Analysis

  • max time kernel
    145s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 08:20

General

  • Target

    1198ad2d4342b09564e7cf1212cecf92.html

  • Size

    57KB

  • MD5

    1198ad2d4342b09564e7cf1212cecf92

  • SHA1

    25213dd4fc2732d1a5e24b86fb4199b9f9ea42f6

  • SHA256

    6f6a0f8a4f8b04627500a1bce60ca14108cf532eed43556a752faa7b287bc111

  • SHA512

    a5cfe9fb41b1106b86a2c454dbd8a4b16ac5c9373836d8a60c91cf176debc6a5a19abbd0e7951708a87bb2ac0ac1031293e53879344ec72c9b8a02fab8815eac

  • SSDEEP

    1536:gQZBCCOd4nK20lYj/P/Nd43odSS70fL3dX0IxCvwRRo+3C/V8iAs7o9gNtEJUxQU:gk2p0IxbJUxQvMT9BNIkwrBw/58uKzJI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1198ad2d4342b09564e7cf1212cecf92.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2400 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8a8739c2dbf46c16c0f18167eadb48cb

    SHA1

    611031b0410defa33002428bef21b2b5a011b02e

    SHA256

    15fb72f2d507245d9a1ae4c7a9aeed34ee3267cc7caf954c7dd7d83b84e5bba2

    SHA512

    3dcfe885616ad0c3230e74777688a778696df9104b2aa2769dfd916ae402a8424bf30fc0490dc67359daf54660f69befd823f6b88a2ffababdf8764185e11105

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80f0462146e6f8601d74a8710f9d95f0

    SHA1

    614c84d581cd36eb8385f602fda8afdc2fd63cce

    SHA256

    b229dcaa337ac9b04c6ae8f3fcb9d3915dd0fc12cb9c1d7af5c0dc28984290e1

    SHA512

    b9bcebdc68ac3482b36e0bba6a55a1719d2b811961bca6e68c9deb5ef7b32d444b87aa517eea276a93997c42f388772ab3f44c5af1669ef61c040225ac501aaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b40588b697c48e000bc4bd4d5dcdaafe

    SHA1

    290c1f713320acd1c48a7352d12522181f5db6fc

    SHA256

    98cd8a00d5ad18f066ae3046ccb00c05d8c7e21cc522f802ad8fb2bbcc1dd8fc

    SHA512

    5c569d220f284122f3534fdcc3d0675481a98def24ceeacd46fb39e791cfc3334d5f445e3ae61543edc7a6b5976b1e5db040d71d53f1cf8cce792029ff76dc09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80395161d7d7c6de7fd53680d0f31a8d

    SHA1

    c742992319e5d22d43c7f365445eb570a251d41d

    SHA256

    b2f72001a69c051c99f2fc3c4acd87c23a680c2de3ef049ec579f8657b2eea98

    SHA512

    506b71d956909a5e48baa867fa6909e2559220c7a6f169b5903864bf21428c40cde419f4f0cf35083c1c7772ec74d0054a7deed03796bb1dcd4a79e1b429e25d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6616f91ffd7c4f149d37cd2abe77a2a0

    SHA1

    b6fa39a2c0867ea21a424674e860540df77f4454

    SHA256

    dd6bbb1d4378786bce9242f38d3ee09f420cf5dff805ceeb953c50041c968cc6

    SHA512

    b93104b64c4617166c092a1652275ff362dd065157ad9b44cb618d92391ac0b356edc0ca6beb9f7b7827b5ed383cb7d6e68904b14e636effe342aa268d329c3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b438930df2baf9fc3941d2507a41b3f2

    SHA1

    a71816176ad2003c398b63558787b14c882a0cbe

    SHA256

    645afdeed766f87b28d2301e0b668075c1fb33a4ba31923587dc2298f5229e56

    SHA512

    053009d6666b04ec8482bea021ea221a45486223e6262892ddf437da52736d30a1c82503d9abe2ca43ad8793b1ef4f4a31cf2915f711ccfadda4b7877a3db56d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fa184b218f80c2f59926319f911b2519

    SHA1

    e2c63340f5b2ab9534e78108477c9f1d0ae757b0

    SHA256

    a7a794d5422633fc0a452e54f551b9a7f876a963a69a65af9803f32e81e28c26

    SHA512

    5d30eb82e590f2f9d529158670ff69b794c2d1d66f7126fb8f7ea9f017554dd1f62f5123775b3bc6c037c797744a49153b4841700e50629550337bfc3d816b75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0c135d415b68620791b032611c76e771

    SHA1

    836196fa2fc134fe49f78feb8beb02dd5118d328

    SHA256

    0d6735140686072c2f43eecbbb665e937e9d5ba580f75cc8eeec457f7ca30c78

    SHA512

    9b36a31b2eadb8184fa4eb2623260f07ea4f5818a1a82ed7bf960570d99d93742ce49aeef2197cb7d764cf69f9b3c5a54d80c47e8bc09880693dc4818946bcb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a1c92bf104242ab0e5172b654b00e985

    SHA1

    678a7b5140ce84f08051376ab99e76bde52d4a21

    SHA256

    927677f19036b09cb9918201edcc0fc8568a4855c6e6828a65c4a80565e92bd0

    SHA512

    bdfa273cfe1e8144cb4663340662284292877f16c420fda7b49b8f9076b7fc9c6df0b54338dc6321c21cbe5250ec512c01717f086df55e37d173b661ddb503cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    394a0759d20c25440a612075d953c961

    SHA1

    764cfea00d652d17a699762fac3715e84225829d

    SHA256

    19b0a08cba58cc26ff20e8c8c12476fe099330b5c2b71a6c7c5eaca9cffd7a49

    SHA512

    690b3d4228351a8ef96b2d6fd663211c82414da7332df28df1c49ed63b6a7401fa9cacaf2b4584c48055c1b2553d29be0c3220cf70c01e0cbc7e7c8e4ec967c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d3e9abae136728f027e28b1360636bb4

    SHA1

    4365ff9b39dd42b8d449de5a6916c325f4743ac7

    SHA256

    970e95148b0b063a2fa5e3082cc6fcf195f799a2125520b028165b6036e4011c

    SHA512

    630292c8d7b2ee878374edd60d143251361fa49cfad75b2085e2fdba4821a74b62c4dabd074d0b01c79d6a98b72b3d4ddfdd211ea797e2c5fd061fafe4e899b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a37dc8cec289e1391be582e9310fd8e4

    SHA1

    66793ff26d0bc49c656f6bdf2ebdc52e57b3697c

    SHA256

    609252eef3ea94dc297095a1dad8ce42c0452dc815b70286b640d916a636b667

    SHA512

    65b3777b6440940c04c73ff56739ab45e1842af703bc7320be3a15ac53724344488fc09293ca11387ec42c3a62be09800c296a71feb81275dd4a5ed40897a7ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aa1b5859e25030cb44c4730b493ca497

    SHA1

    cab44429fea0ab65eb2bb58971a50e010acefe01

    SHA256

    2487216b0ff64d06d647b740fedabe5da5b4bd222f91195e983cdd109338a3df

    SHA512

    8366f361025b64ae988da72e42a85cf0666b269088d9a274e258ae926d2a25badfa2ce667c3a37a4fe37da64372f243f4b9e2aa1b97a67d6a6c26948d2e6b3cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d9a71a96b252dba109d3ae754a2aeb3d

    SHA1

    0b50f482c80b2512f78b666e6b1bdaaa1c24d950

    SHA256

    ab405d0b86f637a875ad370fe40907d4af7b153a99224d73d3c9d1d0f30649a4

    SHA512

    3dea5f2b2b726166208501a8703a5e907029f4a99611811a1c9026b77404fcfe73102b363f67e67ada3693ad11f5171e364662ac49d640d88da75f7ca112dadb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cc497c60f48aba2a6b3d254fbd87bb66

    SHA1

    8603663f37d2d3205f7b614342d1f3e857a2863b

    SHA256

    4f2349bd15bc3f2db87da57211521a5e83e71518aaec1ed7dcaffb3c297c8bff

    SHA512

    fa2a40f0af70fdb6f7c322b1fe6c9f60cc2559c19fb5efa4206e21d519039157791bc7131e549ebc328df78fb5375a3ba21a22cda1e22c3457e6bd2c1d5dd339

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a1ec7d1e7b1b8f14fe4ce96c2ce4d697

    SHA1

    2692b583b9f23ae6dc5febbd371014cac983cd10

    SHA256

    ae1ca11d769210a0c43dd9ac617a914ef8e4036951b406b8617efe4f37979e3d

    SHA512

    40368cc6896e6230d42ea1cb54e3da847f378bdd0673f531fd5086ddcd33f20380d268ff698f9ee062cbbbbad94ccf00dac74c0758b81897b4649c8f313fbd40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    29093b707b1cd45674efad08bb3f81f2

    SHA1

    f17b775e78bf9787b4c269aa4c5b1a958a43e721

    SHA256

    6f6a860f24b533ed0a6d298947a556618611adb797c52fa581f780445d5759da

    SHA512

    c74228442120671b838027e90df0a37d689d41f1f7635a8e64ead95697013dd69741e9b180dbd58f6c8b89dc4323b912ec4cebc65e755afd84960fca77816e9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdbb9c0cc816fe39dff0f72e6e633e4b

    SHA1

    d3d5bb2836f3959f9422b3b449ceec80dec15e4d

    SHA256

    2b46ba3aac3b448df2893ebda2d30f36eb36ee5e4fe4d83e89695cace354875c

    SHA512

    53940961758fbc56adfc64748fb8c34f65b539e1f0b4eabff71848f95fb624477c98a378a06e2c328dfdd8282b845e0b050dc06f50303f05d1180152f2374d76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c1e8dec04289f292d9b6b9bd1661b088

    SHA1

    9ae3b7da58b0a075bfee1db90c184494bd83f396

    SHA256

    02ad684c5ac697bb1a1a576f9305ffc8ce2b36a1463bf4a5c96c32f71f94af1d

    SHA512

    0bda1a8c7f93740b742532c875148bafd42d4380c914644d3df222dda5cced255010e38824e26864c22a8eb19cf3f6b287e9ee059538c7a8ba474511735f5d0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    59ba42e22f0d203ace58e0632503bcd5

    SHA1

    afda8c56ed7e54cb7684b6645ea1ad498ebaf5cf

    SHA256

    81fd6a499678738885213b043f0e8b50c949c57d6a5160c197334d840bf97b24

    SHA512

    ba5ac327d5849923a67162a461c0f5083631b25d5734afd47862f644f34abe67a25300cc35bc213836a069a054b57b523b581f45fbff7362df6184bca7996ce4

  • C:\Users\Admin\AppData\Local\Temp\Cab78AB.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar78DD.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06