Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04-01-2024 04:01

General

  • Target

    sample.html

  • Size

    22KB

  • MD5

    01aece55d8b2b0234a156b708a0b2731

  • SHA1

    2e9acf6f5bd43af807f89601728ed4ab63593fd8

  • SHA256

    83084285a5ecd29981342f6e4322696ea2ac27b507e6c3ffc95816ee6acc514f

  • SHA512

    12fc8082757d23cbcb783197566074d2099a326320c2be0313d9e5814bfa8d03941cdaf653344fa27628a146fcb6b759f5180115b0b74e1499740bf40773f062

  • SSDEEP

    384:+SFpvshhDoMCHmihlh9C02Juj0qDEkrk3K/1RFQvMotdvu3hl:+o9ECtHmirz0uj0qDEkuM+dvahl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    16e58d0d92c8f6f6afd88232ea0f40b5

    SHA1

    210a648efd2e1c0106c93a39f43a57460e1eefd8

    SHA256

    aa2c832a04b6bdd117fcca756a278c6b3d4286387ef3f17b01a856b9815303bd

    SHA512

    e5a00de1db32a83a1fdc7959316258cd6c5c8e0876b12518b75b6a1d44d7257af3a46457a9368ddeb01f529b89f382c187fd83f14485c574d6aeefb3ce3152f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1442d3e1db1ec0d269645463bcfef19d

    SHA1

    3305b35804889e8d8f110b195eba38f0546ecc5f

    SHA256

    1753d1c59ad5347cea21b68bfa3666d3972ab69c9a1e6ec42accc28194d0e585

    SHA512

    fd6be4187d5752e84288ca777589b8568f99b5bb0c9fad6a0063a19e842c5b541edc36bf2d65d8c054d82455c3329072ea193cd241c2f0d5fdd5388a2b38e3e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e56732a145286992778a8a8c4c164e7c

    SHA1

    f7a7dfc57a9c1343b5739350b515e64e5fabbcf3

    SHA256

    6cd47b283fb17749054ece091771748d5aceadaf6017616f18d961d086f80b40

    SHA512

    eb5fb8aa7eb6bb3072aa75295fb1cde13a417b86786de436d896517f93de9ffbec24254b49ea2d1f5307f7129290ee40fcb6336f1c15eaeca948e0f08359a1e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c9d638ea7b54da083b23b1e3cf9bff3

    SHA1

    e40c54ff7db02049b7396ef01b84101b4d8b178b

    SHA256

    859cfd0969e4ddc8931048e308f2e2eac636dcdd2f18d9d197d9b14f86a789d3

    SHA512

    e23bf73854fb7c48940a467aa81c782603892215169f50121276846c367c4325b829c5f94562de083e9ce5cdde8d2c08f1b61f93803f1b8b833fca93154eaf19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    312f3bf78d834b1ca9c772504255504c

    SHA1

    564b77fc4819eedc2f6eed88fdfd3d8d7a2ecfc1

    SHA256

    411b199707e9aceabbb089daefbfbb54e0a17d602aefdfb73ea7f4bf52cd6eae

    SHA512

    d95ded3da8f94013bfa6607e7ef791905a61eeb421bd2ab893d05d346215c73185730dfdcc08dc02fdbaf6f1fc797b7e6ad176dd940f1f82d9ff6bdcf639cfd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51c6c59ca8a2dda567c568d8003568bb

    SHA1

    a55c359c77d3e3a8635e65fce5e713cc9d3a77bf

    SHA256

    060189b4c8da2fc182d28971c1f8304cef0814c3532e567826038070f36d81a8

    SHA512

    fe7e5782a5f10fd19c269e560f084bbef9cc1f7fef48722e4335c7e6532c0177a980fda81a58f0a86ec6e883a972e53130c63c27093279b92aa7f252d92362ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8e2ed22c48658b198ad89eaf7da782b1

    SHA1

    784c5da5d3956288d6946c2174c74d6141ae7315

    SHA256

    f7366ea347e1733f9d21b61a93706f2d07301d1318729c100c0fdd47a3718ef1

    SHA512

    bad5ffee1bd307cec1197ff06aec27748da789d4a7d783f7643a25799759a1506e20d16a773cb8429404010a06874a850c4cfb4bd0f0e6106b7e81476fc21aa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0b875610d62fd5d88073a72523a1b5e3

    SHA1

    9f39d14b798a7710fdb63bdb8ad1f1f0125e2eea

    SHA256

    04ed6b677fa85e1187df208e093c7802cea34359b7a98f221870fa743033dbe8

    SHA512

    e208f920692ff9d6f366536eada70598506b7f59ddc590b4d27672ffd8bae0033c26023c7870dc0591e5798f2c06f7cf4b7479ce4971e932c21d096e892bc1b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    205349e1853ec0b484af85d2f5a2e62a

    SHA1

    0f8470bd62c85e5cddc2fde5b7830c12b34e781c

    SHA256

    ad1036cc6b1bc597bcbe6b7384ee280266981c89393247728717010668749e9e

    SHA512

    5ab77be6dab5999ef4c497476839b5b8cc0a544efbb13548deffab8ee1e12227d23a09d95d2efd644862cfe3c8694feeace64e601ebba52c9f0af9cd8104efad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cbab666100095e089a5a6d0da515f98b

    SHA1

    b8f488933a9bb94ae1bd31988ebce21843683510

    SHA256

    d360e5b4e9bd355cf7881cf8bfb307946d62588b717f94b218dd949c501f5d06

    SHA512

    d2c87280b1bdbd7403cc9a342f505f5de2b5081ea8908ba8a9f809f13fa2b7efd6449413178d725c29a3ec2167b8f854e7a40cc6ffb9f0fd040884c129c66154

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ad33af173d187d0ade7631035bb4a762

    SHA1

    3a6553737e38439895f12d3d33ea05239d589d90

    SHA256

    7d78665a42f5db958f24a29d7aecbddde59f042de6d607f2a39e216a7c8eab45

    SHA512

    7ebdd4cded4d361e900fe7e7e7d1f372d11dfd1498f0495297f55db74b633bf3b1250cfa2842611d1efb913340c6fc3a0c79e8642beecb59ea5421c48682cd8f

  • C:\Users\Admin\AppData\Local\Temp\Cab1096.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar22C2.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06