Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-01-2024 06:23

General

  • Target

    769f4eae27200ec1ed0b507333a17b4d.html

  • Size

    15KB

  • MD5

    769f4eae27200ec1ed0b507333a17b4d

  • SHA1

    b4c6fdb8259aa25a23f719877e72abe0a429be40

  • SHA256

    82770be39dfc8b7a76296f8e949f1f96a627170a6e59e563b2909681641f57d5

  • SHA512

    4896bf80e4ddd79f7c6834b9d89462bd5d5dd51d403561fafcaf0b9c7ff5e26fb085b88e9826db8ac9d0eeed2d29b6a16adc3fc43e691822712c308908223450

  • SSDEEP

    384:pllWuhR8NFxwO9LXWwhV0qnvT+AaxvdgqHgY0gUQFZgBvT+hVsxyq31:vCzRl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\769f4eae27200ec1ed0b507333a17b4d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2884 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d59b9c79209246938263cabd0dc2c336

    SHA1

    015fcff06dece02e1ffef09368745dd25b8418cc

    SHA256

    f1ca8e3ba1566f58c6ff5c1866775c10262a2da13062e6b1c7d6fcdbbd5a7ba0

    SHA512

    29dd65b62bff2613522472c51bc103c1745a804a53974cf6cfe155c4ce215d9e447af592cb64111bf1e2191006fb015f9a60d20d42eabb64f957a7c209077a9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6651ea6694932b0fe3704e3872672cc

    SHA1

    016a96a26e8e916a9b71154ce3ca4283be62931e

    SHA256

    c907c28b539f5439281327bc52b8eb4ff022118b51a3cb4ad315c925a09738af

    SHA512

    811df6fe43cb55299f1eb30c27ecb0afffd141a084cf92678c488727ee37da25d2b4a704a15aa32b17d653acf48e23aae4cbf6c78bd57bfc648e4c3a14608caa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5c9087e84b0020f489b1e4349e271076

    SHA1

    b1cee9158dd7b70a464c3950965c0e52e48e98f5

    SHA256

    0535a18e978f33bf4b42e52c4104a3bc246c32ff623e2ced059fb92f01b81091

    SHA512

    fa77ec2086b8fda836ebcfc129b3f3b18caeb7b30c079ec5048e97a4be73cc52b69dc1fc86390f90f66443655f22480031006bb551e620d2f04988898ad15657

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b876bc6a71fc6e696cd789003467a727

    SHA1

    9049c4fe2376e5779dadaded0edbe22f0f056dfa

    SHA256

    957489583163a4c6e737105467296fa3ee70a9dd54e3a647acb7d7c9f8f3b7bd

    SHA512

    86d2037400d98cccd8f395ef732970cb96fdf7662303396172985bdce4150d78acfa8fd3517ddfb1fdcb54612c630c787146044894cdb895d33ddfc24a60935f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5fa96da009f569d2cabba38991f25d86

    SHA1

    74b41e70e17b21a3b5db6e2c06d9d42a3d59f6f2

    SHA256

    2aab7dc7addce347b288dda94dbb890f4e22333b9bc976c41a4ec333adfdaccb

    SHA512

    57cd3dd48269c7510115cc09b1ef542c4fd8d6c4c4cf06fb1f9377e157226b4f66edd545e98cb47f8465430d75a6f4f96f0506beaa413e254dcb5d1f465a3625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a5c3c140d0aa15a2e52fd5bc5a714c3c

    SHA1

    bbd0ea6b02c3591cac592246744b63d3e4f34d23

    SHA256

    2394a51ca20db5465d1b5223ea661d8cadd8fbe11e946dc1b8e209d17f4ab540

    SHA512

    0d8c4c31a9eed2f4dc04fa94088b10f626dc1381b6da07a1925bf75fc0ce4c7a0e2a4ae5936c81d622dfa946940d18c7e64a846f5a4d89ac9a5ecd80f89b205b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    04e96bc1a65b01b5d254f31ac6c9d7b2

    SHA1

    5a270e92b6b4da2d0f7540abfa71a64fe4960621

    SHA256

    91f4d55a9a68aecef56224b9c601ff03c81e6d3c56b6cc679cd9a40d6acc132a

    SHA512

    fb1199babdc4b94c7e7a214fe3cce4e7f3bd48df7b19542e2bd1f1deb9c22cc2c3722d5b62f34b180bba5b62f655a64d101f6a90fdad9db66a6a449ad4228aa3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    48e739914895af9b1fdbba2540027a28

    SHA1

    0de1abbfac0d32cb8766dd1b449d105709793d99

    SHA256

    7f5d778baa7e9e21232bd71a6d6f5490e1ea09813d8ac7ac234cebf7b8504a09

    SHA512

    0e8fe5cdb3a64b8922a9993ef8d132958a1d0311f8255312fee2c3f4963c6807ea973d307fbe2f0f7e9049b4273790a4ce387752268327ce433272648f374fae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f98831c225c2e013ada391a4562ccf3

    SHA1

    e72d15c6dec891311e1a0753b8667a43efcdd097

    SHA256

    001501ae0f979de6fb48e8e1a3c454d8ca137ae6c45612e91fa0e9971b56c5c6

    SHA512

    4b633e8d6fa400cbc9c30b19b08cc82124a17a2af86f1624155b6e8c8e3eb8422fdb7b1557bf46468223f1746deb8c7fcd3c4a15257d32821591ac807f60eda6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    00baf7c1f565813e80adc372ffaad166

    SHA1

    f4bb1f2b053d7790bf8726bc4fb1d965b7d834d6

    SHA256

    f499ef0fea86ebf050659b4684aad9a0c75aa2ded31ebf33c28880ab672cc59e

    SHA512

    5d95e40b2613a3a79f10e02708de5d943c9be0e5d4a92d89fd43c5961d8720eb4a734ac111ff0d58dac9a7a3dfca31fc04270a4a9bb65a1024787d966b5b583b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41f10f818ce592bf70984bf93f6d2c5c

    SHA1

    05b399235bc0771f40c68da60ea1069a3affb770

    SHA256

    14e34f606a6ccdcd43cfafe99b8d55b4ef32059b388f07f07499abd40e257e4e

    SHA512

    b8b4282776c138d80018d537bbf245a78ae6127ce80b50a8071d57046fe0492d9cf21b4d36c9250fee08854b8a782e458c415c28bb54e7fa94f7cf179cf8e8bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    288f83be435abd360ab12d851689d498

    SHA1

    70199bf3feee5d66669385cfd8c547734eba8b5d

    SHA256

    c0eec871629dcd5a4e9a66e63b8826c6f659b79b03ce71ff587a6e0cef342aa1

    SHA512

    f952ba060a6e08033a3f151b647c221a702f3fa746ec16fe39843af03b09b8f4f777c86a4e2c7f697103b6546847d67ab8fafbb9ebc5ea4ad712b8c60d753115

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2aced96a9bf1429447aafa12e1d5f417

    SHA1

    0e1225ed11290329c95e512deeab56a55b1073d3

    SHA256

    2a9c48da6d8eb777dbc6ced70b0f34cfeab55ed50854615b0ef840838208434d

    SHA512

    fdb5ca5d6ce275f2ba598f8d579fd9b7908c236fae08db1222fe2390628082b8b6374eb7766f0172c171d53c4e46a27ae42d6735e1a8fc73b6f41abb5655ffe9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5987e2472decc985951bf85a29c0f75

    SHA1

    373fe62b7363f3b879a93f91435552f503123216

    SHA256

    595b842647f74079fe872ce1d6eaee3847889431b2c834aa5fd56b3c6f9cc5bd

    SHA512

    bbb567723ca9c128f5177cf70709420e77213cc0b3328b32d702d7a66a8bdd19b8ae54f880f45f3a6a2c35f02219968c0099251de5a025f04d45b4ec118c509c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    863e05be65dab695d127ac0c25119f9b

    SHA1

    4003a053600141231029b7d34d3f05c4c90d9ab3

    SHA256

    b34c31cbcde21a5bab16f21d894e9c11379a7466c5da38f3839e7d30fac7fc30

    SHA512

    af7e8b75266817d5744b6939bb1aa0e13d0aacea3c6198d82d2005e65ddb64b3c4b3ffe324e83098e1ef8e3ceaff69618288f532447506a8af23c538b31c1b8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1d467f84b0209e9708a79ccbecdafca8

    SHA1

    bb96582bf9ec9a154f25aa356b8a01e3ef221097

    SHA256

    1632201c4cb9984788306573bf9d3ea42c67fc230bf74ff65791f8dfc8a18dc3

    SHA512

    1f4593f3992122a0f5619898d37230ba8f58584c9ff16d50ac20c90415e5a87a0f3d4792b335a4f0fa618e24f09243871abf67dc8304e2b907b184d79afe4e1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cad733aaade68537782a8e8e599198bd

    SHA1

    cdd5c6250b1224dfc328c81230caef9c9ebc246e

    SHA256

    4fb736c65a5abfcbd9cf9513a7746ba24f95d3657dca42655e3eee8863721e6e

    SHA512

    c2aa880d16f9be080e4f7bbe5985871a6dd77b67b6fa7ca08fdcf3d73886ad0ae3e789a9c7fec99e3ebfe4e66be61cd08adc3bacebfb4ee37e77923049d25dd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2cab7b6d4aa68943bcddde2b294b39b1

    SHA1

    bd9dd429725caad527522e977c135a39dee70670

    SHA256

    f812a45b99567624839a8452a9c9d0567ccebb4ad85cd3f9081592aaaf0ad0ba

    SHA512

    18d12a715a435aac8d0bb4c66402e9b7908a9784be4b087596fbdda360a47f946ad636b41f646d3e80bc3344dac12d44e52dc8546d93d1b44c91ce4527859006

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    340fba222c324d8f04cbe737547c764e

    SHA1

    59e1fee318faaf7e2d1d38226620defb6d13a033

    SHA256

    1ffba2bdb399c48271aed8e21b772b63a27c41c57fa1dc92f703560f97e29b9b

    SHA512

    676c8029d2a790ecef29cd182abffc2973de65ae551b857bbf354e86ca2180deb22dd8b9e0426db2c0ee9b75a2443a0028c2d91adfc7481cc61ae8bbbe9c3e54

  • C:\Users\Admin\AppData\Local\Temp\Cab30C4.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3153.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06