Analysis

  • max time kernel
    82s
  • max time network
    168s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29-12-2023 21:48

General

  • Target

    04d337bb0991790baf4de73cf7360fcf.html

  • Size

    3.5MB

  • MD5

    04d337bb0991790baf4de73cf7360fcf

  • SHA1

    c5da7b57e31206ef839931bbb119d442224a1e58

  • SHA256

    78d74b2e47c58e76a4b8ab89c4334f861c3b93438734dea491713c111b7bdc8d

  • SHA512

    276fa67d9a87814d9d020c32b3b5a58a32c94d7f02b67edae023058b9eca5c2525e08162baf9f65bf6953b36b8740dc58800d8a4c1a0f8386170266e564d1a4b

  • SSDEEP

    12288:jLZhBVKHfVfitmg11tmg1P16bf7axluxOT6NGL:jvpjte4tT6QL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\04d337bb0991790baf4de73cf7360fcf.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fef7fc318323a441c9d4793a13f6023c

    SHA1

    198dbe1a407fdea1ab39bf0f2c1c079f35df1f74

    SHA256

    168b55a62a5ef454574604f89de36ce7921ead094f03470939d7c389dea43189

    SHA512

    2eaf91e1f672d5d6bb7d031d5a553933867efbba7bddd4810c908a3895079d01b15c01ae20b5785b845aec4c11626f359709e1cae73a864b0a75c2654d8cd033

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c9fe1cf4d70dbd75ca0d84185f1fa8c1

    SHA1

    5f15d1caf2fdd39fb2108fb39c9c8fc77d1bc64b

    SHA256

    4aa3189964023fdd49ca37b9d10b8c07ea545a6a9e08b8fe00ed3e12d3ffa82e

    SHA512

    940ffa8f9b65ef808392b17ace3b188078cef4e5e464861c2e6fc5d74ed5c7dc75d3fb56c3e5c3271df13a826e21c4fe6e236158f0a5567ef691159920c6b78d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    69f0db649225d980348b1ecf1746db73

    SHA1

    eddfdb6b01ba629ad7814121f66d0e834785b75f

    SHA256

    6543d6bb727956997745a71a85b71cba146751af7c1da0874c94590159c9ece5

    SHA512

    cda5e343ddc3b6de5f9db00996c00776113c44df96d576a6dfd528d9aa3229feb588eadf4299b3354873aa3cb3691f1631f3975d24a76ca1b923b399b81c6fb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bec46277d8d310ef954203046c20685d

    SHA1

    07fdec9891f49c190a0e5a9cab6e46d2c7e09a20

    SHA256

    457c33068172c96036da57fcadade19e639c3f22a50335da5881f8ded5b5f155

    SHA512

    751080700845d6bb77d266a855f369dfa9ee0f6ac064f28575783f0f3adca1d9ce90ed8d7c27756f5c76a34a762a2dc76f4dc23119f20ab5bcb4f780241ad088

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7a15bb6d49271d4eea01d8d88b84ef74

    SHA1

    aaf340a276c0c68d45ab299afaddf16f8de32704

    SHA256

    ad59a42cc596c049a99a8f6192dcef4dfb18d877af4b5f559c44af2ec4c262c3

    SHA512

    0dce17ab00a00874535707084775bbfcbb2312ac36a87be13020ded0793529161bcc11f71ae390aa98bd96e3b9ba20f1bb0be3f5cec24cec070cab72cefc605d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7071c6acd00d79c1749e7faa9afaba6

    SHA1

    aeae2f8a33eccb8c7955690b426ad8ddcc55fffb

    SHA256

    cf3ad9732e7e4d06e3b6bf0b6a1d972249c9d1c51221d01bd5736b0f896926ea

    SHA512

    95607f0bf8ddd4686b04ffe80d75e18f40337116c0c0e51e50bd73172463e07ef44867868e3fa3e0d3b32c03ce4610942e2d46565c7ac979b80a7bf1083b7c5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2b85de8b8a7959dc7f3fd0c5f141ed1

    SHA1

    417b6ca10266429941a28320fa0b67400f7e3886

    SHA256

    1c37896693ec5bbbd62effe80933fb511d3bd4f8dfee4da6cfa8cf08652aef6a

    SHA512

    183f194c8fbc42eb0f1ac29edeb1a91abf0ba5e7035a8b34e36cb2cce00c8dac56326db29c4377bbe50389d0d6d0f2b373700ace9347096c912a1233a1efffae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4dc3438fd4b5da3b2e2fd34b57e8bfe3

    SHA1

    985acedd58214b9e9e2da4b889eb5d1a51b1d329

    SHA256

    950451ef6c88b7abff102b18219fcffd3026b7da55eb2c83f310a878d14b1b3d

    SHA512

    565a5748659c4a62e3a9979f7e550a1b960819ccdede3788884a2b5183a397b7e9d508a0e057284b871f43ea707ec9aa8b45877eae02cf62aadd29758c4bcfa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5b22051c5f663e0a33b462f24ee0946e

    SHA1

    884a075bcdf3e7dedb0c9e095e1c01a1febc1544

    SHA256

    5b4aa571f4ba47e472743b8bb3cc28be1f4a4a976fb1f8778c5087a75f7d7183

    SHA512

    f00adf0d7475cbffaa30f5004d742bcb0a0f3193ba78dae1ec7cca9dc9e8a48ed3e6ee669bb3cf66f5d39cdb01abc762a75f9e93bcc504ada8d06c54603ef23c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    27527e128214ecec0407ccc071f36673

    SHA1

    8917da1cb73b213513fd4d348bb96d5431a83e4b

    SHA256

    bff2df7747b3447bd817afa53b6700418802cb55f83ffaad44670ac417528b03

    SHA512

    a220b40ccf66dc0d7e7bbd69236f88e62b5bfa56fe2d2b6683d1665d75b30f925704a0c94bde810a10fc0aebd566b0b2cc3958a66a6bf07b27cf9eef96ee8069

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    444f6c0cb191bd77d77fa2cac8a69206

    SHA1

    f29469c1214852969795cd047d0dba60fc70b878

    SHA256

    82fe1f4ae25c3965405976bcd614927473e6e3a3b3448d11de437bda8a3717ea

    SHA512

    c1639fbf9b1e1edc231487f55cb2a80fc4a9750328fb35b353076d37ec6b91216ee11426ffcdd0bb32ffecbb6522bd4b2b965ae03b1363448ea0bec55bd0f257

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4K0WM73A\beacon.min[1].js

    Filesize

    19KB

    MD5

    dd1d068fdb5fe90b6c05a5b3940e088c

    SHA1

    0d96f9df8772633a9df4c81cf323a4ef8998ba59

    SHA256

    6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

    SHA512

    7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGM5U0T3\jquery.min[1].js

    Filesize

    83KB

    MD5

    2f6b11a7e914718e0290410e85366fe9

    SHA1

    69bb69e25ca7d5ef0935317584e6153f3fd9a88c

    SHA256

    05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

    SHA512

    0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SP6DRJYJ\jquery-3.1.1.min[1].js

    Filesize

    84KB

    MD5

    e071abda8fe61194711cfc2ab99fe104

    SHA1

    f647a6d37dc4ca055ced3cf64bbc1f490070acba

    SHA256

    85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

    SHA512

    53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65

  • C:\Users\Admin\AppData\Local\Temp\CabA70B.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarA73C.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06