Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07-01-2024 12:31

General

  • Target

    48fd3e5bf9c1ad6c63e26d2fd18747fb.html

  • Size

    965B

  • MD5

    48fd3e5bf9c1ad6c63e26d2fd18747fb

  • SHA1

    35e49ea5559b07892ee83355fdef5991f5577c8b

  • SHA256

    36c4e7a9b276af22ced25535b8f225a6828fe2aa7fe479e1858efc882c4b529e

  • SHA512

    7cb2c1e2d79bce0e00c4d85a1438a3564d75c121215a579620a0fbfa57df6edfed1491b479e70826a9d40940660c6a43d497cc3b593c8bb4e9c2de8eddafa817

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\48fd3e5bf9c1ad6c63e26d2fd18747fb.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1784
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1784 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec2c5db1a99f48ea873d06f424f9ad8e

    SHA1

    2bd1892f37e0f84fc2e933d9843d4a26d3e0661f

    SHA256

    247f7a7a9c9b59008f3814f7da11e0b95edcba2b9d9eee23cb8344da682729ff

    SHA512

    fd9314551e59f2bf94ccdc79a9136fe8851b65338c7eb475a5cd013d941bddf28a663730956ad535e23cd5b954344521cfc9f7307afc165c9064966b116d00f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5c33baa7862d0aed41605ca352312e82

    SHA1

    9d1d0fad4a98ad1f5ba4dada492158ff286691f7

    SHA256

    8c8d660e7a7bc41a963c19398521b24cc5791f2c4a819ccf1a61e4e16edb7f6f

    SHA512

    ab8fa1020ab380f9cd663ac172b788a1bed737b42018279f44b976b3bdb14941778170e510c220eaf8d67071f9609c24a5789cdf04955a38b38415549bce88f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4fc69800db1981c18922a7de8dbb729e

    SHA1

    d9bb03c904d0e31cb6301cf37583922480932bd9

    SHA256

    1d704ff72384a44151fc068f64b0bac4a38f0d038f3086e009512fe1147b4838

    SHA512

    cd17fcb478731c0d82b6c0e4d07332a567f6a562dc69e507d3b9a88191c9bddd9372351bc5298c23c93b9fea58b6285a5165d4e22ccefc092245e60bd13df584

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a99bd7ba35891fc13c1091ef1a738a6

    SHA1

    a41faccc86ef3eb8aa351827d47fd15c7f1dba29

    SHA256

    fed1f5039b86b85e42e02615825b5166f8694755eb10d8932a23b25649a55e68

    SHA512

    27fdaf879153a2990a6fd281f9a7fa6239451c514364e4b8b4408747b6df880e8ea61b1900af4aa913c4ed70c31ca456d9d6bf702b1a0c0143af9dde3887540c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c5dbaef729d86cb7542d7edd6978bbdb

    SHA1

    4a79f02e33f6e7dbc0193b201410a9aa65297db9

    SHA256

    e9614e2c82e1512c52c4bc63f6b5dacf4cc0e0beabca578bbb225de0e56dd288

    SHA512

    a3f8d532f8e672135d650450db497989cc6418389f90e0fad58f2101899c773847fcf9954f6e7ad440e21a0aee4f9b49932a1247e1bf075cd8be8ff9fc19247f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e75a2af778d2b873e9da65707ee90e24

    SHA1

    eae9d800e2f486bfff8176c05a15213c72191b91

    SHA256

    3d0a95520c6520a2c598ee4a3c6f6d10e4e6e9c450fba34f915ea110d4aa08be

    SHA512

    a2ab20168a84bba1da931a07312224dfbf58fb2ec3d2e1c6703aa03efa430f71e078c2091c7c3112da13de6a3c7b91a82599e262f141cbfe22370ab717329aaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    45c2f46c49853baa442029917c8dab83

    SHA1

    500b113d1a4999f1c2b36a8f1f3436e72c3ed9d9

    SHA256

    5db8f33f856ed0190136e0dd80673e33ee1a260e969c7310e8dc22c641676d8e

    SHA512

    5f7a342fb0135a5dc227631fa779cfc7f90a23fd252b5dbeff217f0e123e135b0827ef4dc1cdf2ea24d9e2a11bedc5d54d167a6fbc417c0c4125fff3d1add5fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5bb8550de6aae2beee668406d7c9351

    SHA1

    bc898c061971a2919a8fa53a4cd5ed6bb1791e35

    SHA256

    597ebc6a2bf568a858573ef6df7b685e4b2ba6f7847c3ec922d10a18acaac59d

    SHA512

    94f990108513ac134e69c2b17dcca396c471bf728132bcf40362c6355b0a193437ac2b2ca73d996f83010de59c97e43ac44b8287b94b5413a51b2e8d0fb07c96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    38346acba83fddf83600943a79d6fee4

    SHA1

    84ad5ea1ea9f3292ee3dd1de4041e957ec3632a1

    SHA256

    c3546e28a828d9b167bd6242adda8f65884f782b5addfac2f2984633ea55bf76

    SHA512

    47fe617b903f65af2aa8785d22e318928610a65a1caa07cc517f8cd2af898eae157f721933892ea77ce11187e650125028c6aacb0704aa8916dac410a70faef3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8d3c609cacedf6508483c7793cb2c1d5

    SHA1

    8fd4c560833635dd732346faf9a5b461b8514927

    SHA256

    03ffe97cbbfade69039c387bd02aea311c8f8b94b7a4170b1707bc37b1ddd879

    SHA512

    26130d2cae81e40e05b36e9d4dca688206a64226b5b5ed1ecac7ff82e9f620944fc8d5f55edbe7f87edbd3fbe1f94623e18d76f6ea294186bd968dae88e326e4

  • C:\Users\Admin\AppData\Local\Temp\Cab29A3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar29D4.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06