Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01-02-2024 18:43

General

  • Target

    879cf068aa385a29d1272bd5684289b1.html

  • Size

    58KB

  • MD5

    879cf068aa385a29d1272bd5684289b1

  • SHA1

    763607e01bf49460a6477e542e406db32e6666fd

  • SHA256

    215ff0345f8eeebe3fa4ea5f5283197df1345aa2069e6d27bf8bffed25a6fcf6

  • SHA512

    200f2be4df4049179be3648c5d7461436f4a91e2feda08b16e6dff70029163f2739bf1eb9fcac8cf88376394132e5158897b21fbf293e6cd7270bba3d3f819c6

  • SSDEEP

    1536:/tDwDN+/wboNkOvUuKcVWwQ4pAdwewnAcYsuMpwywXbEZi0L2K3DD4LL4LWyrabr:VDAN+/bKOvgcVWcpAdBwnAcYsuMpDgbR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\879cf068aa385a29d1272bd5684289b1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    6a56b95820fa5a58617be1ef35f4d5f3

    SHA1

    aaaaefb3a875beeff8313c4b69010b29cd0ed70f

    SHA256

    497512e613861257341c8396673598c623fa64244c8a16f04b2b96f5595d2599

    SHA512

    cabed5ae6a013e08f46dd29f1dc57dfca7ed54c82c9caa85790138a3496f05623511008ad0ed7476089f6bf180871e10b774b801be9ab54a8b2cbe53bf72499b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec74135618fe89623379c0f6420e903a

    SHA1

    55a2c7439a29937c02d4a00320ba5685597d4276

    SHA256

    b37ef9134df5332131023d5493c311d494a2f3f549517da9f5c3f2e5a839aac6

    SHA512

    260f339d6d921292d11b0daacde25acb02cec8051aca5c2037f483d69a1802b51bf4b93dcadb049042522bf8cb1de772e29173b6d84fc6580b3f9a7dcca5c519

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7a3cdfe8895a8319bea89ee98a149419

    SHA1

    552e35891772f0a432696722e03d033126cf4d39

    SHA256

    5869650379995603acbaca7ea200d713ad7977d21255529a3df86c8f5830f223

    SHA512

    cedecaf7d2ccede443134405f9070ac810b8611ee859635298b61716964d810c5928b1a9b6e8b59339290d2ae80860dbe91a361658c3c8cecae5141a72371071

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f707110ed241e2106860df99aeeac80

    SHA1

    4f8353d1f1bce130fec93cbac50065a5f51ab43c

    SHA256

    d5ab2d61dc3def282ba634d0581254701e44aedbcaa099c0162b5762c5025e62

    SHA512

    d54bb5f1e30041cc506ebc6c73ca5684315ded7c4bf2ae198e9bfc2472339535f929f141fb741aa9bf574bdef58388b0bba84b7b5930374e40e05bd5b880c6f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    61e310c23d3f2a2e7de193c583a6eb8d

    SHA1

    0b58ec803df4ebe5f038d62b68fcc43f8c1ae667

    SHA256

    647057e36d753a80b6e3f06e652cd5154a4a8af8dc893fad416bbea047df189b

    SHA512

    00564b17fe5d0cf04f7300349494df345fa03ee134e48e00fe216c2208b0a6a25fe15acf5fb43374db5229de73dfc58f37364a68806104a1e19ff0144c6fb253

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d220cd4cd42258cc4a302dbb9944f20

    SHA1

    8ce5cee56ac744232c8e2cdb8d98cfc4bf940ecf

    SHA256

    be178101399de29dae1a2b4b23c4a2c21a1f0f402ca8cc2714a5bebe2cd2ce65

    SHA512

    55a506cccd0356d9fdb8cef65e35925168b85bf53e277c212c718da066f5bb40de1e7d4b8d4f41d3f5cd436e8fbe316e004122503b1343b6ae8fca077e689d03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a88339d1084e905331503a5d7d69ed4

    SHA1

    94f0266d8d5fae16242a1555a1b4bda664a3c6f2

    SHA256

    65a6bafa04e03650a5e0d0a1c87f620e8aba9020c82dd9cdeef31b73f71b9b70

    SHA512

    1e2df39e21d66d6732e56554a9d2aa16d7ad03a88736b4493be326e28dcc9daec9147e768958f086acdc5b410d246fad7a7159208e97ba56e7906fbbcd3641c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34ca0c76162f3d65618877271a19dc60

    SHA1

    ffaa21ef881d577ca648d7dd314d6fe533b2815e

    SHA256

    586341c9dee55ff66c44322e5bb8630503054b1420e2e5d39e12e941a92a25bc

    SHA512

    7c84267457f05adbe08f0058f76705e0d833c1439d2d660b94bdaab270a03025b91b487222b826e4ba54b5b33c9025683aca7f1575279b6d089b897e673c37b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92e0998bfd7ef643d16a52b3c17c4b11

    SHA1

    895832ffd5fd7a6c50107a2260a38bb937469a75

    SHA256

    5b7f9cbd84148dea61798f9024f59105bfc5d2608a081ec9656f722970f3dc33

    SHA512

    37f7334f7d2cf143f8044314c9f57948c69619676f6784a815a09b5fa189dcab4bc6cb670b7ab6280bfff776a4406af87317fc08414ea1f39af6a6bce88de9ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1709b6493ba1a35becdf93d7ba269e9b

    SHA1

    55af954d12714006c478b3229a345e0077a8ccad

    SHA256

    ab0fc85bd811ae257a14f9f3bbd7b2705de5f6197c617c9cf86faf96121d2e9b

    SHA512

    991349612791e889e68f97099a5f44dd3905a32f08d303e3f728854bb3b16bae438f72ebec80bab5925f5ea9298f9c9bfab437912872bc118d98570323100790

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9c488cfca86619fa8139cb1c0ab11a68

    SHA1

    b5557328b13a57e8b90e324cdf808db517f19d95

    SHA256

    508cf7d9503983783ee66a40f2d4956aad6b4888223ed920ed53afbe084bc359

    SHA512

    227c03d1b246a2330b8f0e607cd97134b3f3918636d97d15ab04fa26b11d896eeff0d72d0a2c14e6be05ad4f415d93fd6820fbdd9cff3729b06075431251a975

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23cc714ca4aa632b6cc327bf5f72b314

    SHA1

    dbbd538db5556c876ce619295004a485ddb313f9

    SHA256

    33c610c9373bf0ad9d5c139a284475da7d772a687a809e2d935b4efe4550a3d2

    SHA512

    79f013d55492d7cd8adea0e5c6c774983b45964a2c13d2421c315241f9788b8cb8577e9dce6bacf63ba51624e41818166d85c1e7cd279e9050ef454b4fb64f77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de3c6adc60a793dc127cd14f232addc2

    SHA1

    19f3ee2075850b5359709a1bdd21f70150f16e9c

    SHA256

    6069a70b6ed060bf5e734721b7e95fe58e4889ecce5fe9946d560c63337019c1

    SHA512

    7bbfa44da12d2df84a8a4dc3e67795660f385e53aa9c72d6edc115e930edc05f87801ab57f3ba218b3dbd835c57f574227c754e5432619ffb2f74bb1a468f3b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    19f473ea778afd6e828f02c74a0e7451

    SHA1

    c2d0478f0a384dde45567cea8e7ed4e1f96ff98c

    SHA256

    b7c7e5b057b41699fdbcd2bc3b5eaf7ba9e38b7cb42740f219c3e04257a485e2

    SHA512

    73afa8063248bd3a22db7c021e6ba2cbc6190461c8ce21fbcb94a7f59b3be2f4e924204121462b4b7e1d4ead057129722641261bd614eb2681445f465ccdf681

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76260de3e3977ac1b595b4f21e94806a

    SHA1

    4db613e87a3524f3ac36f2c9d7b12f229a7d1d2e

    SHA256

    5aab8c36d30745fd7973a03fd86d4decb844ccf09e60e68a8fb64ac2408806d2

    SHA512

    b3612a9165d8f0caa7a0f1cf803922242fe0f69404a8d8bbff13d709c0da7eeebed87d2935ed0316103a9dc13954018fbf754d923208d897cf552e154c6b0738

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7805b660f5d3d17971f6de5c7464443d

    SHA1

    e37913ca866717ce355f1a2a0732c2c801ea6a89

    SHA256

    75621fed4a247c2f528ba141b69a2616fa011c4eba5ffe0afaeb489407b33e8e

    SHA512

    852cb296de83197ba68c9b71a1ad0a7758cc2b86aa64a786ab42042a9d43c547cabe7b35e9038a9475ec58218f00f91b9d323e01ebbb589c3e5027bdff68ca22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a02cf419190a5d1b8b8ccb9bf41e6726

    SHA1

    a2ebb5e2c5309c259a6cc9bd0e5b5eade5653be7

    SHA256

    c2b6c49f92c2cb7321074000c0687648bea8b6d3e05d512fa2b9469e591bf91c

    SHA512

    80617a2fca55630b0b1727194a8d0fbbdfb7e08b13c6013be81b6ceff26a47d3b379fc05da0118875dbfadc6b27d608c40910d10a689b62a3b78a6abdbcffacf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f2e8a1c7a0d8434499d914a757e0cb28

    SHA1

    52d897daa7bef92748398acd90749c857fbd0a1d

    SHA256

    b28a0037ed5f1cc48a2f64a42ff5a819dbf69ac47309865d481edbba44133ee4

    SHA512

    732e088b59d156db9079ccb5de49a773d41b158b6266ba74e1e00d3ff460d9007e499f76ef87fdfbc0d0057919aa6ca68e51001daa586628d480ce8db351386e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2b4eb55bc60cba75935424ed26c4f8a

    SHA1

    baca5d369fdea02f39174877d8849e64d2961649

    SHA256

    e662b45ed9f9bb16805836cb6534bdaf8ad9135757a4e33db205fb86005f96d6

    SHA512

    2dcddeea728b267e581c092532fd15564b8d81c7dac73b7678d739fa10e0beee533940933d0d58cc556be20cbbdb20e07910dfed5c16ca7e23be666ad6ad3493

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    305381b53e3a87ebc06c1ea316b48134

    SHA1

    36aeafbe9f777d0b72b7551791e291175cfd761f

    SHA256

    dbcb74bcbceb841e5c2026e74b104ab1661455058a00c656b1abbec3f665e70d

    SHA512

    57120417203253c4ed91bcb13c9164ae7a43589a0e252dcf0089124a74006a4ff4f1fe1574c22fcab2c570c40a94c8e212d194774212e223cc397e82457c55ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0287c5589e34f315d2d2552755f82904

    SHA1

    413549d1e129980da2d272d68dcf7fc5622f4293

    SHA256

    1df03b3383904ddfe0c1f9a546404656a354b8e1df9383c410824aa9d4c9a130

    SHA512

    ea9339b940e592c0e20d2167c39a29fe153a1bfde6dfb59fe16f2cf3702563588599ab8d72a521a6b8b8d0f387ed09a4d4f9db4197a0bb819d23be0602db9aad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cd9b817d468fb2fe54ab72622fcd4840

    SHA1

    ceed1373176fcc513ebe410b29cb59eabb17fc1c

    SHA256

    7a8bbfea1ed18699268a0e25899821b7361317f02bc072b4b673a7febcbeb743

    SHA512

    9a05490831e181f1feb78959ef3879d2fb90df8bf7697c26c733df3f57bd80a9fff9ae1ac6d60c7f6b9ca9e375aac39cfdc99c0a27bf2e8d96f02c7902c3f445

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f7f8ea7e9944e83d3a8e92afb3ec820

    SHA1

    d9e78d797c4a2762f8d1aaecf92be9739ddaf9b8

    SHA256

    236c194c6d12e74740cda10b824d99b5acd6b7b51f19c25730fa41f9d0bf3051

    SHA512

    a5f161f76cdac074fdde91f492d30f24488bd3a560e14baf8b5ae532287f58904d3a8369971a5079fcf30872325bb8638d222c6e8acf95a7c39f6b3977060de1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    6cd8b1b8ca0f7b7ae54abbbc8b374660

    SHA1

    b8927916845f25beee268dd0b9d5451e8eb90c1c

    SHA256

    4099751d0a4f74f9d364339a130156d1f61fae82e1deffadcb689ef9376ab2f6

    SHA512

    4af6b5f7203155a82f1fb23776e0acd3dc868e45644c95c39c240ef2f3a58a9f6b5a6e91bfb4cb7d2b841ed47848790f86664c3173e0a543f19be27d4ed82f13

  • C:\Users\Admin\AppData\Local\Temp\Cab19AA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1A49.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06