Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22-12-2023 15:12

General

  • Target

    d3f5360f8ac2150807c578df16a9cf98.html

  • Size

    570B

  • MD5

    d3f5360f8ac2150807c578df16a9cf98

  • SHA1

    fdc102ad4c8baa5c9827ba2b68654a4a282c2cd5

  • SHA256

    ad15212ecaf268a57688cef75bad951120794475e4050994f1649a81b16f1fe2

  • SHA512

    23b0b6bc6589c5ff03a6cb3c643b9d7e43c2dfc707287640d242ebc12357d30a0ccebe3b06a496ab1828d586413ee5d1501f8a7f1c96cca068d39c61599b6767

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3f5360f8ac2150807c578df16a9cf98.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1328 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b15e0a786b724825f721ca01da394632

    SHA1

    6dd2ba2acc9e30933aa87044e3655c7bd0bf9a0e

    SHA256

    094488e277920e24d0e982f80e8835e40124d29c99d6e88843e4650f9d5633bf

    SHA512

    fa5f1b54eee24d69a976a1a80844b56c6b8227c856e48b11f36e9c18150faec03657cf50ac84cf4e3ecbdfd206e0ff7b193bcf45039c8cd51deaba61eef6f1bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e518a86660e18f0f1fdffb2e895f8b7

    SHA1

    9f2804547114037689838212b3212c385a0a632d

    SHA256

    de7190592118b7dd5eceb29a95cd772f61cfcfc15e67d5582f8de93d45e70076

    SHA512

    4c4999467734a928b03197025daa344c15e65ff67688225d0996df5793f4e4778df9f7b7f75f64954ce05655bc7ad022df7d2cfb2f6e75be60260850f5d60af7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a9825a22d6f254342a642a7723e917b4

    SHA1

    aa5650ccad7cb05ef2dabde2d68cf6dcab1433a1

    SHA256

    8423eafe5fd3ec695c977fb8ecb5c77aa12ed0008854805a066c41b37d199519

    SHA512

    8fd86160284f69fdb1bde373e2b4e997b66b0e83d452b6ee0b12be51f3e727611814e70e86efd27ae745a84e6df5b533a710d080b506c4f515f451db1e28a689

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4dab155d6b0fd74586488409f4db195b

    SHA1

    a4f4855cf416e8708ee3f65b9d7401ac0006b51f

    SHA256

    3f28ede8b7f3241a8ad34be7b10851ebd6169cce8b0536677ac00e41d436010c

    SHA512

    5bfa68562477c6fd91ded88ab0740e2e924b3efcb51530ed025bd413f6e7bd435af46b3b8aab22f20f057799959d33cc9d2e160f6a315f6ccfc3a0db227ea102

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36d4d139782a4e1ea37ec0ae5127d9f0

    SHA1

    9b755cdc8f8efa02c5a158a6dec7257881b9bedb

    SHA256

    16827482598addacc43511b981c88dd6d39d08aab165ceaf3311b05914e3a9c2

    SHA512

    df6831634f7d4cff425f09621f0e9ddb46934207fafd3cd71e53b3503e39dec73824f5b31fc72928da4eb9df38d7a8e03b983c9d94d7744ebfcae17e3740594b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9a1dfde7d892c1b9ec51f84154e2a5a

    SHA1

    60b7d0d62e0b3214fe70fa8941ad8a0d388bbe11

    SHA256

    1a62fb4d4f6c985a0b939f1113995250197826109f889b669135a7af6c451963

    SHA512

    f19ad9b1a2c57f364a03b46b7d6865cecece6e051eece2fc471cd39a78755ba4f2ec9bec1dfa8512eebd11d6c8fd5122da9bef60984ff3308dd8793d10f41932

  • C:\Users\Admin\AppData\Local\Temp\Cab6D94.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar6EB0.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06