Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-01-2024 14:27

General

  • Target

    7799407b60ab29993f8f6e360d054e43.html

  • Size

    12KB

  • MD5

    7799407b60ab29993f8f6e360d054e43

  • SHA1

    8f200beaf7f64d649d14833c0ae2cfd561597f63

  • SHA256

    cabb443ca0024cd745ac7c3c8cdfae03f2f56eb8db30e26d47f7795071b19dd8

  • SHA512

    bc8b2f136bb9be2b2c305eac05f2321764f6fca9223cd18378be6b2cf1851aac70b3c96c89c78841baebb284d9f7d2f22ed6acd44a82af44bcfe986e5d955801

  • SSDEEP

    384:Gy4h2KTXXEi8FNZpSRPbeceIexEeQdioaii2glghqu:Gy4hREioZpIbeceIexEeRoDg+hZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7799407b60ab29993f8f6e360d054e43.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    3d5af18a950e7876649b48a09275a5ba

    SHA1

    62a26e996965845ca969a80bd057c0194a4e3ee7

    SHA256

    7c03a3155bf94811510819584ac7f532f9637d184fa502276666f8097437b488

    SHA512

    8d9617665631d40b6d0c2628dd6c503de908b627a3257042541b536c3eefb585e28c3bb68eb091a98c111ce1ad0a6097a78f09fa4836adb16186e0af99af18f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11d8a8772b4238dd30d6b9280be8c97e

    SHA1

    52eb0fc76d4ccea7dfc56df1d6406c0fbcb3b50f

    SHA256

    c0c2cdf4c5a72b92966e710ed34d5dc65ed3a025c8491865189eb2fe70781f26

    SHA512

    dfe8ad387736b322f687fba0235a1cd3e20817b9fd1cac1955ca5726b5b0fea3bc571745697ca8b6f68cffef9e9a126e0043313eb8d021d78f022349a08b79ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2c8a2cb4e7c5dc4c262ec2dfa4fba06

    SHA1

    6f37ee1153067d70b28530ec99788ebbb9995162

    SHA256

    ba4ecc40a14016be54a29138f6aff2446a4c07eaa06cf22417c896764c3a43bb

    SHA512

    770770e1330a76c6d322fb3952d0f349dc0d4a655453076f6964b9783dd3e93172c5154fb4e911789e60b2bdefc7fce009d633eaf2c941d584df8e04b9c66a71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5ce35e746ea30d1613e1e9b7b42ea6ce

    SHA1

    1838f97b47deecd7f46cca958177f3cccf4ad9c5

    SHA256

    892226e826cbed4ac14d671bbc47a17fff35536f0c2c60b2d38c3fbfbda8d961

    SHA512

    0934270f8f4cefa1a0bcfae05eb018590d49ecaca34f7bffb0c4397309cce7cc00410187cea5fe52629edfe7d9861d2a3524d91066cf0cbf112306638dee7a37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c5ee81f22a860b055807e5bd51c42ad2

    SHA1

    4724601f44cddd00e28b572a500e77a35c37c505

    SHA256

    8b8be2a303641459fb8fdb26381c3646785f0d80e596d77c6619acb20cc42229

    SHA512

    7cbf6b195567e2b84a2ab54b04d64a8a6e30a056c1d329166e74f59cf7245f57bbb76dfa5981c0d0801348907df17c714f3564eb8f2809a7f122a0a9e425d926

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8f87335f2c73649449c8a7c7adc8a2c0

    SHA1

    bbafae2c1fa4ce0bc8ea10cfb65bc1858e2794bb

    SHA256

    af4c3737af1766dfb0b93640c4d3deed24eeee09d5c12fbf449847a88e643064

    SHA512

    0262fa0c58ff5e33dd267f127efbdddeb6b0085006ae01e5140353b93d3c7ac2b6a22fe7dadfb04d90f5b3cbf0b33ae18e251229a7b86f4d4f88a50069247c71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    edc671f3c1f906aeeff73c6fae270c6c

    SHA1

    1f12e7e245b978e10f31038794f590d2d68dd5da

    SHA256

    6507cf1b1f077429a696e7f6b5c15fb54e3b422d4dce349ce95908daa2d07c13

    SHA512

    3af742ee79400028831bdcbb6f5ef62c6f750d44e09849add4e9a17c6d6760cf87179885f19f312d3ae95960fb7226a229d734f3457fe58c216dda88f345d0cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5923cd1bc947fd0512f19834c229670

    SHA1

    6af4382aaed85911d6d74137bc7a1d0d35fc83c8

    SHA256

    d11566f99bc0157e29139193ba3c98445acff433113ec2e19ab31a1d0cebe616

    SHA512

    99842fb8a17a1482bcd68e7627951d8c769a7f4ae12ce8c1a08c3bd5a435576d6711e76bf97a80cdcd160403fb42330620d97ff41e7103327968359d052eddc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2e2c029d68fedf81cfd886e0447f566d

    SHA1

    ba0af5e939b84b228c266fca1ffbe9377a6cbe45

    SHA256

    58bf4a79b0c82a6c01c2f672739ee5149195b49c280881a6a60f87405a5dbf68

    SHA512

    31ab43e2e113e638eabb65cf69bb3f26ac3c0dd2c6a3bda51ce66bdf0b725000dc60e2a62694e8095affe8c95b28cb3282f985d2a5c60be4f6285dba2ce62fbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7a356588396a0058a82ab10f9473c593

    SHA1

    9a79670cb46e874c75bbbcd974ae71d6f888e82b

    SHA256

    78e516057cc6e4b8afa7b037c3fec1e8f28760ede8100cda5a1458045b5fcedb

    SHA512

    afe7aedcafdeb04b877a41907b30ec785179f1187e33e3d478e5ab24abb246df48c32589b98a3489b22917f23cfbde2087a4d9c438458ba9b381a97d6cbee9fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2127507e858d30827a0853e5eea19e7e

    SHA1

    b3d5ab1ffd8607a9907a42de101f6eca4353cc63

    SHA256

    752bd497c3293825d562cbaf87cfd3ab3a92c0b58219f33133c42484f24c722a

    SHA512

    38b275273a651da1805071a0fff74bb010a18abd0d1f1e464f4a3510e78ba7d3f0d4013f48e61ab0334eadea407b67de8d54b044ddcf4a1f60b06db03e8a6a74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    328e91093bf913a046d1d44f65d52479

    SHA1

    3af5eb2b5e0f5332d15cd818fe318735fb376bf3

    SHA256

    32285dfcc1ddb3b93e5aeb809aa8df71cf64f860713198390bf1da4a83a8183d

    SHA512

    a4f953be0dd93c01be430b6e4873b55686b607b2aaae3bc2ebaa5d24bfcd9a8ab8f293973722899cb2391095709b35691f5f62e0befe9649d70d89165a0d4642

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1bfd577dd90bb785bcd2776f18a45e2f

    SHA1

    b1ee60d655d2497c41441971f82d17a2b2391219

    SHA256

    cf7d62052e511ab7f719c07b0d166333a2c555517b9655168c85aa6bc047c729

    SHA512

    aa8e9629adeb0b774ab06f6c6d006004d6e4f6359d388d5a1dcfa308943f8904faf1f62172ed530ea3d9a902d59e79c0ef27b5aeb42add56f69eb4c26f2e16f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4aa942cbfc3f52b81c42d1f53c5da42a

    SHA1

    6ab8fbe728d923ef5efe15c41e7a2ff050f77adb

    SHA256

    24cda04fc05c2724a845439afe38e3ab8564349ef0966d414ba65dccb4a4d5e5

    SHA512

    d19f1beab3555e06e96ba13f828b655a612fc2c89b3ad60c03d14bc1e896cfeb522910c020b46e426806ea5d37f2baa0aa3f5617507482928ddc33cb5980006a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    05cde20addc5c4bef2ca5a9b292470e9

    SHA1

    2f3e6f842686798da60a34f3d15fa7373d755d63

    SHA256

    a6792a468e220dc8e19459edeb7f016e61f7c3b9e9d552873429d9b8d59f9c8d

    SHA512

    5e8a3deba60347de7989c3c4b0dcdf7a6ffa8c443694adda9c731cfb409dd445732ff15b74b28419b537771fbc9e7cde6b7777543178f054bd047cc2a6a7ce5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b8c887682953c4ce55e792031dc42ed5

    SHA1

    9a8a6fad7b2fb93aed49dd8995ce5c97cd871919

    SHA256

    80f6bf0c25c6be40f54adc404ef8ece7f8e94cdb179feb74ad22618a6583b1f8

    SHA512

    4a07e1c0e97b9b248319a2f3904e355c6926dd186ce61a09e775b9c8a267b170225e4c93df7d3f68881e78c06bb08ccdd9f79c1044d1e2094dbda46ecc23d9f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a0e88578b1b051d522661c673433b74d

    SHA1

    453912ab9540ed0d53689fa8ecd0f756ca1deb62

    SHA256

    3fd69826280bf36352fb20e2d4b7af0cfce65b4bc9fd77ddc7b101367b9e663d

    SHA512

    083c1f5a0e16177383d40683ba4ab04e09846419600241fa0c220077f2da1145745d467eea27fa635c2dfb46571176c1a71eda52bef74a5f4374993da0da0426

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c644bc6aa934c20b4ed7fa68a2757b12

    SHA1

    ff47d59985b09fce28be247e5eee1aa5410decd5

    SHA256

    713e6c9dc9b02ef23580dd83dcdb0fa956937f9108a90381ed2fe25c5aa7cb3e

    SHA512

    2d0f8822c4a4842a65ef267972ca17b10b39dafb83aadc21ab47e4a538b7934fda0dc1cb35079adfb1ddbf1c76cadc8c8ce2e3a66d09f698a5a994a70763cb1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0859faf8aa3841ac8e1d0d31fae20709

    SHA1

    e53939b1626f1c6d23c36ab2949c1c91bb9e4840

    SHA256

    71f98db846d70740f52447b0d32f7c09024f9a85f32c7baceaf6509fa68924a9

    SHA512

    00f1147f330c50d9c48d8ffa60c5fd36ddb3a241c0b5f47d9c0911349a78737256a3e01e08594d73d4ff1a737703d98a2c0f61eae62c6db1329bdcd981bda0cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c43c4f308dd80e0a2d208ddee5e60b18

    SHA1

    343fd8794da1ba0a0b7015c5e5c0270060dea622

    SHA256

    e54d91e534a8c1246adee18c7a6d6be14cd0a66576e0d4ee8455ec38127fb711

    SHA512

    467c258bb55dcd2be322e66f58d8e93ed654bfae06faeaf894259532dcb6f499d24f8acacd25e00906b44f52700e2edcd9122eba3bcf6632b1541244a81a4d77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4725c1e80f5bc36af13eaedc7ba9a9fb

    SHA1

    6e0ff1220aedc2faef7a6e31decdc5bdc219ae81

    SHA256

    195caf50bbf899f2a66d0e72f68847bc160423ea36148c705e3540a5f27d0d53

    SHA512

    5222ccb5d4aa13d75eb4de6528303a2fe0111bbe4ec65a5e2d61debd26af70a0c579483760640ea3ad1bc0e6a72615adafd3c50c621f16896eaa09e426a5b55d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6f06777ea85614cc45632cea1474f039

    SHA1

    5b08cc7e9dc5a011f6d6d1d16bd6449f8d5a7a13

    SHA256

    32b4f3f9627ac93e83e1f1f97d947a7720b3b1a2a4f1be874d5864d7bbe30b45

    SHA512

    cf53638ad1679cd99a0301d39eb71a54d680fc3bdeb2780a6dc83d46912f9d4018e7782869f0b3be8e2e00e913b2955e990dc429b2404ad68a6a1292ea67546c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2bf1e3f3ea9559954ad9b5a1c3511c55

    SHA1

    23189e99080ce20b8e20549756ef8e09e6e000e9

    SHA256

    1b8eabe340917af3abacc756c208a531750ef48e51e32470b5875010a3c46edd

    SHA512

    02da4d84179ecec61e040dc82306795ba3b9675a6b5e34a0d8e72f315a846c3b7e39ccdb5153674071f04cbd02db5ea97ca9915c308ad47b623af198443b6cc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4402b59feb969c4a0bb1bcb1b9a9f255

    SHA1

    9b37cc40b6d6fa01eace3a6679f471e58f8db1ac

    SHA256

    6632f564c3247e4923c00094a47c7f6d52b3793441723ca595fab54d0036b531

    SHA512

    d090561760c9929857559f3469374726c1debcd70e19c7113fdda403c0293098953fb6347c76acbbf2fbb2bb748ef702068063c57aa2509c135ce19310dbf869

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    796e0264cee7f0670670a42b6e073621

    SHA1

    00b829b88630c7d2bb8bd29951df557efc75e43c

    SHA256

    55966bce36158340ea61ea00885c24bf37e2d97f0240649417d78ce9bb9634d5

    SHA512

    423848ed5da557cb86bd42f06e7d764804cf352efd6a9b776f5daa07398d5ab8f3d77ad2ffc078ed21e346bbf020823960edcd996ba19df0fd7327c4af8d1502

  • C:\Users\Admin\AppData\Local\Temp\Cab36CA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3799.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06