Analysis

  • max time kernel
    122s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 03:43

General

  • Target

    26c56264186fcb0ffa0b8cbe9960ed9f.html

  • Size

    10KB

  • MD5

    26c56264186fcb0ffa0b8cbe9960ed9f

  • SHA1

    dd8373ed5f54f075ecb186b308828db4af8db889

  • SHA256

    77f9725898f7898f02ba482c4753281694d0b538237d058c5ea9f9cf6717f5af

  • SHA512

    c64d8c1f607a6c9666079d6111913fcc109a58f4baf7fd4f6014e77f3abb85bda3d2ef772b90ea57b39b07f2e976b29044787c5a7f1a5422c6c82f06ebcf8163

  • SSDEEP

    192:AUqrsoWmrj7jzp/kczczZIbKXrtxoQOQb1Mp6+uIfQsM:AUqDWmrfjdsczczObKpxoQJM8+Xu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\26c56264186fcb0ffa0b8cbe9960ed9f.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2312

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    04f0d033283d7498d7dffae81f1f9a07

    SHA1

    80b5913dfc6d74367fb4dc507b0b2f84e7964a12

    SHA256

    0ec689097dc859e2eb71b18a4d7a8c3ca077e58cce0e815d69a2dbbb3b5e477e

    SHA512

    8ee1f850d51cb355bc752779376170207446a999b8aa35d3ea5936afa67c6265fe8022ac25a00b07b18d79b30b198aa27fc35a60f65bb394f565d4e257a1dded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2fb7f90b6d381ee87c9b5a559eab4b4b

    SHA1

    16a78c068fa77c1aa9047dc4be764cd71d87adc3

    SHA256

    1b08c850a9bc009c4651025bbe7294e24a583fcc441e6c736e88db3581660b1f

    SHA512

    93f38602b31004d70d06d9bcb4ab9e7f182394390c86655ff5a5ac1d2b9f34bb8095585fb9ae706d10188b6c65929f61cc57dc0a8bc5a4321a6d0f16842728b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3bce196eb4948f225124bc1b0111d0ae

    SHA1

    6e6a8b3797e4a5e4121a01edfa98c38c02362e50

    SHA256

    5421316d97d5c46366105d11880dde18fdfa548ea248a4c93264bc4dc697b60c

    SHA512

    c426ca9c252f53b6db444b64af4a28b0667184bf8522d1b5e184754f7dcc79a262a8e9f9566e5ba4a12603585094a728f73fd3bb58da5b77b71e220ad7d320f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bde55d5d012440418227048cf337b75f

    SHA1

    11c9fa3ef7c0cb63878cc7a822785f10fba58666

    SHA256

    f8a8056af4cd20bcd7f40886a97ad18a890cf878618170388fd21b28541a1410

    SHA512

    804a82032275ebcb975c7cd427868beb2d8aabdbba6b2799a32105becf9e7cb498d15d5b57be23bf2028e39b01dcfddf164757acecb5e19213d4e00c21d47a4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7383747f6b372372988291d63a66a8e5

    SHA1

    06e951f13f02fc0b2f585ace33f003fb69135464

    SHA256

    cfd2a5b91f6de00b84981e86e2fec86890f0139f4f7001b9af672d14400b5159

    SHA512

    df4a01e23286717ad1e48da0a9b4b4b40313047104bf6ad66512633b3eaac077388ce105539538fe73d9be630392147c161c754886ea928473c372423e30df80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94f23d86373a95ff4a40ac1e3e090e5c

    SHA1

    40402bf0b3839152885c5b84494b0f3d8462f65e

    SHA256

    55ab01c11f13f2131b81eeae64ed4f9508f67874abdcae47d86f0336d0401418

    SHA512

    4954372575928639a542af3d2447e2d1c5828902d82d3d708b2c2c0b8e97439ca7c906dfeaec7d1d3dfc43dc39fe63a9c07ceef97075c925060ccb3ac0545047

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8bef5ca0249a15be5db77b492d11841

    SHA1

    20962f2941bf011751200b202eb2adb8508be523

    SHA256

    ca966b126c4189cc28a1944dd3c21d58970cc755a94280216576340dc93db49a

    SHA512

    3621d355afb73f2c2b04f65f051dceaf6b1d49475b7d0b9e8d27280418611a34c89cf66bc2341f7428555ef747b6200ccd10795e6cea2afeae99ba52cd935ab8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b55edea147a57168cae9efc5aea95a5e

    SHA1

    7c2a285794299ce5d533f9b6d9cb53fd75eefcbc

    SHA256

    bc00e54ad6a39df319d619631fc41afbdf25f4e6044108ed47ff5b92ae743fb1

    SHA512

    0478fd533a8295a5f3efc1da8bc62b9938e62b2e1e92cd309ae81aa052c0c81a8fa5730fc8e265c79eab3e2d936d741ff4109bc267539a20349ac19f3d3107a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee267ceee3593cef0a86ec52b54dd122

    SHA1

    843f39ada34ef65955c5f7365a999acc153657a8

    SHA256

    00faf8a06a59d0b2e8415fb0af392585712c95e6b89f9646122d7e8d1a2d33b1

    SHA512

    c9fc243446482de79b8844f618696cd1aa4bbf9992a40f43f81cd44cde7656f2a2eb241c2091725191b4ad5759693226f20b0ddce013e646cb19bf628bb3f333

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f751edd9b837f84feaa2bc9182cd2335

    SHA1

    c7e469aa1d18a4b88b08766e5ede23940aaf22fa

    SHA256

    a0e826298c444186fb4e074551b884dcaefb8adc21b026990977272d839e9dd9

    SHA512

    251bd08f9a90d9ab1755162f8e7977940e3c321a937c18d69dd49e8efc4a1e5b9ff22327a1ae8c9ac9d18e62a926247aaa36fc67ae2365f2b8236f28baad4262

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7c49b738bad36b4a176da747fe502256

    SHA1

    77d22413f18fa19e5876200ff4e34a99a74da307

    SHA256

    47319716f1ba1a50dc0fa2992c6f608baa9e677d244995dc9e95d1453c083e10

    SHA512

    c750ff6fa788104ebaccc37d7858e5a989454ae73e9b66c6a608906c08fca69c178ba4daccbeaf73512469c6a193dd63e128e5a8b90400cd95a2ea33cd358bf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d23a87d8259a467cfa30f9d3cd83f8ab

    SHA1

    1841f75f8d445f98311c4fc94525e528e88fb445

    SHA256

    b15bfb6033a6515d76537cad59d25e9f5e99dd932c323326a39ae9094d603fbd

    SHA512

    c1b6313bb10f891dc297a3386ce3b80586c5d09284f48fcae513d49dfc6a4cf7a7099b31fc64999772fc61f57e19b08532f425d0ff6362ff55826030307a3855

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94fee65cbd67d7d0ebbac1e7c76cea17

    SHA1

    31d10798a80282db1331a22eb3ff93522d965102

    SHA256

    0f33ce302b38b64ad1b4093e5550a67747448f2e174196b2f41bdb31e6f396d5

    SHA512

    bc275f85f2236f720c723eda09da9fd87d4a08ce1ca3d2fb387aae1c555516982ed378b562b0a06caa3088ee77e952577172b589de98569b6b574dcf725413e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c09f4c99bacffed13e36ea6b84481172

    SHA1

    0699211447d05f75c4a42d863ce3f824f00b04d2

    SHA256

    731a81f1c936344257e2d9dbff4359cc82fb3a478a5c43f7d3ae17ce4b558ab1

    SHA512

    0e08758c2a419d157757c543ccfa9787cb5f9554f9452d25d3cbc6b49176f5037e3d324442c025113f1398f6f3beaca93a1d663d7c125ee44be2d531b19cb810

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b49aa5e332b3035bf716ee27b85a4bf5

    SHA1

    ea3a177fd23ca7e75f8189e123338b2a3aa074d7

    SHA256

    3aebeaeed8fc87ea836535f1f114f64177ecdd5cffe48cbb0399e5fee68e49d1

    SHA512

    3dd46a56c10aa40cb445df024e06253a374949cdb3ee366d32441ad96e0f644523e40ac18312e7dc74bbc0cc008ab1b206ec29f60f380aea64a261af1c9760a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c0affb46431ae8683a78037f149f852

    SHA1

    f3d526e87996d2d0d86cfc63db9849b5f22d3cdb

    SHA256

    7578be9a955637ebca938fd429185f53ede2df9cfc8c140b179a4fe2be29a072

    SHA512

    a35d60df76e4f5da113037d5ecf1dd4d65a67383fb8890dcae63998d0afb14705f35f5d57ad76a2d1a465cbad4e3a5cbe2d5c74affeb83481aaf7ab4104337c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b40eba8ad95c73cf3e394e2672488e26

    SHA1

    0d50971e1f77d6b51d9549c98ac491d603bf63b2

    SHA256

    3d07d1dafcc56436987d274d853204b0b22f8747999b4c49e35b0bd105d4e081

    SHA512

    fd7838246c9f0eeedaf5462495ded4f344b90839620002b2bbda4108c67215da0f3c56a4d1bff1744b856fd21d4d7d08d2d0bd04872fbd6738e69fff932cd330

  • C:\Users\Admin\AppData\Local\Temp\Cab6D66.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar724B.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06