Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 02:05

General

  • Target

    0b121b349521516f5a19a87d2d4b87e2.html

  • Size

    17KB

  • MD5

    0b121b349521516f5a19a87d2d4b87e2

  • SHA1

    e3dd575457ba21f25def31be83bd1583b4af6dda

  • SHA256

    efa3426aa4350cd69d19da235e5300576169117351989c79e6331613efadd1ce

  • SHA512

    6542879c40db1cf9aa1fb8d050e78f17144611b5e98ab7679ff80f6cda42b38beb88af6865dc8011916e8dbe41ef621bd45ad7d409d65f29ae9d5cd0f835d95e

  • SSDEEP

    384:6XQ64L3r7nQIHFb/C7prUQtMLpXNyvWr/9rBLjgA:6Xt8b7ndHFb/CxUQtMdXNyuBrxr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0b121b349521516f5a19a87d2d4b87e2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1444 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0587a9e96cc087f4104242fc299b5097

    SHA1

    2b8a90b737f514cc0d9ef3faeca7391efdc8d5ad

    SHA256

    21101cfddcea481a940c0dd644c3e26d3645ab6819ded3674a9a430c2e87d2ac

    SHA512

    574a89f039f943e2e32a01ffc1750709b926b32d1c3f4ba6110c2e8e8a16bd2a15f2d131c9385435e2a20e799a70943fecd1aab1a435b1173231a91a88285d88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fb81d5cddc02ef9f744baa146d76e881

    SHA1

    1a610b5fedd9945e62cd9c3d6ae322087dcbe54f

    SHA256

    e34d0ab256f0bed0b57f685d52e2669ebd369a54c2f6191740abb703371d33e5

    SHA512

    44932e0497f4e4061b41c1248e2c0d2c66a093b8b07b1e6b7b0e961bae142ab890fca8ce1db74f7f1e3f27aabcff1034c03fc340b135427b5343e70cd028c20c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    540f0b5fe019bb6f9bbe88c0923eec8f

    SHA1

    12a9e2d28cffc56ae2d001d87c9a9f7c43442318

    SHA256

    71d230bf8ee312852a113606f54ed0d6491d1d1148eda42604e17950fc92898d

    SHA512

    0cbfa15ac207ba982fd718f0074bda4dced316137ce1258ff9300c7f38b7ac893e5d19552b98a33caa2d82378fd98077ac752bb20a5a655dd3912c4d9381b998

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5fd97a8267e49fcb1c37bdb5dd405da7

    SHA1

    a10785e09a3fa4bf7c72d2765a6891728a7fc727

    SHA256

    659367ab60aeafb6588fcd651c0a2ab93d8d023689360b9a8fb8275906be8b6b

    SHA512

    2c3581ea9c698c95cc6cd536192a0b5029dc8fb76b87c1b8fb8e1e29ecb4ff7fdff4e519f3f5e77d02882bfcd17c2e4294dd0384b2a3881154e876b04e29be94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e4cc5904965891d4ae1e44f9c1a63d3

    SHA1

    6761da3cc8f0f4bd8048f4e40dabc8c2475cf012

    SHA256

    9d3842dad90b467dffce676d65626b3e304ee2826f0b46a14778c2f19fc5b8c2

    SHA512

    9117e6f9a4243fe65d7af35187b9ac1f2e164a0fcfc0281d687c83d6d4245dc95390e9e2e5f8d36c9690ce2851ca47c4f96070a46f912355402856f2c1c30ca4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    932c46e6f57d6c9c863b44638b5e6acd

    SHA1

    21f5d476f323135a43504c173360648f915414cc

    SHA256

    d77ac9df2c3eb0986725bd545e64023d62eaed2f675f0a4d78db935e1723bed0

    SHA512

    6cc01d93debfdeca4b741d43a6364d87307aec355da081d1740fa630de5c4a28f5be2bd54d08716a1fbbe707850c77a2827f473e19a8fa48441fe7bd333bb639

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ec89dd4be9069f95a4fcc2f9d81621b

    SHA1

    6d400806e316c59bd1a96a86ff27bef69553e000

    SHA256

    fcb809716d8d1514d564c79d86caf2bc73f5c3f350f39e686133050938d19358

    SHA512

    41164c33c132f35a5a3185b2d90cdd022d93e48b26f38c31fd9b29dd01e46efd5530815e17afba5f75f88d9ae1215fa9730e899092b8ef4bf37980fa46c6f49e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ac0322ade6fe9d6406fe400ef9fb297

    SHA1

    7ed80d70eeceb514403c43fb4513b8bd7538117d

    SHA256

    be26b48ce858d36a909a1001f75048ec31d0d7eb9433c2f17bb35d0b7feb98b5

    SHA512

    791316188516a054ffaf804119990aac853a6e88a44f9e0ae29cb70ce6f05ba963f3b0aceace4a15b5bfa872274088d30e1e9acd1e019d471d8bccfa8086ae12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e83bee0f23ad9200d5ae4a114d3d95ac

    SHA1

    3a5261e61050dd87edd0d829542f37c886e51fcb

    SHA256

    80b8e24dc899e03d91638fc9e1ec2058706e15dbd1e5b611be907d02cd4f5e6b

    SHA512

    9e1b573705872ae521ba1dfe39fba5197a7179e7d7fecc710698104affe34c883e531a3fc765c08a0c3317c02ea4ce494363dffa49c290f9df2f672101ff382f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    089dfd09ed8b8ae059b6cc6d4a674894

    SHA1

    dc0b084fb032ead360470b6b4e36a3ac7e558bf5

    SHA256

    881107cbe08cd5d75f27dd6240303b4a437c6a51a2eb8b1fe333e0dcea1ebdbe

    SHA512

    6c349163bbfa9e05e46aee3d09f635582ab82d8be38c534fbf3720e91e96d7fd95e03497256034a45769857b842680a2e91330abe67a7f27569c0bfce2cf2ae2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3b6f2cdcd27324e90a88d579b0dad491

    SHA1

    ab8b5aa990217d84b33db9949d1719665806f0dc

    SHA256

    575340b60ab130b0e7a13b6b00d3198c0db2acadf7f1af56a9cc7a29d2beaf2c

    SHA512

    7f84184e5dad3b586687c4b75f141f9b5a59be9505d9238806d987a6d1b3246d835bd5961568f5236d1619e5370fe0962649bcb9c10f9c70308ec7d6a6900e05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    20cee68adbe07e30d0112ffe1d8429b6

    SHA1

    c5b47ab712d48782a7d03ce068887c6b1d301908

    SHA256

    68644a1f0302a3f649ce90073bcba1b991bca9774ed57c10f3d3ef0400e8f8bc

    SHA512

    10fe1c8fdd79dc2229d112dcfd8ac378038112df7459f69315c2b72b98ccdaf9c9a2034f9c13c7c32b8315fc5e07ef8cf130002fac89ea54ca57051b6ff28bd6

  • C:\Users\Admin\AppData\Local\Temp\Cab81EE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar8220.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06