Analysis

  • max time kernel
    136s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    20-09-2023 22:00

General

  • Target

    license.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2404 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d96045411a95cc426abde2ab67d38112

    SHA1

    119318351e6dd3b8c9a4d401e4e7f0e580d21605

    SHA256

    3e2c514d1c5a430cd1d4a4e17dd24583af504ab45e9be6731b163f655e8c5c29

    SHA512

    db0838f20c1bfc49baa2ae16dbb274cf70a6924409ed25d2bd524f2765b4c7445066559fbef31fb8074b575e33a968cc776a42c819d6318c733f1bd401c9979c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    93881f46e2d5267839d078f7cc3b15b4

    SHA1

    12f5d4480a515525e55b4fffab28dc49697f1ae1

    SHA256

    9fd1440b3a4da71b14f1a9dedc8d17f39b693f1bd4f88f844fffb67e77445d00

    SHA512

    16743beb04cc03f68d9c38bef49f7fc75ba9001e7346ecc467acc5c45b8f32db022d5c5cfa2b63b7eaace5d461c40ba2ad66eebf7d4729c2d9278c196636ebfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c6afa87c9e7d77da8289fac016f700e4

    SHA1

    b44fb26b3b593bc0e20597b75f09948aeddac0a3

    SHA256

    41fa01cd61ed603c7fa85a4f5e022cb59bbae5a4710e94beeb9345a4b49bce97

    SHA512

    70b565fe3757a01abb5fdda79a9d843d2832d1467ce3b9345021a001a805a051fb1f09894dfc54266296d0cf4a70974a345fc7483b08ff671259d6c2947d95bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88dffd5706f24930141a2a6ac5ae06e3

    SHA1

    6dad0185d69706c1e4a36f39290fb74738dcabf6

    SHA256

    b94a8aa2d4a47d71f4c654877185589c5de571d3605a7456e351b61f6e46d6ee

    SHA512

    6f68849d62ab5a0cb3b78cffa99b48fed860646ad2d8fd4874b06cab031707c5088eaae83d574e18647243018c47171c3e705dac6aabbfd96b073f496d7801e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32fd6b65bec27ba8113b2b786899b54c

    SHA1

    5dff05699c41514eed8e4406737a2a1bcab0bcc6

    SHA256

    c86d9113d96d774ce84f8d28161324a252083a76db26f185a8b516f5cab91a57

    SHA512

    15668dc8dbd84196f8a7b2630084a031cf222b3f57e45d12f250a4cfd8a72cb71b5eb4d7f9ace187bee2ab8547f678d55be62f640cbe64e2fc954fa56e509ada

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a50275ae49f84beb78b3980c4a61790

    SHA1

    b0d42945071daed6c1a2c60d57432edc77587691

    SHA256

    d652038478e0f069d0a58ae4f79518e41961d633c22fa6725e3299a22ba9a14d

    SHA512

    e2c528a3d59ffed914e7535cbc012880b5f3c4e76136416fed2d860954bb911ec7537ef4bfe1337a00f7d87be8ab0f0d38b6649ebdf0d03afc2aab09eda52268

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fdf1cceb65fd1b124bf1c0ab1e5c8115

    SHA1

    14b590442c42975378c5f7da7694a5b933a8c53c

    SHA256

    131bf5ff81767df6d4bd07f3d1dc1bec42d20592b672e9043e5d04bb810aee48

    SHA512

    e93876e4da9bc52b89fcd5b3ef22c5571b7e08d07e26c01457661ea6773f03a97fb2390a71e01e88ddbea98d4daf2b44de41eaf55c635ed704459a47ae34209a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    05beeffbeb77fae5935d47fa07c02f14

    SHA1

    c6831a22f3bc1075b559cf70343107efd183df24

    SHA256

    ca0d8b1b225108307d256dd1d4d8fcb0e2c281a044b2d15e18d1c4340086e514

    SHA512

    35989d8309ff4953e9383ae72689c821688c444ff1fbaf05a330b7672887d16a40b1c71e06d721ec6c94127ec8f2bd72fa02f5889359c3fe17a2b2b2b8e6ff4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    579fa031ed8b175d90b6ffa7c7dfa8b0

    SHA1

    00e0197a760949a2c9e3172970b5d7b29aca5d97

    SHA256

    7d0b274cc0967fd6cfdc17f2c2495697571d4a1d27d6c55e5674573ae8811121

    SHA512

    d74028bd1fe03e0463397f5452d36c565b337b9217f99cef5d70627975456e7237a98a86480c3906de15de737f64ee953609ccf5afed3bd113a790f1229c3400

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae5aafabb1752bcdeb07f534845ffe1b

    SHA1

    e2d9c93d3a120684e872f4b6fa240b825ca058fb

    SHA256

    f40079ff4aa048dfe44f87e70594b030ccd2a72a71a14cf56d5a9ebe52060c56

    SHA512

    7efb214cc6e43a79a6ac54b6583f4c0bf33d257612d4f2962c8a5113b3df5b9d1b6c8a0526e27a8ff082114f0291ed935dbe6e269cbe278b74bdc177f257c5bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a9d34bd7f98fc482bd6ef793bec06f8

    SHA1

    0e79a4d95db350f5b763f8018b46ef108875ff7a

    SHA256

    886645c6beaa822f82869098098e04c784c51faa19ec1aa8be824348057a82a9

    SHA512

    953e8bb3b2d08d2ae59e6fe37ca65563804f617fb60d12ba2bd857f19646cabdf305f56f7109e1003e367086bccc243a6304ca9acb9471c3f82e2979eccddbdc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b8eb4a849928e94ee98117a1ab5d5091

    SHA1

    9141398ac486b988647062c7fb03ecfab92a7214

    SHA256

    728b5a5324e20dfcf532f5be6e1c8c329e14da30905a8a73161e2438548fb7ec

    SHA512

    e6c4987adb02dec1a36038bcc15415863b1471634ae918a65d59979c986880da96606a78dcf05fc958a38f045cd9d82143d9e78bef132aae944da02376ee71e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    73867c3efab534c39297dca49f0145a8

    SHA1

    2cb4a9ccd5460b2d4031909f9275489c26cfb404

    SHA256

    e36455061c9ba3ead82acbfcf4eb44e0e4fd2dcb0bb933716e68a146bf63d5fa

    SHA512

    242b40c0a6c5cff2f916c7db830f3a03c8854ad1bbf91b5aaad94b5f58763201b61e5dd20127381a774cd23a2c800c000be1f3be39489bfb8c1663d699096d0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1765286db10ed6d1041352d3f172693

    SHA1

    0553af56b63db2c25ffdb6e8056b8f431bb62d32

    SHA256

    a6d98174b662899922cdcaa122de954086b8a18e0189c65625e70748a7f4569a

    SHA512

    bb27c40e7f31b37bdf3808d2ec6d585b1a901caafbdafceee764338ede54337f7e054110d437024f6a12dbcee5fe1e6f9eaafc077f2b70629a0595f99b30f0e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    210a205236cc524612b2e10051ebbe00

    SHA1

    612e0993909953aed189b0d0fcf889688858ac7d

    SHA256

    b651ea0f15524c69f1eaef5bef3c82ac2d6179f3166fb77a06889e2c8151f056

    SHA512

    40cec9d9fe78b08424f8f883686d2395b3e90fdb44ea00bc3f298deec3fb20fb089a722f2ef2182fef5b4318c33e98267b65ddd82f14de71ca3e53c930760f62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    985787a68d99beb1f7af41ad92e8237f

    SHA1

    09525fbc587bdd6733282d5457815d7300515377

    SHA256

    3b105704483201778bc26fe3760c44d91bd4cbad42df00f735a553a8f2826f41

    SHA512

    7923ee74a64a4b9e9856a87d7431b58e0db533b954237002a4be284934f73750f6d00b3b82e1b1fe4b7536fdad9f76c8e7eb2e463d722ad5ff8178666cdcfcae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    af56a6aa0a01a92d8335f6bff9ed8d14

    SHA1

    c98cab87035b02a8aed00d994fc760f6e7d934be

    SHA256

    41490f1685667687d3ca16da53b8353b1b367a6fd6493db63e50b43bb3d7d569

    SHA512

    d242e1f8305416c0a078707fbf655b31751bfaec93890cd7310beafe02ba26ee6e480b56d4656fbeca6118b9efa50cfe91de85d8a20cd13dad4063bc51ebfe7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a3e239969c5e857dddf0d59d7448aa67

    SHA1

    d3aa5ad4cfd64bd5aab2f58e76c199ca89d7d411

    SHA256

    e6bcc798b52d384545c89d367c47024fbdbce778caeccde5d44fcf271cb5ac39

    SHA512

    6022e75d9f7f0287ded8e5dc213b425110ee958cf0454eb90672d0820f96ad47af363666f2689d78cfe09b12475a198ac2ede117c4c8eeb373b6ea4976a2a4a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f38af00dcbf6bc490c602bf47f6a14c

    SHA1

    59902397a2e29ffb3253b69c492417c524ee4d55

    SHA256

    aa2be953a6a1ecc21428c8fc04cac51963f2e64042efd98740a1509329247d38

    SHA512

    c82a1de7a34661fbb1c6a71993973b8f8bbc95733430e9d3c2d0353a727af23f362d1eb60a7390278362d2b3f75f8d5da4190e4be610b9a361a9600a8127ba56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d0e5c8550f2a87bb345df975adf409f

    SHA1

    996e924ce546d8648aff1382e362a01299863088

    SHA256

    c396a815874b6366db10c77d5e07658c3249e7669f76ad72356f9bf652598c46

    SHA512

    041c3913550f1e9b35101b3dca1b9cd6c50fa104936f0dbf567bcb6d7bd4488c4650135a0a305c018cf3992a1830bf045f1ffae80e416145787db50ab937243f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a69e05dc8fd275e2dd573286fcd445c4

    SHA1

    306a6611bcd583185b964c9dbd316c3ed840e351

    SHA256

    afd400a778e1232b559261c378c12185f77740b48483573b27fd2f635ddcc164

    SHA512

    43cdfbcb5f971a24faa292e81accc8180cf1474ec7d0db0cbce1aba6d797662d5320afe86844b830d7289081982817c25e6a761529decadfc285d30060d408c7

  • C:\Users\Admin\AppData\Local\Temp\Cab5A61.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar7851.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf