Analysis

  • max time kernel
    0s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 19:36

General

  • Target

    Kiwi X/Monaco/Monaco.html

  • Size

    6KB

  • MD5

    ec05dbe07ad593f3c4eccc68d22c4558

  • SHA1

    7ab2bd63a8c0a421e27f2fa214c28ada9489a546

  • SHA256

    c652c0edfd59d5644044049f723ad2d915685dfdb1ddf6841da498ca969eb12e

  • SHA512

    df2e364a22b263e00133ba7e0e667a9db3a0fa5d3a6fac3c44a1c9d78ef4ba694b742eb04031e67c5d305c427efe11ca5c8fe89d9e5152f1b32ed4580dcae538

  • SSDEEP

    192:wEod3PorvGym0Qp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PoLTw5keghHwjt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Kiwi X\Monaco\Monaco.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:624 CREDAT:275457 /prefetch:2
      2⤵
        PID:2616

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            3b279d7ea7e06a3dde6f7848a111ffc1

            SHA1

            41718a22af13c580cdaef3867c44cd4474c1b993

            SHA256

            1b27f2c74479d599a82b977b07a5fbdef31ff05c76f06ddb969181d0a3b9ac1d

            SHA512

            73951f5a34f8083c35578274f06d0dc2ff8905dd51747d7b02d2d551a7e534454b40dab693e995c963de76bbd01b0d29754324acbf2ba217533323abf9e17885

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            fe8100db292e97cf68f8bf6bbebbc581

            SHA1

            91289c748c3821cba5301f7f58498d07662aec5e

            SHA256

            55dc0c9be17d4f903675c4c6749e1b573bf0f21ae46110c453a028e2159546c3

            SHA512

            7ae41f50f9cb8b2f6c2bb8ce9d92c89f0e4afdddb7ec7022f6d55c96cd1b5f85226e72e253dbbeedb5a7bc0272e6a32f5f383d3021cd9a447f58fe775b2f4495

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            e749d3781045e7ffb89678918641022d

            SHA1

            b84c39247e8c0dbd52d5488fd222bfa1a6e092a0

            SHA256

            6a9e0d9f7d4ebfad222367397b0e585fa7f916640bb8fc1687c22790d2d9a9d0

            SHA512

            c76a948bd450aed3d410200f867692028ef65f3dcf44ba04663cd1af3cdca39bb8383d094664f072ff3c3aba54350137417b7459f955bc6e3bbb28902799e952

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            28a0354eb20eb0555783ddd2445cf1e8

            SHA1

            ac977ea965e22074fe22d48d2458e382cb80fb12

            SHA256

            a7f619943eb977758caf6462b5b92e8fb35b38c810926f516ee7b9868fc0fa08

            SHA512

            1b64b2429169d707e79fc7c2b9afd11c7a27c98f5e79660d9ea353da64b9787ba1f7d5e5f9ea5fdf2e1926a0113787cce0fdb48d2860572fed65d93f29daf3df

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            4b808fa0ea3542efee6690c9dfbdea1d

            SHA1

            c884ec0f84f2df0a9d6c6a3b6f1f68c628bdd503

            SHA256

            4de2f0edb37d4b36f468922f61d1b67bb2dc2a66a5227f5cca37ab4540669211

            SHA512

            6475206520ae7882ccd76aad5af4a4512f567f6c44daaf0df4b3eab089cc838cc0a1973792d27afb4dcf3ed55d7e8fa8ef1c539a6fb138d9f1da8903615bf018

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            904a70520c6236f0e3702f6de7edde30

            SHA1

            8e0dccbd4a4bceb444a659722b049b3c3cdc5a9b

            SHA256

            559491686e6b92de0d76a95f840c195404aa747392f0e2bef22e67789ee188c0

            SHA512

            60e799b862a21684d424239e8abe68777b350ad653838a1029163075601c7eb042f4add03dfd37261e09f2cb1843e74666797d4812a17362cc17bc338bcee7bb

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            d1ee14918a64138a03ad7f2b3dd4c52e

            SHA1

            9aee53da566e837a3e9fa8315597bc584aca4a44

            SHA256

            b3fc1f832d6ad117524cd448ee1624631d56a8f5778ffb897fdc4e9a08dcd9f0

            SHA512

            5093e2f48bb33073dfdd7b0e60a32db5f9fff9a4e4e2abc5054750c4f600bc01d30e83c8eaf1b89c21731eb3473a79555f3cc6d285daf91bb2d524c4ff2380d6

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            48c08eb0458c75b18161d230557bc5c2

            SHA1

            0e50283e1bc0b5ab1cf53a3696750dcdb8608c47

            SHA256

            25b8fb0f16c7e9ad0ee11ef8c4875e869d01a11bb0b5febd9f2d653a5355ba0c

            SHA512

            275d2524a8524ef239f3090c097693bc87e061998984b3a26822d5ac46faa5727e364ac4f69365f9832f694c985fa6fa92e3e9dab87f571f8334c10e1671d4b2

          • C:\Users\Admin\AppData\Local\Temp\Cab2F3E.tmp

            Filesize

            37KB

            MD5

            ccfa6e58c7ee3b49209d37398c85b412

            SHA1

            788f579102cb93fd6732fb2604e72480f22735db

            SHA256

            412c82301757558027c5cb3ed1245a40d0a9063f583ecd2fdacf50f733c86b0d

            SHA512

            c0137f7d51c9c1ca30f3690d26989db7f2fba64acf05594609518a169f243bfb06e8cbf461db6269e8c8123c8dfadb3d4717777adf1f2490d4b19b334510a813

          • C:\Users\Admin\AppData\Local\Temp\Tar33D3.tmp

            Filesize

            32KB

            MD5

            7f6ac87743b066ace85f254be96a78a9

            SHA1

            a5e6bba4196862b1c02ea3d64d85aaac6eee37dd

            SHA256

            9bf45ea7dae43d8bf21adee61d06fb74ce25b6808ae09d1eb289b4b4d732ba68

            SHA512

            e8f61443c76b859c41e991d4d86f9f6184849cce5b156f29d212d0beaf9bf6e3505bfc1c3402b32e73dd6bfa20cf7ba475979b93107c3536e7d52cc7e2f4254b