Analysis

  • max time kernel
    142s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 06:39

General

  • Target

    0c420d4446e5cd961432c8fe6e6803bc.html

  • Size

    67KB

  • MD5

    0c420d4446e5cd961432c8fe6e6803bc

  • SHA1

    c63d9ac744c1c43a226dc6a5af40d6c1169472d0

  • SHA256

    f6aa237812d56228a299bb4d4ea1b7a126e2a34673569ada89afaf58d912ff7e

  • SHA512

    08fa4ae152fd1620dac19e743096930438d57ec7a2f837cc1e93f0d80a25e5d52e8c576591088d10c355b26d851a00bce5394a4c4d025c68fac0bfbe6b3acdf5

  • SSDEEP

    768://KPfPg1PBiE04C/vl6Oits+CxaDOLe1caRZ72SWM3:/ynPg15iEhkvQhjjOLe+aRZT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0c420d4446e5cd961432c8fe6e6803bc.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2216

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    306818b914247cce6855e2dcea4d6dcf

    SHA1

    3c2f55a674e1fcbf69efdbf8968755e2a93eb4d7

    SHA256

    611fac23d6104177e20808f7ef45e695b335db9aa02973ea463fced74c273db5

    SHA512

    e23514a7afd15844fcf679e87e6d93e3d8525fbc1e03c3d14a3a35db5f14addc36435e022ddbd369a3ea71d5703f2590d3f3126c530143cec81b16b0ced259c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_1AE11409F57BC5D68541053A9AA94231

    Filesize

    471B

    MD5

    cdeaad0c49aa4fdc5c84db42c79f3392

    SHA1

    b33afd30385d3e7215df71c972bb07be887a8d5d

    SHA256

    af868bd04eb5ad2db40c4d29bf7fe00a5be4a5b896a30e59f70fe2ef687b22cf

    SHA512

    d37b9eb88e01597f953b8419ea57ce23e13fc6eb1322b7b23a5d319fd61ab671ee1551e85ae4a2ec2984e8e51d9973417793fc2cfa5e2d74ab981b7cb41cda30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    01a539b3e9b121fc5f5aabeeb8064821

    SHA1

    058576926f691420b9bf5161cb31213912a39f9e

    SHA256

    c584ff3627cbf55d0894ce2e808e439b3ec235fd0fc42d8b702693016aeae965

    SHA512

    a99c304279c59ff27f4825231e423390a5dfec0c10cbbc36974d33b7b195e46c4ca72d30eeb76f22049bd78c3123519948bd9729b815710234487c48eea2737e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e2c0e644c822ca93e9be57414d9c3cf3

    SHA1

    5fd35966e720be902fcb886c295507b4cc59c92d

    SHA256

    744f0ab6670629f7d87f80d68f3666d192353734a7f8781ff47a70c2b950352c

    SHA512

    b3020273b40a16ba35ca5b19d134e63517084259c8a83bcbb95c54e6531f892867ae07794ddcc7453bc23a709a29d5861df30b671fed156f1de2386cf9bad7e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36f5c7ea5c8ef381c55dbd80a1bf9f51

    SHA1

    b698959eb747efff47d37e5fd129421ce372fa5b

    SHA256

    0d98574327e1a9c13cf97cb0d59c8dca05fb7a6b851fa0bdb5f8aa5caea6a41b

    SHA512

    556ce0dcb42be23a69ba610d2b7f23b98c4070676f50991d214ed8e85ee18a67985e2114c39b32ae5fbe97270f0d0fa1de203c9c9a31ab547be97b0e58d9ccfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0415a674a29d00f94b9f067af26e5e72

    SHA1

    21328e0b29c04341152524c60764cf2a04594d45

    SHA256

    41ae1664426f2bf2bf2a15de10395b2009c1f4bb80d665c4670d73d04ac752b6

    SHA512

    d9804dce9042c3840fc76b0ce3d5d91342d4ba1268a70e949f0f8d16092b941a8d3aaf13f98ee5e944c6abde81d6337b3a5068c28619d3ce2d95e2f5916c5a29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d27dc21e3848f05a61dc182172a7e3c3

    SHA1

    c4d89de37725ce193166e599a997f68033330f63

    SHA256

    93dc8895f7a9860831598defb46c20eeba044188cd908f320e4f67991bde8828

    SHA512

    86c8b6033dfce1661b88d15407a994d6a620784953814ddc209930ed6a0c2439c1a72dbf79d96123fd4e3c7cb95f2e58715dda16b75a72ab5cb0cc460906c28f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d06a456bd3ad8e6faf5e274527232e1f

    SHA1

    910e458001d33749610a61c21e56d796a6f028f9

    SHA256

    46501a375177f069c9c138bc666c0122d004d4bad82fbe658421f67db906a944

    SHA512

    2385baa8a77649e0623a37a9d0c07cc1edd250b71fcafbda5443bf5824c08e314f9319f3367e70eb9fa2b24c9cda87d405a8b7be3d83774ed38f3440ef45e435

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32929ff3eb215333908435b7a933b6b7

    SHA1

    b90e40250d25d386e6dbb837ce731f8225226791

    SHA256

    a68acd1a21ed5269c600c811e82a8d72ee91be657158dad4cea6010185409bea

    SHA512

    543e26a3aed06ea15bd31a3cb475b78fc0b3c01737ded3280017e046532895451927a12eab7597e1892d0503271db6b1dcb6d4787a8036cb47da5ba18f66f546

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    713d2e9ca858e80ba85c9631c92bb93d

    SHA1

    34a4bb42f84479b3c2325265371f18b78fdd5788

    SHA256

    84ec0ddbc8bf6b814fc59a9a3c6f59aa71b2a1a00dce60c5398494bfd9ea1438

    SHA512

    48513b91d1fece93e2828feaaf71c41025ac09855f441b7ea7c2f20e288867b9a258d72c263183c002ff2d4d67a1b9c8f435c5eb0e3cdea9d3e54883eacbcf56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    97fc73633d7321b32838d2348be4cbab

    SHA1

    4a4c285b67efa7876d95d99af9a8eaef2499d269

    SHA256

    f1e6e1da6b3fa7e97365181c8f372bd760d323d337b0e3b8331e09f68efd2e63

    SHA512

    f83774a98db4a9fe1024d2ca88d2a0e0d4c8a2dc5dd2233a92f801321aca6c7bbedfee8b1ef2f03ef6820111a6043b49499d05c65475013189974eb8ba4dd943

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    77f9ed95c78d811c4188e14e4fdd6132

    SHA1

    992fe57a685e1f045d544d780643fc767f867b68

    SHA256

    3c1b7a720b0d17e20e2f6b81725e205c9f15e41d64fa59e6c1546df237fcb451

    SHA512

    40ad68e1a8d9e3073f3565a7b000188db9fa03e3f93aa0725a6224149738cd85cc42c7652c566163879b9b21c3be5e41856d4bce61dbf8e1ac903f783b41f81e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a91e0540c6be37b4a92ce3b296177c3c

    SHA1

    182db996b33744ff6dbd1146292133259f1f8806

    SHA256

    27e7ea50a68ef2d7d6b59ff2bbc7a58fb1e64d95ecd9678f268e2aa6fce75ef4

    SHA512

    1749de750eafd3159162663b58eb893a21b46a582b59aa0b83b6b1978741020c456853070a3e77d1b2e5a5e890bf1999b38e73bbbfe149087b5edaaee69e2a50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5f99b5d99d0f8bf0090d9c3a415c168d

    SHA1

    58da3bb9fc3e902900e547b3161d646187cb2ae0

    SHA256

    07520cb21ab9ffb289762fb16539ab7cd8985594d047890fa735e653336b1c69

    SHA512

    9948393d603e4c09942ca2ffbb187c8f84e9ef9266e96ee021742f7e7d8ca177b33aee882cabc78c124b6722798e7d847f220ac3766887fe8745c988ae833bdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    20fd9409385b9023c75a38d5f6ee534a

    SHA1

    c220ad3b2d4668acbf2f8f66a6a549f54c574902

    SHA256

    4444f61cab115227117b8e9ae442aeab75be74502853f9ce03d2f7d3e4c4bc27

    SHA512

    f8f0f5cbc973d297f2eba5ba60e94ebf1144f04a7b9b1463dad1a13864059f6334d47c2d5f87aad466d5b207a4f65e0fcdfaf3bd56476281222ec42661a540a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    50b998b4939cbf75446327956e5d7bee

    SHA1

    b1ba147b07e31f143caf93fae961fc9d2bbba7b5

    SHA256

    a750fba5d4fbbed61e69caac7adde858edbd20b321ad9452cafdfb4b8175cb32

    SHA512

    e7722299c0314d6763dd6a3e95082b30a35556fce15b14b0bf6a606b0d0db82b41094df44a06840c00b2276a780b0e79c357cd34332360853360bc6a36cf6183

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71e7360afc244e58da800becb2604f32

    SHA1

    b2dd57eba244f30278eb4867a5d0f850b9342040

    SHA256

    26b21195815776ffe5034ec42935cce588fbb46aeb909f33851b299ae55f76a0

    SHA512

    abc67884888d8ad6f379da70e6a47c54ac36882eb9ace0beac40a2c487d25644f89bd3afef34f82539f916f0152759a32438beb220983c433201ab26833747e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c07b3c613be339d813efb9573e652f34

    SHA1

    54d28f20b7b8374e0528c0f9dccbf6e364904d2c

    SHA256

    9bbab860dff9fc677c03e9a3d8d4a6cfa667e46ff21d40a0b05a5ecbc18f484f

    SHA512

    20808f486232fe1a7582b1ef3c181b1f2e3a5ed3b7b7e27384cdeb2d87c506eadcb3b81353006ee293d13a550883bdb80803ffc7422742edc9bf2a8c74f9f7c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    63557677353d5b1706387606f3215009

    SHA1

    0da19b2a289ec21351c421125218c1e51bac4407

    SHA256

    09c6112322e7593c04cba64ed950410abadfe09583581e74244ce794cbb87d51

    SHA512

    68c505f8a808f5ba13c1e29429fa3787fef6fcc106b0df92540b1ef14901ccfdae9fe9ba8050ffaf0885ba08d2e9dc2b2aebf735a89b00766783dc3039964a8e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4R90HQQX\cb=gapi[2].js

    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6WEH2YLI\plusone[1].js

    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

  • C:\Users\Admin\AppData\Local\Temp\CabA77D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarA77E.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06