Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2024 14:31

General

  • Target

    8f6476bbbee0889fe480c93ac5a8334c.html

  • Size

    68KB

  • MD5

    8f6476bbbee0889fe480c93ac5a8334c

  • SHA1

    a6a1fe348749584531afdf59f97fa3ec22aaee76

  • SHA256

    3effadc050f2ee0e4c03992bff29eb3876db4d64885b7a72624158b822685f86

  • SHA512

    8e01a634a419ceb05cd6ee866ded9be5339cf78c35d5d4e81c4428a1e57e862c3ea64fe8527f02ada277832dfeeb41031596c7aac2d9c26681ab832a22375cab

  • SSDEEP

    768:/dKPfPg1d304C/gl6Oits+CxaDOLe1caoGZ92S8MP:/AnPg1d3hkgQhjjOLe+aXZH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8f6476bbbee0889fe480c93ac5a8334c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2632 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    b68fe463c7ec10f2571f6b452b5195e1

    SHA1

    0a735214f8f38e3ff4de9fc072879cdd5b830836

    SHA256

    d416fa3f24102ef5802842473524183d7e4808ac0ef819703569fdeae2ec142f

    SHA512

    e4f4640d59050cab6e690b9c2d7973992be61a87a4110876700ea8cce644c1166301bea83a4a1b921325c34d39f0df9ed6c94981da9fa8eeb08a6cc62ba91001

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    00716c658c6de42cfd0c7ede18b68b82

    SHA1

    d2c27799ea2aadd332ca4952ce7c5f867623b3a9

    SHA256

    c2fc6722b80eb9bf72717c7af335387983d99cf8608a7892945ba29d0ee3ac28

    SHA512

    cb4b44ef2bbe6e6cf756ac5bd2d7f09a406bdba42014768685a785d873e13234ada4746fe7d4c18cb44caec8368e080cd716d55f169043b35d5271cf1bea88d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    59fd0feaf95ef0d72f47920d10122b4f

    SHA1

    8a8964e3d34c662a2a9bac0dfe4efcd371d306d8

    SHA256

    c213b3f1e5aa2fece853e3f04b3b3b0c009564e1173812b89cd7d8333127ac50

    SHA512

    2574bc51d522d09980c75a8dd0a9d5c957d2a10c808f01325570cdfd54205e282769a92c7bdc5c659807d9a70ceb2c9dbfc518c33879e18ff1f54ff45eb7d2dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    d522a1fde92e3d301c0ab3eb95893836

    SHA1

    684a98e3bf5ee4c022e307f7b6577c07945d58b9

    SHA256

    3eea666578d9dd892230a398ddd7a80b947b10966bb51af029579aedb5f501be

    SHA512

    bd593b9c8f306e2f21d6cc27df5185f4e5c82814f12e6369e756f05c63fa4245594dba64257daa3bb80144aca5f0cac5d2931ac58a843c77e98dea0b9b330e09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d79a0cbd39c077a6ea5ae3392ea565fd

    SHA1

    b7f6bfe7e19fd5fbcb1e1f02d8290e7618d6ecdb

    SHA256

    c4e0e228ef294a2c34077309953577cfa0b08ae70673ceafaa9ad897157c11e2

    SHA512

    90acc125409f68a1701fffa8d8ba43524f71995ffb842e7ce9398d65cf9d4d3527e33b3784dab5391dfb4a4a223ca396e31cb61f66511532e1b90f7af96892a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    067879e1c6f2899c154a83aa4dfffc63

    SHA1

    f6023ab323247a1def6dfc96eb6ca4a106dfc72a

    SHA256

    fe9c61442acd4ed36cc3e30c8c48d837f8b10b7f652d34871948545efe22b30d

    SHA512

    9328374ffc77c2a151d913bd0bda6812e1a0113395ba79daa0ca8003a9f4ada840c329cdf84910036586c8760b7ec3ed99148a08a3e75902c2429475ceb8bcc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dfe2b2fa17ce45c11e1723c81bf70094

    SHA1

    17ed9aa02dea3eea426b0a9f0abe6fbf5ee685dc

    SHA256

    9d0a20cb263c4a3fa273b6c00e0f3f9fdcd2a8d115acf06a7f1c873fbd039aea

    SHA512

    b4a885be9dda2801177169005f4b9165bf4cee6add81f334380e7c63c9f5b20a730adb9285f7321ae0d6f1841be30d9dac66d81009dde5e46ea9e4c97fc45959

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    618934a3b999fba5a22b9f18383a2806

    SHA1

    b3c39eeef18a740b3747e22a9d9bbefafa52fa14

    SHA256

    96c6dfb6b245c1e4d7affad1ed70a135cb31430a41ca3055abb622800e16c3fd

    SHA512

    6303066c37a7f87b345fe0d7758c353e0fe8947dddea4802082fc74b36c0b660b0d0dfd079041a18188b57bfd227ec4fbe6d4f37e32143926d3786366b6f5f55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    239abbb1d4272bbcf3a3aeca76835d49

    SHA1

    646405477d8d379ec4fceff7555572cb51063776

    SHA256

    7e38f0b92fbd0b7b7812a511e0d8636e1b83cfbea3be77e9ca5323a4383bdd98

    SHA512

    6650d6ab5a60a563febc3709e11ef1e6542a5d187f295e8550e65d606664e9e8a6151f1b3bd98636bec78e028e7d4f46016c72f5df46c19cb4b2ec1db7a8edd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b8794401788de5976cc7e808ff0b3ba3

    SHA1

    7459c92485886229eca3f7d16856a63ebaa731b8

    SHA256

    14bc3550e79d6bb5c0f74ab9628e9d6cde136634741b9beef8e39f7de499ae08

    SHA512

    517a9f799adcd9cc6e35a03a26331602983a45e77894cb78bbee44a591834607285214181d1e3b6e1e39af189ab62665b725556617c8ad335d67f439f1a2c954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d5c1a79b0aa3797a91c04d26c7a003c7

    SHA1

    614f1c5b0cbd97590496b36f01f3b6befbb9119e

    SHA256

    4bd920d4a78596615b4468e8d68dad8fc19939a097b9244668f3b08f74ec4471

    SHA512

    32fa1e26334eeee8551e283ac4fb7d8e31de62d23e1b9a2d612f6c3ffeb7976c8093e1471f1f4ff50143bd304ad28067ccc2f6efb0729832c35d6016ee8549da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6d4df170e484628befc890989deb44fc

    SHA1

    cf1f8aff77caa9b56d43b9d9a7765f08933bd26d

    SHA256

    99070e8f9850a446748c091ee170207be4681ad84fceb46e34bf0f211486f31b

    SHA512

    92f4c2b02e1428260be345c9a35d59f4816f410b99b53d426d9de58c9c74315f28f821e938675939969b5b5b85284e23d0a06f27a7a1dbc7616c27598ec4cc0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1bd87844567bbda07974f3257807cd85

    SHA1

    ae0bcb0a8b79e59f635aa9d8e4b61aa0b49db89d

    SHA256

    25556f8ae47db43b79e30c3069be0ce720967b11f4e560b7888bf5f685da4295

    SHA512

    cba7cd67e090b9ab483657407633f7830dc6451a9c91251f8f15990d2f58d872b319db5a3c0a9a84f47a3d2c3b9fd3bf8842608ad42a1231a5431433e42e21b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    12ac8ccf525c0bf5304a94b19f0697f4

    SHA1

    1888bcc251e4b8bec96f6071464b72ffae0310c1

    SHA256

    5a4961aeb098d9c7aa086d7ada5cdf3b3a9d4bc12c469447edc9788fd6394f26

    SHA512

    ecd0eaec89fb78fd83d523c492f83c39b413c70ae44d0fc42f89412d14daa2a89f5bb091e9dee41fed3e4f8f0165c1810fd387fb44b5d684374fe83816169ee2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9bee84bbbaa8e1e9a2c5c2139e1d3203

    SHA1

    f7e7c0a301afffb6b27f92f01efb3af38363e43b

    SHA256

    501569908195ac5828e5a268e16899ed4fb7dc79819abfab6e14a1425e0298e7

    SHA512

    936ccebf0b21a05fefb3def1716718b88bb513fdb98fc2dd4c94f988b6e1203317db8c0e377d6c491dc3968fc8972c3aecb0e553ef56fc7f147e43cafec4eec2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3090bbda47b88cc64a906eb75c130234

    SHA1

    aaf4a478da9faaac3919fe6749f4cf45fda9f466

    SHA256

    3b0543d187045ad20ae523875edd69658a2e7d8f03cfd82236534583492eeddd

    SHA512

    006cfd8f51b27b779348991aaece97597bd77b2fad10b8a9b7396fbddde1e9c6c3a31549c2e0e041755ff10b542c858e8ffedbf5f385c39a8eb5beb1a093f1cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ab71c01578b6a31ab47a9ced2a971fb

    SHA1

    bbe25baa004d73a72b2f1ab8dd1d23a15e8a2b4c

    SHA256

    6077bee839bd799446ff19b27e2184a66e1864e033b409cbbf6ed9654ca27b7e

    SHA512

    2e965481793528587d7093b539889425f3f3f47d8ac4dc1752fb36588b38703f89eb4c51f2f37c5c328ec499e1d8574159ac4c94f800e58ac2074a06f1d96d31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f46a40c2783efd3e8efd0fcf37dc9dd1

    SHA1

    9021af137d19557ee836cb43bb0f53b08fe4ca47

    SHA256

    ed39674480726dc2ddd342787e1c532da9adb68131d3e517fc704e60884a1979

    SHA512

    b013d744f3655266f6356bbf2b30d006de93d686684c7ed0e1455772a0c17a56c12dadf1a4350128912ddad9bd7f4ce004f1d90909d469ad0e3156bb4fd44eab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b1663d5085fa9396136638bfcbb72b93

    SHA1

    937d1c812af9a0b7518c6d5d6472233b9b93e451

    SHA256

    95f000c00e387c39b1bf4d5fb904b868f831181dad2483133ed98243858c8ff2

    SHA512

    fa48ad0f15f91ec4f58fbb51c889b76b2198e14ef8b730e41bb2b0dce9dd6ecb0a6b34c40445a8239e3231ce55fd92a1b4e425dafe6d62f91e66bd71afd465d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f6ebe67c36b0574fd76b453b7da91af0

    SHA1

    835187b92ce136a9610d1cfd91616693dcefdb78

    SHA256

    adfac102e5e1af87e4114a4f1e2a2fba40f03a38a8d27f3046befecea6354f02

    SHA512

    458d85e0eda722c7a11ca2eb81aa206801368c3844de4a2a3be9dccd68ed4909b35afcd44a9782676e837fad4b43df8a3aaa1075de1705b0d0abd1b97af9e803

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72b965c50051e4654c7018461f3afdc2

    SHA1

    a620af8893db9cc11a3fc5659ff75daf43823891

    SHA256

    c60959a91166dcedeeb6793868086c3b7abc558386d2d2c7154b61502f3d170d

    SHA512

    f96d749996bf0b35aa52873619aff53a3cbbc04cb13db07fae896f811cb5d87a1717c4fac3e96aa73be2f235440c8eb7daf58b14008d9776aeff84618f5f954c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5be0d9c77d5eb8332c4df20f5d89e605

    SHA1

    bef6d80e66f9ac0fa33b7f723b727f04417e3711

    SHA256

    093ab8f63d880bb30c4fc74516e4eff2d7fbe9b186372959cafa171a0e5eb0ac

    SHA512

    3d9cf0b07984453bb023d5241870c590310c00893e7d708f928763022334e0987f65f49ac538288551586e6967fbfa9ba79fda585d536867c5e06472e87707a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a220e918320232acdde021ba50bcfb6e

    SHA1

    7c55f9d30b1fd983decc2f518e0cfa0b769416da

    SHA256

    7999700d25bb4e10c4e20718c953217e2bde389a62588c3797c056268cc101f8

    SHA512

    efdc7a9ff0641db128c2b3ead89552da9e14abf23498944a33bdc8153b37728d87ca899273d7c0d6f22ac26ac3a95e75727385506523cf29aac31071c8d56e44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    83be3c64292018f34c1130a1e4fa791f

    SHA1

    5fc42e43fe6b74617882e100870c393fe36f0747

    SHA256

    c221d86bf10293f5f314ab004c3c9342ea97b0f43451bcb3ed029cb10443d94b

    SHA512

    76f1bd9c22dc2151b58aa2a61a52b829be1000a5ae653680e3ca831b9f9de06cc4efcd8dbdb6ecfa9d604e248263f86fc3fa4976b9a38b95609a90aaf5d325e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    fd008cdb1f0ada58dc49597795438800

    SHA1

    3bdf2b60f725a0f1fbe648c23cd1cc2d2ee4c2a5

    SHA256

    d1141cbb31f9558b204504e6f7b6e917d9eefc43a56b0800b2666be56a652317

    SHA512

    7b7fe5931377937bdb9ff766f85de2c303780a45d71948ac26b2924c9a84967d4e3cc6aae7a2a9bd66785f69600496cf8cab074b60180f93fbb8a1ddbe750235

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    9aa2c62abef664d42a80112013689875

    SHA1

    aabc859c0930d0c1586c4c1a8b6db3854a1c811e

    SHA256

    863a88408424603bd260852ac920020330e9be1dc34cf73e5852894982becfc0

    SHA512

    4e0e8ca6f01bfa54734a87203e189fb525cfea9068dbe040f130c7eb7803e850972305d12c6efb6f00323d26fb4be6795c7f5d3577c7989b4a19de0c5021e465

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\cb=gapi[2].js

    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\plusone[1].js

    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

  • C:\Users\Admin\AppData\Local\Temp\Cab6C0E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar6C1F.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06