Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 10:47

General

  • Target

    185c069952d01c0f4e2c50804f45cd76.html

  • Size

    13KB

  • MD5

    185c069952d01c0f4e2c50804f45cd76

  • SHA1

    4ecfe45e17057fcf3242d0e710df16d863e782b7

  • SHA256

    1fb2b89ca72531c722cdea39cf008844973a4eb44c96c95aa4d9302b7bd15f61

  • SHA512

    aab5231fbe8a0ff500b1a35ff3f6f39057ddd6ca248635fbedc93dac294204c449b08140e47b305db5dedf7479510d44517176a01a84664135517d7599e909f4

  • SSDEEP

    192:FdsBbDe4cpzJ/9b+Acm3MbwNeopG+kqZQT0ZnO4kiWyxy9R:FtpziwcqG5Nl4yR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\185c069952d01c0f4e2c50804f45cd76.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    33ecd99b428d4d18a2da6d9d00722aaa

    SHA1

    ee1227a5c530d6c2778615a9439c8a6e8b3bfcb0

    SHA256

    b1353593d41d050f3e98cf7f736f029c9d30c51fa758931f71bec99dba2201a7

    SHA512

    d2414cace35c8a33c0e61ac4499312c30234201a9b191fb46c2285bccebd6b38aeafc02ee457660093982326dedc6b8d5ce0462622e28575ddcfd1ea5551b901

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7bfea5a2c42046e982fd9c6b432a39e9

    SHA1

    0f29e2efcdf64d2780e6551e73019e0e904229aa

    SHA256

    f0fed7dbf53f4bb6b034dc70e3c4eb4037ef70907867f3d10e607f021ee3465b

    SHA512

    23c660f1528df8f2e13e1d79ab0b9e3d92afa91d5edc598055d4ea37e810f4e07a5dbf9bf09200cf530712aa7f2be1b0b85dfdf8ab0e83b051844a007b6a3068

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    505c6bdaa93c336dcc44a2421cc938b0

    SHA1

    4db1da92aa67596feac8c06397747d1777499747

    SHA256

    37ec53ab3180941cae29fe63095670e7e90d610daf72a11d06893841e9366fb0

    SHA512

    48c4690077465c430c0266e2de1e574ebcaea46f083e63e98b6abd3cd0b7149af344f939bca3fb172f9b4fb7ec8bc10b7793d23bebc1cead57b0f557a95cba9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e074761f92b4f41b59cfadc2b298f21

    SHA1

    c987bbe09544e3602cb9ec815b571581458c8add

    SHA256

    bc21c09bba5d61e7e566e05b162577311b5db93dcec8718ee945788949f23e87

    SHA512

    fa3790ae775e38cc0b46941a48d229f161242e1cc43076e1efaffba715dafb8e8e4999290f2966dd244fd4486f89fcfa2ab2ca463d5e139c9b003a2cce5abd38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec1f6ad42267b95da56c1fb51457506c

    SHA1

    afbab077c61232f28973f3040903a28ed2f48fbe

    SHA256

    269a82bef6c13695ca4dc020f74df971277b81883482a2c736630336a5458857

    SHA512

    2482a16af4501d5534cfad1cfc5e85517046c5f41ddaa839ee01460f20ffd588fab0f495ded462903d7dbc73b3fe46be7db9f242ab4aa354a22affa28178ab64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9aec80313ab3ab2cc9fbb3a8d3cf6caf

    SHA1

    ec5ad8fdad773e96882f1de0117911bd0faddaf9

    SHA256

    dfbbb1fb1da18b56053521cbb21367917f4cf6d00f133865a04a0ae19c36e702

    SHA512

    ab855b91a58f8ee0ccf8097d3f09d83341bdb753222cf3f001ab32beae6350022090d3fa6540eaca5e769900d246cd18b631679762507377466621fcc70dfc20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d0eaf4f0f53feeabbfad2eea4156a93

    SHA1

    c60aa8db40379e354d0b7abdc51fed527cba10e4

    SHA256

    1f0920e3bab7e736171bd673f5896b5243502b8ca9a5ba4fd2332067ef3d9a21

    SHA512

    a686ee0e3b7332a9084d9369a3cdd17f6a2d75780b28e38f4a30a0869b382e43451c21c378313e4104a85a44ff64693e9f69007a696f555a4351ffe06b26b9c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d153625c65ba44997967b7e5bda2ffa1

    SHA1

    ae93449005691c2d89d8dbe2c45d3b50907f3773

    SHA256

    761103f44a4ca5b7d40eedff632bc7d31a7523bddeb917bfff272d3b426dc15c

    SHA512

    38ea3a3d5304442a7965f1ccfe361da43efe2aaae32180977a85ca63b41309e1df07e504d26261029941be8f0c5329c5a69a8b0f6ff45249c78817b2774924c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d9338cac80f86ff6234c1a6d3e6522d8

    SHA1

    70fda3d2bb32f14f3b27042268b0b6aa70ccf3c0

    SHA256

    a5c792cd2fb5ba501b48d3222bb8ec2262d604b67882e6554834a1f36685e953

    SHA512

    9c4d6c6017bb95b9edc56e4b1367d3a6eec6023ff7be88445af2ee4ec8cc2555d83853a7388c8707441d6851253c4c579c5d34d1f61042fdf792ae512b37d2b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87e6e5c59d93f2bbeab812299fdb8716

    SHA1

    a5b7275023b39817d1e20e2adeec5459ed9ef64d

    SHA256

    05e03c813ca930fc2f0fe6691bd3788719f190130fbe4f14fefe416d56f975f8

    SHA512

    fab0c1956db23c80de061373de9f379d8bd1e69627b57a487e51228dc583b0a80afa769f4749c9c759f8c06913f02789cc07b159f19c02df56e8c3c3abaa7e4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f3a579cbbe845d5d3d59fee989b75b04

    SHA1

    89ca0e3ce7f1960a044ffd0016934153f3e5a422

    SHA256

    6062b8009e94a1b7013cb65fda972f7d0da0fc15fba68eeeac724a08d3961c4b

    SHA512

    99fac63623bac0bd668df2aca05eab48279bf1d94593a42964824b2c799e1e3e8988764cddfd9982b285fcb507bad54429a2cfb1f35e9f7ec8c1cc0657fd21ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7707c8d125a63c73c76c1a893b97a772

    SHA1

    284c20cfc6454ef9ac9283279e427bd40fb5f3df

    SHA256

    1fa373743b6b891c0d09ec423cc4cd62c3803dfa9c0b077ee75dc2ee6ec4150b

    SHA512

    92a2c93c5767a3f86f89c667074a569860a0995fbbc750a203774decf6e73b6f1e7232f64934bf519001f7484b1e01c88623412ba02338416c6cdc42731fcd02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6e0b758c1ff889a60d3cbb929ac290d3

    SHA1

    8d2e4a548bdb5d73389cf98dec0343be87497296

    SHA256

    57c6d5b5ee12b1a38eb277e8cf06a615add6159971cdf7fa664478f7e93cfa76

    SHA512

    9544d6e3c346a9c76b59e64d0f5aa0737b8804eac0068b942693189cf7c72d1d341e6dfa32f6d3ab6db23f78257bcedc10f99ef3a1d5ed2e4216cbc59017ba12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    45976f7523506db4cbf002a13f090719

    SHA1

    d035ea922d308bd70872c8eab62a3d62dd2e1550

    SHA256

    3565200b6c4f6fb78f1a0a27077cd6caf3378857c67ec461165e5c1c7ce88973

    SHA512

    66048b7a754721f0ae08059313cd2ced584cf0dac0aac6bf3c694a73fc049d68969255f3133e28adcb37dece1d5460aa8c613cb0aaaf9623d1e1ed6245cae7ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed5a36a3a3f923c56dd4774ff5d4b02f

    SHA1

    d7824dde734afe65cfe0df0954f976597f299a82

    SHA256

    fb6e0d79c9e9e575789c71d78bd7b57725ad3b09811cf289ba4f2a69ff033187

    SHA512

    7d8ff65382545d4ca7cd45ad31d28d3b5db20ce3a1a1730b1b704444f9722fa9fab594c381b01113545e0ac20f38ab06d56ed92920d2c9dec5e392ee12786e20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    67c99bf1cf2adfc0b93d3cedbf7e22c1

    SHA1

    87709211e3b9e95914e1355ef17d985557a76a0f

    SHA256

    53c4cbf5adbbe342eadf661e8af15487565e6f6d0fad13353e4529f90741168b

    SHA512

    4f1ff0abe239375c22f7632494fde3a1a61448642e4c8301c866ac7b18d679c59a5aa5f86d2c261e669eea746fda1dd2e1a1243f2b56695d8e9273e7d2ca5e36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    97f7721ad115a6163955d283124af6bb

    SHA1

    88d1658ca42e8dd46831e7e774cb66c1a930cf15

    SHA256

    e597fbb8bc39b337d150588706e5b29fc7089a6e70bcbdc53659b69cbe2d5951

    SHA512

    4c793b8f5dc0c442c87ede357f9687235ebd4aeb8ba57e64d7d82b1d257336f0ce9be4817d49a9f41d3eca3609eba7a0b30c58250ae6a27c611ba53efa0a2679

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    d0f519da20f4b5b5dbb0c3451abbc93c

    SHA1

    2a70a8cd48fea8c232999fe13e8823a88bb8199d

    SHA256

    ace6171ba3b4c58158fa8ce7dadf4bea1a49106a3b4b584f560f14eca30d1b4b

    SHA512

    5be10cf0155df8d4410fdd1d5bb960153dc17ad7dc99216e7993a52b08247504bfedff2ea36fa1fa6c1df6cf6622f6165dc25dd978026dad8fd42906349d29ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar33F2.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06