Analysis

  • max time kernel
    139s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 12:29

General

  • Target

    profile/cache2/doomed/285.html

  • Size

    44KB

  • MD5

    dd115e187254dab51e72342868bd8270

  • SHA1

    f1b2dcafef1d0a45bb9c9b3abab35450964a0872

  • SHA256

    db338c068514b435e2ef4473688f043866e44a49eebd9d7b990e75d214587eb8

  • SHA512

    9a124784f19e532f05560adb5b35ef2429a73aec608bd77bbc5dce16b1ed352ca5553e6293fa283481968888f1166fa95f85258dea868f1b28eaaa6b2418fc59

  • SSDEEP

    768:lgeoI3rYwjURR+e+Q6VR6VcQiHOTNBL7GlN:OT0rYwjURR+reBG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\profile\cache2\doomed\285.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2544

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b927eb9f98c0550275f1bc79ae54e383

          SHA1

          7143d54becac2013677e2e7d2f43d9360633e850

          SHA256

          a1bf935c2136f7c9ba26dc939adbde8258f2feb2fccd89464c396f8b276de27b

          SHA512

          8051ff1368876f0385c2cff365c933f6d5fcdc7029471278c44fbe024fda028b7b723d3cea214c86d9d34344c043419e6b14976eb9c2c8d828419ddbd5a32d3a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e372e125c17fba8cb72a1fabdfaf158a

          SHA1

          f4747e1bf85a2182e861ee9167bada6bde63571c

          SHA256

          ca1099fc7ef60af5207e218e997583068023182dcd4b770852fcf1a6264b6954

          SHA512

          bc3cbff692ebafa1cef3b2bb74b00a3d17351d9ba7335e4cc0a3f3fdd7d173dfe6ab18002118434aeb094d94b7ff9c229b44d042a1ac3c50b9d047a02f03719c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          20914347c8b676160006f26ebb1a6cdf

          SHA1

          8063a7566a5f1a35160bc6abfce24f623bb15f0c

          SHA256

          0b6a77240e84632d23528004bc90a8216960db582e1895aab1ba9e752f602b06

          SHA512

          49284c6cb930e647676415a9c8771dfbd24e5194f4f298d848d6b093abe69bc4403755f39d8f2f4fa5a238301fa8c313064a56cb0b852a156872f13fd27fc734

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          05bc723fdfa3c1dad05c0a2ea8b6453c

          SHA1

          39659c7e6e2a7799212233bd79dfb9ca2679a4ee

          SHA256

          c1530bfb340c46cc67285359b4b9ddf8b2bc8269ecec16a1319d660dfbefe064

          SHA512

          6207fd359832a8c97c312bd599449a97a03c94c04cf88b570f54729473c7e535842f88030e8252c41a0cc8f5787c24c3223c6f83d0b445589ddc10ed30490478

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d1744a9134d38285f2d527b2b757b91c

          SHA1

          881a60d220e72da018a571940a4b4aa9e57288a6

          SHA256

          c4c7ac88d8f358bf93ae96a65b3686b37ac26e7cb8f3a8a329cefc09ce897d44

          SHA512

          866ddb83692d97c1a7ac09e223848f7cedae634e26569233f9973194ed64f81580d3bdc6cb9ed73fb0cdbefcf172af59d077345595563e092cb36c5b7883eeaf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0298994044b8093be9886aa82a9a2aa7

          SHA1

          77b75b3e209c18c7d76e1940f5151e729d707355

          SHA256

          e6fddb3b206a8e124429ba086c66a5e9a1942ce00e7e41124d8c6445e1ec1abe

          SHA512

          2902181645816c3875b33c1dc7540afbc189dd58f5f511f1968b338c0db3c4c5aea654d3799a8511461728e863851c45927d6ed9571df5c704704e607f60c115

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8fca1ce9610e5f1a632236ff18923f81

          SHA1

          162146d94c4b292208d821c759e2e52e93662b6e

          SHA256

          1c6484b82ea2ea876cb2b138d9d47ee0a05ccefbdc56a0cb8122dbdd3634347f

          SHA512

          cd71f96e1afa8463c3f047b138b8d4ac9261fce609e0707c08c3a339f4fab3238e880d27d628092cfe1a7798c736aac880875714460d8aa7943cac4b1d146a1f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          486306f4995c74019dff3a11da7f1388

          SHA1

          a01de6088e8fe590de74c20ec531502f2fcda625

          SHA256

          d74e5b0fdbb3eb7405f2be443d296920d555ce0329efb86cf9fac01e1dce8131

          SHA512

          249c0ec41f0b3e731e1c84747b0564eb252e2a0fa8fe13e7eed44f8ccc1d77bd77aea04755a1dbbdf3fb24ee622e12455f9de82d70c7b90d2ccbe95098319859

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          26e8022f0374723d04fdbe66c67f3bc9

          SHA1

          7ba6cde8b24d2772b05270a44b3c596a901c00ec

          SHA256

          11db6dfb7460f078f4a4e2cae564a5202eb0f87fcaeacd6f8368e525ed9ef9cd

          SHA512

          26d4c4db2a8dfb0a952a2c3cb3156b3949fe19bb73f669e9365dd9b9967e02481a6a24fb1321f677ed11d6a27b05fda2391bd993831201e031b4f5eea9a486de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          14383e3021dd3690722d2f501e5b46eb

          SHA1

          2afb26d5eb22daa0779f5701e01abda15ec9f79b

          SHA256

          b8f687f8665b3d3ff8c275a9d8b70d8331f0e19a865db176aa9fc5c7474bf4cd

          SHA512

          f9a93fa08e2fa09f8d37821f09a72db64ce0a9399bfba8be201a903fd569348db0feccdb9f17fa8117aa995aae79e3c46494f82818c815d3c0e101cc36e48fb6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d5f7177b0c51ec2b231d33de8fbb1917

          SHA1

          6936b8c9d77d0d372545f4536cbec90d2cd7ec6d

          SHA256

          a368f41f251fb4573c05459a4b22b95552a0ece74a80e22b5c8d35567c5867b3

          SHA512

          45a5b244adf5ed81d07311ef70f6f1389f726f2fb36837dab2e24984fc36182949776f328622713cce0112d2a40014f30159db62d15322bf9dbc3b4860b742ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d03799ed526857a9113caae9efa0f3ea

          SHA1

          69c26db60e846971b01cea2ec0922c492e855f67

          SHA256

          df1facff7e9aee8f0cfc4b88add3312677f9ab88682cb6b3e720a9ecca2d5585

          SHA512

          86d2549fdec7519133378770b4e0692e50b2ca7c4869c76d3aaed5b499de939a68fa1f4e5d71adea60b22eac9ebe56faaa9a6008479a9229110c2aff6d49f1fc

        • C:\Users\Admin\AppData\Local\Temp\Cab932C.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar94D6.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06