Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 18:47

General

  • Target

    cntraining.1.html

  • Size

    17KB

  • MD5

    f6970966d007281906fd3619eead8966

  • SHA1

    4c23bab8bc73bf4aa490e909d6588a3d1bba84f3

  • SHA256

    b3126a6539713037715c71d29e95d8b8c4173e98b57ce82f34887fa1a1ea3600

  • SHA512

    fb25d562e3eb16647a1ae43348037bd0cc151bff432d2083e04ca8c05c70e7621cb341384fe86d8562a1bcacaa752be003ad04b9ed4c9e4dc9f021919312f4c0

  • SSDEEP

    192:Q25icth7o14c2mgjzapG9hAKlg7Ce+xgrXQto8npJ+u3S1VwMKhMsY01EppM9a7w:Bic/7NlHRVXnP73SXoFn1EppMkm9BD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cntraining.1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1968 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2516

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c0537761e1f0c6861c18a9a2d67ab8c4

          SHA1

          4f38e7451d29bfd5d5739499572bbc1034fb3c75

          SHA256

          84bda2c2bd1226486795e23db3eb62773c4456c73f93e627334dfc521105013e

          SHA512

          9cf187cb16c21685cd16b495662502d6475ae1e994059eda81b424d6fba7f8f14a072f18f24a72278554241881f0ea3ac6687185e475c87124031a24468b67ca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cfef93f51c191761ec58d7317cc64f90

          SHA1

          de07008a58fb1de20945b67bdb7321e3622b5b19

          SHA256

          801d5af4868654dea3befae7153463c60cfd91f09af99ad8ed896a4010506730

          SHA512

          1237bb49fb06d21c182befdd676377f24652b1124a7739734dd8843d07cefb3d1836f4627cd97e89d34c69fa7675736a89cf81c2c0813f3b652fbf46eea1a245

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7bad97a2646d5a5822b8e8881e734e91

          SHA1

          a9142318063607b15d3ee5dc15a182d946e9ceea

          SHA256

          87314b0061755b804bc7cdb318e42171810915e17c75fe2c3ebd0423a6c5c081

          SHA512

          bccb99aa1a8749858b9f4950af1a9ea675e75b84fe42c29eb96d98259831a6ccc4298da93f3c313af6747064a998c4d447282f20d139754129a968a9959c44bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3552c09810603cde83e1d67719f6f5b2

          SHA1

          ffdf62f09a02525a669d18249ca9c5d311c68172

          SHA256

          ec84bdbd08458ea8b0d45c4b9a6fc6aec8407eb8e0842519865545929a99e1b2

          SHA512

          b55cff50f4130aa8ee6958a2c85777242aae1890b0fc902f932447c5867665ae75e13e7a19988a48b7b3a74c9afa4a71db1dae3fbc8278c84927784b89791c09

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          847e60c14aee7a13d06e6d24b061a111

          SHA1

          2512f16c3086196a06e8efd5adc9be3052d8df44

          SHA256

          77ba3df4d6908dce20a368c128d48ef2295b05a59cd13ec4a799ca4f4ada0085

          SHA512

          2dd226d99ff446f3ea7600c5c8b26dde9423ce9853a20ef3f4cc18790ae62ea9a7b11408593da17e1c8222361b244d2beb4c6543b936f789dc8fb4fc51ad5169

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7af2b971501fab2e9ec38b1f5fd6a09d

          SHA1

          8a3621dd5ff3af70cda2d7b0ee6e0b2565cd3453

          SHA256

          ee83d2d7fe4648df4e784b1d762386f230fbfbbc27ca26e5a03de492b4fc5240

          SHA512

          7935e5367f83d6d10e2c4d607e4ad53e7f5170b271ac2d37b2e944881e10c7f69cf0178db4e5c4816b29ff280ee5c717b48df1be60e97df4688a02b998348a3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          401bd7258198d9b1c1d8956aa72291b0

          SHA1

          d80c8ff92360c9b28705dbb86931e690656d2ce8

          SHA256

          b2287cce4753f5158eea8f044ac4509e05f7cbe9e3001cd3c9efa19e91a6cb84

          SHA512

          216048335d4a0da5aeae447b2755a91ffb18eaa68bf440449c680dce8c73db87812b2c4053bb617d6aaee267f0be4746b4dd3e62b29fe64952f6be2e83a35b5f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8b90928058f876a04accea7262c6d1ca

          SHA1

          77252cf978a70b3d5a220dd037782b8c364704ba

          SHA256

          3a95c8b7986b6fd6bb6f86812f75ff8fcdc0f51a2c0d998f03e38546f208cbfa

          SHA512

          8f51aa7a1983269f481c0d67ed1807c1ae57e71677d52f2f871b6502db3c784aa9a11f4bef5ee2635d221570ac20d8f3162d2a2ec6d4cc98409c0f1da53f0111

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e6c4ca9fe5a15ffc36063094373c351d

          SHA1

          a2f03da2f165a13911aecadbe183cfbf393f608d

          SHA256

          5ac4c902d4e1b685f30ed26d2f8e6308545b41af0b864adc95c00b49256b1064

          SHA512

          847dd6db19e38fe010d6e1b031da860221662fab4e2be79a2c9cff9ac68faa1043c7083fb06690d518ea68f60d46250e3c2bee49400c8b2cd110efb7d12e1c8d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cfa34e4737fe19101107cfbdc861713e

          SHA1

          0d05b7ad6e9e2072d1323318e93f6228e3e0ebeb

          SHA256

          707fe3bbfb62ebc28b67db6f579607c485767f2a8112981604c94fb0fd6b1cb1

          SHA512

          3719177cf86ecd42d1a2e10677a4e11a8e1a19f9be5c6e64af3e07918f18f12f3ae5a0b4b8be83e6f1e08c7c3e16973fa3a8d408c401df1ba767d15297ed7e0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0782d22a67e75139be25a6f605315761

          SHA1

          ff092f0589132898a134f596445c385744f6295c

          SHA256

          b734727b021a9eb49e9bab3999ee635938cfe384948e200833ffc1578baca1ff

          SHA512

          3d952928d26438fc5e3150eabed1f406ab5e2edb8da016203a2c456cc3a3a74280437c780e87aa1f57c0b5b887dd15f0894808db70921ae57664a81da3fda961

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1482c15df3662ff132d8fc15dc324829

          SHA1

          42861cc29830bf7eadfa9db5c2a8bfba9fd2e521

          SHA256

          c61383e9111f865c485587baa2da49ccd9ccd1e81463c267a035271bdc998e5f

          SHA512

          cf65fce798d96ae2e89a36cd86ef1d0551745a6ac8c45c1d6daf5252d41aa5f630fab01c4039f2aad1cfe17e9f04d27bc77fd25e538c10a934dffeee2cbe88c4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3ed67a2ecf89464119353bd6f797298e

          SHA1

          e99300845567a3cdbd8e373a9182a8d773c34447

          SHA256

          9e3a63321c51a6efd5322994261185f52c71a9b13b0f920bb1495883504a5280

          SHA512

          2a71350bd18f4ca063205c7b55f4ddaf5e22c9b9a8385797b19b9826a3c7eea902391b2ea8ff1c0802c0bac6b123aea4dd86ef7375c6f9c368cef708cf64c1cc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          875773bc1db16d903b6f8767580e7d75

          SHA1

          8fb879535dee3818279d42664421394fdcfee579

          SHA256

          fe9cfee881054049680a0c76243dd4440cf0b14b4eefb6c53142355c224c1fd0

          SHA512

          50cb1ad2e84089128ca0e561d8e1ceb2e8fb9b626ed2c31f67df876d37d1cee0bfd1ed73825c03d9d165f46fc39d584da94636797b3e4bc5d6747c19e1220878

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          91fa385e73bd00b1ccae60b2f1e1a30d

          SHA1

          79f577d9bf5b61adf5ac5e5ea9322d6ccb3064ae

          SHA256

          9727ab3c61014e2f2eced2b704ce08e0528877862147a5515550e81988e706da

          SHA512

          6a3f6125e2c7e136cd34856da0ff916ca3d72c61110ac60b36c109e17b4a6b15ccde408be0595d1273e3f6bc4980a1234b81028bd3055852189a5f158d1cb5f7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d4e0c978b888716da1f53800d4a20f2d

          SHA1

          06459ae006f3b68a45d3e691948f00620d7898b8

          SHA256

          8a6b0d2725def571d629ee869b74b17d7e9049cdce2e96fdf88d2c59787cc4f8

          SHA512

          22e047649bd9aed1cf6d498e72298b7b304e22aeee97018d4112de53a9603cf357ba06a927591da38b729707cccdd6fa300671382ac9ec07e03f5b6367877512

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dce769c3b2b856859d6e49266c6306f2

          SHA1

          e1df3cc877e4e0a9cae524fc64c261c0bab1bac8

          SHA256

          6c9dfa7c7aa35c7652a8565104ea40992350fe6d3a00f6556a2f2b65268709e8

          SHA512

          fd2ef38f93e41b07811921b0344dfa49e9a880579f743dd68e84d16e9785284b6759648530533cccd88895b424abac8bf975ebb55bb3cad74d917592a256a932

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0da0738be8e8041771225bc182e2ddce

          SHA1

          3171931bd829ddbfa1358e3420739df3e8288cd9

          SHA256

          7dd94055f719cc7c77f3b565397ba28449a2a71c3cffdbd0871c6aaa1f617c0d

          SHA512

          d5625b96a9a834dae3ac88b13dedd6b3493b1e350800cbdf6a14c3a3ed73f19cb539154b149a4295c75d9ada6d9572c4c6f2baa31589168b0a91f470adccdd3c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          75d7ca47b1296a5bbe402164e59566a0

          SHA1

          2944797a894195da25685798e6fa7bea148bb1e8

          SHA256

          882278cc18c2bf6cf56b16aafa56c50c892b0e60ea663f181a5efd680ca575b6

          SHA512

          d24f8c7710b137610f8dda72d6fd82ebdd6a48c1ffca7c8c82fb86ba4bffc96374f8c9ded8b69793adda0798905e9a425e52c0405e7e53aa3964b31039ea6ee9

        • C:\Users\Admin\AppData\Local\Temp\Cab4415.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar44F2.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06