Overview

overview

8

Static

static

3

HorionInjector.exe

windows7-x64

1

HorionInjector.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    64s
  • max time network
    58s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 16:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HorionInjector.exe

  • Size

    147KB

  • MD5

    6b5b6e625de774e5c285712b7c4a0da7

  • SHA1

    317099aef530afbe3a0c5d6a2743d51e04805267

  • SHA256

    2d79af8e1ff3465703e1dc73d3ef2182fd269ea2609c8afabdf1b80693405c1d

  • SHA512

    104609adf666588af4e152ec7891cedafd89ad8d427063d03fb42a228babefc59428b0c8b1430cb3fc319a5014d2ee1083ff2b74fa585cab2d86cdad346e8b08

  • SSDEEP

    3072:ckgHqUGSCoEslON/q178+oO3BAE4T/DvueX:cNHqUGSCPBh+7VST/Ke

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HorionInjector.exe
    "C:\Users\Admin\AppData\Local\Temp\HorionInjector.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2384
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2568

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b00263ad373f14f1a33e5aa2c3d12a3

    SHA1

    d46d9232c1b764a836dfea42c4a1da0104452347

    SHA256

    0cb12f76405ff58d86050e940ccee4137fb27b4ac02bb51164702d98c2fad854

    SHA512

    97571415de028576d95b70b573e986ae200e8692f195aecf7b34b0b04dc59eed0a63b711e2437ebed643d14b11c3f9dae893fd3942db6104d547d3519354efb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db2f821aef1e745b0244baf17eb9d36f

    SHA1

    9c59c5293bb9f8333b50564581e14d39ea1da9df

    SHA256

    4a27a5fde0549f5f7d3ffdeebcc56dd2a9c5e0ad9b0e017dd9357b51b9c2348b

    SHA512

    19b418bf2686a0867b4a7bd6d88acbace632095a961563d907974b2c841a622f0d5d59b076165ce32d5b132986cdd1734135eb0e4ef0ca69070e6a5330ff3e05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5dd6011f86a3e38be73eb3794335e884

    SHA1

    137d73709e249d060de92cc6e1fd4eba548bbc7b

    SHA256

    172483c6c41ad1df3f2c811eb75376a4bff24d805cf93e1f17fed576a4ed048e

    SHA512

    882a533a2ff65632518a22c85af44974cbd2c4110b705a6d7315e9cb59867b055e10c402bea0a82b39817070519ff3fbc5d5f94852a5ae787baeb4a21a2d2b87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae03f1079df978a9e7fcdf2482c965f3

    SHA1

    6a4db6ddbcde77bb192c33df238efa3c53d70425

    SHA256

    bc420cf4f4e9cba6f1d0c910ddd41d65230e3551aafb646427f4a0257b8e561f

    SHA512

    5c628217bb44f7ccfc7bcedd57c1ba0c9b4ea2ded5252213d5e878d868d947794940db7d347cb4c03ef2973befb779f717a0886151ffaf20b8b0ad76664fed49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3535d6929fde0bd0d4c30d8b49140c2c

    SHA1

    b553f3d4833669f7301bec1d83df4e50967002d3

    SHA256

    fbe56e51402f09ae7ba95bee2c417e7c575a3ce6ad242290421ddb0f9eb666b7

    SHA512

    13fb795d75356dcd3e9d6c502da02a658ec0076495d5db0c483cf82eee01c4b0470e3dec3cf104c96f3fab5b9cc5f6f3b913943fa788508c5ff07117a7080fed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cd1bce4c26663b03c2341c4257acbdb

    SHA1

    6832fe4e50263cf25b68c0b7bb3554a89c5ef883

    SHA256

    86745086513fb5ca39a46ffd58052a00af0f2d9c41ba71821b7240361fa5116d

    SHA512

    68f6f80282523a15fa6dd200d260b3de64baba520cfc837d63f7f72c3bd5c2c5be761a63f690499f91faa6e12c59ffd1d867abcbf238b86268e19c4e7b838330

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    828a5eed3d5dd2984051afe12e541f1c

    SHA1

    332f420efa7821d42758a5fc57b27c73f8e3a00d

    SHA256

    d1f6972fedf6cf723b5e5665b36b6d9a9a1545027df429f68594b0017d7b84cb

    SHA512

    0307018180761e808567ed0d7b0f04bbe7cf4c76cf781690b8532950ece42aca34388157580f99e8f3caa99ea82c43c3488ebd25766b21a1f26a1cb727c910c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bad80f3e552ba7e64e5428999407e3f5

    SHA1

    bd41fb0a454522bc3373130205453647f7203408

    SHA256

    fd479f5b15088b04e18ca6e1d2150b5fd1dabb9b4bea550c5ab8ddb345681379

    SHA512

    9a242abfb5418c3b9385a3cf189b117bb8249fe9a50bcaecb42ed85f87a2981111396188efbb6c353f86ecd3e004233842557e4977a64ea7bead4d2a79f1bb8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e3882b2c48802fce63703cc0bd9e25f

    SHA1

    8cf8b37044d7be9c9cf5afd1ee27a111e3485d43

    SHA256

    a597961ceb9f45a2a7396a993ba70edc79fd9d8f03f1b3a64eae23b7f3811128

    SHA512

    69a0e010e488a10f55249fbf6b700273b5eea1c66d8330e55aee21d5b5dc71fd9701cdfce2e2c428132525f7f76153fdfda5262035b49f1ded9f403d4c0b8b35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f64cb29137a2f391a2f5ce60f7c18e60

    SHA1

    8aee53c85f289235594461a500ebc35bf8de2ae6

    SHA256

    90d4e424682afc3a94c36211ce2e01a3abff89ed5d19cddcb11bba5990fff256

    SHA512

    4f909e593df89ba6f2a361b1370af0f6757c3fcaba043b4fc606d83d721a350a749acb0927111cfc75e72492970c6ffa9597f22c74999dd9aa8bf1aa824add1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e02bf06fb9acccc6dcddcdd4c586d020

    SHA1

    b7551bba926037a36240129e6ad13a500d775392

    SHA256

    af0034177cb51c63c72811841c4653dbf93fabd8c8dde49bef8f6989b0737021

    SHA512

    67e11dbfabf89cb63a76769697672a9d5d38b3bac0e7468dd746ab462dd71b02a44419ef9365a36b74f7dd0877ddad8136ab7696450ef6ea99322449c9e07c8a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\zo0jyaj\imagestore.dat
    Filesize

    1KB

    MD5

    251fe372a72952cdde8ce8ec8c6ea965

    SHA1

    d2e59264c94c494cb04eaef8fcd376ff17d778de

    SHA256

    ba9b6b2480a12c42ae42386d67ecde40dbd518f77b82f98a9bdc3dc3b87d3991

    SHA512

    fb5e5cdb913de268d2ef84306b38fea7c39018187ff54cddf1b24a71109679dfd5c4f050cd53b04b055e967861b378f1fc4d24e7412142b0bc4165c0c06c99f5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HCMMLZVL\favicon[1].ico
    Filesize

    1KB

    MD5

    e4b756fc9d2ce9403e6d09f3d640fc0d

    SHA1

    f816451ae8d526565cad33d70d7cfc4326d28639

    SHA256

    f5c3af6caa64db0820aee0ea4078ed9d638b4f5042db56b11062784c75b607ae

    SHA512

    97955b66fbcc8574dabbeff2a66eeda504d823db5472b006c9e5c0b8baedd3ead68dd02dabdc707ff7e705b68957b5639f9b38cacc7e7cfa9949a4c8760185af

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDD26.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE289.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • memory/2384-7-0x000000001BCB0000-0x000000001BD30000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2384-8-0x000000001BCB0000-0x000000001BD30000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2384-6-0x000007FEF5630000-0x000007FEF601C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2384-5-0x0000000000760000-0x000000000076A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2384-4-0x0000000000760000-0x000000000076A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2384-3-0x000000001BCB0000-0x000000001BD30000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2384-2-0x000000001BCB0000-0x000000001BD30000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2384-1-0x000007FEF5630000-0x000007FEF601C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2384-9-0x0000000000760000-0x000000000076A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2384-0-0x000000013FAD0000-0x000000013FAF8000-memory.dmp

    Filesize

    160KB

    Download