Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 04:14

General

  • Target

    4a693a327ee359947d6452ee5825f850.html

  • Size

    27KB

  • MD5

    4a693a327ee359947d6452ee5825f850

  • SHA1

    344a4912f7bda94ba04a87d7df0db0247ee5f67f

  • SHA256

    e865b288d561dac12a587681e609a93dfcee8289947c510a506a69a7ec815220

  • SHA512

    aed8d416654d098dd0a6dee5e4fa9172c9af98bb02bd4405363539ac2b92344541b25c11dbd0e719c6b29743d03c5004371e157c71e766e7d8798323d360a511

  • SSDEEP

    384:jda4V/HklooznnnNvNyLfNvNyGn9RNvNy1nnrNvNyYnnDNvNysnnlNvNyAnn3Nvg:jtVmznOn9gnVnRnTnV9Kihr2wi0HTmP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4a693a327ee359947d6452ee5825f850.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2936 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2076

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

          Filesize

          893B

          MD5

          d4ae187b4574036c2d76b6df8a8c1a30

          SHA1

          b06f409fa14bab33cbaf4a37811b8740b624d9e5

          SHA256

          a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

          SHA512

          1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          4bdf33b3c7b69c19dedb3e76fb7e91f5

          SHA1

          9c87c237833c70d5e49a324a7899e5120f668119

          SHA256

          53d662199a40eec86d2a0ef243ee2344cd7c7bae93d0baf94185c787060ba01f

          SHA512

          a8962555c93edf57547c8b702f7db4f2c43ffbe35721dc8ba58fd2445784bf3fd5bcd8ac64dc1224a8f85c7bd7f6bddcf4e08def268147e8b7464377f6c53874

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3032fe1b89d081c114a9b70a37abb649

          SHA1

          8abad6b9f9c4c52f87ffb0e599c9f90207967e44

          SHA256

          f7f66a8cda29971c78211993918f50f0c1fbf4b957b356a6f3544664f6f29851

          SHA512

          9775e7b105615497902a7abab27c5fbebb3a25487f88078b5459e7d4200cca73dd2704f4f23482caa49bbd8bf674a268083a65eef4a76ced7a9798170ec4f4ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7c283cd9d034c8f25392ea5571f6e256

          SHA1

          ba3369ddf61dd652f126ad6ae89e7377d7e8b4b8

          SHA256

          76042fa935cc2dee303f9feaabee7e138d39b810f85599828e6a0e7f404dec41

          SHA512

          799c0f3d3192c3adff93d1316a8b464e5ead663d5d37d9c926c8896661368d8966084cd7d31a232f8f178705c1621c46f817663849b5b22bc08e5fc41a093ab1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bfbec719146f3d16d04e5dd465aa00e2

          SHA1

          2ed8f80893f043cb0901f8f1938fa168c3077a34

          SHA256

          8f3b1041fdfbe8ee0ea757bfdc471745e797b2dbb640768508b39c16d9bb93dd

          SHA512

          6c7ccb069e7dbfa4b73169994bb3c813d1944e74cddb9a66b4f6e7808c721192567db5d0811335ebd5602a404cab7100966654e007e7460da3935bf21370cc24

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8304edacb4ed0091c3093a31b91d2cd5

          SHA1

          5920134fb3cf058170ce970d9a9874a3c508c822

          SHA256

          8ee8cfe6e0d6cf1f3caad7134198f4aae691a04256371dcbd64f30b22536b7a9

          SHA512

          66b50bbd156a110355733cad94c629bb402c60e0d340c0dc975fe67ec160cb7c6e06bfef67b51eb81396b73d109a631cd8605249bf7d47735896832d35aa7798

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3f336097f493da7e9394ba468697f553

          SHA1

          0f9f998e17469490f49e959b367b69cef2218178

          SHA256

          b08298be1fa442c472b59d16f922174e19d11b6a0137dbba3174f3e2b1e5cd3a

          SHA512

          712588f5f011adfaca9684d120000931ab72bf7ef37c57214557e21ab70051f1b860d34b0db4fb82f21aed4c2adbe33a4666059417e6d86a264f2068d016e6b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          296c32e60175bf5de4d7159aba7ef2a9

          SHA1

          cff1a4e9f53ff0bb9a5dcb0bbf61db373cf53693

          SHA256

          5de080f7e1ed4a5cd540afa363f8c197cb9bc75ec374dcc328fd777ec7f89378

          SHA512

          0db6351059519a2ebdcf7454ff91405685c3d2390977d5bc2afa7257179e49a98eb23d5f937a15c2523e15812dc8e137def3e85798ca0201b9fb20f5b36b0cdd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d8bcd1135699a051d215eb1b32f99417

          SHA1

          363ff36c3ddb5e9b938d7eb4d1ac98369fd61bb2

          SHA256

          bb3d470d2dfe090279f92aaaf6e533da878d4b284c2e7b59ce12f401bf74021f

          SHA512

          e9a2ea561be03f8d85c8501813631f55b581cc7503e567ed937005ecbb2549b3f23f515f6234ae1eefa1fac18c8ba4133ddf372ec21e77c03ebe5a69cc42a005

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fde29329b68e995193ecc0f09a2a4b6d

          SHA1

          e56b2793c181a3f90aa6312311f53f2120eb27ee

          SHA256

          d75808565973f177061dc6ea5fe8a48a7e3bd39c51db3a4f76e30d55436568d3

          SHA512

          e0a96732a28ba7196570f919e310931d1663967193217de907e421edcef77396092f0056e9f206126fb11002ee785b99871f6c7953ee693998ba334ab43feef7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1420d09df0342d9e3051b08a7acc45bf

          SHA1

          72ba99bf3a413df6dd43d68685001dff91afa2bb

          SHA256

          2d0509cef21dbb71c1abd41f9bc23de3581ef4a73c646292b04fb4f6dc0bb61b

          SHA512

          1d36fc1914822853736526074ecb00de9fde9b0546fd6b365f3866596d92e44fbd7193e77fba76eaa241d1893c2b1c0b7732e5bb816d12f122b1f0626e128080

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          75272c2de1138716b4282d8bc2943fa7

          SHA1

          f56d14870b8e73a5b6bd97e16bf2e28b937bd48b

          SHA256

          cc10c2a50746410b6a4c504343515214324619c64b9fb95c56fc387dae48c46c

          SHA512

          c8449a3a9ed58c948e327800df04f6608de9966ef1a1a613acf0be6f21eaf982edc5cae596b54ddfcf6ec90036961f26b26eb316a47d1fd700f39519f3c6ec20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          eb79dcacd94196c1db2767dd3674d368

          SHA1

          41766e044d623c60b8c7a4bcc8dcebfa968267a8

          SHA256

          71fa086d39870b969b23ab527508c8f0f704be28efdafed6300df628f6c79e20

          SHA512

          6114acf41064ef3271e3f17294ef6206e120ef373b6013f6f1ecee7695a1271596be5e610cda7c29a97ee92f43181dca5adfc6c824676b5f6635b8329d4b6e7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1f98b8856916eb55c9d7cd8f6f0e6ecc

          SHA1

          2052c318b7b73bdcc7b90054e5c42dff09e979b1

          SHA256

          4a7fe8840b3056c9b7859ee6c798123d2f6bbd7f9f1ab6b0808f0b862aea6d38

          SHA512

          cbebca56bd3f8d3d7e916b7d2852d6ec0c832976b8bc87fc32c29d9835eb6c9937b042b20888b15d280c9242ffa2d06c5ea2dfd8baaf1ed93e708bb5a908a13e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          27eb4049359c91ec22377d2d8790e1b4

          SHA1

          a07cbd57bf46e2750387eedb85d344875ae19fc2

          SHA256

          2381605e535acb1a71bd9d2113056d1b6ac4804da43af4af110d6be8b2a0448f

          SHA512

          61446b6af95c42b785f772f8339381eb023b4347805bedd21fcf20597bd779e06dd2769cfc375aa83ef17d729c57e9ec65c8ca5ea9c2cf3916ee7bfa479fecc2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d709f876a44962d17d568bfd39fd05d8

          SHA1

          16e7b7c5ee5c1a3dcf9eca1389b94a400576022b

          SHA256

          e67765a6f9b29cfe610741795f170b56c4bcec044be845d39e48f57c05487319

          SHA512

          722f9feadc17a13cbd2ceffe7935fa7e3081000b6d0a5a9ea12dab91ddf8b71f88f832d5cc0ed0cdd8e98e5b9dedb4fe4b6539db3b77bd9479e8a3960fa56b8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bb40b95bbe0ad1474a0a00f362091106

          SHA1

          a8074040b5ac65236d77f1c6765b854879996d89

          SHA256

          4e15994d0b67b311ccbbdab74f5811dabdab7857fee60e01c733e3ec677c5de8

          SHA512

          a08d44db934435d06318448145b52edef41f2173bcf7f73cec1d7f8d7ce64f3e46f51bdbaa508a7c01855349f9f15350049b6b52c5ebc556c673f77e569e0b8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          877dcec616e6b6f17d7a0a34619bdacc

          SHA1

          3c14f98581c6bb745c421cdc4389bc3d49f21bb1

          SHA256

          33f67e4d6635768eb3eeb41c31057c8e508f928e7658be14fb25dc816d5a0417

          SHA512

          1204d4cabe373a45d5d5c293635ec741ee6ba87d3c60607d62b07d86fe23c5bb4aad761ccde86533afa631f660fa7840cf8fe783152843af09afbfc9f34b2e03

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          45f01327481ffa008de09e46bc378996

          SHA1

          79915b1b90005900bfa8eb82a09791b94360e71a

          SHA256

          9b9b3a03822129106e656b0cf68ecb1921bce5783df3e87ff032d0821caad278

          SHA512

          f12967c50ee7a3ae6567c6d64e5182457098bf773ad080f13e584683a77cdea7d9bc636b5b71ec31093ff5cc47e2a7b3e4a942df73c57fd3db7ae74d0eb2d868

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f3a27dd722e0c8d45024a2b05dc86c05

          SHA1

          276d8c2b07adb64888b32f95753c5cc9342e154d

          SHA256

          9a888acd3da851f2acacb433bb7f659abfa67d21dc30c8ae6f67166bd86644e2

          SHA512

          f33fc3d9f486c1d6610128d4b496ae43ec05d5be0fad3d263bd7b247546776941ec4c4ef01870d21d83c71bbd7bb7ba111d0d09facdd6a808150337a42c87d5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

          Filesize

          252B

          MD5

          fe327578846213d5f8acb7fbd1acb172

          SHA1

          f80c282d4d08f6be2c35f50d3de402ee7f660678

          SHA256

          a16c273ba283cb506841629b66df3f4ad6bd8919bfd7552fa1a7412c037d0f5b

          SHA512

          971393647e5f0e0843921325b6795bee8cc62827faed544b85bd82ecaf894864812627bd1dd8dbb05268db2e5715744a706b82e184d38929bcef521368e3ea7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          ed261a5393c2edbd9277211a95b86e4c

          SHA1

          f185b88df0b8fb7cae8b5707d1c473a06eec02f5

          SHA256

          16ffa8a3de1b40c4dac2366829a4214db25f025eb36476c9ff46b08d64f2984e

          SHA512

          124e1e4a838693b38cf31fd0e0ecd83a06aa6dddc0398928117a229827d2eaee0430525df39645a5589f826a3089501a7ac57807ae70c301f8c7fe0535f02489

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Tar12F9.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06