Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13/02/2024, 05:41

General

  • Target

    989e06624fc52d22a4a8c5322d4c063b.html

  • Size

    137KB

  • MD5

    989e06624fc52d22a4a8c5322d4c063b

  • SHA1

    9fd8c80776ba6a3b23ad3f220e3cae167ca39ee0

  • SHA256

    b804c71325ba158a0438d13a251dc3c837865dd618c789509abc882c313867c7

  • SHA512

    3496dbfe66238bdf5dda64bb122dbc463c05b139ab94f3ffba1ec3e6b5fd05366283d80eb1b406ed1c6a5bce100729801a2f55d628cd6195b42626521e5e96ce

  • SSDEEP

    1536:Cen7IbFD2x+vEcByLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:cFD2x+dByfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\989e06624fc52d22a4a8c5322d4c063b.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          96f01c979023126350e5179b4fe6b632

          SHA1

          26160b3062f2ca3e8ee9392366ea236df8eaf086

          SHA256

          6ad0b318ceb4db79c9720ffc9f93f49e2cd6187a0e5b045af3db8ed6d2e5b4ee

          SHA512

          bee21cfff5c73a29edf97ed4aeff67ca0e5d64964757850846d8a28c30846b4ef91649a707bdf2e8f3911d8c4e865a879c39ae616c8d75b95a9ddee9b54a2425

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cff49ce51b2168831c135b04f7eb3c28

          SHA1

          3289d8320c8269565a60e0901be82748857f1379

          SHA256

          1f8fec8b72972003b5c8fc23b0de51c5e49b096f5376072e2c6b1578690bbaef

          SHA512

          9063aca018d4030f3c8fd506b38cd729b3a715cae659375b488072210da066ba7fb3b3ab61685964ca38d7a6ddc37d8099defb29c595bccbb49207a812a739ba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1a4bfdb31c2660e98f9b1f22b16cc7e3

          SHA1

          0ebdf5fd776748d62eecca604eb6a4245b625d1a

          SHA256

          e8e666e712fe345b2d63e5ad5e04eb52d959899b08c2fd7ab916cde033d621ef

          SHA512

          88f44c862026fbfbe2bfa0a4b99425884eef7a4444505a053540f7caf9071733a9e9ce9fcf0a76f22e14eb83f4d6e97e2e9540c2e9eb30b2ee650238a6a55812

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8cead076fb52521b028730980b3023f0

          SHA1

          079ebfa376f9e1d20b8cb477b480302c4086d665

          SHA256

          0138a8a0fc90789a895af19aa67397f8e9b6bab7d6f95c0d7d0f402aee347702

          SHA512

          649175800eae59eb98d8e09dfb56e5ad1f63a5cfdf29090ffd74f952d7a59de5649bc4a6c0879f8ae03d0663877e35c195f0a918f7410820ad2600279480df9f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          65f27e92853836a5b26c8ba0ef956054

          SHA1

          b9eca223d1df748ecefb9bfa75a3dad359bb05da

          SHA256

          7ab5eebbd36b21281b6fcce0566b5d0766250d5f3d9c16ec4c52d9e9fd98c358

          SHA512

          858c3109f365ff00f78f6a0175de202a986a500b8907708493c4dbb9104acf15e796ca243f28bb3257fb4bfb814b2ca1c6fedf023f9ff1ad2cabf54b41ab3599

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d94c030899e8b13149666c9f941e9bdd

          SHA1

          7a15230a1e494186927529834e747dadf469994f

          SHA256

          4eae16224c23abad4406fd822cd7de64307eb82f319efd2be7113fa8d09aec88

          SHA512

          99f39bb5c73b04d6fc50df129bd6bc69aca2dba405df5a63e7fcec4663e1e5906cad7384f1d5ee7e86a3a40434ed4039b9607c9490317d82433282b3e976818f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cdb2aa7ded763081dc646f9dd0de52fc

          SHA1

          f6cc6115e1bddc3c2d436dd665ebb48c213e9d39

          SHA256

          6211ec577ee832df929b46e3184aca45889b353b447d212c6f2284f68238e353

          SHA512

          df7a8406ade4fb5be2ecd4bb1d03bd966d1aeeafd13b81bc79fcaed83c4cbd3a5440c5f044d114aae4d823685af1409964483368e855da21f1d94232eae1cd1a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a7dfe268f76ed4281fea249becd304c6

          SHA1

          4a620ea3befbe67543425e89ba69ec14fb486a92

          SHA256

          43d4ac5b676c9645170b98956db60585fdf0315c305f70c1a2d316e5a6aabeeb

          SHA512

          61fb21b23b12bc76ffaf7ebd45bd4b058094650d49fc278289127c1ced075f1261927fc4da0baf357a4ba8780ab4e5d070f42d4d4f6fc502006234ef5010d986

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          08eb63289bd2c27a401c05780b65708d

          SHA1

          18caa5e6521858652cb2cf7dace7bdb80303fb99

          SHA256

          ccf37e8dbd4340a6eb40031b787c6860fcdc01e2dc201f8543cd1244351cb3fe

          SHA512

          efac3683130e4680eb8dbdc78c75a1e0e00473a5ded57ad3fb6a1d58f111b4847097369aee75bac7a148552df1a455ddd352bbfec4603db4a6385a4f274b1e7e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e0e66408a2f03cc6cc9894c0d2dc68de

          SHA1

          e2b9cab6c830590705284b15f1e1c4c8f262e660

          SHA256

          10531e917280512cc2744dacdf3666396e0f84228b194f67a635435ec49d0a12

          SHA512

          d89f8eec2a9bdfa1939b2456c0e0e8c0f5943cdb3e31405eff373b0fbf43ca7671de0222fe9016a3093491499afb9c917af5e8c3cbd61d7015de9784ef93e902

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d42cf3d53a0e7e77a5baa03448c94a6b

          SHA1

          a1acef422dc978a61e486b5e7d0d33d1fd60dc4e

          SHA256

          f898782eddd3129a231228a46651b9533a1f1e628ad673b88699a11e692b938c

          SHA512

          7d01703a69f55b1185ed0b39d240e791c540b34800408a2929a66e2a7603e64c5e11b4103b4ea3d31acba52a5d982554b3522f91fa7fc69350346d29088960e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bd8dadae0bcc1cf2e489c938aa4d8bfe

          SHA1

          dca71029dcfe468b19fcc76af57a66f2bbbc8490

          SHA256

          4d4dde0ed984176c4773fdea1d79655aff343be8348d589ca2f64780463cf19a

          SHA512

          293351e062ecd8d604069cae80993da9fe7b53a1e739dcfdef39f64d5004b46e2f617cf0008b576134f813bbe27ba50a8e7a53f99d65a3c125ae29edece47603

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0a83319bbdcff5667252a0c1041c6638

          SHA1

          62acd5284f8b8d83dd55ec3e40800c9f3b706747

          SHA256

          aae4fe38888205f619fdd1d968b59b51f029fb5d8318c12a24e56fe75dd6152a

          SHA512

          0a6b1e75d565edcc8510f01da73d32dfd4260ae7c192fc4ec261c4ad19045d046afe0ed8379502b31e061542072cf85fc3d6e84fb10a3d2c7c93ea3b2ee68a55

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bf95517834ee69dc3a42b60cf60c4a94

          SHA1

          7764406cc10eae6208bd5595eeef2b92b6101a3f

          SHA256

          2ab5ec12e9df5132212742ed4e411fa111cea331d19b630f6006851d908681b5

          SHA512

          bef6fad3676008795ab90e139b60bdb7c68de27edd6a3661d4e368af76207771dfd76220f5e51b76cd6835340ce639d04579c75feba689af540d6361f2c7c3bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a6f52c98b3b864167d148bb38108090b

          SHA1

          41d798e12e4024b8e1b37d5419c2d9fea315b18e

          SHA256

          48ca098035df413a51502e2fceac771e18031124ebbcbc276385a2d3808286ed

          SHA512

          299451833e6168722d63290a999055a740286b8291394b10cc374485ff5d509b53d86610b48b9b80e3dc0a5b24150d8c68ea95571196da095f48145315edef9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          30391acd67cb389c0c53665a3d3f08cc

          SHA1

          12a96fb145468e3cdfb05dcfc7583f84e6d1808f

          SHA256

          5dc25c8645228c7f915d4c644c1589503b4c0cb753f8b51a8b010079720c6fce

          SHA512

          dead9b805145a2edf6cdb4782a217d93b0f5fd39405add6811e28e28b0445f3919b6bf418cdff4f3ffc20a3466a9ab0fe9525a67619fa55aa12cf96c47a9102b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          11e48ecd22cd9c9eba2751171173b6dd

          SHA1

          00543ed172d5be62f93b85b6052098cd278dd959

          SHA256

          f5df9cae5532de42d163649884e07a17b9667ff765e1cb139fa61b9a9e004cf9

          SHA512

          49903b4efa50e8742fca1faaaf3c1fd16c313a61a8a33d3c3fa2a6c92caaa6069d4d329fafc764cf122fb191975443b7a26a165b054913feff286d794b0bb7f4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7c981ae26c2e8dcaa4ffef902c34f217

          SHA1

          82114352220dc371871b6d3819a2d7875af79210

          SHA256

          269d4976e35c276a84878a2db24f4c7dd35ceba429dc96fb2d7219332ef68f68

          SHA512

          473219e12bd1e61f5c071355ac98b5fce5389efd768f43ea2d9f2bf2e4d21e6d325c6b0bfba3a1bece0566be015cfc82387b97c844e0e54978843c4ba5712b5e

        • C:\Users\Admin\AppData\Local\Temp\Cab731F.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar73BF.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06