Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2023 22:00

General

  • Target

    index.html

  • Size

    631B

  • MD5

    99f22509a1966facd2ccd8b7b52b5a6c

  • SHA1

    d91bc81dcf8f0b518969acd74078d2fd99e2ccd2

  • SHA256

    f14efc734f1f03b9e6eafa918da4d46a19e56074454a1ccf70db113229d8a5f3

  • SHA512

    5a289ef7b231b294d3e44c98f6b62f06cd1521ff68be57d77d5fea8c2e6b2f966ba03c2193b8005b90b4b9865e904681f0569ba843744b155e6a71e2c9d67ac1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1668
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1668 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    07e61ca1cc914b828ffc040e2f03ecdb

    SHA1

    c09bf8a6ed65b9add1c7a1c5dc5f9d10b3eef0c9

    SHA256

    2602a675c1de67bbc24cab39cde5ea13d5fc744c3b301d0c5bff7b6777e9f363

    SHA512

    9c680875beca9d271711be68e2eada8a0c206dadd9d0b84ebf720b4d1d5b8ba479dabe8b38b82cf936c0160d737114b7f165a71090ff9711b94d5797741dab14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f703ffd502fc795c0b6ceec588b51447

    SHA1

    6adc56414f499dd0d5c9297fa43d8b91f8357006

    SHA256

    d314994b02ec43c60fe257e89952c9b0ddc344cd529bfc6dd2d8c47eaa789b65

    SHA512

    fd36f935df0b21e2baccc479506cae5ff93d02acf88906672594b0cc0af8692187efd3722b5c41ce2288cef747d1dd6c05cd167c8058e9713d4302fe7d210ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    48fc9476cf9a684d71acff8f1da1ebcb

    SHA1

    db708b2cd79e07d99b7c6c0508cbd60e7a64472d

    SHA256

    273a57855023fe526bb6463cbbdca0dad83bad24dc7d7f6664f6b835e59d4a74

    SHA512

    42c1049d5577f10dea0ba5eb7a7c5afd21a19a287a08f51a127f5391c002e599510a1c0afd6780d132ed925fb72e908608c7e1a6d56eeb106a1bbfcd0387be75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94d6a642cb9af3280276077f77132de2

    SHA1

    3b247c85c38e9c6746effe87a924d2c1fa78a7c7

    SHA256

    5d60062cee3cf317ae7937f76e5e88674f8b2d6b0c80c871ceda8e6457f381e5

    SHA512

    091ac0309f126e052dd0ec9ee13e1a0ba0d68ef8136a6e19b3f08fbf91ebae2262128f66b78806596d42d1b7e6ecdb76ef98eba417fe791fc35bfafdc9a0d8ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d041906d87860844a379fd9a79594c07

    SHA1

    c30de3be46b9ba8df3da005394ed59a0243ce0e0

    SHA256

    0f51946e75b7ea0866541dfdad63437366eadce68276e72efa808dcabc439f8d

    SHA512

    9eb19cfc35df9f04f82e4ebc99e2315d94843cf554382a7e478a5377eca1e610f7876981728b578f61cf028897508f691657c49d9c6883ffc942696fcd6cac9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f3d67f1af7ef5a80117992133b83da81

    SHA1

    093b4de6f9d3604c09126ba222651e632109ee8c

    SHA256

    bd10904d651fe93dbdfb35e4439aa57c920963fc5a35b449d6ffc41ce547de89

    SHA512

    79a1f83cdb60502fc3fdbe1bef799dc640590cf1dc390fb1a4a94018619f2841413e3b3bb195eeca7cbe1eca29b8010289af7b0c435b7b83cd23871133fdf685

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0b54e0fe4985f44a0604991e875baa78

    SHA1

    3e71e1708ae11fbc4fa033a02d2b4b45acf7bc26

    SHA256

    aa69280db60895e6e1dd63c6be6c15b97499060c353616b2dc361d5996b01d73

    SHA512

    073955d4ccf83962a58a446f53a2280db80bc5a27f28bab0a85f7a8b3ea1f4d32053f953c7584bd50999aeae739250d312c0a015978170cb472d50d1abd2b295

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2793da7c3f4063991be7e6ef680b2b58

    SHA1

    7845ef870aee6daff9b07020425417ffe9544d41

    SHA256

    ea1de2a1736c930c14d3cd11ed3aceaf06f1f64b571430cd523b81cd8702a7d7

    SHA512

    89fad181846736be9312cfd6731ac2f2f545b0cb316e8d4bb24014b56d54bab661d10f7815d0af847ffd90dc6d474d3d29931a4713035bdc5ade6d5826d15f8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1b11115fab99ce765fb0c1d9f52500ab

    SHA1

    3964b365763c7ec7585f259a60b8583001b019a1

    SHA256

    7c1b588e597e8e2c94bb8a27ae9badebb4b85af52838c4d1bba6175b64e611bf

    SHA512

    323604a9fd26173278844cb88adadf31cdb74f1642431c436837d61850a2f294ac35eb5cfa06509061a2c44999aae18259ba87df82c42b757e7cf422a7784140

  • C:\Users\Admin\AppData\Local\Temp\Cab54F4.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar55C4.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf