Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 04:13

General

  • Target

    4a69074d1e6e14d8b1fc1cc978bb76ee.html

  • Size

    123KB

  • MD5

    4a69074d1e6e14d8b1fc1cc978bb76ee

  • SHA1

    7d1dc430daead544e5b2cf0045b06b44eab5e135

  • SHA256

    fa55987a5366e8ce3dcf3c0c722a6e255a402bc7aeea22ab7a857712b40f0b9a

  • SHA512

    2e23024c2cc5b59c4ed3939ff590e029ab9b7794990a2a3065017fbbb3a53f99c8d287c1bed9e6f6cf135480460cd17bb883e3f803554964656d7d731380a2d4

  • SSDEEP

    3072:t7UcjvG8rMUcXmNRS713WwF1tb6wO1t8KNG9jpbpkND+JTPZ/M:LGXmNRlt8KNG9jfkY0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4a69074d1e6e14d8b1fc1cc978bb76ee.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          1KB

          MD5

          60a5e0473de1471940dbbea528dd3e33

          SHA1

          40b5e0f3932093d5106d1bf53a912c6cd48e1e9a

          SHA256

          6f76f374963b90b7a8e18c72f40f8836ccef657a08530bf6539ea5bd03dbc494

          SHA512

          1b18e92207cb28cef1def502ad7c8a380deada35e727421b5fadf0c8f32af39675009da07aa4fdbeb4693b516b354d0d369faf96f8f39a53b8ed81680eae5c30

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d3e444519703ed4f44c5870d368ff0d0

          SHA1

          4ec0ce783da186963392f53f5b5ffdf9f4f70454

          SHA256

          bf5a1a7b848b9435d3c3cfa602477cfc19e0a6aa1ea6b186ba7b7349191a5872

          SHA512

          eb42833a0a55e17759dd793ffae851f0b172b6202f062f63126c410911fe604c68e6f9160adc763d2c3db71652fea749979cfb3d4e8bf7fde0b1e370f927b8ca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d4c22c8a66f24edce1b5fb558c7eb476

          SHA1

          cd7361c367a9e8f2499c5bfa7d3f8648a8be1dbf

          SHA256

          a210c14dc6a0233b877982142faf87ce1ed7e9983141794b70b08254dbbff73e

          SHA512

          205f31c2c08a0105947a6252fa6ff2b94c918017ad95a8e3cf4b5a0a29cbd2b115f926005f7122940e3fc93316337521917a09e2a612562a50249400b5b22b80

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4b57b62ebc5e16850195acbbd051e8f2

          SHA1

          e299c6ec062ad94f136dbd2504c222b5ea52d72a

          SHA256

          a408ed8a97a836ba62d91192ea3d6ad03cf6ccac701f331521d467e646d1ad7b

          SHA512

          0a80797ad0dd06c18baba488ac2a8d6f280c0f197d9d18574e27f8fd43790d2492255335b9307df137c76f779e2c57d3759787614d8a16b3e021d797c00986ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ba84e682b631064cdfe72d467b73d8d1

          SHA1

          efe4571d037394bc4695a267614117bcf63f2ee3

          SHA256

          29de32c8583d7d9f45d007fac5b4cf95ad6e328fae74e4657c4e02e48250faf1

          SHA512

          f5050dc489063bf38f7679a34c44e7882130fa56db9ed9d5abecc2f220f16251b729e68786bfd8a04542efe8eb007a027d5fc22a5311a7cbf6df34cd0bfa289c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e6fa04c82f218b38ece5e94cabac3499

          SHA1

          bd050fbd893a70c91d1c123d7b5f7e0c373edf9f

          SHA256

          0d6eec0ab22464da6d08c1b58a6fdaaab9bf5e5460e6766caffa3ab06ba329de

          SHA512

          a6a0590e270c848581652055bf215c7acbfac58651aa786f7838d3550c4c167ea84945cdaefc0b199894ceb8fbc4d96ea6d92abc260747ba0f953873b09a4e8b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f6dc165029829aa8246fa7e25d1c9602

          SHA1

          7857253f36e98f19991134a8b35421378325af30

          SHA256

          4dc7fc1745a9fc0124008caabd1154d89c1fa99551f9d5ff43c7e3685a86b76b

          SHA512

          43d2782f4b1b43df8a3c1b695606384661abdf530bc7109d562be0eff3456c921fafb42c81633a6277f926a9ea9d0b9779815c0c721caa5c55f7a9cbd95c793d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5277d40a56417d629290eec258a564dd

          SHA1

          a2f85457fa9df9a60d55a019fdbb9cd1de4ef4da

          SHA256

          0fd599f2d8c2d680433cffacbcafbbfcb18567502ade9ea63bb9e96f785c7f65

          SHA512

          dd31ce6defd936743809b302df68cb7c2e3fc37c2a8812ca577f87b087589131bbcdc95e7799bb863b553389adf95af3e1c308977e56fe2b6dd13360597c722f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          06072ebd9eb77b7bd0edd1d064b0f933

          SHA1

          d0739b4cff048239c1029732c72827575bcd45c4

          SHA256

          dcc59ce3fc240fe3a1ee8e522dc7649a4b9ba03542c6e7d6f32ac77f55687baf

          SHA512

          b2116ca771aad0253851ef7c93c85d000350e10ae7d2c7193592e00091760013a2f8e3435c67e89c99879f8a389f3cd284280c8260a4c3e9299ed533bc707ae7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          819dfe0c23fc75cafdbbc866b28f2b61

          SHA1

          8a305018b134ca579ed763879219bee7ca97dd66

          SHA256

          bc102d0678f201cdf6608d85fdd9d075a0acd183a10d4998963732294119b4a7

          SHA512

          37173402706b98b459a08e4a9827ed939380c62212050a53f7f232f3acfd15047141381f331e33139dd07444277859c85ddc6167e94416818b95e85a5914fbcf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e9ea00cc4a94a0e60c530531a1ffe9c

          SHA1

          cdc44a7109066ef3630e73a2eb805eb4d011af5e

          SHA256

          820566ab1bfb481d9310ee1041ad703e8779173f41f3650015fd9d2af4e6416e

          SHA512

          d412af3434313ba557ab9e751c252130cdf0f784400a33e442050e29a3258936f4035814a383233a2497c45a9ca7861f167bd8d106973632fd3a766019015fc1

        • C:\Users\Admin\AppData\Local\Temp\Cab73DA.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar76BA.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06