Analysis

  • max time kernel
    146s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 04:12

General

  • Target

    4a6891d519b8988e2b6f37477f04908e.html

  • Size

    57KB

  • MD5

    4a6891d519b8988e2b6f37477f04908e

  • SHA1

    8bd62c325604b9080e3bdb0b20d6f7cf0ebb39bc

  • SHA256

    e21ee3522f6a95767ddb9e975d48db72b9a7f04921fd117ecfedf26a362ff689

  • SHA512

    c4d70d1b1e609bc7368cb6e57f7fe3ea4317f981766d5b0cc9f392895f08f7c3b0cceb30d16417bf951282d4e77f3f58933d35c0de2cb4abfb5a7feff6ce8984

  • SSDEEP

    1536:gQZBCCOdH0IxC6NFzAgFVLOr4rj6tTWTDbmh+GRfcCIxh+uxvdf0c67iZkTR/k0O:gk250IxrzAgFVLOr4rj6tTWTDbmh+GRG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4a6891d519b8988e2b6f37477f04908e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1914f8a28625ab8cf1d58f6219a6323b

          SHA1

          3e1280e19e7d8c01123df69cde83a3782db8e5c2

          SHA256

          c495f65df9672e983a2961f3b6f19a441c9517221c26b0c6dbc4d9582f856e42

          SHA512

          0061d58f67c8bec4aebff7ba319e660ae2ef262e684fa48403b7085789cba0670a8116b6a36e64586138a274e72506bd01db30c7efd1460d107d2a6d4262915d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b99bf0924769a23f74f0db86ef13db75

          SHA1

          0727af2c6b7b8efa8457f3eef049be55c9eb40be

          SHA256

          9b118e2ef732cc4b67d59b13f403108079a1e80f693872860184bfe959b30206

          SHA512

          648edf7221690fface17d19a13bbbba28ca75395b9a03040df54bc978c42f59221a3cfa5b9942d9517544f38ef3e5f6d6adf6d270e0ae182c0be2d5ac7158ace

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f2022ac17bc414e60ca8d045ef0be4cc

          SHA1

          6937a685b90b44002ecd837cbbed7ce91749f8a9

          SHA256

          0c9fa44433b3cbd4d8f889693b46fb07c79cc71446ae57f1c6238aa0718acb5d

          SHA512

          3fb31d402a9b84f0c31bb5fd33d98a6e2c56a68c42d9da4703b73d60cb122340d5248059ce0f7f17814650eed58485e28f37f4498718dca02fde5724b23ab1b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          257d02328c28b8e7912c54b8e4ebbc38

          SHA1

          27c5d8c48e4ed54e7a7c4eb169e2b3af1957af00

          SHA256

          e2bd1292c56ba12ca55a076a3cb335b49ea329e035884a0f0f5adea73419cfc5

          SHA512

          e6b1dfb7f477677d7ae695b2be16b77ca9ed071c9c8d5f3e92e976e54b4a3cb1f4410556924612c00d72f74a20ed052d09b27712d5265d5fb28ce25bd595636d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2b85b2bb96516b227dee1cc4b1701d7e

          SHA1

          4e2f262f3104383ef1ee7405d62c055038366690

          SHA256

          4b3588d0cf2931407f74734916081aac417beaf4513ad779be5f9f59359c0b7d

          SHA512

          bcf90b38d7d2144f148fc716d483a0d1af655ade3f7e7af16925493bf54f922debb39a032d606627b4a7b421ab818a6d50a4b0de0ef5bd98ec8970c75f0fda9b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cec5728b5f1d7e8f2c1e148a3713ec0b

          SHA1

          2697bda60ae3d722a8bb1efa8b13c1a7f56e8e42

          SHA256

          63b426cfc1303006829285f9867b51578fcdec46d5b304ff72c4a5786c4b6380

          SHA512

          4dfd40ef9c2a129615e8ab6654d04e6f2e6eb9aca646df7fb4ee7a150f98538c2632fd3b34256e3327a6bbaed6aceac5bfb1ce616ed823a441e07dc98d54fff3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e910837f2e0817d72e7e3819af4a830e

          SHA1

          7866ad7926296afb9244dc141b3c3b97291cca2a

          SHA256

          4cd93b64b392453fe2da68d902c5c204e1d1981b1cca3d55c87b5201dce44531

          SHA512

          535ce697ff2f764826dc7c1eb418252cfbbeac1d71d77b33d7eddbd39dd766ab1bc1865ea1e62d807153ac73d70dae379419919cd486721673cfdb86683e3c26

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fafe58c00a9767f9c7981a45abfef929

          SHA1

          3e69eedd0a774530d4246367b7ac2a852417a882

          SHA256

          a50719c451029c663cff4c60486b419305d07b6e2ec28b0e9858c8f8041c59b1

          SHA512

          567ab3c1b8dcc98aadc0309064ad7d9a7b2c2bc80493bfb3ed88e8e6970ac8b7b861966b450590df527472a9700ec7545ff0178fbc1306a45cf2cef589aef4f5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e41109d2c75a095e8f7989b8a097b7c

          SHA1

          ebdadc4a14a7c020e758d360885b831a7f016e57

          SHA256

          3017291e82e038f5553f91a50e1c6ce793f707bcdbff008ad04dcdc8c469d23a

          SHA512

          5c4ff1b58e14a0b6deead384a9aaa3d05493407c85d2488ac2aeb13fd968ec51d764362b16aaf7059cc1111739f3906f6ac136b3ed87377610b00d7c79af1f6b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1ff5c59f9403c85c36dcb74fa853ddf7

          SHA1

          9168941c0376442b07ffb6edd9c63908f801b753

          SHA256

          d2b13fed25421bf59802f0f1175f068fce9ba2053b0874c9342d10ded9ef6dff

          SHA512

          e6e006cc8a91d8a49bf45d9859d55054e76c01b160c04abe89de4c41469ea76118de72c42f45017a9ce4f822a4837567881ad215b7e6c075659ab6a3671bb3a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          62301426396e2a570de7b76ad6dca850

          SHA1

          7b8e4e1b6d4d7a112b8ac556099b2ae8516dfaf4

          SHA256

          30fee184f76f9f414e5bca281c1d1b696f0d469af9c8addbb5514267e0ccb081

          SHA512

          f5f77c8380e1b5991d0c85cc325b25d262951d36a889b46cbcc9851cf32070cd48513a8bbafa3bfa54a1a491d5eae15c267e8ed565a64482a05e674f6b80a339

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          99a8210a2b4b228a6d18094439177b31

          SHA1

          6b2b258bb93709e2c922f6b3830d148b406d6072

          SHA256

          aad06d15f3afb5c72a25c9f53ddee7ce69869c748ffaf0698f3b05dbb2da9c63

          SHA512

          8ba8028b72f4dfceb9eb7f6e2485a52f8f18b35eb60392068c0a974ca030f3f4f76bbaf44c345c1244437f1c131fd3d71d62cad9c5ea55e2e4bbef52e68b86ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b14e7d9e0219db4eaa94d287c7783fb0

          SHA1

          1e16f5a40308c4c1f9e99c4a77be53b151679c78

          SHA256

          89d2a90aadb847376b7b1f138250913f005790db9e29b427378d0e28286a4211

          SHA512

          fefbf30539e408e649ba72be635bbff1b5ced54ee7961ec41e583cafec8b1aaf186c5111b0b5655e94673c021fadc7ada87f176884225fc4b3fd2fda5e48003c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8e59347c752e5f1b697cc7fc8af5f65e

          SHA1

          10b5bb2ef90745bffefdefc0c21188c7aaa20afe

          SHA256

          337a80dad52f9c3ce331a1a9649e14548169ac7cf9eb52003aa46da25e02d360

          SHA512

          de110306695dc10b0e8c254851ca8a7c96822af5c565747bc39196fa4f971f72d2e8ae818796f65d2d1bc44143f98fd8bb033b9833d4a3ce1efb0d1f839908bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          481ed11a557d52aef74cc1dec3af33b6

          SHA1

          0eed22a6a0d93ccd074181c13752562b3ee29bc2

          SHA256

          e46887c061d8e0b79b29eff8a76b77af03b5134dc892da49ba07a2af785bafed

          SHA512

          71c480166b9c45559bf40bb5539b5504c277f1576be3a3ce52e27b3db437cd51cc6b4f675dad3975ba6d63bb4ceeaea1b6741d9da5a79396cc1623060f81c5e8

        • C:\Users\Admin\AppData\Local\Temp\Cab6144.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar6186.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06