Analysis

  • max time kernel
    142s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/01/2024, 14:22

General

  • Target

    6aa93b2ea860efc8b58f880706fdba22.html

  • Size

    245KB

  • MD5

    6aa93b2ea860efc8b58f880706fdba22

  • SHA1

    022e5fddf89392972a677e040391b8f206903dae

  • SHA256

    77de49d10cc69673f99c73f1b7885b8029232d9c305cfb36af09b1964ebd960d

  • SHA512

    a15935367651bc4214e1838f232ba69ae8ebbf5b3a1fbaf93f2ec615f378a546ffb6ae4b31159f82527d3266be846cfd93a01493f2261cfba40438fd293b6d35

  • SSDEEP

    3072:e5Y8Njz2S81Ep2u/boSEmRdsJrQo+mhseroQlgjWb9DpcMlkeZAalXJ2R/I6t5EZ:v8RGSEmiQo+mhserNthEYZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6aa93b2ea860efc8b58f880706fdba22.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5020 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:3772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    062fdbb9bb3c118fcc66827cdc26e6f0

    SHA1

    2033529788108b0514b5acae2b0ed3b7e051c318

    SHA256

    10a79f11b599e86eb9a03e62f1969485589597cef2b4d8b2a7f1133736e97c22

    SHA512

    33ecbc35c98d8aa24f24e420dd352fb35048696fdc96cafe15bdae131cc18f81426bc515393a3b940519f289d3b0585516eced7b692ff607bd9ef366db098810

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    0c2a9bde9cb5674800dab38a3842d945

    SHA1

    778ad9f0a7cb71fe768a4e04d4adbf64a5785191

    SHA256

    d888cb6f48c15e83de0f624ff0beffd29991437d00e5a8e0b094cddebd32c597

    SHA512

    6f6c7d7d82dbcb7426d215c71fcf789c11257f5262bf0ada3e957aaa7b78496444e257e5eeffc6a4cb3d9d4ad4b8b9722f189b9774facfebe9a3c9c8d6f9e44f

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P174HEDP\w.soundcloud[1].xml

    Filesize

    942B

    MD5

    3b6b57bf91f539f012a545e17e6b7d90

    SHA1

    8e9b82045df94c243c16076fe13b3d5fd5fbf063

    SHA256

    4347cd8a5e3f70a3b1ecf0df4354bb8943dee40bf5e0cdf58f345c0b345acf1c

    SHA512

    ecc28cd4a69e9f7ecfda422d56413cd018c591fad74c34191eaa8a74c419c30dba159d0c8f806224dd4f92158f62da976f9c3ad78085d8bf96f34f67f9072213

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P174HEDP\w.soundcloud[1].xml

    Filesize

    942B

    MD5

    44a10a3ff2a7bc5bb91d13f8f0777282

    SHA1

    f52738af6f174b4df7d39deb75a15b89a9403389

    SHA256

    e84f420d3dd88b4df348dcbd4effea5b5cde34d62a534b177a9a9b3b28657a25

    SHA512

    6071940cc71d772100ec7e024935a0fe0bca24537fa0d158a4cff3e0b88a9183d16fa9c759d2c1645a7735f5268bf28c3c806eae5f02855d40ee6c4179a2b182

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P174HEDP\w.soundcloud[1].xml

    Filesize

    942B

    MD5

    66aaf80f9cc6945fd1e6a6cc6336d3f7

    SHA1

    c98b339f81955e5eefb8ad2d4e9f48f2248d3e52

    SHA256

    b8ee0b7e755eb5bf5a2ce8449359a0959bca693d01fa844c77206a7f0a6cbc98

    SHA512

    120558545a84e515c19147957fd2770da50ac5fab3a82983439c737f890e21d3427aacdebb4d4c20b350716ed6b0e336f2475328e575d799df7d67843c7af694

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P174HEDP\w.soundcloud[1].xml

    Filesize

    17B

    MD5

    3ff4d575d1d04c3b54f67a6310f2fc95

    SHA1

    1308937c1a46e6c331d5456bcd4b2182dc444040

    SHA256

    021a5868b6c9e8beba07848ba30586c693f87ac02ee2ccaa0f26b7163c0c6b44

    SHA512

    2b26501c4bf86ed66e941735c49ac445d683ad49ed94c5d87cc96228081ae2c8f4a8f44a2a5276b9f4b0962decfce6b9eeee38e42262ce8d865d5df0df7ec3d6

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P174HEDP\w.soundcloud[1].xml

    Filesize

    140B

    MD5

    afb3a475a28b3378df737b7315a23589

    SHA1

    5fbd69b34384455b1160892214d65a50733b15f8

    SHA256

    1b3c2b19948861613190a4fca16a0f04ef754cfa97264d979c9567e6b4bcad6e

    SHA512

    d883143c24fb53e80b2f65823992512f47d0b550a80f1fa194740cf1534c59a0641908f71c4bc986f38d0a572e4a21ffab6afd46a9e358233f56dd54ce28aa8f

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q68VBY8C\www.youtube[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q68VBY8C\www.youtube[1].xml

    Filesize

    229B

    MD5

    681cd6c5969ab51c736df429ab58b43c

    SHA1

    1e6d8183fca0b5445c66f4a5a6979f2cc7d1cb8f

    SHA256

    bbbc9520aed6a38136d4d0b047cc08feaf8590f0e2eed039f913941b29e99292

    SHA512

    ce2f3ce8abab05474d0f6d5ade12fbc2193db7f6283b9f5fb45399fbcffd0896e2d15550f45f754bc93eff05bcf480e57129ab38319daf124495d41a55dd503b

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q68VBY8C\www.youtube[1].xml

    Filesize

    686B

    MD5

    fb35489dc9d701afb011f6282d570cbe

    SHA1

    0b401f91f7a4d10ebb6bcb10375b8a1ecfe12b2a

    SHA256

    75d314510036e1bdb98b89f740c9da784c7ee9217ee4cc6585b9a76121c7fa71

    SHA512

    d7f1c78645ecd0310ee6e0458377139c61c8495d16f8fc97c4101a51f2405ed8ac0145007ba281aec77d246299d4aa126656f4d233d8c7c78a63d3a94bef24f9

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q68VBY8C\www.youtube[1].xml

    Filesize

    51KB

    MD5

    f7641cb37c610a14e83762f8a4d39d91

    SHA1

    25d93b361bff4cc8a165cafec9abceeac92241f8

    SHA256

    f9e12c278ee27402930cdbf9d93e4a6d660595bf1ceb52dd7bfdd82c21808356

    SHA512

    474ec80ded95d4c5345fd34f4937ec37efa126b0f6ef85f5f28cf169a728b404254eefd453908a60a5bd51b11ff6aaedd44a70188a93490841f5fc35b261a604

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q68VBY8C\www.youtube[1].xml

    Filesize

    876B

    MD5

    efa97dbff9c285563489324386ba4c6e

    SHA1

    622eec80ffe2358bd594f049140c09f2d7d88016

    SHA256

    2916e4261a8d7a4d2e1bb7e78ae99ceedaa495a6c34177d2961d5e72d5562c05

    SHA512

    833b7c6b26468f8c35b98a9110b91d51626813059b74e11a30b8ce9e666a45c7bf6322929c21a587e98d8716d775e66d3f421b439da41dd7ae875cd8ec18424d

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\versionlist.xml

    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\43O0UZKG\jquery.min[1].js

    Filesize

    89KB

    MD5

    a34f78c3aecd182144818eb4b7303fda

    SHA1

    6fca78dac2797c02d86a4bf6514eda398b7dbe62

    SHA256

    c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

    SHA512

    ddec07100503fdad6655d4e90aaac246719e9667611b35b112e4694e2671b43f4c4ef0b87371d3a6e173f7ade9dfd2058e5e165a41c3a250007d49ec18f2419c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G8X408WQ\base[1].js

    Filesize

    886KB

    MD5

    ced33c0c26aa54c1d7e325f693a61bbd

    SHA1

    40fd98abbbd8752341e6a0f25d00c4ce9a195070

    SHA256

    e9718371e27e3db1c1494b18663db2a4fa491a0d1ec5bace973a9ea8fd73b686

    SHA512

    21dc870990f0025dad21d26ed8be4d931564df9663ddb8010673c5040e119ef536cd9dfc5ef32adf0e56b3cd8e739726f2631379b223ef7b1baf9a6883d32e0b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G8X408WQ\cb=gapi[1].js

    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GO8BH966\472266-396525-847232-578781[2].json

    Filesize

    615B

    MD5

    736419a9e4a0f5e3d7f7a853f37a0954

    SHA1

    ca037345d40c752603e05cdd1dfe49fa8c0b776c

    SHA256

    7057df7121a58ef12735e552238010f9e10fa0ac94e45583cf45ae6807c71688

    SHA512

    fa3bd765c223fdbdc09a475e3e2c4331f1693b7d4f22cab9c51303e1356650c0ebf4df06014deb6efeb4a91cd59f5107d75a309b11b6325d787ee934ae3b642f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GO8BH966\ad_status[1].js

    Filesize

    29B

    MD5

    1fa71744db23d0f8df9cce6719defcb7

    SHA1

    e4be9b7136697942a036f97cf26ebaf703ad2067

    SHA256

    eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

    SHA512

    17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GO8BH966\plusone[1].js

    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GO8BH966\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GO8BH966\www-player[1].css

    Filesize

    358KB

    MD5

    a214ab4758b1affd4828b88481e867e6

    SHA1

    3c3456a1e1d0d42fa3c064af0346ca0de8cab72f

    SHA256

    1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e

    SHA512

    e16717800217aec0260abe378255d63af8b7992375e5483c1cd77093cfdf2a1dc1145fe037ed78a66a3064cd0df9ead040757fcbcf6cb25e274a59cac29c90e0

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\auto-like-10-seconds[1].htm

    Filesize

    875B

    MD5

    55e7557d1bf2236e8c392d8657351b08

    SHA1

    0da67da4dfa1520c9100fc13d79cbeba9e940858

    SHA256

    542b8d261ea44f6307676ce3c6fc5bad6193c8bb3f2644c6711590a4048cf53a

    SHA512

    6b2f262326d927cbc5b737ed4b7af1d43d0ed1cec081f40c544fcdb94a723a157118f92ce888dd7f74116b36d0520e9e4a351ec957b9fcc97faffc41c2828a44

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\embed[1].js

    Filesize

    52KB

    MD5

    33fb4e2431da0412ee243f624f520638

    SHA1

    7d11853330058dcc842f36d9cd1a0004662b3734

    SHA256

    9f22a33e45ca8f1de2e2b3871ce75e95b5b0a8a9712d65febbfe839b1d392f9a

    SHA512

    3ae69d9bcf93c5af29d4c1f5d97a19f705e1d57314530ac1292cf6c6b480b2717f0d2c851d36294f2b93498588648fcd03ce669474ac4591cc3dcc8e686317ca

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\loader[1].js

    Filesize

    60KB

    MD5

    32bc41d964faa1b95d9c61fc443df579

    SHA1

    02d3f83dac14fe996babbfe332779ed182d39d1c

    SHA256

    369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

    SHA512

    45539d5a40bf03b25c6f4328c0d10bf62a1012ff9be634877d62ec8a7ff35b25dd6cdc0fdfd5fcae2e3d980b6e4ba653b259c099935d52a20e8b6581cce521d5

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\widget-0-40fa766408e8[1].js

    Filesize

    202KB

    MD5

    c16998d40df139c27de041a9e7e1235d

    SHA1

    0583f3aa475c18a3ab3544bf6a159f3233efcf07

    SHA256

    403001b69bd81fd5946681a193aa8543f2d3e87bd3c3fef225d8bb0844e090b4

    SHA512

    e4fb3a62245fa7535247656f6c5bb956340b61e32f237f85fa369d36b0ce5d71ab238edab0226bbacfe86fe6457d004e159d89239b57a0622aa50c8b72643ac0

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\widget-1-a6a462c9ed0a[1].js

    Filesize

    20KB

    MD5

    b4d08a397f53f487b8891db539ff6dc7

    SHA1

    794f62443c7919d3bad6780ed86026dc55268dde

    SHA256

    ba7c85b51c9b017c83e87e9de9b7ddec8c0fe16b77a290ed3106e323eb095464

    SHA512

    a5780f4eb9844ff82462188fe0f80155af2b15c112107623efe841050f76e83bb685e0a94628a2e58aed8b58e015b9008ea7ecb53ff48841afe4539703ec09d7

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\widget-5-4e9069de0c32[3].js

    Filesize

    6KB

    MD5

    9cc14279eec3e0538cc94f23416ae056

    SHA1

    5f05183c5e3eb46fec7819eaaf6677fe7a3a74c6

    SHA256

    7290cfcfe40ea225c2867005cc60ebb266d41fb37616a6bcff5f1b42e39afecf

    SHA512

    390660794252ab5ab8f89f2e0b5171bc029ef65478622a2a54909890454bf5afd3213e80e8ac5a6cfa3391e93f2904b7eb371ab66f5ba30994fc54735656bae0

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\widget-8-3ee99db8f3ae[4].js

    Filesize

    2KB

    MD5

    13f5e5e1443530ae5fe5616f54e3840d

    SHA1

    e19b4ff7b9edb97fc7fe9b4729d5ded285050b7a

    SHA256

    c706153834ef6e1193988633a29ac82a4f1d752bd561a44ae2b1d821b0e9981a

    SHA512

    90ac4fa63e1d531f7fe49c9a9e157a5604ce7bf8c44ba6fa7655d467953237f861e4e160f2897ae6d0c8e684ecc7474e21c246b2ab37d585612cdd4cf615db85

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\widget-9-537c50ebaeb8[3].js

    Filesize

    731KB

    MD5

    40807f82f71e47e94573b72f736f6790

    SHA1

    8cdc7b5cfb04348f790dd05738f99327f14c255d

    SHA256

    fa90363c1cb6a9882c035500f3604e76aeeae5b2570051497760685293a5896a

    SHA512

    5bf47ca0c5214e6eb3afbb8dc1395287fadf97ba204e6d3cb4eaf62f7d059ceced7f8b868016af5099d8fe03a91e1ab188458e8d001ad094c4d25fb75c3e2ca8

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VH4I14XV\www-embed-player[1].js

    Filesize

    323KB

    MD5

    d20c9387749050e20aceeb74a0560ff5

    SHA1

    560de24e0729b27fdc5e5e403bd62d185bb171b5

    SHA256

    65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37

    SHA512

    05bf21d6d826f90317c547b04228a000ce9885a68451b7894544f9b829f30322d595d9d8de845502bdb78a131ed3bf0cdcc33cff383217732185cad6ef2abd26