Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 17:49

General

  • Target

    tbu03852/static_img.html

  • Size

    503B

  • MD5

    2caff3519f5be538757c467d4fec4756

  • SHA1

    7e77344f049d9ee4d216b6f412c01ba28596773c

  • SHA256

    e94503ad0ea2a4f7002ba70f57e12da9daabb5037b6bedc7725d1fc43a487415

  • SHA512

    029814dd117053d03acc6c0cb1af2802256149c6a3588cd41334deeffad6095dc16386887e2053f288b13a5ebd3599cbf9c55c194fde81f3df77045d2609a467

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_img.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c04fae9c21bc9f7334f2ec93a5e2252a

          SHA1

          f7588c685aa3dbe0dbfdb31765e1babe3b6ea812

          SHA256

          607fd75e3adb7740e539e634b742987f01bffe05508e2ca6dfc747235c28a830

          SHA512

          db411c2cb4b73237b3fc7134d1f3dcc32f2863421dd42fefb469752a0fea0d6afeda1e23f41b103efd1f20ad1993ecfad63d714506c7adae703099eb919447df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9476951dac89c14980ea7e1501f40d82

          SHA1

          6fbf7c0e660fc3a8c44dc42e8ab79884d14bb77a

          SHA256

          5d4212e1df680e1a772ec5cb1cbd641e8e5e054a7a7aec343ffc4126579f1305

          SHA512

          f81c25cc9b9ce8b90c413629d7f0cf288320568d1296f6459c66abfde7fd9e4a90c00c18906da36f8fe102942be0210e98e067ef88621d9ba08342917671e705

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5517188d2bbf201c03c67c80e6ddadcc

          SHA1

          36a1feca345632926076a15a92175758baebf94e

          SHA256

          ac77b45c715beeb19bc96adf3086dd8ecca96fe2d2b64213d9cf0b4330402500

          SHA512

          ae26e586431eff43317e05153813da1091f3cb9d85ccf5a0aa09bf40a03cc1960cce184378e40ced843c85bd8e5ba1baf92d9984163fe581964d4af53ca9accf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          06caad7c5cfac70d45d07af79347263f

          SHA1

          19c5ea6ae6755f8f8bbd624a2596cc611a6d072b

          SHA256

          b91df4e63e683769e4b906a63ad4add70fbc12efe2a439d9199b02562a60dfe6

          SHA512

          6734586487e3dc8e9be69cff8e2a593f4a6846272895163f65b9b7f8ccbc3653b830b07db2fdbf656335c447aacc5620bb28e6cab23130a49566530dcbe43df5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b94509cc50894f92aa07d56d5f6c1773

          SHA1

          2b2abd274e524df0f35ac481941d33af3219f3fc

          SHA256

          f79756fb49f583070359ce0b91b76e75db1af758f7682a8f12022c0dd0f0aaf5

          SHA512

          d2ef3326aef7aa975af6a82e87c10aa122b60d2608e0a846bb50258e27f50545e5b8bd596ef0c5f6d00233c447d257bec2c82f416912d57182476fea9b09e859

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          71fe6b1e29479356512d791cec89bde6

          SHA1

          dd5e508b01fff15702e8f151d47e492d1d7eabd5

          SHA256

          6eae347661ff62b8283b7bb9d1e7241ffee909f32b9cace3d6e5a222ef6f620b

          SHA512

          e7476f2201f7f32bf43203e4aa3b4450837342681dfd5ac4b99524f1b238b135cfad939f0ab53cab9a60d6b631b5d812f7e891a301a2d0c2644d99d563f44cec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          396321bd06f7e79a69486ba2d60dce43

          SHA1

          0af8e6e2ef41f4345d59eaee443763b22d293272

          SHA256

          b880cfb65fa8ea22d66c59e2fe00d94cca3369325f8672a27c86f6c8cb7fa719

          SHA512

          8ea2a76332c4573d65de68e1ab6b7f84222429fb61cda68a7bc8a3d1f447ec84fe4e70b6c979d6a01425cf93f7d00e9c5af6c63b4af02bc1d2b3d833b356438e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d293ca8f5f728ce7b4967ad7b52834ed

          SHA1

          804c3d4160d65cf123662c786b77ac203eda5dae

          SHA256

          a87256be02bb59341408cc695b4b8de03585c96027b18436e41f5dc434c8bb01

          SHA512

          499d4b6be4d4b14b4cba67b5036ada93432b0d0b39726a088a87ce6813f6fa0ca13ca7e8869876fbc0dcd2b4ccd45ff16c5a940c81fbc9422e81bf41bc60b276

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0fc1839727974bf4151ab64744fdee37

          SHA1

          90553424d5d83626dd8c0d03550e6539abf75d4b

          SHA256

          997cff7b27eaf7292ca58c8e1f4a828f9ffb402830d361bc3df70de3601a7e36

          SHA512

          4c9cda70e1f7e2a392495d607868eba6772e66fcce2f20d8b92c9ecba24cf54f89f89381ad6e021f6ad0e231e7d8d9d8c7ad98bd3b77cc9777251370fdb944d8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6630b03e7ef55cd1136cb151294555fe

          SHA1

          3617a5a4a39fe27d1ba1d17cbfef215a0566abab

          SHA256

          166724714f43b3808a787d35c08e0f37c17b3a34dd099b37825231d245609daa

          SHA512

          c6fe522e4df4010d1544159c6d1802a8edc3a479bc5586f3893ea7ea0bf619daca594afee682aa979a447fcbdad01d27d5458a0d464cc268e1ae74bef0407495

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c989e81e7323715c8275c394a22d4f7a

          SHA1

          92bf56e6073ad58448637260c7a2e35df9bd2f43

          SHA256

          ad529ab5a2d47526ed4dc78f5fe9f660848f8d6e55a0359d5328792f351c7b43

          SHA512

          f979cadb2ccb7cd6847f97b41cecd893634cd050ac17fbd26bc4144e97cae3ffb973b11cef37fe034e06e81b5b25d45f0a6c68e766251ab7b5d2f3d0d24f46a1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          586c160ae606f5f8f3ab9d67913941da

          SHA1

          478906b97bbb1f6c8998042092b5d29021a66051

          SHA256

          c754f5ea82e14e29981cfd68d363582dfe6bcb4514b3631bd79b52e84a87d534

          SHA512

          a84b894f3ea32157dcb285c27c8cdbcf548345737367276add8b525a0c71efe989f8868459bbac70598fd4687cc122b028ef08edbc245226ceb432343aa62cda

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bc77cd2479db57647ed16e8ede1fdd78

          SHA1

          0d6f8fb4219b1e1a866bbf3f86242383a606e23d

          SHA256

          160d32b49938154b2ab80eed099d66f872046b86f773dc4a0dcedbd67c7d2fbc

          SHA512

          1c944a2a6264146619127707684e72d0e8f5cccc6c062f3de517348ea1a893ddc34b44fa9a70bf5a2b808207278c6d78650f95727a47291823acadef22cae357

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          572bd8a47bfd461318bf2a25ed854a10

          SHA1

          1edb3ff560a11d12a2f06154c714d3a233c8784a

          SHA256

          06838e60e1b528e501ce75e57c06c8effdae8dfd211ede24327d2deb6762c683

          SHA512

          ca6cce2b108a79e4e463e4cb1a0f663ce360ed132597ef00ace8e2d2f0d2fd9afeb3858dedc6513175ab400c4cfda9f4cb6aa3bf5ad2f854cdbcae21cf135a42

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          65c0b4cb3323992eac2e33928aa4d881

          SHA1

          74f20d6702c1fef1db4d324e02200c368d11a931

          SHA256

          4e2bed4eca98976a0ec999184823029295ea59e4caec9b8e7d49f508b81f656e

          SHA512

          d192af8e920d707cc030c56c0964028fdfb8bfa84ae7f40311f1e863c9a5f352e2e85404c4b57c825587fd1288aee1378bf0233cea5773d72b55d95b42c5e69c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          40e42a14ae7597b42ea54b9a7660afce

          SHA1

          e6c0076565bd8813ae8541d0aa0590a5adb812ba

          SHA256

          5164dc572b85be01f9769444dfde9d0f257bd29ac8629336e28af22c9e07adc0

          SHA512

          d6e394eb62c005134e7f8892918bacc2d77074a019876feef388d08424ff741751bf2aa77046ba293f7a2c8a078a7212fe063eceb9ad32826a1dcbf630ced273

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a41d04d3cb5349ee56b005f58005cc96

          SHA1

          bd148e790e6ab4b1f65ad2b21ae283c8a35dc2d8

          SHA256

          7678785eac2bc0754859a982dbef8466473986c5f8b34f16b55090e5f77fa0bf

          SHA512

          8fe01cd94043745b728c3b2f26a5ba1d8f7081434a28d71475c0ed5437bbf5900962eef19a2d1a9b21cd92289570dc6ffe16709aedbd648d6190177ae3f60404

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          096ef6a6f5e197e95302b779d378510a

          SHA1

          b547ce88d7ebcfb98a92256053a2f93c13c4b9e6

          SHA256

          8830e06b9e6fd4b3ddd1b924b713c0f500d252072bd5a3f52a35fec5aa17e860

          SHA512

          4c6ba55d10abd40f0df6e5e7cc6908a898c0ce94769c5228dfdaa416ab5027e704fef6becd651f009990daa80cf948116e6655f6d31e141f9999f99d26ac7edd

        • C:\Users\Admin\AppData\Local\Temp\Cab95CC.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar96DB.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06