e07de6b0d01243dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    883e0bca762edef15afca22a88b6a6c6

    SHA1

    6b8d50e4c5dbc79276a647c54c2066b92a9b6379

    SHA256

    3e60d639b70c88661167095c21e9e0d63dac3f09863f0ea1a172f13c95356d6f

    SHA512

    bc25fad8d3ed599860fbc11283a776a7e907fb47b2914159e58e5d282ef6d6dec96bfd06d329f5453fce60cce73eb89a473ccb8f148db0ccb44b3fb6da5b0a81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ded7dd78105db2fabb13e992974e7b7a

    SHA1

    53a5b8d1ef328f13446d2bfda2c1464ebef959de

    SHA256

    2aff38ff6216d6fb6bff150cc590a547cb2a55965c066e37c16062af82583034

    SHA512

    c4076468c4e9040618199f2708db36ce9e2b4fbf33062209211e079ee3843b8e74f267035ac441a2dfd6142a25b41ebdac75fc82ce536b19281c9ee3ec8dffc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    999a670f315285a2fb3a6c6574779c31

    SHA1

    36631f4775c6330bd374c320881b476487177e6f

    SHA256

    c5fdb46b31ce025aeeda6719712046dbbb4cee50551168abde714a54b92a429e

    SHA512

    008d6d23e2067bed99eea1f136c88833ef4f2c4ffd17cdf8841c35f64eff951f98c7dd9a5a3c0a0330661d4ff224fc14a3e2ed42d8c4f59dcacf30035eb27fc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    90242ba68a93f854f281fe4d100a26b1

    SHA1

    a2bb694e94a4846bf797ba928148321eba613108

    SHA256

    1c8ab5ed606cf0a3df9a0709ad43f48247b60ba3729bbe63188e964a453d67d6

    SHA512

    f420318a239ec27f4b5da82fd43a4686ebdf13e7c44431679667eca6f98ecabcbcfd189d0151c4217cf427b2b08b1792ca66670fd617e98c32b00936e6c8c156

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac83c548992a88eaf60ffb6331f394b2

    SHA1

    1ac5b6a75c465d456343c10a91e7469dc0156ece

    SHA256

    3cdd1971051d2b78b640f0c25b81e2fb500ad95811009f19b89d01e76a5cbe95

    SHA512

    6d6f22a60c25a41dbfa78b1580008157d7b375dce7bc21bfb9ee8c14f749182a60900771b211e45bf78f5715bd0e04dbcbe996ff54c01318ff75a753fc22599b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e4d0c11caf3e97bbc7d10e1fe5a616d

    SHA1

    2bb688646ae3cc191c22752234683e09e4384dab

    SHA256

    13372e78b121851e494579e8884caaa53315a1004c4842ae2a7ecdde82720a77

    SHA512

    ee53957cf94e30992c78e5b1b2025f8f8ba0221746afce73b4da64e3501c70687793e6473af6bfbba2e58dc0011916b4a7a6327e9112bdfd94ce1d66de35fb81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49445c9568ad6ca4ddbee3933939d924

    SHA1

    d1cf49791a23cb6e1f0cc667cc3eeaaf098eea5b

    SHA256

    3bbe31ec719b6741c754e55af47dd4c31c9dc4eef80d9fdbc2bd5d5fe1ae4bcd

    SHA512

    3e75309e8e813fc3326e17ab641c34151f3fd2750c3e65abcab5782a8c1c625aeb245b5f1175cb578cba1b2ac77f7b9620052685454071e91dc1a56ab389e426

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a47c81e4a73d18dd57d8a37ebcfc8e4d

    SHA1

    9d0e54a4a5288e6917ee7b5a6fddf3a2f8d8646d

    SHA256

    e8de4f3f9d6c5a081b96ed509548087cd8c8d219e6f050e886b8ab1df2d84a5b

    SHA512

    b35f86543c81df28c22d0c55173ea1d8dda4faa9355700634e7a62111e21fe467b275d650166a00cf419d826a7f92754707971750eb7f76bc368f6006662744c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    40aa17a730b6647948418092ed41af5c

    SHA1

    db590103dcfcb7741d1313e4ff85c7fbbee752b2

    SHA256

    f3f6d7b493b9d8d48870175bc163c9eaa6fcbae481ea8c544ba19765cbefd818

    SHA512

    e8586981c1c70e0d2eba4e249d78d0b57f263697690631503c1219a67d1fd9e99e6bbe50aa7bdafb76a573252a7351ed998bb4376cde1acc68e2b94c8b7d84b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f79c37a94c7b67885ee5aeb50b9c872

    SHA1

    86c7a146ce36e15b1a71182606b3bddec8b6438e

    SHA256

    f11b2ab38d0238b9d07beb1c382e616ae4295978e43d5fb1ed7f40791af31ce8

    SHA512

    e7d605792b8bb03a64a0daf5c8c8c853bfcf15313cd9e6ef1819505d8d0b21e9e40fb801ebca3359c4559d8f01189adf99347f7de1e25bd8dcf4e938ce994186

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e9e7f1a934f7faad4762d0beb7b9197

    SHA1

    6a72650f391ac96a7a4e2067f0338f6ee41e377a

    SHA256

    ce6047878fc58e2a49f707ce926fdd7131780cc78876dd9ea5b8664449187a0c

    SHA512

    e8e566c23eeb98498887b89eed8530e313f163eee096b60cc6047b0010e568fb098e2b024438ca99b9da36542c644aa34f63739b14add367e494d3f9ccd0e351

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c1b1f6b88b47779231b9e8400fe2d418

    SHA1

    9ae2f4494aba7c1cfe29d59cb8dda3f14a3209e4

    SHA256

    4c87865a681deeb8c0e00e363ee1aaebf10d5a1c8694ee1a2d357e7700ec97cc

    SHA512

    0ee2ca74a9f5ca7840566d4c780607a600293decdcc26ebf2e9fe0bd80369e76a220372946642861138f27d3dc1c30f9e1a7b064bdfbdf088708f6e4ab1af662

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4889f9de5cad2ede09da702127b7b23c

    SHA1

    625173fa7463eab2b5d36ab32547f903b681229c

    SHA256

    86de31d39ad5661f7a5c1e7313bb8a3c13f28fc06520e1b895f286008249b2d6

    SHA512

    e6a5c442d44f6c0790f6cb2a056d3afba227e1d75604926705c31c943e3f223c7155fec528fae7bd688e838d781f3e92d4e6922c26019f32da0bc1054c72ecd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bf21be597b9c224c33e9d1f69ddc7543

    SHA1

    37a48e8827e2b9ad6dce1d9bcafd36d756c21b77

    SHA256

    b16d152dbf9d59c0aee5a6f34d5d8366c8dbd8734a5f039b47447de9194f3da5

    SHA512

    76b4933f39022be75a005cf3c28226934ac490e448a2999f3279e5917e23be02381954357a5b66ebfe202e2def4670ab0657f8a25168267ddff4622430b4c7ea

  • C:\Users\Admin\AppData\Local\Temp\Cab5CF1.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar5DFE.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf