Analysis

  • max time kernel
    138s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14-01-2024 18:32

General

  • Target

    5b8d8504dabff62db3ae15c1b8d4587c.html

  • Size

    16KB

  • MD5

    5b8d8504dabff62db3ae15c1b8d4587c

  • SHA1

    5cc2405637815cbc1ec05ccffbe57edd642f19a5

  • SHA256

    4dc8fc0966c6b662a9964703bc83fed78d2bfa1e3600c6096aedf3aeaa662060

  • SHA512

    db852e2ca15ff2a018dc54f423b7698408fb005db5701c4b6c330036b1111808ece3a5516d8164b41ad261dbbcacdd9c4276ecb3821ea26b0c716ab1fa9e8d71

  • SSDEEP

    384:a4BSoKq5mtN5gZHmORL7YE1iU80Q4vucfGIzD:Hm/5gZHmORLkE1iU80Q4vuQnD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5b8d8504dabff62db3ae15c1b8d4587c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1628 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2876

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e47af20185ef8216060350c409b38f88

    SHA1

    06cea9c9f4e71d77483e25dd1d43a5f7c63112f1

    SHA256

    110f15415f06cbf7b885b2408bc7ba5909bee5713fd0e579091ae6099a6e329b

    SHA512

    ead6fab73a594ee7a7db465513572864b0033a982e3d4d4bd78045a4db6056a7d13aed2f2f3d1499b86eaac6450715679a2dc3e02f76004b8c233e6f07e6b5c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dbec264981c4ef8b9f04a9b3bf9dbe9d

    SHA1

    61d65113623805826f75efea68d5c20a0df9916c

    SHA256

    ee5702d3dfdb51fbd2dc5526e8762d6436e33153033c85143ee03bd4bf881950

    SHA512

    196db7e8dad016d187ac4bfe700f7175f2a39215736e9884b58e63c65d5b7dcf1680ce656377152478d16f0aa1d758ab6333590fb5fbfd0b96646d8eae52b68f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fcb3b0372494c097efe2443b9ea188ce

    SHA1

    9b08adeb81d99fe891951bb9fc6e69f4878451f5

    SHA256

    524a1f5773e2633172c36234e324e2e3c5bb4eab2cb1cdf2ee9c1b299d6e523e

    SHA512

    3960377af63fb7009f9dc8172193333afd8ee0ba7eb9dc1ec4588758d7ba9a69403b80117743ed1865da9e79e30988b00c1f1ec9c8d5c9f6457b664e9d4136a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e55088753076b006feb8c56b876c9f95

    SHA1

    ec4a16ce6abb47f7c1d89deb9b32cce42a6dda36

    SHA256

    20da1a1a426622ed7aacf688216126f753599ea4d77640b04821396fa3fc29ff

    SHA512

    575f564ceaea7dfc6256d28ebcd861d4175ac0fe2f9a360cfbe6bfc0ab3c7bbc2bbb699bbe2e0fef4b54ed8c9dbbd0d8ab1eeb75db7b50dce134fcdbafca9f86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    19da7ccba1b75d09ff996235419523ea

    SHA1

    92e8a82bee2e56fec66c129fb21ddade21badc7a

    SHA256

    947f54b56b14d4714ef1f1d9413ceaa36e874a230ffd3e0654aa360333843744

    SHA512

    bf25ace61fec2d34018e72ec4804ddc47b8d39d1763dce2c53da4980fb0b082f4512f0d640f49556fb906837cc26d9cea924e8e8b4f4d2515444d272bf1e8ae5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d6e53220b25692b5d3552757996e7462

    SHA1

    6dc6739f62dbf2271bf7051b1f30d5c76413d724

    SHA256

    ce01b1d91b476b86abc97a4b5f5751acdb0f5ac847ac5ba5015ddebaa09a25b6

    SHA512

    ef53c10e884c76cedd09a393e81c8bfbb77fe4de2c2fd747da9d9661e87be5991addd030b354e600e138321c72570552f966b98e85c62ba7971a256a27574d9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f52d5018e2d4f5e652d5f854a053efc

    SHA1

    d0be3fb70b87cc215a1579976b23ef5535cdf6ff

    SHA256

    5f6d6932145f1d5ec1b056101d3d749ebf3691300e68ed6df0b980e140efe5bc

    SHA512

    b032c3e15792ec0e069d68049a7eacfccc12ea95ebb51928e0593f8217e1dbd0f060532db4228089b6e579e94af1ab4fff48aa429ee4a8e34206030230233273

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae12392e34f3cff2d05c177d79d8ae78

    SHA1

    8c493b99947db40e83c5788bd88d746208b23ad4

    SHA256

    8973ef99d21cdadf1703293005e05dadea51b9e27e563f4012a329f08518cdeb

    SHA512

    1fcc341a4ca6aed8ff5506068ade5a017d1a4ca5325bf64279abe5021263bda3ec13a417951833045184f91fa1b8550577b874ffca82a115276911616180c355

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79e2812a7ebbee2307e936503475b6b7

    SHA1

    d85af9b2f53c47f2f0d97d9a24f15223d4d6e21f

    SHA256

    aba969038c7ed1bbaa8ab076e5c339bb89bfdbc1bdafbf7d635cb89f68174193

    SHA512

    35f226bcd12f2daca328f397a8046e55865a9a0eca36b65db364e2200e9e1b14657641707e0c2f8229f34cea563ff1db3c03541d4e40b99fd817a14625052cc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    83eb88f1bfba6e908acc5db3b4ed757b

    SHA1

    e4eb74724f88847629435e0f1a5629ca9a8d0eed

    SHA256

    e10227d3e6b3c255e8414b6f231666da26e786ceca5c6f383ab5b56d3b3620e2

    SHA512

    5209c429a3047eba448977a085ed8217ddb2ee54419d4e14d0fdda68ea712eb4c28c5e86ca0118a721f417bfe059b0d18f87f6a58dae8b465f9b43f4ec29e2ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ab8c6825efd28aa85e3af6ca5f37b14

    SHA1

    24df99f2f049fed95c7001dfd210d682c646d180

    SHA256

    82e44893d4ce9796796256c41f06845c2394068e927b67805d0fb9fc3cc24961

    SHA512

    4f349f1fae63847d28483119d082d72dde438594eaf2db1faf6ffffd273d3aa860a43bcd2e25baaf6fa2faa2884e831b3616a00463d0e12c5bae1bfe6102baee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4fa9f350c10430ab4b86a98356aa5f92

    SHA1

    a5fb457eb73d033374f3a6469f6e118eb2fc1765

    SHA256

    e75265b807e427e46c6be8094671c02537a07c1ca8037007b653f5fb968878c0

    SHA512

    84b71ed9924484b809ab78d89863641e80a08475130863f4855bdd1cf945ce70f144f1f2f4fc5aaaf31b198512c762f8527bcbbce5a2ffe0f676f76aad4513f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bae5e1f89985ecda1ff92434a3a347a0

    SHA1

    52f5934a61acf065afd75219b55dae97033630f4

    SHA256

    392a96aaad700a10f75a98dad9c683c6236267324524012ad00f846d1fd045f6

    SHA512

    db9f0d7a9365b76164a7fcf7c93000fabc11fa3cdbd4df0c2a87cb31b605ad245616c1f55f3af16fa6055ee67b58ab287676650f38041e71d7820b1d22383d30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d0a37f30641a8d5ff13aedce7b3b45ae

    SHA1

    498d12fd271898a488fa43fd7a109c06d29fe1e1

    SHA256

    ffe5685ecdded583cbe6ff11ed299decd46f2df958261e57d3046fdf7d21848a

    SHA512

    d75db21696c54d9ff157cb7fc8c08f4b1475da6b4401f1474729a937b76a846405702bf39c3a77798638c19696eb5279df5476688bafb8b28ede94f4c4a9bfe6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a4fc734cd5a53a9dd4b804f2cebadb2f

    SHA1

    89069ad57162cc0337f6be85cecbfd7074127abb

    SHA256

    c18cbd78b7a46801b8cd8b960dc1174da35bf9ba25595ddb387fd4050a7e2b58

    SHA512

    f6947c22176157abf71fd2147f2b624551fe67bf48148dae37d8a904079196bb2fe9de53eb6a3485e696465409b0c2a0dcc28dc08344414630a4e6947d8f7f21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    769fe60d09d6d3c0b64cad8c1f77132a

    SHA1

    d246e44bda8939d807b9f223b83f1384c863d517

    SHA256

    6e94187b2410566d59e40b4f9894a8ecb09104f21951ab3e5e513ec312ebc8e0

    SHA512

    4cd9e4fb7be9144742cd1559b0600534fa1ef76f9b2a77ec3caec2eb1fa7d26aacc12335a674acaa5e4016f358bcce462c4a278102bcb3673a598b42ec9fd75c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51a0e504a49d6cada3f302daaada1006

    SHA1

    36ff505d521a7e459df5c7198ad13867930819f3

    SHA256

    a54d82fbfe27415adab826c0c60b2a206af3914d407679cb7a79d4efb2ed011f

    SHA512

    055266517011f53cded914de1b117e090e6de23a7ed16a4b114801db42fb43a073d077856e9de6f1951cd654a2da9993e635df06c2fe3e4f3dd1f19ec159007b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11faecea2917fbc283988c4503aa4fb5

    SHA1

    99c2bc3b085e76edab76fb546c2a16f2ee44c537

    SHA256

    9750b39637fb7d6635b5fb8833202d8c4097efac27d4406f5dc4ed0c2626d03b

    SHA512

    511c61276d6afaa0243a9940b6d39862ac3488e197ce20c64fca1f652da37140455f62af51c5baeba4ccda0a7d94a60ec4b0735272bf1527f6ef3c963cb5c52a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4585900ee65796ae0e44dbc9028de321

    SHA1

    393e5fbaaa8fe64491b1e4a334c311863e70bad8

    SHA256

    e285653d2c57ca28dc37c2ac38954e8e5b62e5836832f345281fa987bff1947e

    SHA512

    914a9edb058f8f6a9de600dbcc260a0f6558eab7556e00032de2291f08d70c9ffc47c1d8ff6e54cc00eb2540b73b6b961eea7806b0293216090ea79b7717f305

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3c50d157aa2b1da3035fc6039b596b21

    SHA1

    929716f36688f1a39e3e8b49993bbfab822c8305

    SHA256

    3f1aca024beecfa689caddd617c33d771bf7682e34b12615e4dc130fe72303c1

    SHA512

    35f4b8fe64885a1cb05dd18f490adbca4b7b5a1b529071b0925a69437a6b6fc9df45cf7e612e478bb251db6f18e11f551ae4c0daee9597094255ef9b8ccd735c

  • C:\Users\Admin\AppData\Local\Temp\Cab6589.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar6648.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06