Analysis

  • max time kernel
    122s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2024 09:52

General

  • Target

    56224c062b738566c85c25058b184f54.html

  • Size

    31KB

  • MD5

    56224c062b738566c85c25058b184f54

  • SHA1

    4cb13d8f786c648ff3f96f28bcf9ae041ecea197

  • SHA256

    ffaadfb927ed7b524de00a740f4868e2e5326f6598012ad11d8ea53c283ead59

  • SHA512

    56374c09e43191dd2bdfbec576f50f9ff5ec163e263846ad5c4f62d08bafac65c65f5d3de967c3ea42ffabca82fd00207af5def3c37bcaa2bbcdcb4cb27c5269

  • SSDEEP

    384:HSFVGQFCM65mfMfcl+71w52fEgFUT2Op2DaU6MTFNW7+3csR6P8a/h7yaVwOm7b:yFVGQF96I2urgl6MaicsRI8a/h7yKwBb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\56224c062b738566c85c25058b184f54.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\72BA427A91F50409B9EAC87F2B59B951_6B35CA97D64473FDECD81A4E11F9025B

    Filesize

    471B

    MD5

    b000817bce9334bf60f1e00e4228792c

    SHA1

    8eab82a132888f4645b526b929d0a5cf5ce81288

    SHA256

    922c0dd2352b4affeccc3690510efee9629efb77c29a0363e87fb04858489eef

    SHA512

    bc74f020cc92837c56b58fb0d62dc7e070b1c2ab88701c483b612effa3bb9d7cc1a4082d6775c575b8116b2b2473d349ec13d7f83f70c2171c796e325a1e7ccf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ab703099462da877f80bf36e92a46af0

    SHA1

    7f711a9f53b0cd53e5d175d13d85f27403531907

    SHA256

    3d1d16c3b2b73e59f7acc412edd5445fdc4d56a4877f102bd7bea6e43fafac80

    SHA512

    c41614adb16a76eae23ab5f17c9fd04a68e43d6b21dd842b6c54dbfeed8d98d73dbabf052a8cfd07b7dcf52d5594408cf8efe8ad191d6c302f03356a8422dde7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    39fb1461fe475e0128450b1154be477c

    SHA1

    fb3e02be030ecc7d26d1a0f8b732891f53775de3

    SHA256

    916ca7342d966f360736fe6f52ff24eec1300bbf27d1290c5b235cb377708163

    SHA512

    94ab9608fc0ab568e012f7a4ed058ecc3f6decda6106eca336a3d757baf82930f9e33f0ec3d4e23a0544ee6619ef72bac4e76d9454836d1f27598fbd9c32313e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da4c5814a2f227968cb3c06bfe0ca748

    SHA1

    ad251c83257c65f5a84a793ec697d74d61f13c6b

    SHA256

    aef05e4be1c9aec2739f9c67724d926b448b84517694bb41bc558fda3e6056ee

    SHA512

    1d89aaa7e2b62e5766fac642c3355f37aa8510be4a139bfc352070b700b3671be4dafd69c574c07b13b67ef726576815e3f233e0bbfd6a721e3763604e7d487f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b9d9f5d584faebb01a2fd58692b4526e

    SHA1

    c2d78c4245ee36583b51f4f836d5429a1f98149f

    SHA256

    fbfc6e998015505c764e6c36179c1faa433c7ab46345ea272dc5a41c0b05768e

    SHA512

    93f9a906cba64ad6d8138443d97a59b0f08c07a14ea6495d796deca96f84fb34bdf1e1fb52c1bec32652c7edc81acb2506845a85d358f8e852e3fa53adcb2f86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    48957383d8ecb727c03f285e0657f49a

    SHA1

    6f2efa1eb7a811ae602f9a3bd93f21299104797a

    SHA256

    8c9984d55f960e66b75ba7ece32cf1f34b1682d891e0a8c253a1c4d3ffff1bbc

    SHA512

    a17f2878afe8d810503fdc614a83c4bd81ad13b9914d00d8b8796c7a995ea104664fd4d86bc9a063e86dc7542b99c28518d12ee78bcf7373f120cb9dbf3c0f98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9f74bf4a0f23d4d4c6857bd47f8225c3

    SHA1

    777a984cb5d6bde1ac150e6f510d019435d5551e

    SHA256

    0141ea0e9eb1febfae63505d3b128c1f7f4283628472ec7fefce9fc2a408ead5

    SHA512

    6a5a16c57c1e9ac4c437eab66bacb6b2b61f853604bc81be9d294d0d49b6038e0826f5c47817a7b057a380b1b04206040c403aaeb06af61557873f723c981681

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bc4c125307da62eda89487c024379008

    SHA1

    076e724e28fe62ad0fce71fa324bdbb204627e07

    SHA256

    b40825ed82995a8b0abef1db3796ef4d85b20748c919d66eb4c91271af8742d8

    SHA512

    af264319072a303af3c2c05aa1f1a5cd6dc92818dc55b336ee19ffdd9146c1715d8e4a6355795893e24248fe99048faf041d6d4a875a2a6a49f1d9d166f4261b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f36272dc27efbf152341e5279e1d5531

    SHA1

    0475ac1c2a6d23addd26e2eadadd4d41035407a5

    SHA256

    4c91da3533dbe20c0cc7c2a84cd9a4960fffeaa7da8a41a90857b8c45fb9b559

    SHA512

    2232da040e231d91d1460326b0eef2a3f5f1eb92f9ec0cf5be73b3dd1e4c69b38bc927504c21915713ed929624e93586241b4ee4ba5bbf68a37370f7228345bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    090878db7926f244d8ad7f1e79f8b830

    SHA1

    2ad3109a6f6123ca94b4c27f4e36f6e22a0585f4

    SHA256

    2b07f1ec02436b0fe97b17926963a34f1322fcee56f68f37e3999fd178657f3b

    SHA512

    ca0ee48f049e02e0e94310637c271f9a38acb4d953502c60e073dc29786ed29170a0cd6e6b8f20cb7445f79456290e0d0dcc32a5c88c26b2b2b11d484a52ccfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1a31b846339b0f9b44eec9a04c1bad5

    SHA1

    b72df28abf3db8a985aaa7b39ef5692661697856

    SHA256

    1c95f9f9704e4c3d32f339a3e58fe440429f014f0afecfe7a9914b03128a8b2c

    SHA512

    40e923fec5a06964601007969250fbb096ca40dd5b40e4ab8e6a020d82a21b6092e8790d24c9ed84bb085618ddd80136bc6076d287dfc4d63cfefd683c79d60b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78e19537f3b1b7b1f6cfd3d67dd155d8

    SHA1

    b30d46b87a1f113db729c12f32d60a53fcace4e6

    SHA256

    9782e8f9ecc295d8f49e550fde9a823eb1c884b7bb8dc01c90bfe4d7fb833fec

    SHA512

    cdabd8686bbd12738a1ea499959bd31e642c3b981f5ee6f3a1200cb62dbb9cac1d88d49b50fa429ca89f2d6098369f93cff9aee92a5101f31f87b963a2e630f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6729318f77e847754153b53959731a1

    SHA1

    8bdbc892c74d3fac871ce45d959178b5c964f634

    SHA256

    49933a9809255069159d66de69434a86b4f6a4c1a7975028f197ac6d955b95e9

    SHA512

    1d1375c8cc9afc75ffb226e22975b588d02449b15d0abbeb852df5d6f0fe1c651adef95deb1aceff3d0a19f1eb13c000940a23b74b548f2e9efe953c4757b84c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17fd790604ba68ec9db59f238a7deef8

    SHA1

    cf0768a470be8dd42cd601f0046286a53f44ed82

    SHA256

    6ee0d6f900dd6c3a69b9723d6407d8fa460b4a12ae89b57953f9a3c6e9c4abe9

    SHA512

    bea844d3da89bb0dd9725b1fdd91a2e3090348526d248526d929c6482b446caf49955ae2e0d2579ceb6e3fb9a78ad2da172eec5985585ef70db26c13fe9c6b8c

  • C:\Users\Admin\AppData\Local\Temp\Cab39C8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar39CB.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06