Analysis

  • max time kernel
    132s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/10/2023, 17:08

General

  • Target

    Bin/EditorLVL/ace/AceEditor.html

  • Size

    2KB

  • MD5

    074f339da95ce74633d31d3502152adc

  • SHA1

    53f35d27fc40894e1cfb20491b35395b65afb2e4

  • SHA256

    1d825b18d0cf144450d78d10e7c3c443c495529d06e53f2be4b769b4af15afac

  • SHA512

    ce844b06d7608b92d60cbfce6cf733efda2fce41a9fb1936efb4dd5b2c499a63ba1a0aa2120ca1cc095d415d65ef6f64b011f461a891f3e8c83121c210872062

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bin\EditorLVL\ace\AceEditor.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1536 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    2af19e22336e67d3315cb28621726410

    SHA1

    0badc85a780ed03159626222b4a0a5005e7ca172

    SHA256

    201910e1ea14a674732b48f0278ed914d505f5afda0423a1139851c5bd998467

    SHA512

    b1f675e8819c374f3ee61d87e2aeb2517b021a3a6888e2b63c0335378bfdfe8ecc9b674c068e4a061567ac9b2db1ab8441a872104eb2fec0a706f7c2acf44207

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    a22ecab7a455acbd29e4fda5c310d26c

    SHA1

    5f8ddc1b8d66b90905de3136abc8b7fa509de4f8

    SHA256

    bdb0ea7bdec40e143a4c31ddfef5fbbfc46ed43f956cd59a074b1b4629c0d350

    SHA512

    8d1e1a9972a3e708735fbedca13085899896b154ab484a61fd20d5089485d1ff75b1face12faea02ef9e088350c4ae9249cda1281e201cef044518c874756a4c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Q7SK9IL3\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee