Analysis

  • max time kernel
    117s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 18:47

General

  • Target

    combine_lang_model.1.html

  • Size

    20KB

  • MD5

    5b9a433afeadd3b259bdb4b68032bdc1

  • SHA1

    94c0ad66d4720953b1efdbe64661803bd778aab3

  • SHA256

    358b5b9b8038701f64d8cfe72aa99b3523cf992ae6159bc8e5cb91ac373b984c

  • SHA512

    922cf8efd60b19df04b92540cf65aa4c1152ec3edcaad0c2bc997558c7cdb71949ebef63dfb518effbf0e34659c80cce66e5b00708cda8e648dd59760e51bb81

  • SSDEEP

    384:6ic/7NlHRVXnP73SXoFn1EppMkm9iyo1eU/+8ybwD:Zc/7/HR1D3nippMif28/D

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\combine_lang_model.1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d8c3321ac5f7cb40685e868deec5d31a

          SHA1

          3da672127b9294c2fb3050b2c86f9575df9d3fa5

          SHA256

          864f9eeb170033b79318e47f66c86425ff21c11470dc76f3a9c03ed964f90599

          SHA512

          337b0061246e8fb9e64729d37ac8e9796dddaf4127953a3dcd2c6086280e87711dd4e3c7a15a1a9a2fc804007708c4a340b3c06cb81178abb58ca0e4f857230e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          16eb6c0fdc1e5fa7950fa82004214b8a

          SHA1

          9100d186189fe135bf49e07f605324dab5bcd104

          SHA256

          9b1a43502708c0515fdde76b13ddac00eae2cc57b7d592da2a5d5a761f424b1d

          SHA512

          e317ef5b0528e78835ced95677a104fc1a7634c0c2e66d154a7bf1c97861320748dea9f49bd02eb330c415348d86171a81d1d223939ed43e0e6b4960a535818c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1d77df829ea0088b1f4177d5bda12562

          SHA1

          968e3d50980b8731250b15c768d161177423d3d0

          SHA256

          ad902c0b9f97b4a3732d3721c64dbbec2630c4d2a2c5c9c680d29029718570d7

          SHA512

          ef709d4dc9b39850d35a7a7334e762a61100f8720fa2c1e285bb068d8749a8ee1744c8d18b8fcfd5e635620501b0addad667e451e4c011e8ae646a590dccc471

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          326e6949931cd6bcec087ae980e24ee8

          SHA1

          f009d40900914eb5e8e1aafcd1ca4b1801ed79fb

          SHA256

          0339d245d11bc8a2cd6fda39a3d007efe4a92ea4588c16961459d39604179f05

          SHA512

          d4fe3ba1760cae71d2631dbeb478b1219106175e07d6f4d00f96c47fe849b3af93f0dbf96cff3580301fdd59fbfa1cc4154d08ee0d29ad3f7ce0137bd53ab1d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1ffc9163ec44b6987a209a83af751e6c

          SHA1

          ec606570c609b2a6c8f13cc1cbf50a427ab15cc1

          SHA256

          ddf4c6f94fa9bc8b99f316e91c06e7de648b0c135125a5c3460a84fc602c63b9

          SHA512

          5c448de8d7c5bc172e06bb634b6362c491a5947f3c3df0b9c947bb64e1c58de85e7e9ad4e42a617751f145feea0a3748b522e08b455429c51e2a52a70d810e48

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2a401b67ae9168731fa09b9d4994090c

          SHA1

          f95ec55ff79fd6ba0d96ed70fc1fe75822156f61

          SHA256

          99ec0340176373316690bc02410c8f73ee4f3a05fcad04ae4bbb2c0ce8f23ccc

          SHA512

          a0bfddf698f0cb404e671f92b0db977490ed8ca6c11da84b69f94989ef7b4395f802498b6efb459cfd7a76a08ea902284e9680a3b6d99512f76d44349b506900

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8cb0d700937f7e42446be9e46c96ba65

          SHA1

          addb8e8dc1ddb1057fd4324630d1ffafbfcb700a

          SHA256

          55683cd2a468500a8f6d3576ed577d44120636a35dba84efd6e98c5d1ec9c82f

          SHA512

          87cc30e0d977b31037b066c390445fda439492ba6dba13f0bd4c87323cf3d754c0698d9ba808494884e53c101ee6744dff5fc7054b7400ae7aff3e8ab332933c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          07eaf3abeb6f3243ae87ecaac2f64ec6

          SHA1

          461d1798cc20d9180e0b48aeb945d2cff3aa3681

          SHA256

          7cbc13b0ff44857d83fc62b8d6ebcce759d8865c0c7baa8f0c1d351a3855f08a

          SHA512

          60275d1f8607a0c9d71cd3398d9c2f2621673a0a0f3bd65b9d9fe4ab4614ce041e7c73cd40d1789ad8c33eec54c6582d2d33f71bc7ad520d36e5178d04b460a2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          70163c920cc74af0558ffd6fc23476d2

          SHA1

          f52987ffeb6d9fef19ec8400bdce544099930284

          SHA256

          8e9c3c1135037d62e26b911b20e5886619b617a67cc00971cbd48ae43ba470a1

          SHA512

          7463d00ce5ba04491c693c89a07cf1d8e5a2b98435ac2ee8e26b4031c37ebdda796d9907fd7427186d82e2e1eb36e8f84ff9cecab6022c44372aed8ffcedb40e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          22328d6a54e3384e3b807dd3930d16d5

          SHA1

          49a03a5c94915dd5cd04f6d4e30bf49a0c3fb47d

          SHA256

          35877d3fefb595bef5097ed95b29f2ae6ee7ae5d6355bd7d6c671f0892eebdc1

          SHA512

          6c9ec876a7911ac8b9c89d5d9b69cd99762221bee7733597531d460aef3ef908be64ef78d700f84d6badb8c4242b9e254b4ee9904eb82d545a263f9fb8c884a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          851af7dc7fbe9b434be1bb7ae69f9d8f

          SHA1

          337458b4e4b219812471fa591f5ebe1faee4d1b7

          SHA256

          9c9b592284f7208c2a26d56ae6974b395ca9bf5c13067f52fd33cb1298a45955

          SHA512

          89ceede99df70eab727248cdf33112ba1ef3b88f8d06487cd3203d3ad38f7e5e7419c0953517513a7f44db5888e6245eddbac93d6d0ca42cbe685693c8d90425

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6bae56e30bdb0935bdf9052d90c7814f

          SHA1

          26fe9416044973d7e3441a0a01294c682929ab1d

          SHA256

          cd84a4a8eaf2315e4b99e7e144052de2a45aad3612ec8af409eb9d045f0d095f

          SHA512

          1581fc84df0d77f0072e76b7ac7d47b4a80e8284037a088dcfbc0686d0a492e59b9cc7121ea3dccb0294c24b8546406a2223c7e67353fd17fb00a39ec1147f63

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          592b63eee3ab452bcc689249221b4a7e

          SHA1

          6077c547dce2bf93baa491306d48ce95f5369003

          SHA256

          9d5a342e3d13914b9703b3ca420b6d826b4cb5bdf83663b169fa5696f1610d70

          SHA512

          68f7a9eb3c2d7553562e0373a2b4958326b273c95cef994f77dc4b08c2351d1c08c71ebdc3e7d142effd288aa7f72509a970510505410d89ad75cdd5985807ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          81709cfbf017832f6e68aa3958e9bfc5

          SHA1

          950357dfc817b633d87415b86f9159aca480c0ad

          SHA256

          816c79ffd8eeb4ad98f25e9f55f5a3f1cf1fc454ef07d921afdf585f84358111

          SHA512

          de475b2e341b0c2becd8507732b78a177e033214cce30f3e1ec4dc8def45fa533dda7b1116b41a0c92d85af7ae28fc15224511992347879e2c7f12c88594be2e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fe351a66064f737ac504b70282f9e078

          SHA1

          715aeb8e020150c3d519dd4574e56e2c681b23b9

          SHA256

          0d174cf6fb93e2eba277e065236aaceef739db7060f6f72914c1656bca6c6cbe

          SHA512

          4cc1f8f12affe700504591822c4654c5061c56a2399c7fdf1ddc63f3e86aa79cf9182f847ec2aff203703aba16211db86e83ebcd449ab7f13061a31a15a66e97

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cece60b3c9cb52a4523d5834c736c54d

          SHA1

          5b83fdf6353d39ac9913b8de1a7cc6bb06a28669

          SHA256

          420c8bd30ac73167c6bcc0a5fb609d17348dc1cad8c4b10bb5d78f116df7233e

          SHA512

          d36289b9b01ab29ddc39c257826715cde49cd2a52af7f88911f9c325e4bbad0697144c916d8868b3539013843081021dc8bc6b4aef808ba38fd56fdee0c55cd2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9efcc09aa2d7933ea89eb9d86376f73b

          SHA1

          34e12a6b57c313505dd34738a4f6b96476baeb3b

          SHA256

          397e44de6064e802ef7015ba9e5cc6b6f0dc7c7b0dc45446fcb0383905a252bf

          SHA512

          f5db74fda742ea5a95a58ace2f1f3844fcce279846fb9f9cab57d81c23bee207f8112e43abd1c718b14478ac2cb9a3e5156edc5c4d79c69677858bafa6d37104

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7168dff6e6c4cf7c5e15cd1fc7e4e81e

          SHA1

          68640aea983489af7c36fb36f0e695527755de27

          SHA256

          aee90eb6eb88c63eba44a1c4dffa11d89247f842f2116a1820b743f1e31ec85f

          SHA512

          3808b041d3d115cc421b44773d8d96f9ce8b967d3ee9243772738d8ad890f65017938e4778b26d434465b75070944c73f8774503927e3b06a063536d5012a2bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          118244cb9e47d6f3e1bda1c1be4c0ee2

          SHA1

          a1bffd3dc4e053596000a8ccfd6b9601eade41c3

          SHA256

          513d75bac4b304f148015eef90f795109db0049bded62b7e13fd734d4d735d4b

          SHA512

          46014419674a62c882f7d8ee7a3565b42e58912ca2fd62214a15ffb5c1fdf16aa3c85ec7a477e0fc190c96ee252ecaad3c3305a6a8bfcbdb57f20f0cd5ee10e3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          afdc3e211292c3c80f31537bc0331e54

          SHA1

          a3de4a536394eac3213e6b47151f1607c0f68dc0

          SHA256

          6a3f89c84058effb8d27122d7f94ec51eabb7546dc54f998cf029ca68085b911

          SHA512

          59f491a36f905117209e52654d611f91e7ece5bc97e6ecc47038563ba314802a885761da39006c69c7c2602216f08787c3d4026c6b6666c18977fb258076a9a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9b760fd4a7ac89ba0ea5690d8621ef8a

          SHA1

          4e5a399d667089c97973b7d53fb6b5dddc7c6049

          SHA256

          2b57f5772f674d44e10a8246d5381a7ab37aa2226080bd8d14c7c18a67f4c9be

          SHA512

          6c60cfa7e535fb822f4d69779086bb6d93c818bbf2d41b322beaf27861d96fca5b905ba7e9e3a730cb07c66225c9f55bf8a3b27f640cd12400b01ea15403786b

        • C:\Users\Admin\AppData\Local\Temp\Cab8AE4.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar8BD1.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06