Analysis

  • max time kernel
    119s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 11:34

General

  • Target

    6b1ad4e5d52f1bba8e8d5f95083182a4.html

  • Size

    928B

  • MD5

    6b1ad4e5d52f1bba8e8d5f95083182a4

  • SHA1

    db40348a8153c1d7a52f6a94cf113dfae668baed

  • SHA256

    7d067db55009e56d9de9f516e258793c138f7d75a49b37ec7a9d750ae4a66ccb

  • SHA512

    8526d816f8613350458e9c17ca1a2d6df6e48a6b2058cbab461eea8668caa4c007ebd4a0fba287c719c08b93af00b19cbb40874966a51619cfeaf74a83a243e6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6b1ad4e5d52f1bba8e8d5f95083182a4.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bd642261f6458224fa4813d611799136

    SHA1

    491876b76bf24b1a7478938243f2e99eb4d41ffe

    SHA256

    474e6ac55a85dce6fe896b3939baec4e27f1f33ab95f0833965b2141d8971215

    SHA512

    4617a9e96ffa8aa3b32342d5e92452f61fd26b397b7f296d86cc9a6a8588efd2452431ac7110e35cb5a52d4bad66d11f28444044e1d0b4f8b0a261ec21ad4135

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dce7552d899f9ac0a2386ed3137dcafd

    SHA1

    f3502605fca1c5a276afc8a19c6b97370d71974d

    SHA256

    0b7c317b3b2891d9de903d05da8099fe6d58c8d3f4b2cb0243518789c987ce1b

    SHA512

    e584c7028fe684cfddde4094364c03df3b3a97ec3e6b0c3d8435f3e83d9ce648e8863e29f0933d4d5345963b27d5e69a4246d32725e155bc0cedc68ef1e5aa8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec8643478adf287a083fa34d2fbe753d

    SHA1

    045f64be3e1c48044548519f8abe12c60c5eb914

    SHA256

    03b1c560d71adcf138ebf0cf90af1267e8cca3e9e50db7deecdfe508caedc52b

    SHA512

    d73be7d25f22162b910b992ccaace12b34d9d5a78100e76abec718fab7361d4dc07e2ab8893d1a5ec8a3548ea3eb4973e0f4deaccdc033f6b4ea16add5658ab8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    22fcba6c16ed8103d068c18b72f0934e

    SHA1

    a3cafdc0e07bc204e4c02a8e88af4a99873e39f2

    SHA256

    8ad02aaf98a51261a79b38ea41fd833a28cab9e8104d289cb3f974f5a929ddb3

    SHA512

    d5ee18eda810fe16acff3efc856991f16c0b7134fcef61a5c662293d65ced380ff56a9aa4db66662c218142bcfb557ab3679e4ba13071ef4dbbd6e1aec11d3b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f76884982e475aacbba91d8b3d39886

    SHA1

    c44c50279b7e9e2365996e473d301844840ac92d

    SHA256

    14a54d664375499c9840a4c62f51beae25441ba7efe6452a869e8dc0fc04c37b

    SHA512

    7ff3c9adbd9f39a29b2582a97be76708daac801bd19b5a2185478b969403fb2f647272c3f2d16af42d732a8e2ae90c1fb734a8fad666a3508fa1a4e85fca5bf9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f14cc085533781bf4d313298887723b

    SHA1

    9b4d54a36fc6f08d30befff44d72478e95831a40

    SHA256

    28117fe6fafe29627279099b9c51e94982c229465cab9b9f3165c4b8ff3b8813

    SHA512

    bf8d8cf2219cb1c80fc4d19d5f70d3618e98b5045b97e49bc5b530e299512c2a020f13a8e8a644ab9133bc73059ba0df95950c8942dd56cc7d4afa46f5e02924

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    16036f1592826252e5c747940a73053c

    SHA1

    09d223c2ab3b58e65a97f5951aa2f197098f1d91

    SHA256

    6e9bb7824f66cc3b6b77abfde714eee5bfcc57901bca1184595000b29d042e1a

    SHA512

    3a7edd49c2ff28c9c34272d0bc1665f626e003983ba05c7b78af71c181a4aaff385ef8504b7a189f0d143c32dd3d99d543d760adbe1b02f217d09693a2f4c585

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a655b89e46ff4824c15e65b89040d9b4

    SHA1

    f57287f4e63cdab7e59b4d60ab1b2a7bad9ea37c

    SHA256

    29372512ac9430242e3461dd4fc41125ccb2224406b546d82d2a2d2f8ec912c3

    SHA512

    c0c6eae111e5bf58a910444fbd96a11ca1ffc67e6784447f542563ff0fc3cfb829021c6a0121ee60190d5a67bdf271ff03ece83513f750359d18f2f6d9529de3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8f00a5a0a1a53298ad05d843f08a9e61

    SHA1

    0206b943e878125aff4db63a945dd7785230d66d

    SHA256

    0aa7cdd7b37fc605b2addd2af53449ab307a91533883e12dd073436767d94030

    SHA512

    651f84056680ae1bddc67af7f6a761d4d9e97c885c9d69225b58053a14f1d1b54dfb76eb259bb48f903c8fdca8b790fb9bc40661e13e43a3a8e29cf67fd0b942

  • C:\Users\Admin\AppData\Local\Temp\Cab742A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar744C.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06