Analysis

  • max time kernel
    122s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22-12-2023 04:03

General

  • Target

    5fdabc06f4a57ea7ddd133c4b5ce7d4e.html

  • Size

    601B

  • MD5

    5fdabc06f4a57ea7ddd133c4b5ce7d4e

  • SHA1

    d99a14ccae2363c852dab0f87ede753b7a21197b

  • SHA256

    1709670bff96fbcb15956a7e4e3575ae2a991e97cbc76c5eee1e7b1c6c6b34f9

  • SHA512

    2302236e91c847e29adcfc68748a57959acc7bd2652417b8cfb3c9bf43a49e53223a816efbb04ac9290af51560ab0d8c0075e3dced4197aa512ece182d4d375f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5fdabc06f4a57ea7ddd133c4b5ce7d4e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2300
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2300 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f2cb88b8baadd065613ed03fe5900f3

    SHA1

    85e8d32372f759ec91efa8d6be130504b52c7dc4

    SHA256

    d653954d8cdf236b9864dcf142d267ef3343b922040c8945f56e29c97dd4b899

    SHA512

    3fe81a1fe71877a79993d6551791a34dd0df01b6232c7b1ae8453b52cb058326cbb1dfe5f50580f2b44dd34646b60270c641f174724c7032d89f5d6f1f49daf9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    33249d05fd97a715f09751006d22fd22

    SHA1

    539b2556abf4ea23dde34e4a121fcfe5e0ba5b88

    SHA256

    0bf5768f6b73fc08e48bdd9abccd7b3291ec59e178f9b125f7e04b753edd201d

    SHA512

    e872f4813c2270177e0c0ee4f4bbc1481237ce839595dc0e53c79f6f20cce922ac854fbf632646b15956e7b651d519c0425bee820197d9c273b3d9d0457ba30e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02b0edba9d2935e30532809d65b51280

    SHA1

    8755e10efaabce4b58110ecad9a6f40af0717dfd

    SHA256

    169a86967c9917b1e091772247334b173367074245ca1cc3a3d2b4086bc28229

    SHA512

    9aece63d558faf6e9fdf7b8a7be3e47722aa89b94659189ec0a18f069420eab3cd3069f4abb88b6b3f1a1ca91027adc1648c946532686838fdbd93beb77fe03c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ac56003be547072e87c4f032a52c999

    SHA1

    145238f02c16b3b2518a8f0e21b980e23ce66821

    SHA256

    767089d56b1871194fd721585f1d367a97adf259fd743ebc92169189197405be

    SHA512

    7d733e7935ff5689d698404242fefb85bf0d91989d2cb9842df448483abde5fbddb2622fe5063c1df1bbccf114eb2b0986b8b4db754a294f00159c3acee92a48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2d469102dd1597eb693361ab43e8feef

    SHA1

    7a0fae7a2d9805b3f7f1e6a2402cdc296cf28027

    SHA256

    6655b52a43e86647511a13819f6f52911e8371ed583ffa075ef306fcb0c4c955

    SHA512

    98fc87d414c68e24d1248ad30048a2a6a9562488020895c2fc6110fc216b73735297d0b8529f746495fe930a60db8529db8139fe81c9a0b854373c180abfd6bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6269bde95d6c6bdbddcfe092203e3c48

    SHA1

    ebe66adee8dcb018abc5aae5d0d981529c9f3d60

    SHA256

    2a03e65beca447e7f87883d8ff6a0bf5a5a995789b670df26092668a9d8fec62

    SHA512

    777d90b1c77e01733b8c4186b7289e4abee15697cc616d32673e2e0f7cfb8941e4001a017bf7d68020789e5ffa02fec5c8cd017065ff5e636df7723f094eb711

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    38d124f8b053558faff481752a5ce8b1

    SHA1

    9db7768eebee67844544f6fc64e637fd14cf28d1

    SHA256

    5ab0f29cf5555dccd8c7fef5052dc7727f7261e65751a981f16c1f1790adb39f

    SHA512

    61df2c85a86c61a2bc49b4d518f46da62c5d744b46216ab714040096a59efef77390d156ee0011e7636394f77292095d208e807de4e61f1c5d9639e5f6a04ca3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    603e3d8b9f51ffe53e8c5f9f8a76cf2d

    SHA1

    4bf3b51959b8e7f764d19311c22386aa5c8e5ca6

    SHA256

    9abc4ae3fc45c8716fc8422f759cb7dee60808f4e9de23289664f531e7b392a5

    SHA512

    03ab08696282fb9abbe8a1380f8af2fae4197306bc88483e11cd1d5dd5f42146b355149cf34a3f1343052c74e8704af7238828b151a42cd7ce24cce2dccaca53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bfc9ae4b24885fc53f1bdbcdcf2f6d87

    SHA1

    e52aea4fcc3b7679b1a64f3d8792ddfb43abf913

    SHA256

    250ec5118406ee940977d917894402274189f8c10b200cf133f0067a435fead1

    SHA512

    c8bbc12e224be14adf8faab232dbbd234cacb269567d85b51b1962d97f7e6e1f5bbfff17d2093bee792f4586c34891c028e84147c1c1f50176a4a612fbcfbe00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    470597da9095b8bd4b6fa57d7f8c36c5

    SHA1

    f95d39ad69714dc4f4e89d1d4440fb2c68884b8f

    SHA256

    433ae94016fd9730abcf62559c932b523173c9e6ca2917d9fcf155e771bf8d91

    SHA512

    a77fa5e3471aa88037b441682b7b9ad03cd215f0173e5c5af012f2e6dfab32e352a1baeb269dd644b3668759b328ba6f983d5c94fe13f5dee3343612fcbfd7b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed91dad7ad434c90f6362db8410cef22

    SHA1

    eeabcd518a154718076f44bed72c779e99e69355

    SHA256

    8e2879728e3f5e8cb32a77157c48605e233a5b469f778411931def9fda30a3dd

    SHA512

    81c790461bc7b62f43e53d8df4ee6056740ee7077af42bf71d3c99fdb688d038d5395417591bea4eb7b8def2b88cff49440c4a542e2e44d70099f6c49ca9717c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8d6367b43703bb7117f44c7c33cea218

    SHA1

    6c43a4b60c8cb636b91bd160984e71fd78255fba

    SHA256

    005e0f3defb5d5787b0e2dea7c2290f2278a196b3e0fbc8d01811ff85c50a325

    SHA512

    7791d84ce3864f775f31af36eb5d7236d140dc5dfcaccbf1383f6a2bcbc69d6d38a20a973c2fabe8a9dc25fe83c9ca912fae4d709cc5418d487c9a6759728574

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e3cf68fbfa7c4e3458501e2fc29aeecc

    SHA1

    0430acc6d776135bfe0298d38f570adf1105ad97

    SHA256

    96c099012f98ac9cee93035fbcb29cd7510a9b1affe57cce396e51ec4630d177

    SHA512

    3a7063375af964a8a326cf0218ed6f36f2c0350d3b27944126bbfd19ec57d0ee380e10b6fb0d0177d311ced612694fe41e7401f8c798d45749a1f4b7dc0e1e9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f3edd1b85f04ee42887f02a3418f51c

    SHA1

    7dcfaf1c2aeb84ef95f07f285bdcf4abbc943f44

    SHA256

    103a4978260b82ca088114273252763a44da7cfe03eabc3726adaebf50a32fc3

    SHA512

    ff15bf30236377fa061214b2f4b6221bc6e45db602804a69ac065df4c82becc806391b81cccf6ff4837fa0c431f0310cfb729d8873e7427c6503e73905cbcf7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d840b05fde216e029efd6824822d73ad

    SHA1

    3d479b858f42f8c0dc2ebbaebc74f625a6427ef8

    SHA256

    22284ebcef6f290071395343dd385ecb7ca6e9470f8ff6da34f76aa82863b538

    SHA512

    ffdc2ad3848a16f865e2a6563a2378c00713e824ec41e63909aca9b2c740279f84e97cdc909ae7ba0a4532945cff1263b3748a42fc3f02481d028a3ca9027307

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    393403285ed5fa44220b3894aa264338

    SHA1

    e7ef627dd3f7433a50f6306c16654ea7b724468c

    SHA256

    7fb66fc3409d0836e171efcc386cacedd55b083d4e5078aee3be087b085f3619

    SHA512

    4d60299aef09c69da0542de4ddd898ea7db6058d45051be753090534d7fd161c8161f2780ccda3288b728d2edbd54866db3efc25b495660fd4a3f99737ebf3fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    83c71f2b4379dff65f609c904ef79937

    SHA1

    ff950b27ed470a3512ed89f474e8c58e275c5763

    SHA256

    0949a5302b5f73683e8c9a7265c9d8938c08166c988539fcbf2bfb7854e5e47c

    SHA512

    2c289f0e2f6ffc38761f5d0c17e500b484ffbc1484a39e6b14b5694231db09ada7199122ca9c0dda94fed5798c202cc0defff38115b834af1917c13ad384f8e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96b5ce847d2311b9f42b735879eebeb4

    SHA1

    1e03feb3adadbee5622d5b92bfb9bb04fe2ad2b9

    SHA256

    3affdafe9faa005e5c80ab3b79a9f9a635c79828c204cfff2b6ab46d4a6110f2

    SHA512

    d7c613d6e1615aac8cb2bdd6e1b530dde48510c4a353260070bdd5a31326e353862d8249015971d4fa49b10b1b5a65b6bc9b19a48730042af5a6f671f4323f59

  • C:\Users\Admin\AppData\Local\Temp\Cab8B01.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar8BAF.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06