Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 10:26

General

  • Target

    15df230b82ec5a0b5da581d644dd389a.html

  • Size

    1KB

  • MD5

    15df230b82ec5a0b5da581d644dd389a

  • SHA1

    29258e7d4e8e6129295e19f2b4a1b34430ea947a

  • SHA256

    ef96488b937e1e00468878c029a2b47d869ef5bbe5e27085a6be4bdb0b0bc630

  • SHA512

    89848ab77bd0e7f4ae0b5dcc5b1177a84959ec3590942318360b23462d3d5ebdfa34cecd373c28a23d405cb8b459d6e0c9f182faeb9f831f97a65bab777d19e3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\15df230b82ec5a0b5da581d644dd389a.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1156 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cebfb6532f0cef8e892f496a674fa53c

    SHA1

    1c96444bba132c1815c199f2351b02dc34f74569

    SHA256

    f323d1d877e81d09cbfcc5a81831a7c2ae83822743029593aea70fdfd7f26f3a

    SHA512

    abc63b983668076865029f4eae6e3dd88243f8827af06259f3199527e40794d100d53d94af1f471d51107c386b7bccdeb289bf38e8376e871392fdf9124d661b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a14b37005e1fc6c45015a7c0ceeeedae

    SHA1

    976b34452da0ac3774ee09ada13e78df29d6acc9

    SHA256

    5cf9c68f344c0e627048e44dae25deb23ab72cbaee0020441ce8cf3813d0896e

    SHA512

    52a1c0b25724a8acecbb80f80b88c6b8f05af4e7a5d38a90bca28622c67653ae55a53fd18578646ad7414c17baf11252ff4dcaa233152b6c66cd75ff3325f336

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10b672182e11610a677796c3278ad4f1

    SHA1

    a388d8bdcb1a127bcd2d8cf41cb1ab78127f2f69

    SHA256

    4ebdfab201705257417676ef885b136b63f8e2f915f3fd35dc68a660c2461f9b

    SHA512

    c99ba3a16da667c5cf9ff61cb80b78916c9c0aeb4eabd59f1cb10a36df389a65ef0e762a5c622d55ad1bb686746ae35f3a9853606a6ee1752e544009735bf8ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b3acbca9f3723e1c6dc95aca881bd979

    SHA1

    edf55df755b926879724d00ec877fae46aeea62c

    SHA256

    7b36fe2471a586f9686bbdd95ac5108831845eb806c4d97cac99a0ed05fc6008

    SHA512

    4ede57b4a4f72c367b40bf61fd202656fff4f5f3a85f6215cd0ef3b11adc049e87afbde7fef8808a4ecd8439985dadc01f36c90d2a3963318d12129e9f38a115

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96a921bc5e713c5c23ed37acccd70881

    SHA1

    a0cfa98af0fec6439e4c3fa62014b6d4e2155aa5

    SHA256

    bfd5e1fa7c0a7537dbfc1cc6ebf0abf54c389e46024cdd4d4727544f45686124

    SHA512

    77db5b15b6378f5acdc5484562596c4fc3d4ccee8aeb5191df82085c4fe0e7d07939b98ba5e19ea4947c730806237fd395cddefdddf6d6df859091111b3f7119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a0d5cdd953999c99b78216508347b140

    SHA1

    63b61962e83cccf89c0c4b176cc0d007f2355a5a

    SHA256

    84c67c5c4c6c55ff320fde394b1f2a9bb50e671236d6c8b3099c4bc84853e364

    SHA512

    d1dff9346ef2b3e532bfadc1ff8525e5f22c7fce580a04f8c06de63932aa2c19986a991b28a2e4ad98b4fe9dd4ef08f3c115ebd6fbbb7e425df5858952551b9f

  • C:\Users\Admin\AppData\Local\Temp\Cab47DC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar6D0B.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06