Analysis

  • max time kernel
    144s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 04:15

General

  • Target

    4a69a280fd261fa8d4c2358ecb40d47e.html

  • Size

    10KB

  • MD5

    4a69a280fd261fa8d4c2358ecb40d47e

  • SHA1

    fb224977b5c05aae7bbe6088422ccd4a7e41eb08

  • SHA256

    24b0046a8cb64dc65e687ba1edac1948a194ac7b4806c9a82e19457968e881c6

  • SHA512

    d53b48db6d6de7b35e95504bd047b64c58fd926e3643151f1d63fc796581411ed7c776987ebf8aa2a88c4be0a7cd55ba66f0790adfdccd666559aa8e3962f620

  • SSDEEP

    192:seqyXkIC2W1SaJrh8EQYFkVj64u4+9nRrcVN9:sLbIA1BrhnO6J4+9nRrcVT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4a69a280fd261fa8d4c2358ecb40d47e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d5ea6d393e19acaaef9b65183d9bcfdd

          SHA1

          65bbdf775bf90902ccf5e6c76798d070f2cd2bab

          SHA256

          3e3ff5c088a076020386521d13a069a4b23a648503179f0b85f23fdf8f8ffb39

          SHA512

          2e5ad49a6bf7b4d5d377b60e260f0782263609dc88a08e6ca40e3613f26550ad3a79568f596314259155a4786097d97e7027cbbffde65b39b4cf45b0a6a00cfc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          00ee08a02cde436f3ff8148033c4f7a8

          SHA1

          89ccf66c3f9bd47ecd53464725194ef10addb16a

          SHA256

          da8750174df5a7b03a6998831a722ef8110cf8123191e07f0ff2ca6a245bbaeb

          SHA512

          27a5e5bfc089797f67bad3ef9e9b025ff3b1c96f62a975cfd3cc0c7ed35c763cdfbe3c71adb4e0ef9830d06ab1a71c673620a8bd34606323b0bb9a7f31273f78

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          711ce90497d6e6decd34aea3977ca3d9

          SHA1

          610869a2c3e09639a189b1003151c990d9b3eea4

          SHA256

          090c20e6488ffe5a2100556f6d088858a2317f7bcc6ece0418fdc94e2ec0427d

          SHA512

          e59d8062034661d3af9378012a4b5b7eed0ccde4b608bf4ee1e14d1373fcbad95bf2a6e21a79be34702f6413663fac8e603ade4a6941f0598655357f86881664

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1c823225a920204657c3383f61a0c92d

          SHA1

          c0881aa09491511ad6a504728a5c2956350f6be1

          SHA256

          f38e0c9d13d50300c5d3fabb8893694c047fa60da237a9b70f1988ef37ef26ea

          SHA512

          febaa29f4498e6b939ea33ee38c72cca882c2ff9d71f5355a6a4fd5846bd61db0490482461a810104290b7e5042935f69b5e5d38f5aa4f18f9702ec93ba1d9f3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cac834610d1d7744d2ae374303c0de2e

          SHA1

          9580f6149f99953762b88614cf4841f5e6a2276c

          SHA256

          899bac32ac88076bec5dd37e18916fa5af425e20edc10e156cd21241771a7c2d

          SHA512

          6eb8de5f882a64897a4a744380c9cc025d1a6cdfd47f83c0d5c34fd893b56c64d65b0be00c88cfe1f5c4f3ff5feb43f49ce5b033d587af2dab62816d3409361e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c52a5f2874b074f2e44940d2a66e17c7

          SHA1

          d19c061266c5f7e8b88201da9ae207222c66ce2d

          SHA256

          347315543005d3e358e1e4af1dfdbe209baaef77871016483b18845384040e46

          SHA512

          fa2152794a3a0b379b1e700a8e8836211671de3a3d84be92fefdcb4e9a6d458ee7ac42ac27f9c33c5601de4b9229baab38f0ef4cda84b8cf61508201fac4e190

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7e90f514398372e22f2524074ed78422

          SHA1

          76e6632e035152d8ca56a3b78ef39beaee168500

          SHA256

          28eb20f9f8555460779b1d05fa78055d9644d4e3632fcddf06f2a8c806da5afb

          SHA512

          ec718fbd1c3dabeb610fc9b15bc834511ad4a1ff1533ecd6865b1743296d9025722a4666bd3ebbc244a3fd43acddc4be5fede200f3cfae29276012f28449209c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          16e0cb47a932e678470c689f939f4a7e

          SHA1

          c1ef636345e8e61bbfb7a1e3a7e1982307757dbb

          SHA256

          ca063e170a2db0095071e4aafafa81ce33a3628fd7a82b5131ddaf67db23ff05

          SHA512

          af39a37d38df6903393f3bed0cf38635a4aaeb99fe73043fc9cc4c4e2593622d6f944879c0d84e2daae242f3ff9650da512b97503eb8dc96bd70fc10a2cc658e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          55f677e737372641eb8afe17f25aeabc

          SHA1

          8cc219c3525dc4c3bbce2d67575bfb33ecfdfb02

          SHA256

          11a4e03aa47030823a8acc23f6133b8154552a70cde4b6075bde382533c23c93

          SHA512

          82fc231a43aa656bdd5d2cdbfe6a873b1079f11023f970d9da70c7e7a34cd742dd518a8595673a5ae00c393ff55206bc775faf7f0881ece2066f7c63d0fba373

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          28dd8bb3ea0ee49249f68fe7d9ae45a5

          SHA1

          ac6a9e992931b66fad861dfd8d9227fd94b82762

          SHA256

          520bbc238a13f0430d116d9d2730bf75cd203e191bd93b82919decd1b497bb8d

          SHA512

          a6296d4ac8e2bd298068ffb10fcd6c77a9407ffb87c0740228d95cd716ac08390de09c8b6bda7594342131781574ba437732a0b1dc62ea85ab912ccff3bae130

        • C:\Users\Admin\AppData\Local\Temp\Cab8B80.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar8C00.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06