Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2023 22:00

General

  • Target

    home.html

  • Size

    961B

  • MD5

    7a7c1cac34e5dde738b3144357d4d3f4

  • SHA1

    d1b424fe378e31bd0b2756bb4b2ec4c1abdc5ead

  • SHA256

    d0958684186bad6c940d42e88ab3e4ceb6557f8d22bf131f2e09117c0ba86c55

  • SHA512

    81696cb5db06e0ab017a8aae4d14d84fb63c648a39f30aabbdf8287bc45fa40be5f3ab0500c221b8fab12f713ad7c066527f2f2a3b3fdfb78f24689388a65cb8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\home.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1816
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1816 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c5ac3e30bdcdfe81425b8b77e8dd613

    SHA1

    2edffcf91508adce4705274251e7f1f35dd9ad7f

    SHA256

    53f41b60dea3e507a71902585dc7cf8c88498f22887362cbdc3792079624e842

    SHA512

    bf1e7c61d331854ccf6ee1816ec7e3debf5533280419bf10ff3ce5d3a41a3d00658a1247c769b454f7b935ddb03ff2750e6f311e6a895eb6ddcc75adb905faf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    712e4a8bf90ad7602b891954c3030ea0

    SHA1

    8a08da22ccadc6133faf45e0fff027c6b2170084

    SHA256

    491e5b86f43031bb0b6ca81557515a32446fe0e9688d5347cae25b274180da87

    SHA512

    eca1330a2f0b2fae0b3ea92cd753cb5d3c9f046035dac3db3e1cc82d5b1fe645a534aec44bef523570b93bbf388a612f71c695effed8fb659edf574d4278ea1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0365bcf9ac10e37cb01d1d8c0c7f348f

    SHA1

    46a68822f46863364f31b5b258737cdac9d39ef9

    SHA256

    05ee8832b831b7880c4ddbbc0fffdb187e6b3ff07971f26ad2d993f5ec23ec5a

    SHA512

    e2ade1d23f498917ffbaf8cd969070570a733ca945c74f6f4e8d4d0e3717f3685ce58a1d614de59296db575a8d0f8f69b165846f23c5905a863bcdd77df0ac66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    07b9159ac6352443090921b7e12fd862

    SHA1

    d63de38591a1caa47be9c906827bdfde61d24aff

    SHA256

    7205afdfbe9627a58c08ae9f5264b2f77ff21272caa484fbe4ca8bd499b18c98

    SHA512

    84f515e17c7b3332e56f4bc66994bd4b3c6d123246e8a39d9bfb586f17da3bfe447cf7b6a91c0df1b9008bd3d8e8f332a6fe40295e897f2c267a15e5831ba626

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff49e4fa521367fa64984f39136132b4

    SHA1

    eb5a103bec2c37da8bf1fd769f65dcd6cf079e96

    SHA256

    ff3d799e16f1e9128699b856233bb79b32dbbc2b7be666ea13866aa1fae86d62

    SHA512

    f5ed0ca0e2851a29e46a81a596d8d27d8f708256baf036091e5067f395c9e6ec5e9f94e0b6583f75639d2730b224175fd16bb11c8790e872b28addaa4ac2ddaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    259d5e1a89f0ef37a3d02caf66a40cf7

    SHA1

    c19d2013d37a660806b228d53c9440ea67f9a9d9

    SHA256

    63191e231de36f5ea0ac3c5c4f1d2c847cf5ac930f8ac710b19ce54a27cd54d1

    SHA512

    af7c477e3d82039edd4ee4c53320f5f2095f5c65ac5804d1f6258170c9e2980e60d1c9e8eefb096c385a7841ac509623f0e372f0cd8ef556f0b9606dbf21df72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0ebe99746483593d70521d9db8cd5d9

    SHA1

    336a35509acbaa445d1fe9af80f5f06f51bb5fc4

    SHA256

    ceaa65284f75f75f25a3d2624d65d89f0a9a206a00c8f9f55dc08b17bf9cc2cc

    SHA512

    746b3e8eeb2d287250242c15f261ede319b2fdbcd43fed164b7e8c807bf17782e91351879c609663637b36ba262d1e4a7f6ebfb578fd7ac22c1f12525167bd41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f620368b382e0c35b45d4dba1093ce9

    SHA1

    9699e86de2e87c68581b40e6d7940605c11a71c0

    SHA256

    16916ad6f81388e498142283f1ee69075f46341c61a52419e4b5d0f1ee8ad8db

    SHA512

    fce743f0dfa0494ace81099661d4c3240608fa89195690269a3f9667ea5ca6d9a89aa18eb13674e389dfcf030be1fd1c67311bd1b1ad153446d3bd08627bd37e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    70d5f102398f2bd9fd4c9247a345a5ec

    SHA1

    9c3cd492cbb5030297f4582c5c051aca217b91ad

    SHA256

    e7aab391054fe51b8bb0324cfd84eb274d94b2c7deccdaccd12b6a5255ec85e6

    SHA512

    2bc7ad3a0419613142c27f297db24b6b83f4e8d97c862085d9c61d43401f34fcf2fa1657560ab6bf82f0f9d142cd72ecdc1cc5e4b462337d878519e6bb02d1e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    68d7e281722cc1c61030a97bd6c2919d

    SHA1

    600172ca3c0cbc1f70205544c7f926a0c813a7f1

    SHA256

    c913b94ecff204eec47f23d4858e97dea517e5214778d8764e37afe35e4feb4b

    SHA512

    71ffbf77bd7f7bbeee256a631621fc08f35b773dbce002a0a9e35d6899cc9dc33f14c8c21c4c82cd38b961d29e27da3dc27837b5bdf518d57724337b91625387

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    070b8dec329b7e4c0f2b477b825fc54f

    SHA1

    a680fd29308f3e2c09669e8edb08606725bcf592

    SHA256

    1fe31b08552b4c9762271e89a7762b75fc48ffe35e3944fd2d467f4c94d2cb77

    SHA512

    6aaf7c41279876a096b0b9aaa57b1c1e28ad09b3cd226c47ddd4d8ebaa0430ff6b0bb8874005901f513dd85c00111b315ed45da24efc4cc5f89608601ab22a2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5238e9ee77ef87954382e8b0173ee727

    SHA1

    181e579e493995044e28007d0da0844d4f1defe3

    SHA256

    899047a88cfe09c45d04593a046b2d1045bffce49377442ccb7ee4e7c58f8dba

    SHA512

    c3b9f79704aa75f289b29edb56e43a13ca51361cf05612abdf45b082bf5e30b7160ae6a75d0228061b5c9804ac410cb638bace097c72d7a64939aa3b341ae91f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c70663eaa402d11515a31423e716829a

    SHA1

    ed0e90568aba6673a755d227e0403a1610571765

    SHA256

    6227ed1bfc831605e4be8478aea79a41a952e6647915082509169429ebd399c4

    SHA512

    1142859134b3aa19382fb301f56e4954232038af48d15262e18cfaf19f3af4f8e482cc0e363eb016294f7025d45291c595b89f0731ac877837647d2d6516f9c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f76edd8101300d125a09cafe907df7b

    SHA1

    f14155118e822fed8695bede4894a980a3220b10

    SHA256

    326ea078da8d5985265295f48badce92071abe0d748a796b37d382bb66f77137

    SHA512

    400feecc57e955c3c4a963462b8d4b989fd622d928a4bf847af33dc1d4d0bc8d93784e55d7326037925b7fcb4bc7bb8caa3f8b85387cc64c8db90911a628304a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    339c09f48e0e7cb434b0f0de89a8677e

    SHA1

    eb2aa15a6eeebb14f90b2f275ff81af173e3ff72

    SHA256

    0575587f5e1118d5197f146e91e923c61b0c9ecbb72861fa19a54c7d268870dd

    SHA512

    1951ba6d3de46be5ca9a59be478ace0ced99ec44400817e616c6916a31df388685beba868b0fa2f5bd26d62c3666a2a53e8f812b872441a4ea8beeee3ab69f11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bb6e5cd2d99edbc0ed0685ff6d21f335

    SHA1

    4620b9089bb3d641a3f9a77531223ab8819cc887

    SHA256

    be12c229f6acfbcd0d97e33c6e49aa01e364aacf662e4da9ee361ce923b1c038

    SHA512

    f105a5c560e4807b20656a4f133cfcb0f87c325a7bebad6e6c56d45b846cb2fdafe7241e762a395a35e5d4c5b859673e27f9e13994130c04ab24c80267776c10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6163593bca3fcd862715f584ba0f7b1

    SHA1

    0f3a5f78cea83d11788a9f9d92bc64c25d78bc40

    SHA256

    7946d294f2a3ddaa2b44bea235b47db1d866407f1dd2bd0d3a3ba6ac315adc73

    SHA512

    458c5bd84d8ff70339108fe39ac3efee69174cc714135d5f81e8e86740308bb9636c472a450ccf18194ba06de854efa5c2c949358a821f22928aa0543223cf39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8745d3d25cce150b9dad77437f99711e

    SHA1

    f1b7eedc7aa2361046212d963c3347d8aba99dda

    SHA256

    6eceaf149a50c6ba28d09b4495e669ca1590539f19c04a8f33b92e66ca6215b4

    SHA512

    d4a732e40602714f068ccdfe6d856073f17a451b6685f56f97dc5cd119a1790bff5ed32d8bba60e3e3f02f82bc30da3aacdf7b5c81285e1e428fddf763e84dda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdc8a072ac28aa0153b938d59a136edf

    SHA1

    dbcfa1427b7a22c913aed4bfd59a6fa2110aa492

    SHA256

    846668acb4930dbafdbf79bc28ba586d3e004030edb90bf9b1948f3ca002d8d1

    SHA512

    4fc9fdafe5d00a764f6670e690d5a64098279224406bef2479ecdfad46522d75ec281445e0c56a265ff8869b1fec385ee316d546ace65a4e8ef9178060174a3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9a82b2fb70da4c2475826681d550fd0

    SHA1

    732ee892f06d968ac74d174b5c5565e48af6dc83

    SHA256

    1e24aa798e6c5c9673809900b6d858bac7a50bc09c0aa1ba762ea037f97e778d

    SHA512

    db190edf3abc1c16ef34979d8c6ade1f248f4a1fbac205f292e48949ef640537f6aa0a311e443ceb802edc0cee6e5d2bd6096ee04713ce5717cd4f9e07feebc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4ac0a7a10df185ceff2af13c37338863

    SHA1

    fa2f57e5c85adb643cb1b065632e7ffa29387a4b

    SHA256

    73f1756e03389e45e22115d5c44abd0ecf8887c208d1f4fb0cfadfdebd149833

    SHA512

    147858ff2b3bde3ac7e6e4298840f1fceec56a4bf41ebcebd3d935235dea6b304331cde4cc6a7d09c2b99c47f4441a618bbe0530ba362d5b5de3f3bc98f52f98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    40f67c2c318ac2e46cda37d96b2cb607

    SHA1

    f1377f2426b34b629f163ca2b34a18bd557d9672

    SHA256

    cea78fcd3f809cbc5beb3c7d7c76695c3f964dc7fdd74fdc3a8cf4e4a5cb671d

    SHA512

    e4347bb40beb02cc48626f3a3a952e60b0c5a58b6428d5538040a3763923e3dd7b02130f243a15fa05a76d283fafc2381ca483a6618c3c629c787b322aa7c3a3

  • C:\Users\Admin\AppData\Local\Temp\Cab5BAA.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar5C59.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf