Resubmissions

25-09-2023 22:51

230925-2ssm5adg99 10

25-09-2023 22:50

230925-2skyaacf3s 7

25-09-2023 22:49

230925-2rsxhacf2v 7

25-09-2023 19:47

230925-yhh46ace26 10

Analysis

  • max time kernel
    135s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    25-09-2023 19:47

General

  • Target

    ad.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ad.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2873d44e6785ac71eb62574d38c03b6d

    SHA1

    8401c30cfe37e50e8a52032648f871e176dc6d1d

    SHA256

    1c6acff057bb590a0bc8f9abc17e24401e6bf1418b6630c5e91047950f0cc989

    SHA512

    e66377efab1819b3c043de1a60e6e49e9d87cc394c939cc4d4fbc600c9c0fcf2b307991eaa823a3adebca7efe8148c2a854129489d978b3f58d28b35283280a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    04692511d9c04b6f7f0f3b3c0fb34b3c

    SHA1

    b4ca3e47a19898ca01107ee13df63b5c6ebe4452

    SHA256

    53e5ab58c5f45c11a6c9329ce687c80090f39a332d655031120906ce29a186ec

    SHA512

    cdb1a7f6ac6e2e57adb1189fc4e440c409d084f84108976c50478375e979a5242f823b2f984180643c0c746dd6169054ee36deeeecbe4534eb63e9b505692836

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    328b4e70f85dcae7adfc45afc054b7dd

    SHA1

    da44a798ff9ff9f5ecdf1ce5ed597cecc4d216de

    SHA256

    35daf1d97c626ea8d79fa6b28078cb2c6d78d6c46b3351f29d3e43f0d37cbbe3

    SHA512

    7268283e6edb9d08594dd46f21ef9afe2260e38e07ed9d3a205eac04414ae998c55f92b79ad6229bb521f290265ab51a39df63f304d4a1de31e751e5a9dddfa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1c33c6a63315849dcbe4ba0ac12f1ea

    SHA1

    4767c6cd172c582efe3bb95638a45d3cb978c714

    SHA256

    8482f672861299f2ea43882c2930033a0afc0d3ad3f27c9b18aa7f4fffa6604e

    SHA512

    97ec6d4de3d6412255f2df0cafc139b5411f849fe45ad921f6d6c1256fdfc19675e726a045823f1a2437572eeaa30f865a6fec65e3270519674e0ef5e24726a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d44b6ccbfbdb46c7adf8a3a2cf5922c

    SHA1

    58b3c3243a6519c142f030f4342f37cbbefd8e6c

    SHA256

    099868aabc49d99912fc874ff8ba23ec4ae380c4fdc343cb8ca83b364f39c645

    SHA512

    c804474ccbda5fa65467c0a664992a169d0dc9566e05d01687ff4c64968298b7cfe420e11a2f521a53d6fab7662bf1090d57dadc5fcbf78ea764f753b71e87a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8407cc9e92608036a867422af1ffa60

    SHA1

    f7b6bc3c3d98f5333092b65d45b39522776f2f3d

    SHA256

    5a095bf32abbde5bbdab5762c17909f1ec25d8520e7fb41c386e8cac44151369

    SHA512

    4e406a34d71d13428222ed7dd610656923071ffead2271df9eca124c6a1f9047fe367a63ad6841d0663a267cdf4197e3cc5bdbb84d3fac32879d41afbcd3c452

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1ab9fbe05e86896287bc3461dc0322e

    SHA1

    629593af231fc4cf12478176fd3fe5dac4a987a2

    SHA256

    b566e5844847bbe0c2f3193114f528714b118da03171e215eac0bf45d406589e

    SHA512

    5ba30464cc310ad4d337a0c06f42e608e4af0e9ff488ee8c348d3c165ef4d5c2cf26a789b5c64246358c67a3f80cec2dd126b89a9a5e8d08cfde8fe92e8f3769

  • C:\Users\Admin\AppData\Local\Temp\Cab81E2.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar8204.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf