Resubmissions

25-09-2023 22:51

230925-2ssm5adg99 10

25-09-2023 22:50

230925-2skyaacf3s 7

25-09-2023 22:49

230925-2rsxhacf2v 7

25-09-2023 19:47

230925-yhh46ace26 10

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    25-09-2023 19:47

General

  • Target

    blood_pressure_entry_local.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\blood_pressure_entry_local.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2dde895e04c5ad39a6c3cf919b4b6f9

    SHA1

    01698b88adf18756b7800600479a8383cfee8fd2

    SHA256

    90eacf1e9f18ac8869f4c233d2a9e46d879f4ed1c61d23acd72fb2e8ec10d910

    SHA512

    46b9d65d85f8b872aa3c4117212b1a23524d5e44267cd091feb08d74832838acb2e7723081a1cad57f69c1a2e2242210f851e3c15ecd581551387242aaa18436

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    84e207ebcf21b4b8371d6790e816e637

    SHA1

    02c780940124a75a975dd4c186d18201158bbc9b

    SHA256

    08ae7e4d3f42bac854cd034d0e3c17dfb32d32cb1e0793193d674e96058bfbff

    SHA512

    e45d8e91a1077eea269121b92bf5ba4067a32d014072badf460e84b2a18485395d70d34c17276970c24c11ea75a728bc707c8310159107020b817db3cf9ddcb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72bef9921df85a73ceb26f2909bc9a08

    SHA1

    939a61e91b1669fec0d5f4232468f847a5a68512

    SHA256

    f4d493339d2f6a933aae982960dd849fae06fdf727df9bf37539ee2fd799a864

    SHA512

    ca04ca51be86abb94966406987d6eb7c7cf47f6a6a4d667c864ba18a3c4185191ac54749a516e0f3344bd9300b87529131686e0eb25f7fb5bf0be245e695619a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    326b9cdb6a071c68b7f48a81249b26b0

    SHA1

    6e8a9830b2aeecfb5bc30dd894f6246a579d075e

    SHA256

    7bc1f70971b4d57e1facb452e249b571ea8cd2691c54e7553c71312fa5b493a9

    SHA512

    94bd46dba29e75aab4b8eb007a19462da9f97852aa8ee67bdc8493a2d062a001665facd0fcd9ea8493d99aa70a07142342884cb42f78c1a79d8caaaf8bff0b1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    acd8c70b6d8aae92a103907f638f2c41

    SHA1

    1b743d442e1dd21c7cc44036d2a9b8e26ec74587

    SHA256

    6502d339c971b3dea7b2f4bfeca18e0b9ec9e5bcc1d3ebbed46358756d01e692

    SHA512

    6b135435c6510ee29434b383e8c92555aef57b4e865a8a7e656f1dc7eb85a6d75d29c71f1bd05e89c4f1716e94b084cc11678d96117ace4c69e83fe34b75afcf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8bb194e2406988b1dcc10bc1f9c0e9b5

    SHA1

    24ac3227ff5af6b2430a12f0641a951b02a4ee76

    SHA256

    67b2d1764be0089f42a04887e4e97391dd52b1783ba41848dcaa9bbeb748e5c7

    SHA512

    21f871eecd5a80959cdb5f0518f5e97a8d01ae6c5ff2fbc252efe1152cc596a03dab36dbec95c69a4a3f286beb907957c7a77dd095e5b277b5eb97dbb8168d42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    232f52c5e17cee54028a6c8a39d6def3

    SHA1

    d651183cfc3815b105204f33b064340929b4e554

    SHA256

    a8eb005bcbe24438d1b3b003ebaad364d41b966484bb67feb41451ca423443f0

    SHA512

    beff885016c9acd8b6e81060d795dace1b82e7882998b6bc082e7ea155c43197bd3bbbae82f280cc8a8a7280778cca531955dc2d75f6af359a68424baf3942a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0fb67c1ba181b932e1649cafb1a0025d

    SHA1

    192e67012d5e0330e1430c242f1af9dd2f678ee6

    SHA256

    936a9bb130ad87a25c37427b7c6600028cb4fbf13a419904d21b5de5671fae89

    SHA512

    b468f3468fdbb9ae12d7164531727deabb296e5c191cff05842fa8b49198a420910301558a70d1e61d1c2167bd8a8c5de3f54b1111cd0170c2d72f92c9807627

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ce1816be1e6b6f65f6a34a2f1d1c9712

    SHA1

    cc63f6834110ac4174cf5aef627ba4919592a6d4

    SHA256

    89b5e87a679401b28961f485ec962b68f95cd42b403ff40492b447ab92adc0d4

    SHA512

    89c87c00b8f2e2e135c62a2b54ec0f16a6d1b2a62d81e75bbde2e70fcef260e7d89f3c9d2cc99a2bcfc88280bcd2b6e4c264ad31b9c8626ddc72bb3e7fa2fc66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9a87e7beb3affb0ef453d2981d6fc15

    SHA1

    9d7e586de57fee1297e722f5833a6d83d5ade697

    SHA256

    cae48bb698c2a229c5594c03cbda3f2464f66e280c195b47abdd85ae2ea7a0a1

    SHA512

    1070c3269998a2bf18b806302712ca0afd620916832e506520d839e2ea13d203a395d837d61d0a3e969407c25f95795f71ffee90bc1be4bec2a69e3e66985879

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e3dd6f6f304b6a3c7a71730b154899c6

    SHA1

    090c18d66ff82b17dda1b8ac629801bb5ecb6977

    SHA256

    5a641d1ea2cefa9b223fb9b0c18d9593e4fd8dfd71b979e13132350b4393ac37

    SHA512

    bf475ecbafea608b8ef79cbbe125fff3fec59e5762b3433c7ba6dc15bf3616ea7609d5dcde8d1499be24c07c607ab7bef8af1bb19b088a1bba32b707f4cb5dc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    281c45cd411aa978aed0ce8567d82d17

    SHA1

    d6b3c592b7ad40f23c3c3336e1c9138cbb621af9

    SHA256

    79c87b54c4f540617487f6fbe81f949a2a962cd373ab1118ec8cbb0e7db6f7d0

    SHA512

    5c9cb455c4d66bd4e382b8f15bfb00485618da01cfbd7392cc2944dc2ecea6dd6f0c180ea810fc1dafc2d3114da4d78dbed691e94844ccc445c166debb2e573f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    808ed226688e1e03e858d3538f96d9b3

    SHA1

    d82030d35cbfb34b62b309dce69ddfa810204430

    SHA256

    66bad98f28edfa8821a724390156104fc8cdbd54cb84d4c1648c251a0030d015

    SHA512

    099a0099648c424e224da1e49922355aa380a19ba6020973b690341677d6dddab60476e1cada31c773ff12a22f4d82bc679874d2df0711e2b96047a3d62a3b9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1211e0379edd0899362d7ec10ec726ce

    SHA1

    d5d69d9401443e7ee14b3f5ec8f042225a77f1f8

    SHA256

    da4c04d9d74e1caf55bfc07b601469f16a6fe05e130b3d96356dca42b4383dbd

    SHA512

    f851250361cc05205f848a901bf51053b4c0fc6c6742c747d7c92ac908e75e7682277f0e05630fdc3e9cc0839f1eec08e32bd6ef31cdc5e140c77f4a4b6a7e3a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6c087ad987409fd1a93477493cf45f6

    SHA1

    a715ec066124967f0dd0f9a90eaebffc67dc87fa

    SHA256

    fe9398844153a7f9242b47f2852b8fc34b0740bad47ec1293c67ca1b7185dd1e

    SHA512

    c2d55182c7976edea97d9f3c9d792c1a9a093b36a9538e1221b1781bd270381b837257be23c79db6fb5c6bfefb89d4f28d494d2591ab01dad75658fdcb2990cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e401773025a5e8e093dcc4bf03ba46c2

    SHA1

    ad24b29b2558b272280b7e8f24f9548081f3ef73

    SHA256

    8435d2057965ec2b257e9b7f1506c2f12d5f645ddebb6433c12563d145baa186

    SHA512

    090b6b1600fe15769263d81a9ad301dfa637164f47ae2fb979fc444833f40b40a72a43a763ad5d723b6b33c70328459687fa5387e311d6bc93a73baa6396df99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3daca3b984213ebc3dd2550409f57e05

    SHA1

    ff04be3f33285ba1379495bc9262757b23a6e929

    SHA256

    834defe39ba3e28a18dbc435f20a56ba492c5d888e727c2c4796249bac490d44

    SHA512

    1e489e2af213ff53643fe758d81df81158c93e823bd1a140bb017af5995206def538d92af6a21202eb2c99f578a235f45c8a1cf6ff44df8ef56c2bc1c4d61706

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6fcccd3b17efe244c3dee05ccacb062

    SHA1

    1637b7766b1a9264c6675162bf65fb1d5da3ac8c

    SHA256

    6a0374dbdf9c2984ceb20f2442cd75b001676f61040990dae4f3ec649c6c7f70

    SHA512

    aceaeee1805c0440c1927d6feb1a4c16af53eb2ef1366d31e6e9b3260edd22515db367a29aee55d2eeaaefbf62cf49c66c1ee19ba9b468475e4b0675f0a02011

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    46e3c09af38bbd50bf646547c0aa6f3f

    SHA1

    5f72b39ff7531071c1a50c9485e4f536d60677e2

    SHA256

    f46f9f68ea43cf9849da3a05c4d50ee3213ec42d86879e563fd6314c9ccab35d

    SHA512

    df88f57924e97e69653dbf41b14f22ced3edacd20a153a0083d9ac4e0eaf22cebe98bd5d95108f54c6ff0f41a5fe855c640171cbe944e6643e61682076cb9184

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f9d97768074d877cbc34707318319e2

    SHA1

    75c25a3e59d1031e733aec49dd25a1783228e63a

    SHA256

    064ff0e748d6b328705f3f06a64b3c11c9d60f2f29849caf10a47b7b171c4251

    SHA512

    040120f07346b91bc2d6a4692e781d242fd6fd1e9625d07c5c6e6e7d7847a903254009a950cf65d92a874a166710d92a07e881e15ab5784dd4b4e89733556a3a

  • C:\Users\Admin\AppData\Local\Temp\Cab50B0.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar5142.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf