Analysis

  • max time kernel
    121s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 14:21

General

  • Target

    39a569c21699c5185d68d4dd09f21b0a.html

  • Size

    3.5MB

  • MD5

    39a569c21699c5185d68d4dd09f21b0a

  • SHA1

    ae0e6ce50afb5b329044d0eaa3c00643a97ac718

  • SHA256

    b48efd2c7b819d8f1fda17abe78864ba57fcc0efc012970eb30d96b637fb3606

  • SHA512

    87d17485c3a021edc332939b25bf2bef6b8645c9315b32e32ea0233ef257d44e57ba767cb73e33031fbc1fdc63dd90ecf3e94a15e7b90901fc2610c1f7091005

  • SSDEEP

    12288:jLZhBVKHfVfitmg11tmg1P16bf7axluxOT6NNM:jvpjte4tT6DM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\39a569c21699c5185d68d4dd09f21b0a.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2400 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c0f883260aa18952f8fa200cd298295b

    SHA1

    22f1ed7f420e6cec612b1d0cb3d2c04978c5ff61

    SHA256

    91954656613d90795203d6b835e737a7f3baab580397726798940562d3433ce2

    SHA512

    0a1bc2cf7fd26d3e6704ec48b34ed6363509efe168c479808820dc0f4e2e8044c9eb66206e96edd32654731f8e5309573bede86921d56672796cc680d388ae2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    904759368464a77f25858291372a6802

    SHA1

    d5bde1af96bd3208abd7d673c4e3b7b5917e7ff0

    SHA256

    5baad91ac2ee96c4f90f4cf84c8db81bc069fafb88f9dae2bc8329b9ae3da7fb

    SHA512

    d832648d619c6032bda34c3f62f2c2823695d5a03f50c4ebe6e29a91356fcb832b33f962fb072d0e0ecba77b21a3c9d569e5b2c21c90bff85185a48f02d22535

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    335622040e069753a74cc250c29033fb

    SHA1

    229fdda78c502584950af4af20e38f5a828f36aa

    SHA256

    666934fa4679abfa2c71a9554993e8f5432abfde22f752c308e4756fd559ace3

    SHA512

    3037c0f84bc635bed3579c3c0b8ccb35b7ad30f7ab7423068c6289d458d5df567e443741c894073ffb2686d9002fd2c8909330e73e539d9c90a07967f2aef6c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    434de71b2de348dd0aeb39347ed167a8

    SHA1

    dd06d0d83062638b427dd1a109f22b18116fb134

    SHA256

    11f34018c0e015510c1b0013e5f9441cb0bf61675e0e0eb1bc9595315cb73f09

    SHA512

    b17b04aba72721b3a072897980e09061ba53146fd54ab92c2830b5c94ac1170d47d3bd08f61f759074d1948730d8859a81e759a5e311abfecf779f89ce801765

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88887cfe7d3bc16a9ac27186ffb5e076

    SHA1

    fa738287fed3d4d86707f8410111366e5681fc46

    SHA256

    838ccd6e8ec17cd91c75f123372d6f90289d036241fc3b52b08a2e49ef62ad4f

    SHA512

    3338e7d40905ba7f8ebae5ade5b825fb6b63489405461f7ba25601c9a542b4535b5da011cad829a49f21947f486e2254e1bfa56429f786970b27acebc42ad504

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae82a528f1eef61e1cb42bd87d4446f9

    SHA1

    2213d9a6b3a13b82d4938347554ce3d7d3184286

    SHA256

    9c9d125c16fd054677f65955004e788d2093666c1916c675ef38ddc97346e4a1

    SHA512

    065834516c3c5b9f08ba0b5acf3061707ce44a8187d960f5cf467092d1a4df507e9d1ae88cee67792e41b8388ec7c436932ec839c16a478fa65dd9c4da8099bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5bdc3c554c7ffe069a727eeb2bf701b7

    SHA1

    15574db64d3448ffc2bf7a22262a8a66b48322fc

    SHA256

    a21ae4961a7b0036d1e0859e7563e2e68dd1eaa66556e246d081f278fb2c42c1

    SHA512

    75d76e2e63d74d7aa176e34ef0df776a52aae6c2daf72ec8e52338283c1c1e882bc08341a03208da50e706e3863b3be169b7fe6186116e82e71ca8e390c3185c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b9bb031a5b95a72044686ab09ca45e47

    SHA1

    3f3b8d1fb8cc4c8c78ea42f85e79a769ed453cfa

    SHA256

    c08b0c17e1230e76a8cb607111c3bdaa7b2bc3325d117222c2c3a3525de15684

    SHA512

    dbefcae382cc2902ae00030ca17d9ac62783dd1a3fda709e7b0cd31b356d271442cecb9f173a0e88cbab61246563c5bbb0939fbce9f707ca1abb8eba7ffcbe9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78e884caca21c3773b973c1642986a1b

    SHA1

    8808b19a18730aedfc80e8ce7bd639409d9893e3

    SHA256

    a41d9a45d53eb8095c28702ac2c3e1570674fd6763afbfaf5621c7d45cfd4453

    SHA512

    69dba7542c740db1829f0492836a5204244b5ebf0ea16c54e384fbac6895d2813db11f21955795f01c100912614f6fc6eba30469634a244dea72c8fb37983a75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    57a19075613852e00d009519716d5f42

    SHA1

    19b7ebd979f0fdc3c64a563092b72e47eeea7f1c

    SHA256

    d26a85d45fabcc16671aee256bc2d7d4e018a70dee017dbbd665e515446165d5

    SHA512

    74cef1e5dd76fe5a697e12bcc145c853151784fead7c5d62c549fcbf0d7d545c16e5c0f3ae2a1217c1dd1680de1ddc6bcc379020af6a9dde4671c6ca21621068

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    adc9f7e3de7feb7a295fe49b65e0f145

    SHA1

    12b1408454282a0f4c4e94fdefaafc3643c43ae5

    SHA256

    97e5792b7b6486195507cbae666e9f64da049637d646510a3ebbfb071d3482bd

    SHA512

    c8dc0c4cece796349033df5e2dd2c99772fc2cebf4ee98632bc902e1da3e26485d3eb17e6e427284a55d74803d64bbf32d8967e4f6562db0d773846169d05d5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    46035fb7e9aa1e48467706f226ce2d1e

    SHA1

    65fb246c8c6d5a2d33a70e6ec6f21deb30459369

    SHA256

    a746517b4bd3bbacde676b93001a610025327a21ec440efb9a54c74bdf3e9135

    SHA512

    7312b85ee9e36d0d19e8e462b728907ef10415cc400128b7ae953945890a63682cbd20227a438e7f72cb0c704bdb1fae506fe0afe3f528cfb3e2774e706e4000

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a6e67565ab9cd663a4633bde0966472b

    SHA1

    5ab201d55c9fae06f34d5cf7faabe418e5dc2ed1

    SHA256

    533f7cab65b2e6e32e426504482810b68931ed60efd3948842623c17bdae5c85

    SHA512

    c327d67755e73832e65799e78b5a366e41847e561891ef9dc5ff07b95f43dfc58039a7404a32e19c2b939e5844fcbf465bccc6ad68bcde52cd3d6539ffa28a7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    27b8e4370ed4a98fb2a64945ca941461

    SHA1

    ce8e54ef4e7c9d858ae79809412b600afe7ad09d

    SHA256

    e09bb045d4370b3bc858c60eb2043879d44553f50d519bcef51815d14e3ca053

    SHA512

    305cc3d707bee85d4766fae289576b4083b9cfc7aeca01c432cd9b9911d4f832cfb635396434662eb794c2b2a53ce327777d28cda1aabad605fe1992fa271b8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c0c04042e0391a2fb90601eb0e3e509c

    SHA1

    0336e338e7eb82a261bb906193442c33cbf27342

    SHA256

    ae3f947ae9c2e0b945de61144f1e925e2e69f6307a3913021e874c8cb81e8ce7

    SHA512

    53f1a29f4cc5daa7cac705bc680de1563e69a2fc1b87c42a62be1df320581fd2fbbe3907f4c179bb0e42fbc14489cf99354a0349cb31f4f796ebbf61d343457b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    589c0ce2cee4fe48bd496e36e4e78223

    SHA1

    1be5d126e71cdb216b6c2fa06546b25d7e2ea443

    SHA256

    41ecf7fd58ec72fb8e2b6cfe7cf6a711397928b75687c3c13a6ac3c80abb8d88

    SHA512

    3c6cd24bcf99928065e1d933bd10a99d4798eccb5d20441405cbfa7adc61a5764e5c8572c6cc4ab1f94bcaa8d9e92a293f81d1015d585619e70742370ec11e00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9a2449f348e6d07ca839a97da81c5f97

    SHA1

    335e3e427dc2d8e3a9c021a2f9d6f9dc0964dc50

    SHA256

    f12e939af8b0a840fd1c8b2d740d5b229c41979116d0542e8aa815630e31d7be

    SHA512

    e3a1ee77cbd8582830777baa30416825585c1e61e4af7d0b7cb5da000251a64a2bbf7f320cda93e2187afbef86b3cde3a94207f5fa3a55334ebade6b3b0e9a12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a39dca9028b75aa38c522d183f9b1fa5

    SHA1

    c75219eeadc8b7188c0f4eeb7f000c0af1dab13a

    SHA256

    0510c0b15387b8a60cf517cb3882b9262e3bc95a5645ae0e1915afaee76e133f

    SHA512

    ac30252b9658ef7ea8614c94ecc350184947e35d816b1ed6ca3d5a7b8b4c86aeb2d75f7a43bd1a8fbf4ae5d4980259f56ba0f9f967e932fa6b75ab0cb260d77c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b43972428911451f6ded4ee2de25dea1

    SHA1

    0a978b691381ef68cd28931d89f3e0b5039389bf

    SHA256

    73f52f4027a9e9d3f4ef607a4607e3b583c8dc40ed408712afbf38d43670c719

    SHA512

    cee3c6992a3eaa359867e909cf24440d76975417e5d3767483d26780de83c66db0f2f63f43cdac14d216a1e2c456e2adbc516eb849ac1b3667f76ba9afa41ab5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    332f62ccf79447ca9d5cbcf1e4db867c

    SHA1

    7d14b4b45fb181e79d73a508233c5f14f684b33f

    SHA256

    d077e280e2082ed57b00cce73bb5b760daed35f2800e4182c676a80283f2aaf7

    SHA512

    230bf0cf56460d456d4ddea1edeea945fab8cfb7b738c8da9fb2109979f1a426315c3bd88ef19aa94f12f0cee607186bbe342d5767a1cc74a116e86fadb91ebb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b7c885abc822a4cb2605b6b7405b9856

    SHA1

    5184b116155faabec9091ed7b5dc7b261c3ff191

    SHA256

    3deda5132e7952aa12e4a9d118db473672f968a0f6aa6fbe6938e7812341b518

    SHA512

    fd1f8c4765d6b6d0eec4de1ed0c2a259061fffc03d5b3c03b8a1af48dd85778cfac4b6d48bd79a2078e6572865d0317975efa2f8767d5c21ee979f38141de024

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    312792c183cf72a39315008b3f36dea3

    SHA1

    a8bae0f52538eb5cd709c41fb5b68356671e2635

    SHA256

    57745657d40f1761769c5a7762e841f2e93be356e71656178abc0fd56fa3d5e9

    SHA512

    8bed9ff91c53e003427451882a8bf21c590e31ec8afe9324a8abbd5f3c14f93cd224c43e8d5a338bca5c9f6adc4cf0c1a8c25d746aaa45c94a2a6e58c0d4d6b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d525431dbb83c95f7eb6fea8d4bee001

    SHA1

    6d41e64e68111d54f4a1d9d9f2638e147db6a10b

    SHA256

    7ce4df44793fe2d8966405f2cc5cb9b169906113465e7eb021d50a8e43662637

    SHA512

    9e3d9090aca975ad0c836fe55f949abd0c3ab7a18542820518a2dcfdf049f822f3c102e3e23848d412ca3e63e7c24ae331296c5ea88582b82e23d65066cc5b65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    66d4469b9b2a69cb6dfbe139b6f6ce08

    SHA1

    b99948660ad56e4397702589ddead5b6772db5c2

    SHA256

    7eefae1e024e132f6bb9ee71dd5a5d81a28a8bdc404dd8472f30d63a7ba7f515

    SHA512

    ca4e67bc2da0e5e4ed1566246de67b7ea3f3c8fbf966d1fe48dfbfec5c4f906f18170deaec9ca82c9759e3909ec46f5c98adba90fb188b82a822443e789e533e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1168489c16679eff12aaff4f852ee1c3

    SHA1

    154acd14f3d66dcca13e4c893f0cbd7ba3562cbf

    SHA256

    58551e5da8abd4aa49982744cfdc0229cb83fa86f835b52c9275ca7f9012f537

    SHA512

    2ed7e16c1c3ec7452a64d99cd3db9028906c1ae6095fc34b0ed39f78aee8cb2eb211145b05edcfc689295a0f67f484652b899b15a5fb39ebf122e9c8a49d2f16

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1CCB52I\jquery-3.1.1.min[1].js

    Filesize

    84KB

    MD5

    e071abda8fe61194711cfc2ab99fe104

    SHA1

    f647a6d37dc4ca055ced3cf64bbc1f490070acba

    SHA256

    85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

    SHA512

    53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1J1BPYJ\jquery.min[1].js

    Filesize

    83KB

    MD5

    2f6b11a7e914718e0290410e85366fe9

    SHA1

    69bb69e25ca7d5ef0935317584e6153f3fd9a88c

    SHA256

    05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

    SHA512

    0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YV6H14B0\beacon.min[1].js

    Filesize

    19KB

    MD5

    dd1d068fdb5fe90b6c05a5b3940e088c

    SHA1

    0d96f9df8772633a9df4c81cf323a4ef8998ba59

    SHA256

    6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

    SHA512

    7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30

  • C:\Users\Admin\AppData\Local\Temp\Cab4FA8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5057.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06