Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 17:44

General

  • Target

    LICENSES.chromium.html

  • Size

    5.1MB

  • MD5

    f0882b4f2a11c1f0c524388c3307aad7

  • SHA1

    c8952b4076167de1374d0c1f62b1fde8fe69f4ae

  • SHA256

    1b8b8e268755376e95aaddd0a6881f6f4a4b96787af1b2db158e51958410da5f

  • SHA512

    1e5cd07637e213d3f77f8a6204b5bb9a6e16c343790dda4ed677b081e8600de912165bb3436dacf56ea2e5145e888f5964deda4ee4b7dd3516ae2cab42e2fa0f

  • SSDEEP

    12288:FetnJnVncnJnkncnpWQtnwn7n9nJnCnZnGn3eQSnqnBnununFn/nwnJnqnvnOnqP:nPDt5WXWSNkbfwVR8mfjF4HyCohp1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2040

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          926b83869f26bdd27dc9e6de85dd52a1

          SHA1

          deb324f565a0d58b08ec722f30bcc9fda0c5fce7

          SHA256

          f25b7ac34ddadf3e4b7e7f09cf4e84d659c99157707b30d4f5c9113ba09e5f51

          SHA512

          49a5e5999c027ec4f9f63649798565885e18f74af886fdfaa8100a6e60b1d7c9c5a2aa4303705926758b71e6fcc328295142204d66a3a89421c247f1a1298183

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4f45ef6fd9d1016cffaf1c3e53cf564e

          SHA1

          ffd2c4e57204e6875c8e9d96c949267c37de56b4

          SHA256

          f6e09d31cb3318c799e94c50789c2563167bd9cf1f290e489831acb08d5875e0

          SHA512

          7865dbb2e59334dab6c23abd731dc20505d57f83171f64eb87928cfc6dca279dcb058002751ffa73bb1cbbf09010b921659ed1ffc70a8e42ea163ccda4c6ee46

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b31f584a46373f5d275b9c0137af6f6e

          SHA1

          896364e7159417ad7e4c9227201cb84cca414141

          SHA256

          089fbcaaa5bcb7d33922d5fdeabd8c3ff2c2aa88de154d4e4590c061c69e8e0b

          SHA512

          2606e34ad229ee62063da39f66d42f7568ad9a17869ac297e74e031c07b212da19b9c0a31556ea30666045c0a92858b08bb0abc173bea30d69b0de87f12195ba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3d3c2bbaf92ddda1995dbcd3ea813431

          SHA1

          165c98cb0bb94cd375ce31a8f8ec644b274ddeb4

          SHA256

          98fa3def49269dfc08ca4740f3000c1d0c9e0b2240638544f559c55399db6eae

          SHA512

          c2fdf796ba084b52de04c77ff7f67831cdc3e4b398cebddcf96172508ade810927fa6da89f66db23661acd8dc57925cccf3222d43fac65074186a174175e3cb8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          214975342c0c23d3c5f5c4c9d5d9d1f1

          SHA1

          6099ef5851aef9d1a99c6f5134fe3f01ad7cbcfc

          SHA256

          87667256091b3e8f3f9b619c143a5f9552a8a0063e89a6b0786b01260cb075d9

          SHA512

          a19315cae10bd0ccc329b8e63fcb4b0c2c09f3a782e7b18e18cde2b7418924efda112df001a401ac86f15ecb6faf27ac02ec8eaa6f09ead2a005454f16438797

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bc15fab636a76faf2e3b7e663c5c9c7a

          SHA1

          4d82ba681bafdf621579ef59e4654a6db965114e

          SHA256

          4468ac059e02f7085cb999d503cb566cdf4614499f3c3ae8f01d6c682d32a038

          SHA512

          b21522db31034b2b98a007aab962c73e72eb1196d8ad0d5af4f8118b1e57b600780f0830912faebec043f8dbe30d80a1f08583daf45d3ca312136a925180133f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2d63783384ca96e6d6319dffa9894364

          SHA1

          94adf5d3f293a89e93d07e4a207f499e40a03db2

          SHA256

          eee571b4decdc0550673b7af51f9d477d50f5afd68b86fb39484b98456257559

          SHA512

          d4165f9d5fb10800f98642fb51db82a14ffec2c186ba01a203b04cc968664be81477e56522391c5339798977e2e327054e25383e7caba73f1010a071e5995235

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cbfe4566022c59007cdc0a3376b47e1b

          SHA1

          08dd5fa51ac4072a90549b377cbb4e6094414ff2

          SHA256

          d266214cb8a7418ed336f8ba5dec70ca4505d1d864e35c08942b92ff7f927363

          SHA512

          89e4a53e4fddf1c0c556c65c985564d02ced7d26d2136457c30ecc89ba897c56a334d6ca89f9045e9e62f630294ee1f46adffae247f4e9175235247b0a3e5673

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1445468236c6aba81f928ec209c6e10a

          SHA1

          2c48b4a666b48f4b4264ad1e7b65700ee5c90266

          SHA256

          2d95f768c809e450cff01591e52949233b9409536d02666b2aece555e1a0ef14

          SHA512

          343aba277b7deebcf766582a89ed2cb825952daf33b548ea1ee3ba95225883a6d8fc49f4dba217b216d4c1481f5097f7d10e9773e3d5512f5dfa17fca2cd3cfd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f68633a6c7099db136ec4ff8444ff952

          SHA1

          28cf47d713e37b7434c82f4f76de1b79d45b5a4c

          SHA256

          d0fd21985e7d03458cc4b479262f27b72bbb2147f38e802c5b8ed0d1ff2bec52

          SHA512

          ae6bb8c2f71914fc2e623b0d051812350ce38326a4b7e7d9b34d59394efc692b77b88af403e74a8f342f0fc73e97bf68400a8cb40a8bc06a231b2856b624f823

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          edd377f14fbbd13f20f787efd1e98e48

          SHA1

          8434ed3bd156a93ddc9a437b96778a0ba9d8d28b

          SHA256

          d2003f0e5e39e3b1eb8b55cb4565c3717ac29169af4c3eb91b50447f115a4f8b

          SHA512

          8dad5c7016098bae0b0bd09d11974f54f7d15ec326bd8f7be4c43b83bb29d7b66d2ae5125e30bf8a7a85f8237dfbc1ab764634b9b3e445bea3c18e9c9d05f21d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c8825b0f75696b2ba832c4b769221357

          SHA1

          ab77ee642bc8aeb9144c581cd6a4f47d54c3696e

          SHA256

          e72257390486101c0550a430fd17d2eabb90e598aeedc976c823e3aa7e5931f9

          SHA512

          4d61472ff397be34ffe175b9b054625e0977433d90b5f326a55e9b42b458c49040fcec3d00e15887b12bb73f80c3084b29727726c8c8279ee7b4bf05632304d5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          addf94f9dd1676b9a5fd7da3ef450597

          SHA1

          00f77147aa8d7b22d3444eb23b9f469b4b2f6ecc

          SHA256

          ad120b2da25053c745d2e0c6d08784296a25f415dac3b010e44ba123e24a4d8b

          SHA512

          9180c063bffd7a665ea9a825f7ff631afd628cd464c4e669f7138377f59cbd3b961dbede403f9514fddb40ce893854a64ee8f47ef893592ce35952fdf7db4836

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9c59623632ef4aba8d7f46db0827078c

          SHA1

          24ca7ec9478e63d5ae5e8bb454bd1eb8cff1b93b

          SHA256

          b3e796ea314fdac7fe085474cb6eee0f8ad579a02b36563f98a55ed11fad9ecd

          SHA512

          c687e7ac68c2ccb06a552ccf0eb65bd5af8b5f5e035f35cc7a90c2cc6f64ceb693e0048c739e03198187b1adf60f845f9548fce441e5e2f6d99ef25c1c39c022

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          12d825d8a694b7e73f1f4b0d4be69e97

          SHA1

          6e4c892186c1d657f4aaf92f6dea837527d1af56

          SHA256

          88a5258d04755f8a183f2738d83e1c67ba153039d4b7e546ed3c7a7dfcbe4a4f

          SHA512

          77b7d01ae6cc32495d9dd351e237bf03e15175c941661f9e88cc4b6f35fcb1e1bc4059fc229099a08169ffa52c8c427dfb446b043f1df01e9de74b8b46781a67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          73dce9667be98983ea41e6b8deead8ab

          SHA1

          db58255d82144e9bb6b98ebc801ea4c29df0215e

          SHA256

          cc51f4b234fc712ea5d45746a4383ebfb2bbc0adc3d4b19f38e7c171e96f839c

          SHA512

          6d65e1cc1f17c76cddedf36a080e0f4ecdc0146f4d6e91baf549c6f313d317896b388f82b6b0be84ba43c71d5146fd399de43610c63b4bbf727d455216217910

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9514079bf3da4e1d18f4ea9738b8e4f4

          SHA1

          0ecf0b687a155300e32ce5721d7b790581699be6

          SHA256

          eb862762f08b378d8d84fe689fb4a22390f28f7b7e8299c1d37271377a7ef9da

          SHA512

          6579eb028e938d4b519a15acf6007b95bad7b54656121c4023d7821ce646cac49881ef72d8b26d3b9c90b9ec3e0f2b03bc91395d7cecc840395899ada2a85762

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          16624e0b559fa0155f3a4be16929718d

          SHA1

          28ced8d55d322e820a12bcdb1302d5d45c0943af

          SHA256

          2b277fbc6d32dad48d93308b550fbfcfec3e2ddbaf42703bfd43b3e23ef68f0c

          SHA512

          8f7ae5d272d7c26af22a1eb216f260965c351ba353b33370054fe107eafff9737231ab7374bb1dbb3d915daeebfc7ee950f9b303e59f141316631e2c97e75837

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5aa59f265c0d68d47ace01a00ef3ccec

          SHA1

          8192ca5c6a0f981613a1f554eddde41f5ec735a8

          SHA256

          c616423adca4bd4d83da679d236306b7e23f3cea0c780f86f18b2ea93857c20b

          SHA512

          b933927b60641971f5f59e5005dcaf98a5c2943ca642feac2bba632cf478340dcad1c71f4b1fd3f1b35e6134b9d0e48632964f64835a6bb10cef82de99201501

        • C:\Users\Admin\AppData\Local\Temp\CabD4DD.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarD5CC.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06