Analysis

  • max time kernel
    119s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 10:50

General

  • Target

    166a17dce161fb1150bfcc1a5c9818dd.html

  • Size

    20KB

  • MD5

    166a17dce161fb1150bfcc1a5c9818dd

  • SHA1

    19575be8a7d82072cc84ae3c3ba221e4708df0f8

  • SHA256

    dcf5c08d5604e969721ebaced9c0e872f17bd12701ee14667badd3e94d829b4f

  • SHA512

    31585ecdd4eb01d5bc5d714f3f1aad88ef345a7a93be64f839cbe72345241b13db35716116959e614c9e124f6771f16b0f4b510fa69f9a22ed8b04f1c42d8756

  • SSDEEP

    384:4+QfPFd9QZBC7mOdMQQuKfpC5IgSnbmFe7AcJA6MWHvPd:Zcd9QZBC7mOdMQGpC5I9nC4dvPd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\166a17dce161fb1150bfcc1a5c9818dd.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bd22760fce378ebab80a2b2d3edbed43

    SHA1

    141a258c7abb88ca6def26f71cdd8eb84e8aab6c

    SHA256

    9604f4cdadec628e55424717302a41d804bfc645b1005b04a610ae0c2c2e1eba

    SHA512

    80856812fa184e64399fff5ec27724f9455ac94053739415acb95ed85a6356cb817c1735b70ab07e94290210c5626b0ae7de1537706b45e124b1d79c2b49145a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e43fbb130e2cf6418afd9f706762b500

    SHA1

    98ebdd523454c3ad2c66556920d3970a4dae2a6c

    SHA256

    1c1807dbba776b8b5bf07066290f6235437e7628b3382ba33d12c6649007b87b

    SHA512

    2a033ed7003424e3a09c613fb90d32c99775df7b2a130246173153e2c910d1e885230a8e76cbdddb9fafc8136d26d933afb38b1e442578bfcf4add15fab507d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4109eaec80f97b5a3a3ffcb26e4152ae

    SHA1

    a6d6994e31819de12e7cfb2adc62ebb17e19af1f

    SHA256

    6925ac89fb7c4a1ef18dcdacd950b890113a93a4f3d98292913a57eab02a7e1a

    SHA512

    8e2f31d602585547c5cba07c8dcc7b59f4cc3b37a4773785fd0c3400085b7cdef5cea5c36ab37ad1de1d7917d2ce512ea2d67bb5c51ae2308ca1c919ae7397db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    df7523e0b54f069ae9102c228707b1a1

    SHA1

    4c77fbc674d45a2e525285556214848c835f62f9

    SHA256

    d3b2500dc5eb5a3edcdfa0e02502393cb67acd7a823a241fbca56e0d842f5ba2

    SHA512

    12978484f004a65f92574bba8594716ba90c1a9ec0b6342ea9599c5e48748368b0c0bb40088e315c7f8e599d2a4786a0e9af66b21ef0d361f4654b44afcd7f32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    acaa6c7239933971de32bcdc8f884fcd

    SHA1

    bc0ef907a3df5fb667865d8638cc461ab4bf1637

    SHA256

    b079d954e77529bea4f55ded4de1dfce8c09667ed4c5aefba5404f832fbd5107

    SHA512

    fbd555cc1d29b7738f73ab08bf985cacf6e7118c7d12e2ec0969f803e39eef5989e28cbb7d3ee8e86f828c31256a0f8eda743fe7a9fe8f0220a9fe4ea3a9e21c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    033aa34fae6920ea2f908724634090b2

    SHA1

    7f780e041ab8ab8ac7feeeb8e448e919966b5022

    SHA256

    8b6eea933a59d6171da18c83791baac06c40b9f42e311ec6350269c48a6f57dd

    SHA512

    ae51ca9323c78f99124feb069b4c3f4d0a34907fef023acbb8571ff5c8584cffe1efcf7b59e9bc0bcec7b3a781f854c8af6015ac07aa57536f6eb16a57a599af

  • C:\Users\Admin\AppData\Local\Temp\Cab3FF0.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4984.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06