Analysis

  • max time kernel
    137s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24-12-2023 17:25

General

  • Target

    0869e976d9290b2adae5cb52e43cf1f8.html

  • Size

    57KB

  • MD5

    0869e976d9290b2adae5cb52e43cf1f8

  • SHA1

    1362cc67de6294d7285320d3bc60a6a836aecadd

  • SHA256

    e8c9694f43f4401acb23a0226498dad8d6f6654c95672e2de34dc0f961f4806c

  • SHA512

    eeae5ea3978bca89fad80595592e016ad5846a7c68cdd2416c45a01331bb7ffea803cec3cebf0aede7e26ce483b06a56f8a8ff16680abaafa27839c3ae5fe016

  • SSDEEP

    1536:ijEQvK8OPHdsgZo2vgyHJv0owbd6zKD6CDK2RVrof/wpDK2RVy:ijnOPHdsJ2vgyHJutDK2RVrof/wpDK2m

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0869e976d9290b2adae5cb52e43cf1f8.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec8f9466fe5b0caf79cf56167f9853eb

    SHA1

    ed9d8e6653712909926d9a06c34ab37a4a786627

    SHA256

    f4bc9cf416d008f24067a2ed2f65041cd3092be6cf2b6c8e1afeed83fa2e8928

    SHA512

    124438ef4c55158b18691dd78670f698eca9b4284750caac9121c0662f146d20f8745aac85709fa0d5ef4408df1e3c9977c5058f16960566fd42848c1c301e5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fe40dfb4f84dbf2b37862708d5078f24

    SHA1

    210ba482ded8f8eefb5d4d1762beac5cbd90e6c5

    SHA256

    060ba3cbe9fa4dac21652470ac65675e2c2598d4e05eb652e807623e5b032e04

    SHA512

    b3bd50be29e8f677472f913d24cc407d54ef2277039d174b4f8f80fe93a50ac1c807ff8b58ea12ba5d2c55416f6e0d07e16dc3fce388dce46e348d5a6de99577

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cb14432504b3f07fc67bcd58993b9a8c

    SHA1

    4aa0052539c285ca21d5edd6eb0538e0c89432c2

    SHA256

    e2e60e000820675214880394cb7d265e7e73a8de1ce37563930e9e75e32622eb

    SHA512

    6335c9ce7e364b387dee8d914a7f6c2af21c2d183b910c95c7fbde1594ea180189aacc61e5e20a12b7452f5e8dcb72d2a69f2baa624a7fcf7919ffccd8257007

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ba0d6bd871468838463d8816902b82c8

    SHA1

    9bac3211aa6a270e8940c53f5ac8672f8665f109

    SHA256

    fa089309fa7bfc9deb7a325f440c242c55909336887722ff7fa92012469ed58b

    SHA512

    c6792e3b3e76deb466b8233e87bbf3d7da9f99c2627380c4c2f00e41d76f479b82e8fdb005c5389334760e80d92c91cfa529218ce72084b6e282e0c5aa82b933

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8aee26f97edb6064135fd2d27f1b42c0

    SHA1

    9b86f0b4dde8316c21706b88a7d87cbf6cb3d46b

    SHA256

    5162358dd2e9f5d6521a271b3c7122ee04db0b0293debce8565167413ce8dc48

    SHA512

    f3366c2b0409cf623e8abb40f4abfa0ec16eb2acfa8b6949c1a6b28e9c9adf6e417e98f57d21474e36619563ba9e172d5b2b94a7d71a7686f9cff42bf77941f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f76afac9bed91f9964534127040f0c3c

    SHA1

    3861e0b9272f2fc22739003584e216a09896b8ed

    SHA256

    60ac8699fef3085b21748a825d47f1405eab54bd0ef6bfc9ef2154beb5fd884e

    SHA512

    a09e8e15a5dc5b23257649121659eb44ed13540f06a6158803b74983ffe4d6aebdc70d9c091c71a400f89bd0e7d0c3d351d3a7ddfd3868fbb5f4fb42d6c59175

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    00cdfa0caf09437e36c8aa995124f524

    SHA1

    c522f48a485a6f96384df6b4ab7030fc3c75c863

    SHA256

    cd331d3d1c7b244354ea2a272ec6fdab3d93494b3e0423accb8da86451730e88

    SHA512

    f7044c2a4f0fd3c94685023a3ead12e253f8c94374ebeb267f459fce62613026098799f38c89dc6e1e4987b924553776381cb9ca83b076b99a339eec11aaf290

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b0504817eddc3e1979de3950aa44dc36

    SHA1

    615e6bdc46d97efbf73ff6dad4c5872115948a34

    SHA256

    6d09ff42189e642ea0123bf456a7599bbe2f96166be3c1c247bed0ba4280fb9d

    SHA512

    905637a9035f5a73dd737fe6e428e26dab636666db11cced0a7699a187f75367294210699abad33b3948ab4204bf8bdb5cdd80d44ccd33d9e4c53b357136f8f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ef314edde2ea5cb8c7dd0a1a917ddd69

    SHA1

    0e520167bc2159693b239195ba273f06a6d5287d

    SHA256

    4207a571c7859c86840e668756ff3254fc8b2690a50fbf723cf87411be04c110

    SHA512

    e5fbae4aa4c0115f037ce3cdbe353976bbc66232da99774610223e213f9264a3bb8500731992622c2f88d7c0f111216b64bd16aae072b3b7e9376e83d5d7e682

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c8e689c042138f306c6a50b9598b2306

    SHA1

    1a570d7a645c11b849af0d14ca1204a204a60c2b

    SHA256

    e98ba86ce29d3d06cc670fd0d5804ce97be8ea88c7f1472a12eaf7e2be38a2dc

    SHA512

    a70c4f1c710ffb5a0d89bcd9ee84781e2b054dc764f0756e34254320c4114a53f9b7e2bf72a3b5a2919a221e7d06bc47f29fe269190725a0f51559d17f68737c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    953dbc018749f509459a8775078a26fe

    SHA1

    e6aff6602a34fc9a83c3a0919e707122251fc524

    SHA256

    bdf4ef0bce719df0ba28667ee9a1ec8fbcfd2acf2b919a9bf9477f431b38d1ca

    SHA512

    797392426330a31091b4a2191001c95fd5b95df9c9d5c254d13028a884ce95ecac4758f012e3777a531c381bf4c2a1a96f2cd7759dce8d99f5b0f7899b63548b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    03d9241a15fb268419bf7488ddebaaf6

    SHA1

    c6b32dac51bfaaedd089b3fdfeb844aa98b82d27

    SHA256

    234e67bb53aac32bded0368bc4c3e8b1e9de253928a96a9286cabe8764ec4534

    SHA512

    28c4e0bc6ddda2584ba233bda36790277ab46800af1ccf1221e0c0c608b4ccd74a1a3146195564cc30e80401d58ab3a48edb047d5cafc4999332f3d4e11788c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    906336e350e6cb83da82fe4a8ddab885

    SHA1

    cc0d2bbb4f03be44bdb389e1dc127594b7e4013c

    SHA256

    918d1ede9e37e59a72ea78863728eeadad4cb3e36dff2f33d996e1b84db799fe

    SHA512

    ff820f36965ab3f1be56a8342c7de1ae747e41902836bce46fe56b7ea4f7fcc49d3ae00e7a0901c26d089a398120d8952a182bc93cb7e111aed102ee5874c095

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c544fc94f53257befdfd17c75e3107a4

    SHA1

    9deffde2f11a34ecb32e476befe2f0483a966fa5

    SHA256

    6191e526e6d8756e3c9eb9456a40b588cec87619ff32ca77ac1e2873b6aef9d4

    SHA512

    278fef63098d39067c7e1cd767d277e4bc277407cfcec5e5e7179d59c4af3a4e17171cb6ced14419dbd86160036c5a4271300ce724d002269ddbfd59997fe87f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c7293900b0b5a7b2ad8a51765efb0e13

    SHA1

    688ccf6d782a43e3fb38fc86c17ab62ecb30bce4

    SHA256

    1ea933078e6069e02e111c6f7b93289ecb2e71280f45c77189d80739e1083004

    SHA512

    6e6c4eeaadf4acbdf5c5b57d1b8120c4f1fce7ec9b8a0ab0a8584b76825bf7f3f8c7723a782543091b770b3c1df0fb3ae3766070b378dfab96409b35870cbfb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c95688a3e48309637ca528843d3ff05f

    SHA1

    76b790e37b18181c7c7a598b6945eb2737527237

    SHA256

    d53ffe047e3c3b9a928ab4fa1e3526c85dc569480d914ea44571d105eff73fa2

    SHA512

    cc4109da5c36ee591f7bcf819fb31b58a9e4ef681d8613cfa57d46074b5d576cddd818c90b6ee19c3751e486c255621bcb055c28c9fc0c6ca2b03713db4466a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec25dcf819c1bb883d10b69b5d369f67

    SHA1

    0267c7c238c9d19d790e5125704e95b30cbfaef6

    SHA256

    09267a5eae874ecc87f7bd61dd36d3b4d3e6b33a227d92b5502ee6b0ad0851c9

    SHA512

    f1f485aff6656fec32b07534b0c92e5e1a62bf1bff07e80e8c65ae28e01c481d31424160e9ed824e05c4a29cfc47ef3e9a875ebef3dbeeccf53dd3c0f9c04b91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0ca7c222e43d83de568ea2625f3a63a

    SHA1

    538ced9c68cc207826010e315ad2b31622da2df6

    SHA256

    b0dff4a5a10e5d3a7f3c62540cd297cfbd24146b288f2bb1f1bec7f1a0759aeb

    SHA512

    55d5c298bc2eedffe06e9af01b18c9bb98a3cd0a4dadc2c7c934a255b95bb3e567feb49e883ed9a37464302a6c2f79c8ca334cac504cdcfd9179572024bead3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0fe2b9870e661b5f09d665436229c59e

    SHA1

    17906051dca8c826f392d9947f899bcf0901a014

    SHA256

    adafa567456cc10be39ab8ba983080adf707a2358808156c90c4db5ec1ac10a0

    SHA512

    80e322124f52e642d03ac282f95bf6d92dbee5d536377f7e73d10e75e404b9493da933202a3a64c1ae3635ce556574a4a1f80f0b66877fa92eab09290e831383

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\f[1].txt

    Filesize

    34KB

    MD5

    177f413f34f6226df1a1d91d2958ea4a

    SHA1

    0f70736bd5035ce5f3ac9d3cfd65299cd92d35f9

    SHA256

    71c78f0184044c0b81f320c30cbc41136049f84b951901edf9c36ac9949a3d5d

    SHA512

    a2348d8193fc1a5fc76322956d9ed7925fa7af7e0aeb5c43a7151fc9974b3b5af7d815486551864b9404db36611433b70d4e7f3f5876420ffa7254840b4f050f

  • C:\Users\Admin\AppData\Local\Temp\CabA747.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarA826.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06