Analysis

  • max time kernel
    148s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 18:47

General

  • Target

    ambiguous_words.1.html

  • Size

    17KB

  • MD5

    557029d8ab70281cff2bd22c04b57f29

  • SHA1

    49c54598c9ff3b3aa98a3d88333935646c72926e

  • SHA256

    514c9d496b2c8b6800348ddac0dd312563bdcd56c82b678ae06d359457964dd3

  • SHA512

    d15c7dcd6820fc9d4346fc56995c1329bdc6c7234a744dcdd6cc7e0812e0117f88f2c47cd9aa6f15134dfb9bb662d36406cc13339c63190a5a3b7dabbf58f115

  • SSDEEP

    192:j25icth7o14c2mgjzapG9hAKlg7Ce+xgrXQto8npJ+u3S1VwMKhMsY01EppM9a7z:Oic/7NlHRVXnP73SXoFn1EppMkm9mSjS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ambiguous_words.1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1504
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1504 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1060
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2592

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            663d6d7149f5a5d50f1d3cbfde64acfe

            SHA1

            fe187a2aa5fe80bc0f6f8dd18644b24806e72563

            SHA256

            7d716cd09c2f59247db2b1637bd0aa4e932f1a0904a9985f280080adbc8c8170

            SHA512

            2280c8880567e06dd242db28be1c2416c4d09323079e741ad1318692cf345d9029c7a7bbbc459db59b6fccbe44534367384e0c8188acb667d3956f89e55b05bc

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            6509bb2f25dd41f95abdaa68dbd960c3

            SHA1

            6f42900f7a9c4cb8d8cc7a15e9cb2ce1d384c1fc

            SHA256

            cbcdda806296da3ff825808a76742ac81ccb5e10705c3f81cb3ea8fcdcee5ac0

            SHA512

            d3b151b63fcdf35e5fc4fbbac22413c61a966da3803eab038879fbdadd2e308eb24badd2c91ee7dc806515989fee464bdf0f6111aa7abca33816fe06e200048b

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            ada7274ae242fa5cab6d29017b434602

            SHA1

            2dc37a1e0139b6121e75805f28c930d571fc495d

            SHA256

            54b315726bf7cebcd4ffe6f2d0b99c402d5edcdf39a995dfe46f350738df94bd

            SHA512

            22a2b27548a065970214f2452e0a643f97d1eb176b650d08aabc9a0e81c7e9cc7f8138309f1c8a5ad4f46422e6680f6cd6cb86a3063940787aa1aa49ef2b1be9

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            d79e61c03f4fa9edca12e10a91db094d

            SHA1

            ca3ad0fbd1ba4d7cd0b53f1e26eefea3422156ae

            SHA256

            7fe4d5e221cfc26745e25799ba5de0f2fef4983878cf6ff18d05cd903416d144

            SHA512

            8da6aadca5be56897068276d798d748dd25354fe6b211134bc97175410d9eceaa67b45b8da89100df9be186f54c03f99e38dfab192c24a034f99410df9b2bac0

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            9c38314652ff8b2abe0be297ababfc0d

            SHA1

            d969d89675f956b0d6a60ef80a8473e72d1789e1

            SHA256

            207663f53449c9934f6c6900823373152a586f2c802f16cbf9680a3241edc246

            SHA512

            d105d1b2a958c51950360252cb83beabb194488fa4983cb852d9d06cc8f633dfb162af4292e1919f0694eab1fd290249b866cb433297ef340569d67c4e08c622

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            224fa3a5c71c818c52752d516f4bdc03

            SHA1

            da7374edb3c50fee9de325f63d7eda500b8f8266

            SHA256

            59348c11da14f28a611b7e610f31afdf22d8f8a720c0de43255b5d6fcf6345fc

            SHA512

            720702283a759121819e69b909d48090499c84ecf0bcff6ba49e436a08db7ba6302e6e1d571329df50e8e2a8e006c959e5fded0816b6eb952110c54f99abeebc

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            1aef1b98a75f50663d58c138e3ef3901

            SHA1

            5a85571fe6fcb16f5bbafd63afa2f417114aab60

            SHA256

            a51c6c502d39465983c60c9153a0842cf711c020da0f462b5379076e401b4588

            SHA512

            740293a178507fa3024c22db19d7d9b6fa0aa6b914882ba33a651ee3ccbaca07a45e4eee08f5b1c5258ba7a47170647670789257d8eb7147e2e3a2bed403261d

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            2e871f99ae322310fcdd2fac01937a4d

            SHA1

            8bf5ff663a4a7465b06c36282ab18c8258abdff3

            SHA256

            1f5037b9e3b4a4c95e3743b09a6b954e8bf45b31391f540a71bd805fe53fec8a

            SHA512

            11ab826f2a03737c1f632aa5d93fc9c63075b135957c66a313233844d2120faa8c93ba4e86e9e6b4331cebfb78021ac53aa80b878aaa1803b510067104c5206c

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            294e2effefa736b8d929bcfbba11086e

            SHA1

            19c31ec5ad8c9542113c0c87b7e1a4182562674a

            SHA256

            8e7d4ff72c9a6bd583faa6b239f8f3ead0ffd4dbfd2936e1928709115d2c54f8

            SHA512

            51988bca0fe6c8a7b7441a9ba1e6d09c599cda2a8e12fe8bf83a16c9c5df145bc421885252ce87f3ddb937aa6e7588aed18911b0f0143f6cc506c1b7f4f3ac0b

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            0e866f30f6fa3356607b8ce11903ee4f

            SHA1

            ca825e7ef4474ede9b40cd7c13d330655e737c98

            SHA256

            572e034c2469ad4a3e453fc1bbbeedc76000c81c08fb2e8ac00e16d780dfd754

            SHA512

            0a2ba4d4b33792a53779e5072d712b9d236b2143209e81a6dd647bfa973aa1ae60cec95fa086826e8ac53f224388cbdc7973fce81397514fbbf1d4650ba6e5d5

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            929389ff426fa06be90d598c9731ec09

            SHA1

            8441c83f9599cc74747c122c0a1ad9fc97268951

            SHA256

            b7cbf1ce26680e83a4ec6632d551d785d84d1db8b60c0c7856923add104a0774

            SHA512

            2570ac387d5ab0c453d48fed88ee5fd3744b6bce06f1b9edf6cce9d37709cf03fd9dd9f65186448e82788bf63ce3815d43477ac080a215beab021a75b00066cc

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            7443bdd4d24fd6912cf9d2ee07f93394

            SHA1

            e6c466bcce437f3163dfc8ec261a24250346e27a

            SHA256

            537b49f980df812f6ba6e47c19a6c919d12964179255e06a2ee2adab20790f03

            SHA512

            a710cf32ed65153969df5b586b5f978728f0ddbb21a69a70beaf23ac22f67140948ae3e202ab2c5d09f988f684a7c09872668cf5e0c2855e43b63dbd3828bc73

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            df2e1948988a04d8198774f2a205f73c

            SHA1

            b924bd13e23a2022cccae8b997a1c9a6f2cbc6e6

            SHA256

            b650cf42ec552b6ff0692511747b7e8e0b7c07315eaf63ec7ef10843a5a170c6

            SHA512

            a245697ca5307d4e53967bb5f135f13d5f6c4361761568192da3fc824fa43324e37ab667c5a3bf25afe1a47ea8dd8aa632051704d625c0b3703a38f5b0714065

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            8588c06637c923cb1adf83c06bc7878d

            SHA1

            15d20b54ab6081628b7c3801254b78796a04bfc7

            SHA256

            6fb6296f0fb24c17fbf8621c9ced7f3648a090385c51c27defee2cf9e11bfa57

            SHA512

            d2a1a92faca379ed7d54f44a0797d844f0d2028d4ee955ff49f47af2ec7c0195c477aa77b74efb7a8e3007b76afec44d21680410919fa0b1047115c5e32c15ed

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            cc5d6df3989d2c2d8c7fa02788e424a6

            SHA1

            8395464d43b450df7c41ece4cf5b31393b24c792

            SHA256

            050fde04ca45ce82f8d010a746da3534760e6cf8773932f74769c5ab7bd66adc

            SHA512

            db98cce4bace16b8246986db1f4dbeedc831bfac79f08c86e69bea6897d794bc52fac742db1a9bb84fe930cd40397ef72a19e34f89f18f818ccca235047fa3f3

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            ca1ef53c00fb89d0a90b4e6cecb45f69

            SHA1

            d6bcd1545e0a2893c3c0792c5e8abbaf393ff111

            SHA256

            acac7fe253442bf812fc986876c7e6785eefe12da8dae291aad428ed8f03c084

            SHA512

            7b1767326fb4bc6c5fddfb1bd6aae486d03c7dc611d306408053e489da4eabe04c9a33d7bd9f8b0f2c2590ad95292c9663af4365e1cfd6f93ab1aa329825f23c

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            5cd4e522185682a3e9e10955693a7e99

            SHA1

            6148cd746d047c638bb264b46bd3fedcf86305e1

            SHA256

            9768fa1d19105b621eed7d754f5a4d674606ef69acf7351ef7913a82800127bd

            SHA512

            aa369b88d2b772f730992c90064c6a3eb334e333effd614319574e6ccfe0ffab9a7a34783a33dd8918939c5994796a0fbe985f045e3be2082d1235d905817192

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            3df57fd56c72a3d3f52b67ae88eca820

            SHA1

            28837559f64c45b60bc525feb2ce97cd770eed8a

            SHA256

            3c5b39ea457feab9417626aa44a19e626823967546596febe3b3c0ccb5dcc15d

            SHA512

            e291935b730fd8f2a9f853889ed8074ea8de54e294f865b1312719a10299e0e86d61730d1eb010af38950443ce776760daff0692d862e8549e6b94500071e852

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            344B

            MD5

            6c0c43768e3c3a993f3cc0e2ef68a4df

            SHA1

            cc7cd737fb05ca26f15b5656e17da9912c490bd2

            SHA256

            534d6e93dad4e541ef9e5e4cb749d838af7b0d94c162d9bfc44482b5c05e6411

            SHA512

            28a764654cc3bc3bfe6718bddd9aab493805bb5208d22add5be23f8d2f6241fb3a50783ed1ea9d66adb07acf4afeb123422c9cb37a3292008b272ae8d10b1175

          • C:\Users\Admin\AppData\Local\Temp\Cab459B.tmp

            Filesize

            65KB

            MD5

            ac05d27423a85adc1622c714f2cb6184

            SHA1

            b0fe2b1abddb97837ea0195be70ab2ff14d43198

            SHA256

            c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

            SHA512

            6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          • C:\Users\Admin\AppData\Local\Temp\Tar4669.tmp

            Filesize

            171KB

            MD5

            9c0c641c06238516f27941aa1166d427

            SHA1

            64cd549fb8cf014fcd9312aa7a5b023847b6c977

            SHA256

            4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

            SHA512

            936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06