Analysis

  • max time kernel
    136s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04-10-2023 22:00

General

  • Target

    consentform.html

  • Size

    27KB

  • MD5

    7a2ed1a6df8839dd8936a86d9edccabe

  • SHA1

    7bc1af528444afca678905059cb1ba9fade65352

  • SHA256

    d02fbd55c1b5da3fa1f77c52f5633421395a3bf228457521512b37cdacd65f9c

  • SHA512

    ea0c3e512b37e340f4c0a49196344f1dd5aef38c469ba124605518e913be601a5b6a92a50f00e962bc90041bb80e51480254c7902032d894b7d24be5aec47097

  • SSDEEP

    768:wEh4FOT6bJdK0D7fkvaqF1b6cY4c5rC28c54NTc5Jt:th44GbJdKoncY4c5Wc5wc57

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\consentform.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    f5a48b2bc037dd8880206bd0f4d9821f

    SHA1

    cc8b497b0345d8f541c6687627dfd3f180369ce4

    SHA256

    1bd0fe2b9eff1b027ba7189637e01ecf53f4e3ee2aeebb1a14948118e493773f

    SHA512

    b2e542680c9d1e568e110db9eb87492677db89722c7b9f07a403181c954d49ed1e2b3a44255d93de3ff356f6faea4d53bf59d1a354a4aa679abc2fcd255c1a0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    64ed01a314394a2f4c1ca94f3995a468

    SHA1

    17296cbb9c6f1e94412f830727e983598975c634

    SHA256

    9e81d35e1e0a4d4db372de8928c338ba0e145083c2454aa5686e57384de4df17

    SHA512

    89e0c4572d1a091ad47e1d2384a25f93d872342739b8ad08fbba40e7da9f64758c5bc6d52e2eec8833f64ebb97b1a3eb6ff5f1ae2826cafd1029526111110027

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    698ae35b5fcecc3e7e29023d24e79698

    SHA1

    2f0c7198c21f2caf36793d84a53848b5d0f835b8

    SHA256

    a390d07201c589354b654c052ebe9be307705b2bf424040aedc9c957b9a79b08

    SHA512

    846cf037b10bed875871bb4fc3e6b767b5ee37c80887d9b7be50788cfe3d03f0c3fb0b962184e967ebda065bb16daf60ea7a9bdcc7cded4c8753e57259909fb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    98ec963e8721decf13fc3e3fb6f2d289

    SHA1

    2ac417fb3d5f7c942587c98fd052a0606022593d

    SHA256

    42a373115f467c9c2476d4fd738c348559cfdc6befe218e71688535b8df80a63

    SHA512

    bcbe1ce54ccff82ea0e6744d0d7674d0990de0d40d2c13c7562f48b744e76421a5c66f960580dede046172b6cdb9513e770fabed222f60801699dbeb707be232

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c0878a87771d7596b23bbf7fdf4658bc

    SHA1

    6ecba3c790d9ef4e36cd9c8a2e118f9ad2e35fda

    SHA256

    93bce75330dbc39d20375097d5a21f2fded1fecaced0319de2e229f0fc0e9722

    SHA512

    9bd3791288a56008bdcb9dea5576934666f730d0f00b5e955b804b17bf3eadcc597d2f973069cc1c50b3f56838b1bef0f4eee630ff0cd45975177eaf8ffa6c66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eb7dcb6f8c42153cbe0e78ff7e8b7cd5

    SHA1

    283e3f833ec986a9851b1363bf0f9b645f79fd07

    SHA256

    96e961d0edd32a6a6c3e910933f479ac8fc6ecc7372140d68d344958d87faf21

    SHA512

    8b8d972dd57d6673e9bdba500528f3825a96e3e212ad2c477af49c573094b72e112dffe81b93f0845118c43c4e708446d2d15aa1c1119b874c54f27e0501fd96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96c7faa8aece785d8be75ac4802f6af2

    SHA1

    339796f90aaefcbcc0a59d2d3e6247a37d09fe13

    SHA256

    2a573d94c771cb7c1cad9f262b6806f50b1affe886fbf49309d1a78e0991d686

    SHA512

    9d527670ac1842da53eee2a11f0b1950fd7e69b0d63dc4f27e537e8c07d909d70f8545e79840bbcdd5b32488f3201599d52c6c8e93487433c3f57b28f1d8ae46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4317f7e9e55d369dd0e077259077167e

    SHA1

    257ea51e9213fed5a48115704a123c263b430602

    SHA256

    cf4046eab084e6eea20ff27068a73c880e8341703f21a331f4a91b0681e0c908

    SHA512

    b995b367d719eaba08e4bf5acdccfe59f79f9ef80e047c446161ca3adff2b8efd27d1876367aeb85ff5767ceb38e41d3dda6542e1f9ea859c0e3374181311405

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5386c5cd42fcc012a1c21a1b45e489e0

    SHA1

    e9e5bdcd283a775a3c64a812429961475d889763

    SHA256

    79498ea2a48f33e2e0a37780d76f9f45340e962928b80e053fd3ea1c7c18bb3e

    SHA512

    d205dca5e39e7e4a70695a7a6f6121bf4d54732eff8a2207db0dc7a2583b541e448d973682a72ba787382624a791fd7a796daf19aa0d732d8385d5e21fc04144

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3b55f50adc89e94ff784966ab26b4b4c

    SHA1

    c75d9efd6c0efa15f636972893874d44f858dbc8

    SHA256

    6b315fb4b5795e119518bca8c396c5adf57d3ce18ea80d39f1581445fa78e0f0

    SHA512

    ec09f67e2e8f2e354c7b7759d7b5849fcabd8d3a22f4145540884987198d5f60033cc56a403e3d82bac749b53009c32574f118fa21486ae482765d5ba752bbd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c92159bb73304d53689c225a9d899984

    SHA1

    cf60eeea8f8ff1d536eca8cf60d1fd793438a8e2

    SHA256

    93ac3c55844a957646dc4c76510ab649801015e3a478f55507cb79c0ba424527

    SHA512

    58d258cd34bfb0aa6907f4fb9d2d2921b5642a8d370a1b28275ae4d6ebc1ef3434c6d532cea1ce9705272957e539b6ac255d8a50066a3657a0a145d27fdcd119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d4b53229a50486db65f7de78eaa1b1b

    SHA1

    b5ebe6128223d8406e8749df1fb76ed25292f9ee

    SHA256

    885519efd4db9f45459d1f9613fc562640d8d414a89afbd8c4b06a94d3631d32

    SHA512

    fb9edb7b955ca78bd5cfb29d061daf279919f643aadd7c906c87ba9eecd99112003f063c9d51846a9ff85fbd402e4f72692fb7fe216900ebadae9b8627f19ef3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a96f225a14b62e4f84b0af67f437d47b

    SHA1

    a02d51f80b7ccadd867eef221f1fddb43445fcf2

    SHA256

    e540b3699dc45dcbc81b4a0884af09cd22fd6f19639a93a4e142f27a0adcb3dc

    SHA512

    6841a24facec3151040d2c52dd1709d0409c7bb2a187dbd344800aba389dfba6d9bed8a8d629186e8d56cfae4219d5c0a1686fd3cad153c397336e7fe9d245b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    af24b0f5819db5c0038639b4f0e9084b

    SHA1

    5a2c63bd04922ba4d4fd6c7c9bbbbcf310ffae87

    SHA256

    c3d45cbc66ee5e899e4d09ed72c3c7521915ffacb29f052fa88cafc71d3a86cb

    SHA512

    2b13ec6162e37acb5f45dfaeae2be460948fa9c6777c594cc9cf4ab583865440b34da63d4e05b34b3c3a1d872c4726ffd51f1aa9bfce516354aa6fc7c5f9cfc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2b5cb44a7fa71338c8bbba123bd33f14

    SHA1

    ca99a98fe0fa7f617d940d319f05609c583b3685

    SHA256

    c82b4a51996ec3c1833e99c9fa8c5083fc46cfbde4a34521d3f8dd7b30be1ade

    SHA512

    117def4520504329e372c3ed8975c9f3ef40a69330ba37bdd47919601e7d0cf387ca6d33c520cdaa52f10eab27ba10e86badd8a56f93c057695685e2399520e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a106d8505eae260b28a6163fca36607

    SHA1

    38309ade26a351639b3b892a3b5a4d92432cacf9

    SHA256

    36b3c702c5235e78065768a28d28271a3941af97ac173281ce31d119228235e5

    SHA512

    f269b9a2a8da87b311c34b074d868d3a750f7da79a9badb7e937b5e54a6e27849c66cd982472562fa4ee2c4540712bb44842710e5a337ff903faba505c2d68af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c47f4b8a77a50516ffa1daf111a757fa

    SHA1

    c821c4251304c31fe84d24ceb2c9d8a4e4fab10b

    SHA256

    1c2b27b341355cef55f4d2c72e580f3f9d91b9df4be29ce525cfbb2a00ab8abe

    SHA512

    c221b8c2de78f292ef7cdae4fdc12e4e17090de41264fba966ff425c21b1afbe700693eebea57ef5599fdff8de4a166a74301316013bd9e0281e296b0c02a080

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    996334a7d9e3177d462c050ca517ca7a

    SHA1

    f1ffd28416e9c61fdc7119a93880bfcd453d66ab

    SHA256

    7baf374904bb62dcb3332b4814678644df6610fc1e36ddd0741aac8774d2dcb1

    SHA512

    78d61ff3cb19c5e0e3e7a213b4fac06bb98d2c91bd15cf9633d1d506ca9e208fa22e683166fb64ff628df88cc380effc3aeab27e31a8ad358b44bd6dc109d962

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    89499ea9346244ba1aee19604338a1cf

    SHA1

    ef9b1e77fcf57fc3746c96c01632f4330b1a2aef

    SHA256

    71bfd78be3217231093a4f7155e50784236e0399f49ae2742c1a561c23669748

    SHA512

    245ce1524c4a29f0577e6f9c34a5dad4cf42594d77058d432c53ca2a34acfe668aff9f3cba5b1a6f1b6d6da3cba97b523aba9c0395008fa8798d456060ceeaac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7dcca3fc5d636d8ec398e202fb0a4190

    SHA1

    d6f1f7fe8174cbde246b421beb78c34f72b64e88

    SHA256

    6fff609a8fc250d0881d9964e1b645c838c9c6a113d0c4740ef0461bb801873a

    SHA512

    690152c287c93d88997f0234c8a092ea7aaf9f9522ce52155a38206cb93f1ea70120bee89e614ac8343631a778110e10d32bf606b950bb8646b8de9ea00af189

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76955ed0117a706721865a3ef62cd1df

    SHA1

    8d4c9ddfb1c06fedfa200202f7ac67968030f032

    SHA256

    96d441b717966efabea47a1435be22e804c564a9ea2b6971f1ec92f8fc98cd8a

    SHA512

    47e2b03b221291dcecdc5c6223cc7c91c215f603a63c317c4a0fb00f576089e97ef70dad8d0278f6cb26d674f0173fb8dedb5c602966a177b10ef63035d91136

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed2e79aac14ed4f1aa8597a561623dee

    SHA1

    c0ea8f8c7a1d141697eae55028fb8ebceb13b608

    SHA256

    6c3c6a0e055eaf4fbe2f4a73d0cf5f2a8755126c3caab7235b64f65bbb38b1f8

    SHA512

    198974dfb427198187cf03b006307032d9982c348ff5d9e91f301b513607a2f6f6e9279ec4ea89d889c20a0fff178ad0fe3a9a09aa290fd03409a312ed815894

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    76e3d83452353dad75b088423a7bda90

    SHA1

    365474e9d93f4539cbc861bb49c4b8d77203daf7

    SHA256

    2b7fe8e138de539ae6e462e4396e5e16ada600dda5ad377fa5ee729dd76753aa

    SHA512

    6ee1c7b3038cb82a77062fac670828f08b3677a384f862d024918948eccff059e7be244371e290b2b846f3e20b88ef8250787783585e34c74beb73df4a7bb91e

  • C:\Users\Admin\AppData\Local\Temp\Cab5C54.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar5C57.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf