Analysis

  • max time kernel
    119s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 13:45

General

  • Target

    73406592c8dc4a7a2bac944c3264b3d9.html

  • Size

    37KB

  • MD5

    73406592c8dc4a7a2bac944c3264b3d9

  • SHA1

    2d159bd4fa515ef06de7f117b24818ecbffd5000

  • SHA256

    7912f58671b49cb61de16d4a0625c9d81441ff91f4aad7f833eb0e29c1b20de2

  • SHA512

    9aa6ec88488e40aa9ccdd16e3a94a49f24ab3645d6b8e653ad5685bed4d2481316121995bd12c890efe7a627e8be1d3297d8554373b126d7b9bed6cef11729fd

  • SSDEEP

    384:6Lq54MyL51gWwSMU5YgN5XBC1bQNZc5e5L5MI95/ppddEu1:6G5e5YgN5RAbT5e5L5L5/TjEi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\73406592c8dc4a7a2bac944c3264b3d9.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1600 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7484b7901a16849951fae280074d6f6c

    SHA1

    053dc5b06a3a4c13faef2075442d317df5bfa79c

    SHA256

    7ea6453428d3749314d0fefe64dd3b6e4a8e130555e3ae8af100941c34a6b8a6

    SHA512

    5578292d8867fa11276b1f856d043e7c06e4af20f36d2dcd19a427411166d884e5143bc86e04f6e55a543b966e5764004541491f48744f34eba3ffc3f36dd2d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    63a34e705e3c94b0cdacbfce9b62ca41

    SHA1

    6a0f4c3d26557ac0b80a1f67369538045dcfffae

    SHA256

    11cc9fb93b025a44bb326623f1471f6d65ff04ba8971e6510f9d8e44c257c80e

    SHA512

    0359e9caa36946e9f28944bc460f2e1261f2612ddcf88f2f5fb385ef0a906ac5570303e78f9f0d0d5b1f5e6c1450ced9864bf68ff619f8f1bad8085326f2db22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55689229abebdca522b4a332e1190f5e

    SHA1

    e7007499b2178206ba36a21e90df16e4f7dfaa89

    SHA256

    2552777fb1c99a01bc417ebd443dc006927d4fd71976a5e6f307e40fee43f3c7

    SHA512

    028d030852c70256816d4bd956b71b3609bccfcd27c3a0d3a8cd9ec45556b6e352a4f82b95c532e3fb601332e20dda1abf8fe6b86a48a31793df9f81e4818894

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdcbdd8e37258ff645d204937c8c074c

    SHA1

    8897c1701d99923ae8d7321f117f6b20c12411a5

    SHA256

    4b9da32f06e58e5300a7d202836c149d9acdc3787324b43ea0b049c577190d44

    SHA512

    c99b5a8c9ed88ced086ec58b9d193b7a2329b546aab7ceb92285c1c78186cc76d64882b7db55d405ab319403154d750887f9d6fff2facc425ea26cbd1e65305d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2aa7dd770f7b71b37aee486723e70085

    SHA1

    9515b26f6289326b5be830d64873fb081d0ff82f

    SHA256

    ae7408c9581a40225e850a7f665bd46abdde1c159c93b66b36654bb7665aeb12

    SHA512

    2cb566077d2867bb90d7e325d760ac395bd778c2ad0e3672ae0e436ea10a8e5c8b8109a4b6ad24f9b6d7393347a369d171fd744580446d10acd7241ef55f4752

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a206f38580885ae05dd2b785dd914a0f

    SHA1

    013590032c94bd0538e170698ddfc536013d17da

    SHA256

    74abe363b4b3178f9c5030d838395e9a88af046189f0245d597d0724ee0330ec

    SHA512

    b1e66c2126795f9268dcea6e6e722e0b24450ce41958ecd465c72ae492ffa8c9914404dcc63e0d214cbf945222e4a4b8742b61a79e9a93d4cd388d2c8d7f6d42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4c7d345e09e30af450e9522a11bb68f1

    SHA1

    88c7564b06248cc314fa1eb66a295d8a04bf9801

    SHA256

    71797e7e6f0763d959b4f90d17a92828fd8b499f6341c7c9d011b7a759e4568e

    SHA512

    46f57c31d96259f5c86e6a5afc1f426639c5d40f95eb1de590309242f960b0f11d81b6997afa95e1adbe14f1c4efc82fa302eabb77ae14ed824d7db2dc2bb7f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7bb9a128b4764526d364975f75ac211

    SHA1

    388d425b85f8d77bb3187cb763ef28f5332f9bc3

    SHA256

    83f9eccfdde9a011c44b4f70dbe299477686d4f987b81f26233e2989291da6c6

    SHA512

    549c42a5debf6597bb23420592b478ebce8b5312209fbf2315796edd0d2b9886cb578827f04750a31963744403d3f8758bd176350a6ec98ce0ffa03532227a97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0d1fbb01d246f317c54b6420444aa3b4

    SHA1

    9b0ebcb4863d0f544cafe034ae450ae8b05f0bab

    SHA256

    20d3ffa3b5c4bb5259599c993c95abe472337ad4cbbb9120fb721183fea42d60

    SHA512

    0e3d3aeaa54af34e107c776cc8beb80bd2210bc56346b7542fbced64412ad55eaf5ced15823782a600f5a603384c98bcbf62f033eef03d50520fbcc890d78219

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    007d3a96481453ef5d0ea24ee75394c2

    SHA1

    9594e438f8625bdbe23a5186ea5ec92ef88d28c1

    SHA256

    39b73b14cc25343eeb8d04ff5f7fef6db22477030233077d17d74e993635c918

    SHA512

    f75d2ca32d6e194b942ffa8d30e49bbc10d4ccfdc730648877fb802b56fd1257fb39f5d3c6a4db12925fda5376f6ef4ac2062e57a4cb7f4417a3cc53a98edf59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    775c3c442bf8985cea943f038a1a9362

    SHA1

    9b6ccc5ea00971694c3cdec4ea4327464a156343

    SHA256

    1ddf88f4306bd5c3dce45eefb4157228b9f6d8fbcdeb53a96a12e0bf792ca174

    SHA512

    6349a2dbc9602388b61583891fa195e429761c9919addea30bb046fe3505a11f64d5f45b57fc8b26048f30edac3b6fcf3d93edd87dab021271685bd2aca266e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    54538441aef0f6429293f4ef3b13e868

    SHA1

    150143964722da2bb41baa481736ce81d531c06f

    SHA256

    2223c0c05b0c586ffbdc771364aa1d1a401a8f27b43fc1369a293a264c5569bb

    SHA512

    3681730d20d394c7c763ebf41b5d0480312aad09bea155de2b0e19d07c5b2a9f73ce65d93e4c21f18dafbd897dc98c462994addfde8edb843765a3452d0c564d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    65d3b9fafc093894d2ef87356d865fb8

    SHA1

    4fd6812c433c23fb894f5ce526e95785e7387c69

    SHA256

    9fef9c8ec7f380f8ea463996284c7c3c49ca3348974a177507bcb5de729f6d25

    SHA512

    bf8b084dd978abb5741605106104a88ad008968d9fb68d7fd8b621bf086af0db43fafbc937af33458e6005c885b164564e5e1fed2ea7fce09153e19612659554

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f50f250cbda84d779a92cecf2bdc1ee

    SHA1

    69b22f89f8507c77db8acd86fead39194879019b

    SHA256

    1f85e19a07794090caf676e70a7eda1c7be8b609bcdcac7c7ea496170217a509

    SHA512

    41b057e39971588d7fbbe9c91175218196fd253b8d6907cd3b6bebdecbf24cee704fac56dbd8dbfba102a887bbc8963d33b5f8c7c90c9eee021ed92f0b6ff042

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4908b3d8508bd2c90c451f43b49a36cd

    SHA1

    0d8a3b36d40fac738521e8dcc423941d300b5bab

    SHA256

    47d8f4f92af6f60ba6391cbf86465e9c27773cb24ee9956758bbfea313a013c1

    SHA512

    4ea7a18661f03e4c685926ee94aa6eee0bae4580264f8e48cd64dc7183d160d7e460983c16762a1508a37d6e1244d7818b056cefb5d514e186122ad4ea5f440d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0a3641c47ab6c61a15ba10201f26d3c

    SHA1

    b0de6c9f78134ab7928381648c94fddf762c4cd3

    SHA256

    8693c7240f607db453bbe54af319b2cfebcdc6c000b8e689f0edba50510affcb

    SHA512

    b31c224252227ccec4c2c4a5299608ade65c8338e95462f3ad7d0f5d33e6551f004a16ab86476aa897b5b9bacf52f7ee18be00034ff6e7328c4fa79ef4c4fc44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    279519224376a4e29bef39964ef10a32

    SHA1

    1352fa653b68c552c6f94e166a80be4c7c39b5be

    SHA256

    18f2b543a691c82907f044756eb5f79dabf8a7113062e12ba1b52d97f7ad139d

    SHA512

    fdbf27955ceca5abc5de3ac9ce56acca24cfec6031cbd20cf703a68996f306409b4c03aa108ccac574d38dc88dd67e1fdb9d81f674e065814fdd823a3b067307

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    2934a636f7b4e0764ae4c432ff38ddbd

    SHA1

    ad74ed2f06dbd7a74b710f8fbc49c6dccb3c3928

    SHA256

    1ab53e392ed0f319d750bb99d3e80fea16a0cfb23644afaf1067687c40dbdc0d

    SHA512

    6b7b23a1d01159fd1406a1d2e79c58bb056e77477ed673a38a423c94fbf2281c3c3b578ded666e58128bab2addc76b1db46a8fdcf6d936b880e311e3ebcce74f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab2DF3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2F30.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06