Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22-12-2023 14:35

General

  • Target

    c71e3f5819fc43328842d83124d245fa.html

  • Size

    852B

  • MD5

    c71e3f5819fc43328842d83124d245fa

  • SHA1

    75377f3751b002724451c769d6c9c261657644cc

  • SHA256

    e9cc004e0b57a72c9b20c8ddcc90c8f261b363655164b37d831d1797050e4f8d

  • SHA512

    53310741a6378031128b4f4bf8497417df31e0ac45c013b78a2d82d0557d4378ac850447487e472293ece71148aceec84e5b067efcc8a4f92fb6392cd75e61a4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c71e3f5819fc43328842d83124d245fa.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    744c18f9a1b1e0bfc9760aff8f46d896

    SHA1

    4a467035784b20ebf3c0afc0f149748a1d750e44

    SHA256

    8da71b7fc99e4bdab3ddcbc185b88b1ce2b483ab76fae772329fb8baad59dbd7

    SHA512

    09dffc6b46ab337390efc5dba4342049593dee3265fdc661594400a2a3e20675820835cf2d334078e0a2045b7a668be8f9036d26ddf2fd47fdf5bfe474af8bc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da00de89fd648018d566108d522a0100

    SHA1

    f35b26600eb72601f3d2813c088f543477aae6e5

    SHA256

    606ceee42eeb1b6fb7f0ea53807949b51a6a1702336e523faa856aeb6d5b9e8a

    SHA512

    8f41ce4b158fdc99d9014a7a5e8c31f43c99ccb7197b97b3f2a94a5129abf33cc157efffc8836ecc01b57e8682a37bd5268d07458963642deee8444a1f0ff84b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de5af9b16f7f3f7dea7eacd4c797df15

    SHA1

    7f3a0f0b8d045952997f08c352f52e2ada3f365d

    SHA256

    a75f85add81e1400c1cedd518ce44992b1ed96cf43f34f453883f591cf82af41

    SHA512

    906b544382e8765bfe9437744d4d668e029347413f9e4ee4e687df0babb507c43816e76b6d16f1d0c7deec7749d53aff714ba374a5382acda829afa60745f677

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    284c2b48ef361d954b75bc3dc087e600

    SHA1

    f499082987d8e80e641d54bf4d28715a3216aeaf

    SHA256

    b979bf1d2eedacb685cef3a43b6116ee92ae85dd2728ccbfa947403afada2b80

    SHA512

    d9d6b625332985ac6cc211524923415abc5b258f374458a891bc95f941eac101bcc0247ede46752e03d30a4013499b99a8fdcf9572bec5cc5925ad4e5a1a33b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a16e8184fd1e06cfbd5e0c0eaf2932e

    SHA1

    f635e8c5313dc46f2c40af292623b1993bb4d65c

    SHA256

    f7f6f74f4e5651e14a19810263d12b77f608c1da75182f6bcfa2530ccd83b569

    SHA512

    718864bad485f80ae492cbc67b177f27ca8a6d5fc9ef91e5e51d0ea7bd180ab54ff6b703fdc8b887a8accb12c7e8ef83b800bbcc37783267d9474d147db7685c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    df34c3080bedf35124335f5e1810cf2d

    SHA1

    0e312775b8116a12927d2000ee318ac65e628bfd

    SHA256

    df628d48acd0b6c4504e103c8b6e0f5f4b87a15081341823b539993f05265d28

    SHA512

    ecb2a084649cb0fc380eecf0f2ede592bec965782d6a65ba1f37e3da9fb09c43bdd1d43a261c275f5b9edfb9427008eb563efa9ce76de2ffa64a141b9b407ab9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f63217510ac53102e22bde8f934a441

    SHA1

    4cc9d6e5321bb094e869ccf5fd9952184c475c02

    SHA256

    3e05ab6b68f46587e3f4ab67477f39a7115bf7acde1878ab72e18bf94886701a

    SHA512

    d5ba08b91a2fa35288d9006637278ef66905d8bc029b66fd542f195480a3b2949c63b0d4fdc6a2ca90c82a8f3f7bb691baba18b683133759385e90f86fade814

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2242943dfae75ffdd26fd33bc00624f1

    SHA1

    b7410c653e518d566cea4d587e29004db320a80b

    SHA256

    de08ec787be027c2c2aa336bce4c0fc5c5dd6bdbedf55daa6a2f427fdd522112

    SHA512

    b42d0c75bb5f5f8f5b2e7d50aa41a25cd2ac5a43bd7fda3292b0cb35aa67bf7eb8346f59c2a0711264c72bb912a75b347fd65773990f77b112e03de1a80f1739

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e28b3cf6dce8041b5589e8fb9dec69e

    SHA1

    0c6e660f4a793c9764b5205f7ec1c199e4f0a507

    SHA256

    0a5f6a9559b46f4b85ffbb8e3cb0ebc3b6b2bfe908e175dbdce0432e6fb78b4e

    SHA512

    871e994fda107aed516d6d821e0ffff3c58d3ea06ff2d7df18a55edc27d599a034fe4b3e7ff587ddf3dfdfb1964aab92d274fe290bf79d64325653e9df7c796c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d446ff1490c6c89a64718a94f09ae50c

    SHA1

    954376bc7d9ee10adbf82edf703cf55281bbad11

    SHA256

    36ba5934c3dac335ca9ebfd9914a62b7c730c9d12fdebd617994785d4e10e743

    SHA512

    1a93cc08057d2051054bc9ba4a400b14a7a8a8cb67e75104623c7d6cd24ab992ea598a2236cfc5b57c51d37425fe73ed7b0a5d27d1362edc84652d74cb8d9927

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80a362b43c5b758962195eedea7f05ce

    SHA1

    10a263c2f22d9d337ddd292b34db8720edec4c5b

    SHA256

    639ac060db4f24b359569b3b22798916fe31b918783d843e03c8bfe7d00353de

    SHA512

    7c6b206eb0e7e9a8c06cc4583441c9115596cd44a4d363bb33225b787374057b4bf2c8062d99b975ba9cfbecd5752d6360ea12dba5139798b0dd5b54a3c4b728

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    45a9117f08fb90be2404b4a38453790a

    SHA1

    2b9680988601123fc235bf7e8f73157cfc09a253

    SHA256

    8bd4690d02e225c218c3f6e10eb9fbd54ef0e3b6706ce9b0aa3c122dca960b23

    SHA512

    0ca068dee75b94a0a6b8fdbbf50198a21243e53d01dedc4841fdac19e480b0308151e67457857293cf8119d89ff6952b954f69bc5fb2d5eaaf2cb59bcdcc2598

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3c2e408489ce4f06d4ab450d1dc1e84d

    SHA1

    a76605ba1bccd420657406f369effdbe8d87b984

    SHA256

    d58cc4c8257f4d69ae06401dae73735a32df41ec10ace1add7ebd0ee3c985b86

    SHA512

    4d972c8e469322d0922b07d49db372bb0fa7603296ae93259a3f636ba08906a67c715c6643414cbfdd7d54c28f45ac605a2af644e50433345541db0203a76aaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c47fc8d2a76a1159deec7a520b0afe79

    SHA1

    e62d8bb33b371dfecd46e9bb35013bc490558c0c

    SHA256

    6471e96387189d5fc498831cf7090809f1defab72a6d45a1dcde3db5dbc744ae

    SHA512

    9927857fa3e27cd22f3226ddee734a0a7a9ae742ebc2639fcc4db936186da8377fb896225117418e5e716842c1482014b2bfb66ea05e3b1963977bf312788b5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    581616aec7846fbe1181e6aa0f4cb60c

    SHA1

    550ed5ce04bcf92f459a38108e529561408dea50

    SHA256

    4190e68ac4375bbadecf27ad79609fc8f192b1cb1be33431cd4547d83e04ed29

    SHA512

    a9b6f4042140cbd7f26c4906ec503f9cbc05bd80110ae1184681988a11b83c89cbf905f2ad1871eaea18e7bc7887703ee073125e33ade12423ef246f92f14d5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8c89f6a6f95ebe4b13abccf6906d602

    SHA1

    51c03b58c200ee28022944a3f9e438219acb13a1

    SHA256

    8a145c5a6b0177b8dcd470bd49f54d0ee8dc08edf24cfa9780bf71bdf51881ba

    SHA512

    3d317699779d854eb45cfb9f33df4fb45839254381b19431666d8c77a69cf83a64045a88ddc93d3ceba1f3ebd241e4356ba5eb723cda14727fcc8c6da018a434

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5670ca3418778065bdc4eae13f058d09

    SHA1

    4b78bd80a99c64d5725570ed7538ecff07d8acf2

    SHA256

    bc95b3488d39c9e2e0aae3acc33d3de93e908ebcf1ee17bb8e40c52ad2ad89c6

    SHA512

    a39c12f4ec17cfa914f9a34fcb731fa8dcfaba6c07448b9a560b96038055dab83f55e3e291782fb2c5982c4fd0b68ec1af557580f7768619b35278cdc1b95fc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a90e536f5cd5b65fd16823b67a8c983

    SHA1

    55d27e07fc32f2a35e2a62852e71b6aa69c1cf4c

    SHA256

    39a24e42d42ad20e10e1f40f4df44242a983e5c60503013744cad54d4ea73c59

    SHA512

    35dd55a6102d35d388d4cac1cf8db51a2f8c278c8e1b40aa811b0a19140d6f6f2460e46e38194fe3b0d77e52b743d45c66eeb387ab045175957ceeb650a107c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2aa251b2d2df5a80647bb76ae09c9332

    SHA1

    bfe7e0d6331533cff83556691420117c9bb09aea

    SHA256

    0333ad334e3eb76c937f090f10b3230ece0b14b092548d7b29d13c671c788815

    SHA512

    b3cebc859b806eef08e06a0ef637dc8afbdfc8caeeed179e0d51ad409a4addbd56882c3409213f9a9e7b83d9215dfca86bdfc90ef633804161644e8c8427d8bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88b2233e541b6debc3641369266b6756

    SHA1

    fce4444b0e41c1f3e207b8790301c83decb7fce9

    SHA256

    07fec33403e972fd4196b75f916b1250b93e3594ecb5855cbcd3d9a28c0c3f0f

    SHA512

    b69e6de4ea9cf5d218c0764b86f8638fb9c4d34fdda39c9d38dbc670f33c42429d06575b2f52939df4b5e4fa9a52d578229dfcc2c4307e47b5a87d085589e1a5

  • C:\Users\Admin\AppData\Local\Temp\CabB78.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarBF7.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06