Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 17:49

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          0338d3ca815bd4636e514511477c4681

          SHA1

          913637070ccc31db49c86a48724036fbee0864e1

          SHA256

          ab020ba82037b00f5a45aba58edb7a17e1d077eee8a446df4bc6f0b2e00d61d9

          SHA512

          12da705106c5ef9bd2684ae1410950ddf9116e032699c9270231339aa2953d2286bb6b46f8241b6e9deece5deef72dc2eaf7d657fdc0d5554a10660976783076

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c15240f313eaa1bea987a740df7397f8

          SHA1

          2ed228fe30e765a46ea7b10ca3b031a4ea89aa9e

          SHA256

          094acf4836f40153fece776efa90f4de1598df73f940a2cbcfc507f403c8f660

          SHA512

          5940965e218fdfd64d3b839088f9673be08ca45aacb75174a7ba92d93b42cb4c057609241f9955dbd4198080800d72219a5df71d8a19634c1bd80a36bd7f370a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          914adaffbb5e946b83aba4c0363eb811

          SHA1

          55addbaca80533ab59286483363efbf757dbd8a9

          SHA256

          fc98d38415000041d0ce7760cf605773737e8df60e239814e24f39e4a5d342e3

          SHA512

          fd2bada3b051348103f66a5be5921379d1023de620441cb074d723d6d1726d5bbac2ddc0a5536425d6971ddbcf3925c54896f54f9dc280a7ccb151147dee2b78

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          70999e25f5d2b1c668bdbde1665c90f5

          SHA1

          6343671108935012421f86396bb83e2954c6c4ff

          SHA256

          932987539bd65f05c956cb178c8599814cca2a122cf39e9de04c95d9a9ff9eef

          SHA512

          c235a97def0b9045806367b6b1005557a023df6e83fb81d160dbc9dc3f7f521286b0c9a43c1b5c234a982329f015dbdcca38b937216a0be3a120521383c8f9d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9870d40cd7c66583d99d4716a67e7f42

          SHA1

          90d1617e23653c6c299ba799b39a996b201ebfa7

          SHA256

          25cf83730b6bbf1b78d2eb28dad87cc343c84bb30353577d2d60c5df8fa38c72

          SHA512

          35d94717d5cae98af5d5f6a674e16c6b7ad8c53d02af26c639fac67a07965ee08c73610816ae53a7cb70b268f845a569d5972176a5fcf74c80663c1a5cb45f4c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a933f54b2ccc0d7dc12323efc17d2b9e

          SHA1

          17e42a8fd3e93d46bfec9c4a71c7b2993970f28d

          SHA256

          2cae9107cb54c1b2376e0bddfd3e585fa2f3e86a23d5a1ae28a6a60a5cd600fe

          SHA512

          4aca6a87993588f77a2cc0b44a90cd7a61fc7d129959c289db182c3ae682d83dc9d938da16f50d887bc126b3c9df3d238c9b7bcee465565b17f364978c95c2f7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e79d7bf12bf39d8bf5b9c7a3ecaec71a

          SHA1

          4c905acf0f4d227484a5197fad44b890fd49d3e4

          SHA256

          8a613922b8c90386ed747c7ef13a75ddd12bb4ca6ce9e5405fc558c57909b988

          SHA512

          5b88fed73f5518dddd571d292c76448a0e6f6e271770f49660c35c66ad6a92c97ca22dc07eae93f4f9f1efc837694c864a29ca0c6b44e48f40a94f4f088092d4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          843a2dbc7cd33473c5163adf8651f0e4

          SHA1

          0cc96d74a5cf5884750468d13f4eeef2c5251d68

          SHA256

          bae46ba012f70d24cceabc94946f620357fd350551fcc00d311643bfe8338041

          SHA512

          a8f84e7239021260851219249d46e85cb1d717b3122a91a114acfd82af0d8b6494a7c910ceae70dc518eb34e814068d692f7cf4de971f25e40d4e4e7a13d140f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7a955f1ce4046781b4c06c0c302ee9d9

          SHA1

          8a2c1e727d24ef4f61240c088ac950b5a0fc61f0

          SHA256

          7312c877dfb6ef622b54f11fa80eadbdeea72899eb177c73c01defeed9deb830

          SHA512

          ab6db2c2bf6ba4eaf0464ba5d5ccd1bb839c751116d35a0fd86da7237403b4bb2c6358684c41c55ea80b6842f4ca9db1e23d9a24908f89004962a2cd2ace871e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e2765924ad46b4e4ccd9c843bdc13e2a

          SHA1

          5964a31e899b591c557b3303ce3c109a5ac88b28

          SHA256

          16d94c38ca2785ab1e8243f16887169c276a8965a9e73b32fceac4bcb33b0170

          SHA512

          18c66b965196035285aa9ce7ac13e74c2f216ece9a2f9b171ad818eaca4b025c0b2045efae217f44463622acc76044408d065cdcd6950983d1e19d57cddd57af

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3db8195e17f0a2f3b1ebbab8e8717844

          SHA1

          4ac47a7dee7b2e704d3187342de2be91826e07e6

          SHA256

          ffdc10948e30e634da95e01496c88fc8f850c45b6dc8de312486f82d3d974e9c

          SHA512

          64d1c60083e5f2d8891fbe652f17330deeaf8ac7927a551f9017522bed0662029ae2f022cdbef9d793e28a50c3b0d0ab9737409a0b32a46677df85ffa695c651

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          92f6451b636cc1dbd6f8689f70eae750

          SHA1

          155f52922f4a64798b16ee59fb440eb7db4e0efe

          SHA256

          560b22d91a765f1f92bced45ef50eec343a390b361d894acc0a3250bca46cbc8

          SHA512

          e23b34e02aa3b3ad071e7d5a930636c23efded8e02fd4d9ab5f9b43bb0e941d36b895922d63d35f477a850769bbb049e69a8f0fd86e41d9943ee860fd44d9e9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          969bd9877b3df5af95bac5279269e4db

          SHA1

          a4d67f1c3727b68db145a60f0436ded98a6f5327

          SHA256

          646533eb56e20a575b6b343ebf676deb7e78f2c0adf8246ddcdb5cc74d0612f0

          SHA512

          2b76df1b7a0db90b0a352213b3c7cf4d3f1fb9c0415c07a8a4cfcd0752774e26d66aca079496102532b08708e52f83f74986a06481f194acc1afe333617933ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fd3bf0c5f87251bc0bf65dff2cea79fa

          SHA1

          d09d0ac775dd237c0825a74b5df4179bb1671efc

          SHA256

          ee2cc6724fe619aa56a8b0098f22aafd8420ea009cf248407c0faac358a8bfe4

          SHA512

          508eccfc5705d2e09e47977cebea07af72abd6f96f81a5f2365ef36e30af102b974d7c4121061022a718f4dc830f16f6840d88f3b85e1bac8c86630491dc1e08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e1a25aa63c98092f4d0ea408b6e6552

          SHA1

          86e0275ea0d1bb171a4694a8577ff9fdffaec28f

          SHA256

          c1648f4f68a65ce847569758b5190fc31bf761e7533e54d010293b52d8165dbb

          SHA512

          afaaa90a359ff09055ae4d1fc10ecda0acaf08fdb4d14d016ee0673d6faacf9dee804c1610e7925db7e12480be9ec2e743784e6dc3ec25c89296ffb59601c5b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4f56f31cd5221d366e38e3aa246907bb

          SHA1

          a541ab23cecc8598cd355a310f8bacb9c0230a77

          SHA256

          0128fcf02733c4b60f49aad7534b86b247ca7b5bdf23f7b49d5a9d490f8db1f8

          SHA512

          758ef2a293de022c532860104181daef029e73484609d21f8ba5827125c529c7a14618642744330ca1370cbe6cfdaf5b0b88bb40c8bfb8ca8f465248ab6db57f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7bb4693bc93613379af7fc205a8a12c0

          SHA1

          9c4eed7d186fc4cf8bc57f52a296633fd2929e77

          SHA256

          bfab303a2f0582ab6d47a1ff738a6eee97e94092655160b06c07dd9bd02a5041

          SHA512

          1c4de88e0d1f56a97ab99a0077c2db21b77bb17830f4b83f2ca44b72846cc23f941349fb5a07fc22ad8963b06bb74f2e191c8060e3b9f47eecb212f9f94c302d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          500d1df792b75ef2c66e9c5c4a401bdc

          SHA1

          c66d255b1f1af13eeecfc55822c7a93e10561195

          SHA256

          20c7d1d3425bb4bd376b1e1c987ba8a7bcad6ad94bd739e5082750fa3fd5642d

          SHA512

          d222a712fd0b9fd01d29dc5c7568595698692473a012e9795aecc7c477cd911d32de5514f5207f10d536b973baccc464d182d11f4beb73e9173446693e1c5380

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2ba925a5f7d3d1d00deee82fc6a00e62

          SHA1

          dad21172ab133bde7c334976ea038e060db7bcf4

          SHA256

          364bf71ff2e46d9590b5ad71a397b343a14f76849ef4c3d9ab00d7b7096b83a4

          SHA512

          775b21e3adf0e9a4568f9f9dfab1dc20a83f4a7d12678f2a5de3fc9686cac3c2ebacae5a9f0c1fd56b120179e53a50046ddcdae400a50ed1dac5910edd88cdee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          d0aeb7d35fae74b8e63afaa21ed38aba

          SHA1

          0e8625b86aedecae40b54d2d202b34d629e2cef3

          SHA256

          bd2aac5d2a2f51580afc7a3bd557065328ffab74e6781a7e9b803da50a9f7a12

          SHA512

          87357707eb381eb993f55bfacc64b520beea6c710e3434bd12f89041e4c373316e7cb0c15bd2e74b67c3eeebb7466efc7f0db8a79dffc1e16ac9e8a02b062e51

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Cab2FE7.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar3163.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06