Analysis

  • max time kernel
    143s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 05:42

General

  • Target

    104116d671205ef750dbc9679f793830.html

  • Size

    57KB

  • MD5

    104116d671205ef750dbc9679f793830

  • SHA1

    56e7420dfeebda6a6d81df615d4b3d98c8b3f00b

  • SHA256

    ddfda1aae430deab61a506271b629b04d9ab54f38b4f33ece3a8d52f3f58a417

  • SHA512

    9b222cf31f5e59da2e442cbed6d85479fb6b2208ba1541624b2abd836f67b574f33e84d61a1b58244d451d0c1c41353a5bc0e08671964b0f2357c7d9fddd4f57

  • SSDEEP

    1536:gQZBCCOdT0IxCv14Cf/fCfPfUf3f+f2fBfsff0fDfuf7fdfSfMfafgfHfLfYftfB:gk2h0IxOX6ncPmupEfM7WjVKEC4fjgl5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\104116d671205ef750dbc9679f793830.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9f9fc3b70834c2deaf0cb42ecdc7af6e

          SHA1

          abc6395159be4824335ecb2c868cc6faaad19dc9

          SHA256

          80d41f254aed7731f699901c72275ea43c01865d55c4086052a61871e15be330

          SHA512

          44de962b8314306f28b229b0f12b0c2a341168b07f4632ef61634939187b49e73ad0aef977a7468bd9b0485b850d6d60dbfb3542fbf8f0d89a89601c6f4a4bf4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          310f3ad9fae07c2ce488bf39aa13f485

          SHA1

          9f07bc69c9834c2fa12dd80f793960b185edc380

          SHA256

          b499177dc169a6a9fe0e7666e1fbb7178ec3b9938321dd6cec61119a7e25359a

          SHA512

          9989eb7a4230eba225be3a919b9f582a57be999b7f8760cb6667df9138a8de77a11a8f506b719e81643da4b3b4db0358f12cb25cf997798be555e68064e56ffd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9eb4fb26a0f36dc800dc73dcbedfbe0b

          SHA1

          897e06ba12850d2920be24d8d0dfdf6c76af5d23

          SHA256

          ad26b51126c692a58ccdd19b1be1bd72a9ceb9a564807f22f464e3db73a1d3a1

          SHA512

          645b724d44eee4f140c7af86cc0fe8503a50779bcdef3404ecf1f229e4639cbd77e71ea0ffdbfbfb22a272ca06d03c8873d7429a11bddd0c6f0a8bbc7b21b985

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dffe21cd9bf5f7ea670249a47c97fe61

          SHA1

          fc9940f96d6fb5cd4624e11a3eaf62cf417a69bb

          SHA256

          f04c3c5f31852323184c2ccbb29285a140f2cf1c93fca9dd0bfa73d278bec43b

          SHA512

          3802563727880a6b6ad8867a43a0636166767c183e29553080aa2a0b23d4feffaccf397c2a11b075ec90267175a4a9fcf2991ef2b71b9f70e1e5fc49fb9bc3b7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4a052baacd4ae539782e6622e3c48132

          SHA1

          e1238ae21dfd0f4fabbd014dba8d3c4d4f4c7180

          SHA256

          335fb9356c49d1da77b578397396feafd598d4ad598e6065582cf94a04c566f6

          SHA512

          ff770ff0e00cb7b0a0ee40f020eedcfc6b10f265cf584f66e11b8e4ca7208ad7bf0b1f6a6f4cddc53cc6f5f1df06e880f9f031c05676df4962bed67bcefa01de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          12a51cd9a6730fedc911d46040569b22

          SHA1

          96f0280b5f4ba148adeca5e651b82d13c1595f88

          SHA256

          6c21430f25abe0db0c5ff1d255c20bbd087366f59aa4099f7b4de668605a3cb4

          SHA512

          8f8de2de307624a6598d76766f60e4de5e658da4d6bc04cb6d793d9f7e1014ab4b8fff0a31411f229703b3c682e998f67fe5f703da1ac5e44b3cc25ca4ae2269

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3e70526228a04c13f9b5a53f7903ea79

          SHA1

          e35218df9d071142a4217714ff6cdc623b8618c8

          SHA256

          b00b3d1150cb22b3a4208d2d4d1344b0fbc5ae0c778eb6ff4d0f6f4170f05892

          SHA512

          e9ad2a379ce689a8701e7f3b538e064c180aa23f143b20b360223f5c1235bee4e5506271fa06549eaa953c77275c1ad513429221ce1fe871ac79667c67b2e33c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fbf1981c150ab4fe11dec43a8e5b2fe3

          SHA1

          b13c5fd76f951ad82280a4a0fb50d879f9be52cc

          SHA256

          082810d027dda5ee6be53fb24b9d694ad4c5481fbde802008208f0bc368b9101

          SHA512

          caf076bc933bfc0eec5310d4e0ac0549457ba3264463c3a28883388a4fdf35a043807e73f7d63db985dd4b1f5e2ff4e4ca9f5fbe82f9ecad97de87776f8353f8

        • C:\Users\Admin\AppData\Local\Temp\Cab79B4.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar79E6.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06