Analysis

  • max time kernel
    118s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22-12-2023 14:22

General

  • Target

    bf1db7a866babb76ad552a97dcf618b7.html

  • Size

    601B

  • MD5

    bf1db7a866babb76ad552a97dcf618b7

  • SHA1

    f2e5c4a2bee0ccb3465a84858a2139fbbd55ec5b

  • SHA256

    12717b2daf46bd59f842809ba3322c8211bdf08bb94948274861019b592feaaa

  • SHA512

    62e975f9ea35a1221b60f5ee3fc1f0f08ba435eb8ea12497d5248ad7619ae92f08adec0c9100d78b93b6e865dd10504f06d2dbe816fc1102c539d931e05039ae

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bf1db7a866babb76ad552a97dcf618b7.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8494800d5600d51e5a121019ba345ae4

    SHA1

    9144f251d0b65327ec23e58cb41e2d932c872baf

    SHA256

    3e2251a05956b457c578dd179aadab0acca5f30ce5f7946462b193fdb3c99056

    SHA512

    eba903e71413d18ef7bc45dc603cd5c5dcc2385908613f2b4697e27adc55ae37c3d7528aa7a8eac152bc11367d2a0c19d1828247503eb612051149f599c3a12c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f658c846da6ba4dfdd90e5bce0e7dfe8

    SHA1

    1c6f8a45a683f3b8575b91cf80532c2098d2a539

    SHA256

    0b01710900dfccdee5027897cfbc7f409f48c690256da87a8c9c72cc1714a4fd

    SHA512

    beb2aa76ca03f56494a2f5a391af03e5a9081dec48df01fb7642aab13d8296a79373e5fe6f78d1946bdfca193851842c73c897eff567c6c421de1a9da282220e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    056e62138107304c18f266eb26b9e279

    SHA1

    52e0f3032cb12c536a72e64e8e266d17a6ba6d19

    SHA256

    665ed43ef1f44fdf75d4a3e14fbdf3ffacfc99f53b4de0647a66b375a1b649e2

    SHA512

    d68a83595f28f1f69d08acdd8f09987d7b669068ce653c40ef903c6f2b1934a0e65d0b68f6ee84f160d97355cde863748e4cac0ba6a35fb6bc1b3fa65252542a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5725926f3205ec3eaa04aaf7909fb634

    SHA1

    24c5f59396cd9ea060d6bf6a267b2342e5455783

    SHA256

    06b0937392908f8b18e5ee3201693dc22a6d003a015ac8226530fe2464f2426e

    SHA512

    22d916f1e2388fcf6c18a8aa5a854d695dd549c65e219c06af493f02771e65ed9c0edcdd5e947819f01546fa69bdcc3c1343d081d818eabc40464e82929e3731

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    acc760aa84a3d237a04d5cf53a818a1c

    SHA1

    dd3ddb1b2141e7ee9eb249d528295bf5232a8d42

    SHA256

    eaca9bef0a75105e431f3007b15ad9be148cac8f30f6b8ce3686d6c51b4c54c0

    SHA512

    be30ab33bf4453e1cd45804fa15153a023717928b7f829c2573ad8fe77c6decd93d8867f9fff2c75a2b5c1145c101d40f8fcd0ca480ba263066a99f7d3e8cff4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f6af267a8cdf5b067dd59aff2454c5c3

    SHA1

    1015d63b07a7b0851954b2d15cbeb1c666895289

    SHA256

    838cfd14ce8d59b708b97c0e12494803e9c333c8bbaf8c4b087f3feeaaff56d5

    SHA512

    f9e8617a3b8d5d5421b405e12ec04835b2583607aea2fafe17238bbac762ed90814e4da0e1166177eabdcf2392a28409ad517b7dbe998dd0aa3d600a5084a3ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8fbb207193f8013ee66d97725dc62de4

    SHA1

    e33a167db6afd8cf8155d5181c1a6964d5284ce7

    SHA256

    c23938ba23016dd4efd8a07b49e948edd11787bffb03a5332bbba0fc27f43ba4

    SHA512

    a48defd9621568fde0a95263c9d3aa56a53df7d7dab66e5941e419387e7382582140ee726f7afc7ffc7c54382d1dc67e13f7e8ebaf2804b4a0f9c683a0f1c9ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92ead8a4acfcd6e5de9f1a2659dd8d21

    SHA1

    66e782c48c8e881f23c6e6540e59f29748f1c04d

    SHA256

    aa999a6c268967f8d9441faeeb8a830790a265885015b1bae3eee561750ce7e7

    SHA512

    86f68a62596bda04bc2da91e91f37ce200d004b9d3279c78e849a4622249ba5102e880b3e7742c2ff40f9778dbe44f083c72144729ba816a1913bebd001f6652

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e2e9874751808a56907a7aa148f6868b

    SHA1

    9585bec9a3bc09d32baa3797ea4e632c5b47b917

    SHA256

    33eaadc0971a2529ea6c159dd20cc5db91ba68f4ce96cb4ec065764d4be67e0a

    SHA512

    16c4f713aae6289df4f065edca59316c3a0ca13da6ab22ddd55b882a4464f615a27787753e7f1399b53c9cfee62938dfacfabcf9a3a4fb38877b1fe28183b9db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d45e30eb4dee6f8780b21c73b1ece34

    SHA1

    450339e22bf53e81c02e71613986c78edcc6fb30

    SHA256

    136efa7aa464842501f271308b81eeb7dfda028a18247b78b9808be494d3a36e

    SHA512

    2930605cf4692fc3aa71c4fd019c66eeefd11ba79690a47e67e994339c9db7d21aa91d11a6fa1f2977141cf320adc07ee835e2b464dc998006add45bdb887185

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d7b8a997a7ca044cea3ff0f4aca6667b

    SHA1

    00ea1b0ca20accd1addf86a087fc01ef0a4ae0b0

    SHA256

    45fd411bb87de7a61ef62cae04b6cf610b22914a13d7b47211e8bb14f732294d

    SHA512

    60cd9a43115851de70b074266add40fd71634cdbd200b91d60994566c634750534021680f5b013cee8671b7c9a74f35210bb7b08b05e2471f70c472cfbf3a1c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a5a2466f60e85eee6797385fb86c15d

    SHA1

    1bdd2b85ced3500ba83dda591d4a2f090455d20d

    SHA256

    8beca3878f04fdf21357c6e7f3004507d5c9bff61d15443f9373f4cad1e180bf

    SHA512

    fed941cff07ffebf356b45bf1fa9daca3d3eba533248ad000a73b39b27d3e228278e54d8a428bb65e75490dfee510deba05e49adce4b0d1f286c0c8d3cc4da1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f1b8d828df9037038073d0dc31deeb9

    SHA1

    dd9b90694f1d50c6bb52f8bbcf1fb74334b62a0c

    SHA256

    8c7bb101bfcdd152c879d7825c0290310bcf2e72c244ddc8348b7b75e393bcfa

    SHA512

    63243c7070539f51b75355e62e0de4efce6bab12a31b238e9072242e1ab49547aa674752c37fe49b2c257e5b66d56492d85c604a0de9c3f6a61ba13f7ca7bc05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51a7ed871b5eb08fdde936f0e41184c2

    SHA1

    c5534fd49c85d09c3fea4d31fe6a4b714fc19595

    SHA256

    0593f752069e434421156c344ce64c6fda9aa16be31af89d74665839c52e02f0

    SHA512

    62e8885bc559d46d91a9cd909767ba19fdc4486bdbed12148ec238f7ab0fdc915ffdd08d94fdab70c2b3546dd7cb0b923c548245f4cb94c135597f7d58b94b31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72a11423a73f71e0cca1c09cdefc8c0d

    SHA1

    0ab089e86cb1610b45e060645bebb6c3dcdbf087

    SHA256

    6ad0ea91097c42cfa29fe203515049833d7b575dc79ed759a7f1a296ff26d3f6

    SHA512

    63d9c740bbd17ecd1cc1b0fa3697a7d4bd9c242cd30478fc5e2bf5450b8cfe8c585d15a3d9811e7f35c40ca1ac5f1e16d14a6ebc27fcb057580106b1c66d4288

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ac0aa305b366c58b4db9f12e80b8343

    SHA1

    28194d1093e3269d5853b88a8dc118ed2c3438e5

    SHA256

    4be2057218fdad73062ccf9128f93240a5a7183484156be987e5e5ab0a8bf592

    SHA512

    d570fe275fd9daf9ba511b88d189295622d3454c8a4cb0e95bd8abfff7804abdbdc22a829688a552408d09b4b78946a83e1bc72d2bb8000a38de8ffadb37c288

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fa8d765f180602f7b32dc73307e2c809

    SHA1

    542c282ce09a2a113fb20e98eded7ce25663b2f7

    SHA256

    38ab5971f70f37f6136df664ca3d70c0de5eef838661d20bc64ad5ed66558e67

    SHA512

    ebf1ce82c7622d3c4faa4ed26cc1e2a0442d7033752cb12e63c80db8a1603f2f2c044978768888b7c998777399f65ea771aaabde50db668adc563f7cb71f3b16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a2cced7ed3023b94f7897dd90f18e4f9

    SHA1

    add749e53061073a3fea1727cb51b0096dc0d804

    SHA256

    ffd2899f030217d1e72ca800decd7d4b6a0991132a4c84754ed5a8bf92d3083e

    SHA512

    67428d8c7b3e91b4286ecc3db888fd2d4cfefa49ddb02993e36b7058cb4b372cf32aeeed2a30be68052d4c7acdcc7bb2539bf49d37cc2b2448e3ef07fce1aa03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    85798f310e5e6ca11e469bbd7aaa351d

    SHA1

    6e1cbd0c8d066e64e8afb8764e21282cad369f13

    SHA256

    a7675338768d816f3283eca83c92bbdb58104633aad5df25fe06c5762f9a881b

    SHA512

    b95f3797b3af134945aea4ce85370428c09c1829183740523bb38c970d25684a37188c240fc87361f4542186541f5c4051f0526a884ada4cf7f92ad5c9797c7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8fe0020b2852391a0b96e22c4148d021

    SHA1

    6a52859b68888cc8021a216e91e336a4985cc238

    SHA256

    409c0283e4033eb7666b6e4a9d681e4651d4c2b86af90fcf9077b6a2d9dc2cbd

    SHA512

    69a8b1970a7529286c2b284db1c8cb891fb9853727d97fa779007a273370bf6f9f9ec5c9e45c4790ad903d75bda23b7f2a330efe546ffd5dbc4bd7607d908575

  • C:\Users\Admin\AppData\Local\Temp\Cab95FB.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar969B.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06