Analysis

  • max time kernel
    120s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 18:47

General

  • Target

    combine_tessdata.1.html

  • Size

    26KB

  • MD5

    3beb894861db8c7d2681182f8824aa5f

  • SHA1

    961e833f8e3b0ccc7b41713d55d2bbd615124071

  • SHA256

    da1575bc84b05dcea790db78af08e1dea310622b3af28b5abedd13baf386fd62

  • SHA512

    adb5f7106cd040a55828850d9634f948299cfe1941d1302860bd9822d8ce59ed7fe1ab3c31418675f80789c4c80e8252e6ad3fd0c6c71cb6c4b6ca855c961ad0

  • SSDEEP

    384:Jic/7NlHRVXnP73SXoFn1EppMkm9OQG2E4pA3xn7qEYf2r/gAJ1qiqND:Qc/7/HR1D3nippMOQGZ4pA3ZqEYfVD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\combine_tessdata.1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          84163e1e3ad788035220aa0a79901c94

          SHA1

          317e3a792e1037f2002bc5d2f3c7cda93eb75b1c

          SHA256

          93d22938b7731e9124c6ab83e6a87f65e550dcb89ec36be00033add0e34f3954

          SHA512

          7b7abebb4bb9dd8ae605fffaed639c4e0552522c83057c16bb9ac745f1fe6481aa4472223263641db1c1bce414ca25e27e4e697113aa82e53cb2d424e5b94461

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          54c80ccaae7afee7bbab3e3503271c37

          SHA1

          147670a9db583e08ddde7d17423e9906113a9fda

          SHA256

          a65d58defdbce788663bdb326872fbc1b6d7495437b527b427914aadffbf0754

          SHA512

          2251eecd9c28e7a1e9fc2ea91b93e6eb0ba4ea924d66ca230203ea9220a3dd9421728445a9eec762a81a0c052f72d335cb0ae4df0cfe95c3837d702f8c19f2b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8afe34e83c068b4f83de774d833f819d

          SHA1

          d4f13087d59450ba822c6eb750fb4c166018dcdc

          SHA256

          630d1d67ed8092c22864265dd89850ee4e71e63b32a8f51c2038d1bf469f670b

          SHA512

          90c3265358afd25305d46844c0069fb622f07134cdf2230390b176e0e2595e4f287734a4df20ec1246f298f32542f90efa1e294913d75ce32d0198a8e1252ea8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          355d5f3ccb82659c7a7769652636fb37

          SHA1

          c2433c19d71afced3b757ef2a66e855eff6017e3

          SHA256

          f548191dc2566f10bf0479cf4bf9b3cc76fffbee15b7e64f9200ab8d6a803bc4

          SHA512

          a02eb44346962501f90748505a30165ae7b87459c983243608690b20d556765167d6243d4f9ec977614595b4ff63297ed1d3a8d53058d4cab7f20ead245def59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          48f0019f6cd029c934e0f683ec148982

          SHA1

          b280d445779977530994328950040a4e967709fe

          SHA256

          513648c4e7d3c835e512e2b536c5fb0fb762d8b51f2d0d0dc205d285d729ff04

          SHA512

          db21de3809ae6f9ef7b5a2b17548061c523e55859712b78b5baf5eee224a91197c28ba78ee9042037c5a662efa254d55b3df9d6205da4d0a1c5eeeb74019b567

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3ffe98ab925c50c4f91e9ebb7434e05b

          SHA1

          ab48a513c5ffb7376c4562b3d959f9ee52afacb4

          SHA256

          e6f1e57be2993bdc1b8ca4483ca1f865f3e898d6513d97d4df07795f9c3a2ef9

          SHA512

          f0e3d8857ce958df6e2642565a0351ed33916da1795fdff3f9d303213d578b2287b034c7a091f345b5efa582971d2790c79474f2304d61a863a5cd72207e17b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0ad0a5b136ed8ed4e3ba6e2e768dc5e4

          SHA1

          b0b3374cacd81affe1b808969c834f35c2ed1712

          SHA256

          0cfa8e060d377f6ce5c254b1ec241753384afd412aa15329ecbd83c5160e2256

          SHA512

          c00554d4f66a88a83c3fab79cecb9c4ba84f0e0aa68ded5a50bdf8c8417f765c0b29a97cef18ea37c2562b97671201b63c98793478d167c0059da945644cc503

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          65ea1951c7187fb22a6e58aca675006e

          SHA1

          69f040c5086378d2419c80f0b7a9ea7801c15b67

          SHA256

          008e1bd6c2cbce608138b21e3d1ac1b4c5cbc0b0cb1c9814afd7b646a38c7c4e

          SHA512

          f39cd5ac6b675183443df230b88a032d36dad89688b5149998d9f84cd7139906d048bf6c18f01bf5313ecdebecb0583c75ec2ebb46f3c6050a33fe8aaae9a9e4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          020b6ab0ca1e3d8260968b2f21c7ff2b

          SHA1

          ac27bec2d2dfa646be97c98ea0301dab6e2dbcf5

          SHA256

          296226a3a43d1b3bac9de9daeae225b6a36a37a49f855e2d6e23428d985a7a53

          SHA512

          45d89aca77d7b012da64808217f9bfe7bd31b13ac8d035a6e25e558c9a5b81c2bbfdd42ea8aa640362d9b9ff9ba60a698c49321db314f6c51fb0adfe05d62f9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          962b1256d59b835a7aa067c653269779

          SHA1

          188bc9a90270ded11ee7aa260275ebc3b3932095

          SHA256

          89e4b0b44609c1255836b640541475d83f1d02147341306ac0008eacf9869ca3

          SHA512

          40a15219a0415fe3a7d6b754b849b0ca8de62778826ef3ce0faf9614393b99dd91f680485894c66e5bac9185dcff0b96a5821b084882dd6a2afb90b4b837b68f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          213c9af847c27d46921918b36e136524

          SHA1

          c25d420a0aa571af5600350af2e5a0672f4b7b3d

          SHA256

          9a65c660d016c4075a5ed8dc62dd4509e0fcd60f17f1c50a24c5d4ad9225df6a

          SHA512

          241ec82c062de341b00f90b2ae8c2fb901740f12aa28e54ef5157e547b1335f21d1811cdd8afa14bba79d91a6545343336047dbc0a917aedf0b369f4675810a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          353c3577aba5014ab66102270525b80c

          SHA1

          59cdd1fe14b51050cc7ab2276b9bd760feda70a6

          SHA256

          7f4daa6c02e4c3e322ff08a8b014dff2607a3638e7674cf4b1b7d63fce34cc6e

          SHA512

          d13199919c30aae22d69cf8abef8fb941f7c7831a0e316ddcf872e804a6ccb10764b19d3b0d7dab7673b40d479823c38ec15310d20c4aee10aa9c67dd7adfc45

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          031be48ef35a1570a8e76d879c1cbc42

          SHA1

          c9da35f591e22852c32a834c269d93bf8e9f048b

          SHA256

          4d04cb43d7ed693480925cbad3bb4a26d0b6e456775b46817a358b682f629193

          SHA512

          fd7a7c4edc9f2714d22bc2cc17e6aa6849fef90f3ed35954bd07dd4c9fa7b08dbf74a0f1ffe7323e2d7411c2281f09d2e6c036048ab1c7ec598fb01abe75e02b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7b7442e134b3a95ae440b4e06f99fc51

          SHA1

          6e2e9c7dcd6a001038e4ff4f570a933440348253

          SHA256

          3c494c48aa5d49397c108a2471885f4cbcd35d862b70a52867a7217c4a484cef

          SHA512

          6a483a7651240f365005c16fd361aaeea837b575b17bb57192e3526997edfabb2f74696031f95fc050769551c1656151f66db2de2d0f91e994a54a73abfdba36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5744b6b83c388dad2aa86daf643deffe

          SHA1

          050c7a75b48685fe806d2637eb46ceff649f307a

          SHA256

          e6a21b85d18fc620b491b1e91962c805fa36c35d27ea74309912994a63f148df

          SHA512

          1e4bf3e8b211397368310580213a474af50f3a15a169cb009694094a4f715a4dcb66f8a689ccad3c18b42097c56b7fd208e0ccf3ca18eeb291eacb3dd0cb12b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b6d73290283f4484063befc730e1eabe

          SHA1

          064a7149c2a8faf620f5d4cff7d3fbfec86e136a

          SHA256

          782bb8a662c149671c8309c5b4b27571792ed6957dbb31e419446b13b561f4ee

          SHA512

          9ebd81e0ce1a6e909bd467dc65d2b80dd42dc3d3be4acf780ad77d0081465e2d94f79abb4f6e37bbbe3f605df5b9fafd718ad042258d0771a9418d03645ff284

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a8e3fe784731b7d92c12b9f151ba4a07

          SHA1

          a181a76eac858bbd00b637c2bd8cb1c093b8e2b3

          SHA256

          7ba10b9a14eda24b0ffe8f2014733a35dae58943ed112d745c4645f444a75280

          SHA512

          aae3a860012eb8e512d41de98b07f6f636bf44807be5398d7e4288e080d454e12e70d813a9858a36f77969fd6b4db0a9729e1b2d83045632505a2d54a20b3fe3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8fc0dc9c6a214dca29519bd7c436bf4f

          SHA1

          1b3686919c1e40e15b360216372ebf2ad24f109a

          SHA256

          70d27eb83abce3734e961e855c5d7d4f546014c75b096a27a2ffb8b2eb1b9c6b

          SHA512

          eaf4725e3129657d9a0040d94e5f0c7ee47636748e0e738e19f5c6a6f80021c04ac923d9e18c088d5bd86f5f1c2f4a42e8ceadadeb571395a9a18ff01e9de212

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c1e5b93774358635d57e5134fe233e0e

          SHA1

          f25e373d2a7b551850f3f2980c041e2e8af07c19

          SHA256

          c8f27e2dc31b42bff015e6312bdb153055d0993dddb7c8fb5efed3f86855da9d

          SHA512

          7c246086a008b0397e813d7b99fac8fe753dd2fee24f26967b83f0cf625a808b1bb201bc79526ea70eecaaa888986f12227c9041123251cce13d895adc3669ab

        • C:\Users\Admin\AppData\Local\Temp\Cab2444.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar2523.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06