Analysis

  • max time kernel
    122s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18-01-2024 06:46

General

  • Target

    64bef228a2f859821152872be3895ed0.html

  • Size

    12KB

  • MD5

    64bef228a2f859821152872be3895ed0

  • SHA1

    46f0da18f23a55b728835655475cb55044e810bb

  • SHA256

    281b441fce41e46722b945a5e07be2920dd6dce7bcd2148111af65e8c527df51

  • SHA512

    6f4377e71694fc5397ea9560025ec2c066f4f011a6dfacf50c8e94b78e7b05bf6dee8cc1eca108c207361929b89f5083f446d77c074f101a7a709d855100458d

  • SSDEEP

    192:Bk/+jbMkWYMahSzpSRNvIf+Cu79I1gdIIXX9MUF546:Bk/YZWYBSzpSRyfpOXlt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\64bef228a2f859821152872be3895ed0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ce4d45719f213601fa669213305c033b

    SHA1

    f69bdfb316bbcf3fd6e9e1fc070c5eacd6909099

    SHA256

    6329ed2f9b89bf132f0c6d0d241b7ff49160c71d69f425ad10ae92727734ca3e

    SHA512

    2ff7beb100637cd045c023c922c9d3b279cba9ecf28e61773fd3227a41dd6e50786b8e6ae8a8243d9c211d4d756e3e12c10ebc4c9bd3ca3ff9f3b2613032de29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    342c2b7b846c1afec798f7b36683b11c

    SHA1

    3b83b98e4599dd85493f6213e5714b9d95b64be0

    SHA256

    880ece80e13cc10e6f70f51b5a60ffe903750adde043979a7f50d7e5f316383f

    SHA512

    ecd001f56372d1475fdaec5ed352f19a7199c0a8b4371b4d3c7aa0fced6a0a1bc7626905e199bb1a5a9ac2ac970c46aa1b8e4afa8627fa5d161a9015f1ece413

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79aa404a387d0ae9df12a29bd76bbb4e

    SHA1

    206405fba6c7e16a55e14f878c72f71ae2abc2a2

    SHA256

    2d5348ea9992b2f32acab4e9d89911407d9d1ecbfced0f472251ccf7e839b66c

    SHA512

    b3d48158077241b4a82b1333d86070c4becc4bdacbe352d52bedb4e4f80b12cae4c867889a365afca7494d77fb0cb5f93b8f569ba6be07476f44b60a014ca9ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    59fcdfda302c66f5ae79284dc717ffd7

    SHA1

    acd6ca060be2f9d84f57bcd90a29d72cfb8f5145

    SHA256

    afd4ef2c2fe0477d8cc1a10cf417bac8ae98781ad655379b1514c0cd82e1e592

    SHA512

    7a8814f91d3ace07e38739d9e0fe9c7aa7469190edb5f97b65476821b17cf95f25f467dfcff0a555e8a0e0c8db6d72b7d974414c797ca9906821fbc6a9a229ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d77ee6c171b3e645960f29e4a4e9ab25

    SHA1

    2f1df19a3bf78094dd7480b539ec3bdd7e07103e

    SHA256

    f4fe7c8579d06f94664644d226c63fe24f07dfac8ebc71731c23712683cdacac

    SHA512

    5b2612f6f48f05c75fcfd560ee4012f66b6240310557d89d546224c6ff8989e5c550948cb91fb2af56b36075fddd716c414748c50c265ac2005b69c9967dd117

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    589d3d176fcd6481dbe73f8c505ede3d

    SHA1

    9c4478df73eb22cc3b34f9a2e10a7c2233184424

    SHA256

    061c8213aa868ab0a8166c9ed38f811ed52988d8a3754ddb689d7d6eef690062

    SHA512

    0320cca424d6ade8cfd14f9dadd421c7d896a6353347171f0f39751e2e877e319bc19d6173131cf6e1ea9e39effe6a1a7680f8a56f0eb88798a967d39fc1a733

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8f2c0e7aa8c3d1f8acbd95088143e158

    SHA1

    f8edd4da3025af81d450478292992f1bb8e98d1e

    SHA256

    5ba3d19228d534ce66a2b3356f7568089146337f9636ea10690f5081cb53541f

    SHA512

    b975ba1de663db21feba8011cf4ef40661c55c8a219691e978814a8f96b734daca8b107177dd30efac6fe27af92a44d38360899609b4d4ee3b4872f6b4a0b4de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b93b60ead910086793619fcff924db66

    SHA1

    38366e82e4fa0a801df903f4576b771df1d95e79

    SHA256

    cc7be9a0178a1c2f724015b14c0fa3c7ae87270c14674d4fb303e576efeea276

    SHA512

    98bd0eba97fde82e162e564661811304f83bc851f5f69527a09033d75e2869cd9ed329f2ff32a104b99fd8e4c1170cddfff436c6c1dc53449a319dd16116e4aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e3859389ca1c9543b52757a800c6e54

    SHA1

    efa3c370d045d16e1a2c26e31fa04bf7248dd3ab

    SHA256

    9854d7275148bcd2e504659c10461cde068f01b56deb558d68b010841f667906

    SHA512

    6d5546ae8c16d327bede86ffbd46cb2c4d4b39b0a776294ffa6c20296c0b8c115efc1661a97717c6194da7cb6850e704bac3efa0a2a9ec073fa3068f5cc68af2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9b90960f4287bc487e50f533d31f84d

    SHA1

    fb600c038d85add6af8c66895de62ae1cc5c2fbd

    SHA256

    e9689d558ae06c46ff24aca0d26218495ca693cdaa6c965b1670b591803da3bd

    SHA512

    05de540f47cc8435368e1d0598e7895262667f2bc7e0f28a209150a7041003e836c24da4d129af5b8a4194841259297a410284f4fcd6c0c5e532b83cd6c60761

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    99b9fc5c3fa4a6792c3987a128378b88

    SHA1

    4069acc55459af97287ece00c755b08171fb52bd

    SHA256

    eb4e4b52035b5e76aa11c7f65d836684d242c7e64eaf856d085b690fe977543a

    SHA512

    684b2712278333440606d4dee5d4fe95d5af399c2be84785f079872e445668a77a89cbabe46abb123b3305fb31edef4680d87c3dda20730e36ff610572fafa19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8dee7f642ea95b42a959e197d689f84f

    SHA1

    2de9bdf7e7721f26a1c88a6d97e5a6623a842c3f

    SHA256

    6adbfc2d118beb01eff54354cb6181da7be8d0c09143fc657e18ca7de951a543

    SHA512

    148432e9ddcb3d4618aa06ed21eeeda3120f6f8846d5e08a50ec1132a59f2223f20cd96aba827aeab1af757c4e672ceb74c3641e4aa2330e794e54e0b2b5c087

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5b0b3fb6081e742b4e9bbe3cce2caf56

    SHA1

    46107952eda7c08fbc37cc6fd1f6ed0d4e763342

    SHA256

    9731dab3e018acef85d38bc64f7442c43e7b5cd8157b3d7cad6bb19d976ae13f

    SHA512

    051c52788c18788e9ef72111b0122a726dcf45becc2eefccddba9423ce7969017d7b23a2c84aabedf2ad6ebc4d72fda8df1e703740b2eca070d48479e12e6e46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4a2f3d6d51a259772882939c6b11c17c

    SHA1

    90062f13619de1db26739a248d1a74991375b7b5

    SHA256

    6609d1ff923fa408f3e69cc3594ce31fed641ac30236555b8fdd52f944f85637

    SHA512

    ba7b28772115cca1b103237b2f4f1e37757a6c1a849aaa90d030a76c47216ddf2c38dca52f91d45f3392c14ef324d678919f117503acbc10f54926b5b5f69625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d67c37ba9f1bf7a5dcec4566ed138d5

    SHA1

    2e12a124b879d0305f42fe3f34ca0665adc82e5d

    SHA256

    dd79049b0d0128a3d9e61efb6426c0afe0f8a37db47d5f4cfe5ba42f865fce4a

    SHA512

    6fefc530537ebfb2ffc0e5a5903b826bfe0c88cfbc8757d944b33d38f256c7a2d8a2b064c846a3f2f3ed1ac8c3e3b2243e1773d8234aeee9c9ca87fa0bf3f547

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9bd35efd4ebf3ca25da941fce99ab0a3

    SHA1

    853311ec0287251519680e5ad626218fdd0abb57

    SHA256

    662ab6042ee6036f001d83359f66627e8ba01edf8e35fe73458fc72aa5e9a30a

    SHA512

    9281b93634dac933756ee1195db08fc4513e6e1d6328d42778418a08a96d18be91f76c769278985ed7db90c3e1ecd2d02904dee2e7ab0e179ffadbe40bcbfdfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    909434160a9c0919aae446d2e01c58ac

    SHA1

    2e8889cf6ef809aa003e72e7a3f1b6559ce047f5

    SHA256

    6782be40e8536c0591e4cab8b43b0dade863bae27aaf0abce3cf00983dee588a

    SHA512

    e6fab0a4fe0aca673a7133cc08a3a2c9776bb3b7b625edb1ffdc096282df51e767a1d78520772a0ebd0521bc6be9e4ad2a64d11697cd305a83143d78a9ea1c13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a50661f7fcec9dc8fb6fb5701cd6cdbd

    SHA1

    4bfbe48fe27bf28937b81917170af6a042433ed3

    SHA256

    7bb115be7c34845179bae4fbddb8adc7c0573ebcd9516dbd03fafd9f848b30fc

    SHA512

    918d48f0b0e7022cfb7441387945606eb414d3d8066794eeb7f9203c4eb194230ccf2a3c7580c378e538232cf4128352741e6ce0e5c1155bd331dde30159b7f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7885c80628af93411749c2a53f84f861

    SHA1

    f7c4f6efa293c9003261d8985140b719592c9e7c

    SHA256

    c9b0bde2b98a995be41ab47d66929dcb51c3fa40d33a239d35f30e4c6fa8a67f

    SHA512

    f55ff054f780be8555ffa59d817002992e344919a061b12faabd5a9f3b7ddcb3e58b5bb15b69c197eedd1d08997d57d9619666b0db69b3e20abfa4eb5f016f28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36e16b4a67124f853d66a38807739242

    SHA1

    97eda79e2d46cf58225a43395b94e24080b87f00

    SHA256

    9fb7ba790e2b596e359cc50775dbcb54c3847a8604081e96478556ba63e45fcd

    SHA512

    1c4051453d198e3c9c63c40177d1e026e28377bc0ad3c6233b7771385fc2179a82befff9ca8b80556f8a3650ad24aea4e98ade9ee4ffad54c48fcce743d809f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9aa058f13f26c6b7f411ac11a9bb06ba

    SHA1

    40aff385e5b7772e00a896c65888c097f98588d1

    SHA256

    7a03803588b3fdab7b61daf2c88e46ffe3fda465306741a8c2c7374a9a699df3

    SHA512

    dadb8d82fa9338c1e3cb09133601283851e52d7dec3f79ae241c0559f42f06a1311547e63b5dfd10c782ab7ee67ecdb2feb1e8a6351cdd5ebedee3d49348c2c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    879577397f71617dad3792702160b462

    SHA1

    585ca40f3d07e7d2bb96dc791b76ae6666723265

    SHA256

    06cb7924546341b8e545dd633731299b782b1925296c7ba69b8426fc4449250a

    SHA512

    26f1bb2de0836502a6d5e089020ab62c8ef7722a02ff55757fb750d6b647aeb70930c986a6c938c5ce60ddd47e8b65d8f21f88453f0fdc8ca1c6dfc022ebb563

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    21da98bce6ba713a492180cecba0aac2

    SHA1

    7cb2a37c0e3fbb7fbe5cc0ec0ed3f9eba771f423

    SHA256

    3638242880188a783ccea470cd282107fb1e6c83703d7198a1f0969b35175c12

    SHA512

    ba8c0e8276f9e89d6260d16b2be4ce8a76c770f6e2d6ac7e08a5e4f5ab9412a1b655befb0bb1d914d8bbf6e4e15604202df391b982b95543e7128d3b3d1d9d55

  • C:\Users\Admin\AppData\Local\Temp\Cab5958.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5A17.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06