Analysis

  • max time kernel
    132s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    06-01-2024 22:16

General

  • Target

    474db9b63bcf0f1b62202e0155f13829.html

  • Size

    44KB

  • MD5

    474db9b63bcf0f1b62202e0155f13829

  • SHA1

    da80a9f7344fca1565b60e1618ab144cb409404b

  • SHA256

    8b231842409fe8479be08347e621495a2891bbb30c69141478f0db624ac5564a

  • SHA512

    880bd84a8c4a96c75afccaeaf9b5247438fa5ae81c9e730333f8865672135185433bc3fc39fd05a74155c5cbbe2bef8ec6e9844c8cf9ca0db957835b41f09956

  • SSDEEP

    768:mwS0l/sGVLsk8ejW4mTNn2obQelgKP8UMXLbk:mZJtNQelgKf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\474db9b63bcf0f1b62202e0155f13829.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2476

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f949c33566e4f8ad6d4d8110cd27216c

    SHA1

    57508be54d5c95a628f1b445cb9f740b5493b773

    SHA256

    d8cea9161cc9a9ffe7e98669363baaa64928134461047119658d4010f9d87e8b

    SHA512

    eb339b57c9b8736a1e613b021510f061bb7d1169c0175d710428cd96c094dbed91db8fe980c1fe84fc332787232dbf5df714fe4aab760799618f016ff1912638

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51f0bc6afe56fd720657a55aabe82f4e

    SHA1

    660935e9127684de1df468550a779768feff5a37

    SHA256

    520d36270e97c161541a0767c25e8e98f54fd0b9161467272125cce10e45636d

    SHA512

    be1792ad8a4d488881386b28b4950178554e6c5b75882f9a4c424f30670962a0d6737737f8570f243589ae32236e1ecb9b96193129b18b3025fc2c0447c12ae7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4ac047cd6d5dc0640751d7b18798a323

    SHA1

    9ad3ac733f348e96930246ee4bcabceb91466b54

    SHA256

    158569b9fbfbb78cd30de8fe5f29dd51f077d8af7f8aa54730628adfc97927a7

    SHA512

    4bd955a9f6bff77af4954c55ddd9508c24e8cb11792ea0c334555b0e694b9993e4202fefb25cb2109e7e19bd8cabe1d96fc333913f7e6067a5b2525136816e72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ccf0e78d753325e9d68e1fc1d333e7c4

    SHA1

    7b24561cbfb817ba3d7402a34484485c32383783

    SHA256

    5378ae3884e1f64f146900cdaa736b91e1803fa430c86bdf911ae35afdec9224

    SHA512

    a731e7dbf977309fc1c1c9a84dca5678f58a160a70ff4691fd7010b2e1eded879422c5c53218857fff79eeba9a5e8e39c0f55715805c527138ea1b2c4a537c8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b1b51d43516c20b8f74bf4d3de8c8464

    SHA1

    73d3f04ae62091b27b9b19188a845f28ae718db0

    SHA256

    b4e95fe251601cd7c001356ec6869b1bdeb653c5262c650e87d16e3f4751f7c7

    SHA512

    fcf00a5fe14fe2c6651d75759eb34df4c737555b5274c900551594e34891a43b96005a68f0a2fa3fe514ac88fad6583a9126adc60ef80d9a003735a98020f03c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f046edbfc69e512a2c9f8b8ded01f2e2

    SHA1

    bf17543751219cb65c0afb33af5dfdfd572a926f

    SHA256

    38019834cdb0cd48ea9579391cffa9f8c84e7b190cc693d44dd46edf2c7bd8b2

    SHA512

    76c5ef65ce33ded167f6498f9058096fa1956128e251284894c77c7fc51b29e15c571637b8fc9ef5d02b9603042a7f27812da5009286981d174003afcbbb0680

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    140c2eec7c2f978181ee95ea3512e688

    SHA1

    f572213e3b8034ab80bb43b97df8bc999411fc8e

    SHA256

    d645670c6c0714bd839c73b1f5d3ac3b29f43fae22ab49d5961b393a3343365c

    SHA512

    df21bce610c62345f2a471863e27ec2299f7da97a145edda55d0e0c3fcb0e1b15169d7af66b68b67cf22892e8941ed3b7957be32475aa002e9bc929ee0bae06d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    516ebd7a8fe834542902c19c9b83e70e

    SHA1

    3e0a146c2f5a0822c455cadc217b6c445954a0fc

    SHA256

    17c1b465709ad1bf8a12397fe63ce7f5fa1d576831d43740009cedae7c3a908b

    SHA512

    5c238c31762c5350d375a9435f833ec040f48cc4f9d1307fa9788349f59f52a5d3b58edba99f86e8f172d82c6ce1adfd1896bceac4499be1f7cd102c10ddd761

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88ad511947a070792312d975e392bb78

    SHA1

    788d699c496114bf5771315299c87f0e1d331770

    SHA256

    6f2d388d1a73233572cf7b0493c9544007f321a77da238878e974c666b9d4449

    SHA512

    572fe672dae522dbb3eb1b865b96134564e7bd3bb24d0c6470b4c58995966e15ef9d5ab0bfc8bbcf1d972343d21ebfaf129822d852866a24713794a1d38aefe3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0dfdf91e533cca1127c8cfa625a8b91

    SHA1

    af836753f3a2a3981b3a524c1c11c8b51af0af74

    SHA256

    8a5a388d335f94023d5b2cc05f0ff6e5720564d84e71810cfcd8a61647e12f28

    SHA512

    980f4c49969c814bc83173019b2d2204c2ed3b205b4d9eb609ef7557246cdf163990a73c989e9492bf8b12bff33ef0fdb60d818a1c901f26e7e24c328c2419cc

  • C:\Users\Admin\AppData\Local\Temp\Cab59C6.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5B31.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06