Analysis

  • max time kernel
    122s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/01/2024, 07:18

General

  • Target

    403c2ce7ea5166796b12bceb08a459df.html

  • Size

    430B

  • MD5

    403c2ce7ea5166796b12bceb08a459df

  • SHA1

    74e37208963b005aaaf7f182028e3fb9e9b17bd9

  • SHA256

    c92a4e74e9e40fb4a1a588e23d22df482ef391cde26d0ac5705b7508bb7b2518

  • SHA512

    add97091a7ef92f83386104d94f93ff88ac53c2dedbdbb4ee44bfab0067ad7ba9e606dd21d95479e2f0f13024d6cc2045e91aa9491dc3bd1b693cfd3fca8cc10

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\403c2ce7ea5166796b12bceb08a459df.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          33ed0f3a56956362101c3388cf272823

          SHA1

          4a612ca8b152cbd1c5bf11cb6caba813a29a4336

          SHA256

          7ef67e1e3ab374d920627f325e82a398a51d7b12fd92cb7dd5e28e129712da52

          SHA512

          0d29dd3b0ea256cd447b1b35de60bc6484fccab312351f7dc21528e72b0e4beb4e0f49ec2e1412518a6e41aa82b66c3c05f5b9595cf94ad078a5c442d96b5536

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ee6fc3954b05158796866c1c8e800c03

          SHA1

          96d3eb408230e4d14ac29c279c00c7eee30989d3

          SHA256

          24be47e4b8b87bf6ce093448b929a2cf8a834414d23b240c7586d8467a956f3a

          SHA512

          898168be093736a7eb02cf00daa587a58129014ae3d1565e0d34977faa42d885c054905554b5690225144a5c01768d1e16637de29077f6a3c2f2e2c43c88b151

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7e757c0401744d67c90306345801f220

          SHA1

          d2764d05d55c101c4cd550f0204a2b3ad6d7e14d

          SHA256

          2a5ec20e6ad6829d1a7ae9fc59f31bee1145b6869d70c007a5c5ac828f30c5f7

          SHA512

          1d9293f047d34c6ee80b3d9fccab7aff2b0077f8239999a7c89dda0993e17cb4d7a12d3cc1b9d6c884d40cab1856c3b98cae2e49275d1918be4cd52e71fe05d2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0629443bbf01fef91b222284efa6068a

          SHA1

          357cc21aadd6ee30b863873a922725c64c85d9a9

          SHA256

          ff99bd30d9bfc00fb5799f3c7934641f68423c2d7525231a2ea68295f261c0d9

          SHA512

          2408f27fedbffbcd8f343079d3285e914a446935dbb7ea6eed037943e28433c27badbc58b108fb6014aa211be82fdbee8e923aedd37a89e0e253c77250f68d01

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c5d2ea3fe32ea78db11bdb46fbb25649

          SHA1

          ba046a08e66267afdc10bbd4568be1b40a347285

          SHA256

          43cb9c420a1e27ed955ff0513324eb106c211594e41cc2b1f5bda3f1afdd63b0

          SHA512

          b15d6fe505bc286bd2b6fa310c6c7252041a4e6f439db67272117b58a71b6c8b292fc52f14bc33bca80baa9b0afda81ca84876daba5c8d7312abf7b9fba198b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c6e8c0b0c47cb2944170d39dd12014d3

          SHA1

          1ddfae3dec6ebbda8aaf2ea9e8a8f77330593059

          SHA256

          7f1e64b560ab8acbef49fdf7167f6280968941b11a13e3bf0f0d88f75fc949f9

          SHA512

          db8bf8660da48b544c2c4d1292af09a582668cb528d93cd1a7a98c1748c343215d9a9832fbe359e08b9b0c376fc482d5909f5626bdfd8497e73b233c70255b9e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          93b89a37712bb263e649cf43c74548a8

          SHA1

          29e55febd85d6bb2028e95c1554f214c1366ab40

          SHA256

          f57df5e5338b0df00c6ada6ab31197f3db9cecd3aa0e00fe5c3285220e48be0f

          SHA512

          24282e798824780c4532b238e21afa2788b66604c859aac131c1d558efae1b82427c9cab53189b4a980fbcf636ad57825f19fc2d26a3cdfe3883a5eb9e0ddc2c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          57ddba176b3b2b8d858cd5c37dc341cb

          SHA1

          388c4e0eb8a831a1866a1f3fe84d82606f7ecc57

          SHA256

          3688744cf7ee0c96aa833ffe5def435e03ed6a27a71344c6459cd528e8e63aab

          SHA512

          f8b0d00763a942a574bfd067d27898fdf8b3817cbe36be8fb226c896ab35becba18f8e1396bbaa554ce9961d25ae0d02fd61138cb116c26ef2b5c33f4fb671c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          30f7c1e5c8b4ec15e4a8120fea2dbb9e

          SHA1

          4d12aae1a1d9597f36f58f0313d825215c3ebd8a

          SHA256

          fedd256b835729cc4a51187ba1164a470e0fbf95cb32c60b519cd1eabef4dfda

          SHA512

          7cc135d4301c4b6b8510c4aaf5d1cb017d1eeb0cd405b5bf1ac71936d591f9777df67f6511806c315df7195348c1d47a87596a382ec056cf21b8f7f063162240

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          51fd71580ee90847ef668dd422ae1f7d

          SHA1

          5d654c489a68de1096f34b4083e387814f33cf92

          SHA256

          bb53a9b84088b868af42b7d81aa6b383900a9e39f9d8439c1b286c77435e847c

          SHA512

          b0b879a43b29355676072d9bef84538d4201a2031d9595416615145b5597f82b546df2d730e37f71b8f82575d56be2958646ec1d4932d36af2f3529a728ab7c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e48bf56a50f293243f802e94ec13c4e5

          SHA1

          7ae2383fc81c06c85ce90b5233301dc44bae58f0

          SHA256

          bab4a45657b0538022a23a0aa25c1da4cd09ac2bc2b637b4a2f2a39653e1d63a

          SHA512

          9675b77038d9385cadef7231299859ed3506f1474283f1fc89fbe3f5b637c84107c9bc1ddb771a47f74ec68e9827ca82931a8b4fc7253c241f62e0a9790521e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          64567a427db29dff31cb944c673ba376

          SHA1

          847a4cd4ebb2f5e1eeab51d98645afcf63cf6724

          SHA256

          1f678b79e355645a1812dfb7db6b4c4ab094d9bc72947c4601b5f10103c618c9

          SHA512

          92fda97e885b4c7124bc29bc09b819bbd26ac1ead630014edb89a46fb48d64ac59dcfe16f47f6d07d653d5e5b47c7c9e05fca5e74bf3d9ca361b2895823bd829

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2e83d0b5aa67cd27b26bddc8cdaf9aa1

          SHA1

          8e4decb325c9c1ce5d4a42237aa15372767fb954

          SHA256

          1a2bcf78020bb1549f5e83f33def6f76b59de6579ce38e6149a5dcdfa5064e10

          SHA512

          f674ffe3ad422779fd77a1d8b42dde011a00953a305089f5d60a9e8e0b01e2212755b888ad7a5d5a0418613279e8d3df1bcae82a69318d7c22534b7bb64fb1d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fb18c341ee8df9feed193ed79f032a51

          SHA1

          50f91f682e1634045785de1378500f58d14522c7

          SHA256

          4af3705041045826b40e8e45ec118f5cd65a973507c9dfb59dae71761bc61ab8

          SHA512

          a39eacbecd63b94d38520c79528b5724662375fee9f3893bab18f936b503c0eb279c61a6d89bc5f0f5f0dbc31ff60e3c1379ff94c9852328a61fe946692e209b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          138c56c7f01adccdb2204800a8930543

          SHA1

          bb4ca72a104c33713b22e3a3d43cda077708bd7e

          SHA256

          969a67c8c726fc4c24aac0667e0a99d4f86af25d049aed6ad83acb9ecbeee34e

          SHA512

          6e627d3b11757fde14f73888ba7ab5f7c531569b857233f272e629b62b5c739fa8ad6147517c0a810b5b13c567455ebcd04d789935b153e0a07f03c5a978bc39

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          91b27dcee6b49b1de9d4a94820072923

          SHA1

          5557ef3f3c0d7b31bfc471417bc3e5a17007c897

          SHA256

          6884d4b7c15f5dcadf8e24b766848b5fd86b9907fab2af0f3809d3b7d5c159f8

          SHA512

          f9bfde5ecb5d90f4551cd5b362c3ea783d77900cc5ea465e05eb68e60a8b4c054079a8f68d198f9f644715492143f3b2a7c838c07d1e9d54be1b52c1a31dac80

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          20c68c2e3e673cdfc78340b8b369b182

          SHA1

          582d280e7c6299a14c4a1fdb30d3300f4a28f6a4

          SHA256

          202f615109b0ec4a04ca14a48960b39b39f06c75d410ab95cdde607802f50b9e

          SHA512

          671bcf7227b36923b1854855ee3841ffd80b0c2ade5c12e101fb43153ca24403eb58b232294a5cabaa65880303ac45dad4d82fd4cfe46dd988fa0f87d671fcd8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          65c31e6efa2d668cffc1444152a2f473

          SHA1

          074f92697569dbbf3b35c4ea1f5f8242239cb1f7

          SHA256

          a28dd87b3867a85ea3d822400e3ab9daa434050415ca3cdeed1af7eb702dee14

          SHA512

          19ddf704df91e5de621ec9c1180b780c18f3504dc9bb3d50e4d58f39f3a6e1f7764a74f9d1f7752ed716d344284d3509cc3545f76b52b834e39bb1797c27ce1f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9afe136a3b229693c62cfda4383e3c85

          SHA1

          d4e35c44bf8d30a27fa5eafdb760cfa1f09574e6

          SHA256

          c4567624e53fef4cee461a47c74b2e231b323381e23f71919e9571e7ca2ff043

          SHA512

          9b1525e8918cdf75199851392b022feed31a8df72fcc01fac62e77615a974fea54fdffcadac8b3a838cbb88aef2605f04887365b5e22a01afc8dd35f1241e1c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f5d135f6387307e7c789f4d9a4f6245d

          SHA1

          ce98741293073ec98a4ebf6e14100d8559735755

          SHA256

          76b6a8d25797e7a9ef5b9b0ac3b3c3e3bffcef89b5b899b75f0a0b5a2782ac3f

          SHA512

          8d591119564dd7ffb9981168cdb1bdc6cd31351393a774dbc22792b7f8204289c87fdfcdaba576cc8dc2db672fc9e4cda3462081481ce5a6ac93ee27d9eabe6b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          672ad39b1342296543ef8a739911cd4f

          SHA1

          e4c6c293e631d18eeea907c2030f2f5b816430c9

          SHA256

          1d2e09effb8ecbcbe65abbb9152f592fe9fd97684009331e77b8de7fd0f80d6b

          SHA512

          1dc2fb6f8de9964b975784e2a5709a161701c0dcecf78a66a92c8d4764d6a073166a74b1b405b8922ead676fe43cf7e6bd2b1511f771dcfc8e218d38a11559b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3b69f444eb5da96398fabc1605bac0b9

          SHA1

          385d03dec9c8469106144897b9b420320cefb81c

          SHA256

          c13b8a0858d98468116039516c3e70f870c55737f325e59a1f1e40143f2dda7e

          SHA512

          9dbd62bd1f07ae62fc70f0f8a33430ec5e02a9617d6840d3403580a8c7a7f400bfdcb50683804438a673687a232a156d18927a9215c42bc9b7cea1f04edcb4fc

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat

          Filesize

          1KB

          MD5

          bed1870d8dd44a7e117dbd6c46643534

          SHA1

          d1d38a6c7f5dcb28d0e6c64775c4679ac9726323

          SHA256

          94798bbcd4a87008ea2019b1a37054c4860cb470d27e1ab6cfa7758a3c01948e

          SHA512

          dd27a7c0e0cb9533756e6cb2cc2ffcc844672f337e41a6a5e9a650089e6e01f067f4d31d46a211325ddf5b254eaaf3d38e87cd7bc7839b4b0dc2b6605c02b593

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat

          Filesize

          6KB

          MD5

          d83cf1ee52e3bb75e7e012276f819aae

          SHA1

          ac7198d1d55bb0d1b89a4a76d03df39132a110e7

          SHA256

          91e7cc325fad52722b03b5d2a18d9a8f1fd6640baf93123b97fae4ad9ca451ad

          SHA512

          2067a5363f279b127f3fcc6dd9b5953dac358334f08b686fbf5596f5a0a2fc23db8cc886da7ef2937e6f045ed99ed2f093990b73ef847625c6d9541a7f63e609

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\favicon[1].ico

          Filesize

          1KB

          MD5

          91abe01116ab422c598e9c8af72cf4da

          SHA1

          0f2815fe8e067d48537ad168225ab4674271fa27

          SHA256

          b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

          SHA512

          a4d5b20c3014153b6b382c43404917bd2cb5bd2a59bb1e981f5a19eb7dbdec185ace288e9700428d24e5ac623e45d04905e706f0c45a1642b1aa6c091213c23c

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\favicon[2].ico

          Filesize

          5KB

          MD5

          f3418a443e7d841097c714d69ec4bcb8

          SHA1

          49263695f6b0cdd72f45cf1b775e660fdc36c606

          SHA256

          6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

          SHA512

          82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

        • C:\Users\Admin\AppData\Local\Temp\Cab5A42.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar5A74.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06