Analysis

  • max time kernel
    136s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/01/2024, 04:14

General

  • Target

    4a69534adbd38684549dc92e8b29f13e.html

  • Size

    16KB

  • MD5

    4a69534adbd38684549dc92e8b29f13e

  • SHA1

    d61738e9bf26129a6d306fa392ce3396f127c399

  • SHA256

    e4d4c42e45dcde1d6f049d1ca1b84dd585acd3b6b7e97210822c7a6bc8f591fb

  • SHA512

    c6e026fede32dcad6aebd455b1be830a3a962c1695bde055279e6c4a6d7073c02c1a2d86e6ae7afaf61607c9262731c5ca99d2c7b62965ca63383d91c2abc4c9

  • SSDEEP

    384:MtecIgr6+0up9H6zCtr+lfFnZL/SY10qZ0rp2V:MMcPr6+5QzqSZ3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 63 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4a69534adbd38684549dc92e8b29f13e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4984 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2440

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verBE00.tmp

          Filesize

          15KB

          MD5

          1a545d0052b581fbb2ab4c52133846bc

          SHA1

          62f3266a9b9925cd6d98658b92adec673cbe3dd3

          SHA256

          557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

          SHA512

          bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\25xleom\imagestore.dat

          Filesize

          1KB

          MD5

          c31ef7d845a740b53888f7a23a4c421b

          SHA1

          8caae1a23f0b4db678bc60fe4500758b46660a30

          SHA256

          18b0127fb74f73ac6c9a217721ae6367004c671b3b8c3343d06dff40047914a6

          SHA512

          48c04eadd69d0a26a8946561eddd004e9e47a739ccf3a2951ab3a6a2aff156c958a172d950f9801c02c8c445f0ee485445a175c2ba564d0611a20167b3d95839

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7C34XGPV\js[1].js

          Filesize

          243KB

          MD5

          7e1e639c5817e8983c2bb709a39d172f

          SHA1

          fb063b0001999e5b2175b8c572c9c70f531a50e0

          SHA256

          06da651b6c105d1e9166b095ba16fd11db61d97395a84341df7395cb3f55d9c4

          SHA512

          e67225c0d6942dea3b8bdcfc7dcd862a0a44233f351342903de280c0422e4d67030cef8c495e13dfe5bd7c3154b6f728997619f4e9d06d95917be9b8a0f2c91c

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7C34XGPV\p[1].css

          Filesize

          5B

          MD5

          83d24d4b43cc7eef2b61e66c95f3d158

          SHA1

          f0cafc285ee23bb6c28c5166f305493c4331c84d

          SHA256

          1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

          SHA512

          e6e84563d3a55767f8e5f36c4e217a0768120d6e15ce4d01aa63d36af7ec8d20b600ce96dcc56de91ec7e55e83a8267baddd68b61447069b82abdb2e92c6acb6

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7C34XGPV\responsive[1].css

          Filesize

          66KB

          MD5

          781608aaede6e759fe48d7967b0a6c53

          SHA1

          bc595134b15c604ec6d42dded9f6d167d94084ac

          SHA256

          7371dd376a195424e3df2ee7877a045a2d60c307b3b3a119789c7160b7c21b92

          SHA512

          0eadd4bd38115eee3db9c62508143e7b93b5ff5fc5f8f05489af21c6499ccfc9e741d4de740e75ab933a32de2a1ca5cce7777a60b015ba53e503196e75bd0c71

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7C34XGPV\script[1].js

          Filesize

          9KB

          MD5

          defee0a43f53c0bd24b5420db2325418

          SHA1

          55e3fdbced6fb04f1a2a664209f6117110b206f3

          SHA256

          c1f8e55b298dc653477b557d4d9ef04951b3b8ba8362a836c54e2db10cda4d09

          SHA512

          33d1a6753a32ec06dcfc07637e9654af9321fe9fa2590efc70893eb58c8603505f2be69084fb2bcbf929218c4e7df9f7a8bc3f17a5b41ed38c4d8645296ebab5

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7C34XGPV\styles__ltr[1].css

          Filesize

          55KB

          MD5

          eb4bc511f79f7a1573b45f5775b3a99b

          SHA1

          d910fb51ad7316aa54f055079374574698e74b35

          SHA256

          7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

          SHA512

          ec9bdf1c91b6262b183fd23f640eac22016d1f42db631380676ed34b962e01badda91f9cbdfa189b42fe3182a992f1b95a7353af41e41b2d6e1dab17e87637a0

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7C34XGPV\zyw6mds[1].css

          Filesize

          1KB

          MD5

          4c2e266587bb622926747856f9bdb65d

          SHA1

          16999e0d2a01b96b70a0ef191461388c5047f1ed

          SHA256

          cfddcd1ab28963d8219ef42d0b455b1e062521bfe7b100d4c47e0b9dd0a79023

          SHA512

          c9526cd6537aa068b48641fd2dfb93843fc5f535faa4cd856d4d3427c8f1e97d79c969215a9291fd50a96597c43dba3c45a3fe2ad32c78677e38f93dbfc32ca0

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9ALL181V\favicon[1].ico

          Filesize

          1KB

          MD5

          0106d4fd24f36c561cf3e33bea3973e4

          SHA1

          84572f2157c0ac8bacc38b563069b223f93cb23c

          SHA256

          5a6c5f7923c7b5ba984f3c4b79b5c3005f3c2f1347a84a6a7b3c16ffbf11777d

          SHA512

          57b77c5d345eca415257e708a52a96e71d3ddf4a781c1f60e8ba175ea0c60b1d74749cd3fa2e33f56642ce42b7221f16491cf666dc4e795ecc6d1fbfdb54ab98

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9ALL181V\style[2].css

          Filesize

          165KB

          MD5

          65760e3b3b198746b7e73e4de28efea1

          SHA1

          1d1a2cce09b28cffc89378b0a60cbb1aa8a08c4f

          SHA256

          10e40ea3a2ad69c08d13e194cf13eb4a28a093c939758a17a6a775ef603ac4fc

          SHA512

          fbcb91f26b7bd874d6a6a3b1d4d6f7277ded091cdae5706c285b4d5d17446a1bf58572c224af38393ce49b310a51d5c5d60711c7094e5d32abbaaf10d1107e1b

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9ALL181V\suggestions[1].en-US

          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PZ64U2GI\jquery.fancybox.min[1].css

          Filesize

          12KB

          MD5

          a2d42584292f64c5827e8b67b1b38726

          SHA1

          1be9b79be02a1cfc5d96c4a5e0feb8f472babd95

          SHA256

          5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

          SHA512

          1fd8eb6628a8a5476c2e983de00df7dc47ee9a0501a4ef4c75bc52b5d7884e8f8a10831a35f1cdbf0ca38c325bf8444f6914ba0e9c9194a6ef3d46ac348b51cb

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PZ64U2GI\jquery.min[1].js

          Filesize

          84KB

          MD5

          c9f5aeeca3ad37bf2aa006139b935f0a

          SHA1

          1055018c28ab41087ef9ccefe411606893dabea2

          SHA256

          87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

          SHA512

          dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PZ64U2GI\js[1].js

          Filesize

          188KB

          MD5

          b807a2d3079225beb89ca125355fe917

          SHA1

          cda2be8918d3ccb3ee75e29b8e3d260e4423a4bc

          SHA256

          d3d7f3dda11289bd6ca1085473c153727fd1849012162ca6b6aa2c1a9af35613

          SHA512

          f28539cc9d8e6369400dea774e5dce3727bd9f077cb3b7595059bb54f2462f2256d4d53ebc0245dad5ed078b2a59e85ddb7c819ce71f332012c5f5e531b8b1fd

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PZ64U2GI\reboot.min[1].css

          Filesize

          3KB

          MD5

          51b8b71098eeed2c55a4534e48579a16

          SHA1

          2ec1922d2bfaf67bf3ffabe43a11e3bf481dc5d7

          SHA256

          bd78e3bcc569d029e7c709144e4038dede4d92a143e77bc46e4f15913769758b

          SHA512

          2597223e603e095bf405998aacd8585f85e66de8d992a9078951dd85f462217305e215b4828188bf7840368d8116ed8fb5d95f3bfab00240b4a8ddab71ac760d

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PZ64U2GI\recaptcha__en[1].js

          Filesize

          502KB

          MD5

          37c6af40dd48a63fcc1be84eaaf44f05

          SHA1

          1d708ace806d9e78a21f2a5f89424372e249f718

          SHA256

          daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

          SHA512

          a159bf35fc7f6efdbe911b2f24019dca5907db8cf9ba516bf18e3a228009055bcd9b26a3486823d56eacc391a3e0cc4ae917607bd95a3ad2f02676430de03e07

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Q15AV1NQ\css[1].css

          Filesize

          530B

          MD5

          0a127ad39a8ebe4207492293b556adf6

          SHA1

          17d3dad64e4f9139cfb85bbcca6659a8aa532a48

          SHA256

          c1294965425b5028a83bbe5eeed0cd9b92733ec41efd07e34532522d4c97b6e1

          SHA512

          5aa845c5c6c20259d9c6bc0c9fdbd13ff178ba4008865f7113387767db0ad39cd53c1d276cfa4997186fd39f21d30bf00caf8d092e5c04119d992368b1563df3