Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 11:39

General

  • Target

    1b7ece090fe619a303601512fe0b9ccd.html

  • Size

    23KB

  • MD5

    1b7ece090fe619a303601512fe0b9ccd

  • SHA1

    e07ecfc113a6ba3e1f38b6843fc2503e65fd5c0c

  • SHA256

    e5688d2b4b05859457ec4747a0ae81d9cbcaf2c3f999722d6f11d11c7f7dbdd4

  • SHA512

    7c8bd672869d99716d82bfe51312aeac25eac3acce1d7f562508eba1879b0f602ac30d252389d7a35b110bb9fde33e82c320b136a363c517b484ca4bf1d639e7

  • SSDEEP

    384:S0RcX1pyyt7Pbjbfee84cJHTSM3zZ8E81XFhwyijD48VtjgcXF6jq:S0RcX1pyyt7PnbfRv8zSxFMyMD4ujgcl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1b7ece090fe619a303601512fe0b9ccd.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1272 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a8e2c2df676525f027ee9239760bd8a

    SHA1

    43bda715f98b317e4a2d0a573ad7106ab67c62f5

    SHA256

    0280de1e26c605a44ed686f34cc7b696560b452007911e1f55ba63625932e0a3

    SHA512

    5aa61a9dabab8bf2c3a7659e5547d751e13a9869462cb0c2615b6fb95f2a5c5d8a99c989608bca73ebb5df8fb591f294446cd5f0d98edac6149a674e9358f3ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    95eb4f2b57120c60939e97f90b0d9aa0

    SHA1

    49934c49fa3d404928b5c3e87f9746dfa65d644e

    SHA256

    7e31ccb91fb672e5796e42d9cedec94c54b26147dd151ed50de0d0d3b20ecfb8

    SHA512

    e3a76969664f983d8a03524865b4e89709409712dcca5c92b383a764508083df721be542e804f4b899587aa64880e9e13e5fc1bac075fded1bd6811a616c73e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6018ec463a16f4da54008825b8cc7dd

    SHA1

    1a609e6aa8359158ab30f9f6704a57827ec4fcb4

    SHA256

    54fec09ddd9357620c3bfbc645bfb9f15365a9c06c5f0bafb091111b8628579d

    SHA512

    2a36210c4342bc6448385aa9158f12f5056e47104050b86a555c38a87ab30e53c170d8320d40d797bacc2c9eded857c7a0c5a2468f46103a14b793b1f5cb6155

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1632b4e312d34f18e17f38c1c29a30d9

    SHA1

    5229e2bfcb6df44508e5e4e9645b521fc6518183

    SHA256

    9e5d1cb2b0e4af1ba55bd1657ac59e4e8d22b3d9e487a33519d8327c4eac726c

    SHA512

    5ec7c5b7f62daf4a2051056736522d5c5d3ca401627ac9e7b993b4c2a610d8ada62c4ead923424add11bee6ba7225fe043b7be3f7792a0f0007564d8236301e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    44636a12acb95724b476d88b7a97c061

    SHA1

    6f003e1bff65f3e4d8806e379bc8d19e35ffbb15

    SHA256

    a581ded3e2713ddc16f10dc8d85a37187d72b17003a6a50a2d62424caa23fa3f

    SHA512

    667b06964d515e36c2a89da13d7f03e9a2327cc80a2e8191a0143463d5e80a9e19bee16ffb1c5251e44780773eaac6a9aa0a5be8e015eaf68188acde6b67d7ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ad2e89824c8ad45b07adedd875496665

    SHA1

    cc1e80b94e1b7eff4fa643e114ecfd7570079673

    SHA256

    41e3cfbaef6f285f64927df1b2293f6f0850348118e3e180c2786be5d410abb2

    SHA512

    de2c452057efe0247a2c4c7b90424e58f59ab4b3fd810ba0be9fb3a8b87855ba8e02c8572289241d928008f5ff4d8eedf899b09cb653582293f8070dc91feb80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    929f1cb72c0130954b8ee1fed2ff828a

    SHA1

    cac39f4240a7b7c87da20ab4b5119b91525f23a9

    SHA256

    2c007577826e1b9d3a0ba0b14ee6d81beb929841de369e86948f9a6e2f607971

    SHA512

    3ee31f9dc88e237e72999b26096925475259c35e98b48ff1417ddd711f67f79f8b073c9f1b42628ec9879f2ea50d50682932d97a4997f021c2f350b738a26257

  • C:\Users\Admin\AppData\Local\Temp\Tar155A.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06