Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19/10/2023, 17:08

General

  • Target

    Bin/EditorLVL/ace/AceEditor.html

  • Size

    2KB

  • MD5

    074f339da95ce74633d31d3502152adc

  • SHA1

    53f35d27fc40894e1cfb20491b35395b65afb2e4

  • SHA256

    1d825b18d0cf144450d78d10e7c3c443c495529d06e53f2be4b769b4af15afac

  • SHA512

    ce844b06d7608b92d60cbfce6cf733efda2fce41a9fb1936efb4dd5b2c499a63ba1a0aa2120ca1cc095d415d65ef6f64b011f461a891f3e8c83121c210872062

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bin\EditorLVL\ace\AceEditor.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2444 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    29c0ce1030c6350edd08bc6e8f85b118

    SHA1

    1fa91f17b3ef196e5de69110ebd591f6fa82701c

    SHA256

    18571136bc72c6f2321f7b92e4050b94aad4ba1b6b64df0471a943a3047b1cec

    SHA512

    dca2e7f542d08e1754abe0bdb7655a76ce848a518bd0174b16a64bb3508c173507f125b339f839250e85db7dcc135a604ea2b2d757e03724ebf626a95e6a806f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff34e46f8e9318eb00806b3dbd574531

    SHA1

    d5836ed56f95b29e3ca6083dce8aa233ce505696

    SHA256

    af58f59ac19d6d50cef3de226ca687fd08a5b5f1d55bba488901ad74d1c13d16

    SHA512

    26ece698075f41eb6915caa6464e92e8bb95d9ce238ce02c3fa412588fe85ef4d61fcf91f20ea373beaf86a17d590bcc4d5328ea657192f4c0bdc99149b73a82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a095838e6e9ecb69e28d08f24b6f1591

    SHA1

    80cd8e1449fc62fc4b6058129230710602d133f4

    SHA256

    70e3d152ca143beacd2abc5bf20fe3a243bb8d86d1a9002295a317330c0cf935

    SHA512

    d6d0dfa22e7e1da49f7e77c0ea1f3fb00b04183498841019afa4637076ad00ddec6c0deeb689525c6bbf17a9f46a8f4a56a904256e5576202768fae8e68e43e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    45102b5e6f0b796b891a1065de566ae9

    SHA1

    b1cebcae14ef75bcdf0affb4f719e1243b5c2b38

    SHA256

    e905f8789568227f5383d75e681ac502823261c8f682461845d8f9ad08e2bd65

    SHA512

    e305da311bb5433287f64351aee4903673d523c878c94f5b56b145802275210640bdde83ee5b86e4b7d02a1059bce3338a46079b6e23bdbdacb20fb091df43f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de54ea46ffce65f798b73f18f6f0143d

    SHA1

    9888586f7d9d2210c2b8faac615055f2b6411cf4

    SHA256

    06a3547ebccb78b4a062f76a3c9ff4a4abfe02cf903d49c9b5100401529aa9bf

    SHA512

    2294431abe89b0481fdbf26c48cd0d8c042e5874d418767c810a8ded77b75f5fb8dcf19539110b22deacd461febcdeaf6b779e686c083abfa2dd843cd9dea4fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    66a079e53d6e61b9ffab14a8c710d7bb

    SHA1

    8c68ebdb6ba3e4523c17a202e8861395a9cdb358

    SHA256

    149d4a147b0b8eaf54016a2e30fa8a934d8685098cc3e34c7074a2dd2a7d09da

    SHA512

    7cf1a40adae94083b1945534b886f5a40cad8de8513bcae79c9d2c4e6caf058ca38679bd34d26d03fbd345d9a3c46c9b4351631c504f76e7d09759704ccbd71f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dd71ebe6ee255688ec12c691b30711d2

    SHA1

    4d1535e6a3f2a641042758a70ac5fa2d763c3391

    SHA256

    54f8428c6437d5c6487849907eef083bf509af5b9fba110395894a2ebd9b91a8

    SHA512

    fadb1884002cb01653f2b13d3f632f6129695542026e537245ce07ca034639d536ff6994fc6f5a58445e5027d9c523f5a0442bdab443844157db566bdd410d80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5036a460874b1ed8afe9c88b75252a59

    SHA1

    19229f3475aff92de40d6daf2ab3e08dd412c942

    SHA256

    96c7c8f22347e3c15d5f3cfd4edfc04e0bfe46ab47a4abf58e735f06e625bbbc

    SHA512

    69ed27f649b251c00da0430db6e6b2fffaac231d153c1a2fad6d061cdfcfdf63fa77ef85715386031c7af2a3bfcf175fc31693ffee15b48877392204d83a7434

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f2154971e04aab999607341fb0e85db

    SHA1

    a2d86fff77e78e20f95518afc3e083baec8c528b

    SHA256

    bdc3e6f62acbacaa838c4718d665c33d3475ade39a8365524cdac85eafbf5b23

    SHA512

    dedf58d2ef854defaee6b6e2dadb41d368ac9188c9e7939adf51428e857059f475defb471f2af672e55b1cff29aff171bf03ca9909b9c471530ebb331e0bab30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1c2c6d4461b64446a3b4d34c06c81aa5

    SHA1

    6df4452cce5a3e88fa1ecd9e8599137607bdf932

    SHA256

    0f968fa1c50c04ed55cd03c4adff31ef9b3243fdf76ef8b9fe980c3dd9c1b239

    SHA512

    d4c01e1996ebce57c69e3fc3d52c7d3c9a652190d2f88391efa43f7765ab56ca229f8f07b63d7ef4bea1d21a51b8fceff66b2ba97686005c12209c820009a446

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2a48e0ec1f218bb03dc5e7e4fa3d02ef

    SHA1

    61a045d49050a78c36cbdbf712e581f36df1c846

    SHA256

    3fbcfdbd33e829cbb2f44e2d645cfd95ef9a2d1d8ddf16f35254c2c08560d845

    SHA512

    c0f2775b1cdaf0408f2d807d9f5d2ad1650c4409a9d169a66d5dfb4f2160a033ac496daf36533f4e18d7cbfbb1f96544a63b076c409f8761cf5c1caad666317c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    18c534f4c4dd402f0edc021468103201

    SHA1

    23fc8b82e5b96e25ed8710d5da90427c8042f257

    SHA256

    7b0851e2bf9e9882ff775f020ff751e4cb2bdd1d87ab5b6f380f43e3a64b2c4f

    SHA512

    d752139a46a2b7adcbd222fccefe2e99d65280c894bc3adcd9fe1b2226f60774521a9f7753933bd3ee798bb091e70c757ee17f97b338358db7780ed4dc440588

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1afecd14ed33ce374efb3967e6719cde

    SHA1

    a1361d1b7d348ded1c0f550e881471aa8cc5a2ef

    SHA256

    6d9580c58afef0d380af3e0b4a29483a43299f65a84a73ee7459707687abc0f2

    SHA512

    ed56ad22287b4ffac060069f8499947f78d6ba6b7334c3cb31368d9ed799dabe9681a8ea88ab803c92e2b7e70d2d2ac57f87dd5eb5cd912d09dc5a2346ecdd1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88cf8c958af73a1e1009215790f66fee

    SHA1

    a6057f8a633bc76ff622741380390acb3d9dd21d

    SHA256

    c0d1d1658685147f17537982f31db6406c5fd5ee324be5ad59b7199064c0007e

    SHA512

    92658a9584d98b58e83d84b99365ea2856d4682005a25b2fcd9db19c06965068bc6fb57a0221fb75aa71ee329369deb32502a2c39cddd2baf785894020e9a5f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71fc8de4f4a8530c982a6ce5e64d9bf4

    SHA1

    900fd75cd2537e30675b1276ca6db35097741860

    SHA256

    4d5c9710727a1b308ca18d0004ba5735f74a9852122de1a8e8275c39faeca8b9

    SHA512

    7b54b3534ee78efac5e045dfd6523a858f46430076aabc407d65a0c4e1b7f2f05f59415ac5b1d750febeb266a1bbb06f5aabefab4ec2138dcfa4759f42cc3a2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c49d6a0bee1f3abaa0a8b0decb9610a5

    SHA1

    ed6329a103d95b7931de4e2cf66c9d05254bf4dc

    SHA256

    3693638730f68d56909bc8268f088da674bb40311686ec79e0637196183cdee2

    SHA512

    9e146480e0f39a4953df7c5def2a5df685311312f617259e9a2b990cc751a055fcf8bc5985ab32e64d40375282b076b061d22b684377ef1a4c2804079588624b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d1d9442fa337ed34ee44b1b2a23b19c7

    SHA1

    a641b99b6c4c573c71bfe2bd3f01e0de870ae1aa

    SHA256

    8fcaa8d126245b3e98b0c4886d421f3da598961150a092da70bde2a3395b8577

    SHA512

    0687dc232e87427b3ea53d7a40db390d553051b01309dfaff79419266c78d4d2ee9cf20475de4f237718cbed923af924eabb32a77e22d1ddfcd7d0f5a8037362

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f8385ea4e27614504e506a0f92064362

    SHA1

    3784ce5fa43c5e0860572ce586912c5da23b21f7

    SHA256

    ccfe2e51a7fef0227d59e327969b5db20cb2f29ba0d8ba2abb862d28129eae1f

    SHA512

    d6399d785169ffdfead82b350e94839008ee91b7bdd6531aba89f41a25463494eb8831553030d2f8e324487b7fdd8caa435d8e63c62b603446d4ecac4cf72ad7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    088ff833cb94a3d96b16afa3da80ca75

    SHA1

    bd0f060c712297dbf9ac7f5e5ed4d650a827a83a

    SHA256

    1682118007ababac657dc84aa55b3a549bb8925248e8730a4282781e69ce2d93

    SHA512

    bec9c3ed32792584ad1806b8e57a0d5461c36b8dc338e58a079cee325458ab143ceb0f9698a9e43ef74a0a6344f4270d04695721686c50f6d3c2391cf1b5bdb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e3353e74c6723d80ba11c6bf8683be70

    SHA1

    1eace35433cc384eed56766bbc195984dca52aa7

    SHA256

    92cafef8d1a9abd6787a637914d18f64cdf3e991f54f2b3d147ddc211968ebe6

    SHA512

    9403e28910a26c2d0f64db1676fec6d1c6fc1358afc0ec80ef9f7f19830e1077fbaa9716ab8feb360c04e20c3182976fb3f715d081a20eb5ec6dacabcc9e75a0

  • C:\Users\Admin\AppData\Local\Temp\CabA113.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\TarA1C1.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf