Analysis

  • max time kernel
    146s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    30-10-2023 16:27

General

  • Target

    skk-0722-29/cases_detail.html

  • Size

    7KB

  • MD5

    25fc7b1b4c1904451960bd577e297fc4

  • SHA1

    bddbc4c6de7aa0f654a9a828edeb782fafdc9438

  • SHA256

    dd00cdcbc818974b02aed40ce0aec990a94437dd63a75c870d0b13deb7c03e23

  • SHA512

    432a5c1350929f1b00509f34fbdb66a461cf7303e247d7681f35ae7ba4c2addbdb6a31d0cbbf3937d6fa7a1c1e6cb6e4219e7bce8452dfbec3479a856681b1d7

  • SSDEEP

    96:Njhy3/SauvD9cAvceblovGRFyBZaPX9wUES40afslD4hjACK:5h9auqeNy12uE/d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\skk-0722-29\cases_detail.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2588 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d250fd1fec1d191cd0ac1e59428fa1d3

    SHA1

    bc051318e74b81208413035dd47f0a593da12024

    SHA256

    2e90b93f7267ad190199e5bc6ebb08e6d87ead9ce067615570526dc392173ff3

    SHA512

    80a74cc1fd11d0a5be103b928b40f75ce75027f7661f893d4a91f0df79d5208c319ce2dbdf3118e34371624e1b6d7dc8328ede12a2fc94a136927cdebaad9228

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88d1c21d4e2cd45fd6125215592d5003

    SHA1

    68d84eec3c11bb75b32d9d206576a270526dc7b2

    SHA256

    2732b12c22cecc078fa5976d14e2665c87b9023ce5aa73fab1e0ca2569a34ad4

    SHA512

    29776ecb33604a0bf649b2eeef6334dccb9cf1bb60ea7635e95fd7336fd24423bc772751ebe43efa57b692963f2840a02325ab8590fbe40b39539224447cb065

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b3bc830c0a8768f334c67a68e16cd945

    SHA1

    512e2fff10164c7d047ef3884ad94e0c4700eaf4

    SHA256

    5d4cf64fdfc7fc51fff097fee736bdd8538b049f652f78a6aa3163d32c4db32c

    SHA512

    e9f9be310731b088afc3ee1601ba25cbc5af0ee02d47d6403cfc644754f31c895069f3d4bb7e3f10f574ac4a185f2f5ca98e47665847be533bf0502f45f0ac3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d5dde459f623047f6e56e3bab93337a5

    SHA1

    36abecdaaef2646c3db2fb9d731252b63d5e76fd

    SHA256

    886652eb933a80891d1d34ab9f233243db871a0669f82e0bfcd3f7061fcae0ca

    SHA512

    5146d872e2ae27ddc77b0056da163ee92dcb915fd5886481ff778d736bef1f430a323b95215989cc4b564b487a16a0d4d3ae1dac13d695bc34bd1ddcc6bd7d56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ebbcdd5da1fc7db0b8895984f53022c4

    SHA1

    c0c0dd9bda3c0c7481bb414f781bf880f38b5886

    SHA256

    89617c52abe8d07caada07825cf821d50cf6a8367e0e06ed8de4929634819289

    SHA512

    74699110a3165d9389c017151f2b1f2ae39ad395e014f82a461ff577e6228d6e9641cfc9ca32223982f4c26969ce4adfdf41086eaa039b05da981cf4bf31d645

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    679916c3001bcaf0382a79b20d9575d0

    SHA1

    6f9f1f2e036937748bf105bba4a2567ba2208590

    SHA256

    ce7616b82c6b1363e2dbfabdd93632e84927271fae64f4865b1a8f4d4a873feb

    SHA512

    6a33df5628de5de32db0e09ba1d693a7c6ace117a81c7ac387bfa7dcf4b5c9924e794c5addee67d9f0dcd1ce0e4eead95ed29dbd426e16f8c955522c97dfd774

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e651c64b2110d2d09bc652d75ef89b0d

    SHA1

    f4307473dba86209c3bd5af9e4ad394f191778c0

    SHA256

    48c1e682bd3ca650cf5f393bdfc17e810fd23c886bcbfa83959a002c13c976ae

    SHA512

    2ce27948cfe1e587609c3d56883efd00ee8f3eb6efba9a700772cf735051e6fd325a0e3f47b63a17628b03e669a2a86afa65f50469e013f7db80fa42ca65e2d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aa74962bd0a494b4c5a35e747ebc29c2

    SHA1

    db2eafd3629d794a6dcc2d1db8a18ebab63c96d5

    SHA256

    a512d2249564b12a12b7045ff1ce6983f1541718825473565341a621bab1b4a4

    SHA512

    6b2ad7ec0ec409f0000495bfe59341e0146d40076cd0ec0a5b7750b9fdb7e5fa5e41f295bbb9da8f348f235b1f4aed0b0528ada2c45ec5de3e82cf1e812fc501

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7fc3d7498aff0b036879d16e8491bb21

    SHA1

    9ceb2e8d250647f411720ec162b06b76f564d3dd

    SHA256

    18e9e945c0944703640213cd7f0b66aacf0248d6960347ff3fdc935a8c87a0b6

    SHA512

    ac0d8324e9826645c956db77b7c917a3377b14bb3fc75e5bef941207236b67c54733dfb7343c3b0fe88b41986e644d31c4ff0f9ddbecc3b2da1935383d78b54d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3acebb2c289c06dea5723a0110bb1dc7

    SHA1

    3f003d5eef9f02d905d41281bb7108aedcd682a5

    SHA256

    c519e25472ec013c4454a8427a0f3a978bc3d8de841d791d7f422516c9745b0b

    SHA512

    511462765b85c5eb02307ffcae06187960f39c33af94c9ad8cf63accfc3f77c1a40ce49b1492ee4438960aeacc1e47535941c298f2d6dcc69ca5e32609494a9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d1914c0c3ac798c6a7d7cec3339f4b5

    SHA1

    778a1667093130037edcb9593db995b4a0a87fec

    SHA256

    5afd3b294c19f8a0c7678b97380ee5d4839c4a35b870de7a6b524062e439d7ed

    SHA512

    1d9959726ec5c5863e842c0b7f2603f93b307e247631c336562abc721de4ebeeffc83ba76b09934dc34e88a6c664d244e3e5259f514b715cbc894209993299ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    292bd887d309310016f7c432a819635a

    SHA1

    81d4c5ca3729f39c9f87b8896e6340f1cab1418c

    SHA256

    e698bfa44417723b847a6a3021570729a46e882a47081e41760b62d95e2ded70

    SHA512

    3f72f6c0c48fb4d36241b1a4ff232da0bdc4663cc31913724af4c2364b11d89d7bf309b35f5b5e39953a992e1e96d1cd220353d0f43071d5462094711dc217a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cc1f5c3fd838cc95b83e4f65656a148e

    SHA1

    583a7cea4d3effb3e6a9abc87429d7f67485e575

    SHA256

    12dc7dd5e20a2828d4a2fa2c78a10101ba7b8aa4f50325a67523ef0daa330940

    SHA512

    b8d9f53b986948f9761e0f7cc8e4034a06a0779e2193a89a60930a7e9c39486e094eb5b17e26bd15c3b7c22b713ad499f464cc0d6deaea3de200893cd92eb68b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    acbe55f3bbe0113d5276f9bf6d63c352

    SHA1

    354e5822afac7170ca29f13de1e29a735d40da48

    SHA256

    7721f5fded1748aa94160ec63c4bb99da2b39c2c303ee16f0aa965d82cf5987e

    SHA512

    6d33aed8801784d3b064b3306e81a98b866b9ccbdba63c85865ade0e79026ec75b0ab82053474cef9f4aad6d34a3932f558603d716eec22c236595e3b359aded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    09d458b173ecda228babaa9c6d03d6d4

    SHA1

    751771ebcb9671fe4d7fffdb1ad25b1932ac1408

    SHA256

    ca22b80de7c36db40b48a26de29d204fba7ba6521766f503ec6764da8a867ecd

    SHA512

    e85e28005c517d175ed4a584a6039059c1d15f363d8644d645060733271df0bf70246b5154a1242ff918347f4f5d40f9f55b4158f9dcb472783dd77bd3929c97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f4fbaf32b52bcf5c6460e639eea1f3ed

    SHA1

    495a8fd80c855f02f6709c2036e8f2c7d053d9c6

    SHA256

    3e86390c78e20d5507b93e6de1bd35feb4b460b9a3b740c5182b75f15e8c5072

    SHA512

    b14e242c3cb41605c20bc632d225ecddd399b6c9a9fa388f4cac7ad8836514a7876ce9694475b4e93537e9a1ca5a053fb51e6bc1d66109f0cd98d2d6089a833f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17e82d5c4ac283d5fa4ece7b365f20ca

    SHA1

    21f1e80e4785ad5a33b01ca1c59c1b2cf4892ac4

    SHA256

    506ca5230497f92f6ee53eb3d63d9a88fc062ee7a49eb19e6ef25b2fe109f106

    SHA512

    f812d7b3909e89c1cf1c3a0925ab82311d46d0437f68a78c2f2b534696376d9eed1159ca6c23f68017a323ebbf34bbf319e744a7436f6121c4da43d35851f495

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51c9a0bbaf0fdeb216b75c610687d22f

    SHA1

    0e170dc9f242e0716cf80b64a9c1edeb724b50a9

    SHA256

    1428a956d1078bab84ac093a0baf9106752764bdced991cb4df82a755e698053

    SHA512

    7ee4a6ccf7013b7a2d4d669a9aa41a5fb2eb12214b57d08cf1c6bd748cd8f803bc144eb042687aa0514f976cfead75a1adf194a62e25f93b802a7a44a5d2e879

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eabf272d06ee2076c3fba886bfb6778c

    SHA1

    6a54a4454b917371f026bc5ae7eee899f31aed9a

    SHA256

    d8038856729b1884f7d72627cbe729fa8c6fd5c4668df75863d4076940195a89

    SHA512

    f7ceb8fb3a255dcb343c128d749f58989c20fc3c52b44f21c314046b69ce986f05c355b424fbba4344ec3c52b4eb9a6f2098a7e143c05815cee2c939edb0f67c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e8ced66826c8a7aa05a21604d280010

    SHA1

    24b4b04894c95c429644f79aece4381303e67700

    SHA256

    3935d82c9cfadffcba538af892a49c5bab0280042a811974cbec6d5ab42862b6

    SHA512

    75d4c590715718342cc8545a4c4ad1a9b30cd843177f65f650f68f4a304c9d7c44103228b7b7b509c218aa68f36217229fa20b8b526f5d510517b89b834e97f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96e0f072d93a114f53b6ea9e4bba52b0

    SHA1

    db08ebc7b7966fdde69b0045b341705cdc590ccb

    SHA256

    e7bd02366dfeca55950ed6e0bbafc617fb29645e5941acdc7eadbd685ccce1b6

    SHA512

    bd94652323926b2f1714e45888ba7a05a11aa472ad48cdfae0514b3fdd1433db2f20e4a13f1d8f81e3a458518deb754367ef63146866fd1c781782d922471aa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da1cfb3fb797b32f02d684aee7eadd8e

    SHA1

    2576c8acc70ed6dc8511b2be29e34b35fd9052e3

    SHA256

    040385de9fe397d847d24019f793bb67857974e3df4425c0bcf681fc6c077b66

    SHA512

    6bcb40c8abf807e06edefb89bc789999a7d64f4d3b24d3cf0ad2602d967226266f550f83bd84f90d59835ac262864937d9aeeac905e2d6a6b934f990c3ca8b7d

  • C:\Users\Admin\AppData\Local\Temp\CabC62F.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\TarC630.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf