Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-02-2024 05:55

General

  • Target

    a11c14e5b43cba79d2c07b8e2da2efd4.html

  • Size

    16KB

  • MD5

    a11c14e5b43cba79d2c07b8e2da2efd4

  • SHA1

    2188f27f3838931750c2f65b315687d18b3f0f6e

  • SHA256

    9e26f74cc27841e09bf1c96b3c16a89084d87effb3120e48ca917f2c329a4154

  • SHA512

    f227fec47ba6c580751fe5fdc4cef66cf1e4c2b48323ba82b70214c4db0a1c1deafc442a15d856a6ac0aa1188d13bd60b6ad55e86ae53fed542540fa5d81c995

  • SSDEEP

    384:SxAQJlMYqgDqq7IOOJauB8kmQDqN/7We7TvyYyFdHKq69MEul:SxAQzMYqgJvOQKHKq+ME4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11c14e5b43cba79d2c07b8e2da2efd4.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2944
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2ABE38B5CD41C0B2CC594E0696FC04B3

    Filesize

    503B

    MD5

    97f2ecc82aa912644ebff7923e7ff056

    SHA1

    73bd6211ea04a0cb6ce696f5436aaa0eb256765c

    SHA256

    5b0591707c0d50e858f419deee810de994c2058e703e5b37eee79bd7d636d30d

    SHA512

    7ce98164b9bad838c78b2b51bf09986bd42faca3826ae95e5083940ff1c9bc0a536560415246b851fb3d7b2a269ab79ac6bd22ae009dac5c0a24f9d3415f9369

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    74ddf96e0da941e113ecd928b7a07f17

    SHA1

    7203bfdfbf68666bd28037744fe9281de9dae249

    SHA256

    e3986021b09f3a0fb7a41955d611c03cd9e1478b365c5d5d237a0abeb52b9ac8

    SHA512

    f26cfb9ccadb764359848a74eafaafdb8c48259dbcf4c563e8336bccc5d2c5f4d35f6a5556c3284b88b37da8e66ff93dd1609198bd23c4795aee663a659f4546

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0ffc712657fed12f195ab24e1d36ad90

    SHA1

    dc5988c87c25bad12adbd8c0072726a07a176554

    SHA256

    f182fd500049b9e4fe04859e4a0cfc274c0e0437a1f62ca9024f30fe5055a635

    SHA512

    4aab246dc3da6a43041b0feb096dcb7874e6fbe77cc2b7eee93cac2cf89363bef37beeb76bac450e7d88c2b898d8fd9ae34359d65db96f69485aa335941245a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d2e1edd3c9d2b2fb306a14e46542bf2

    SHA1

    7a0c654e24100e86fd1eb1bca5566336c81905de

    SHA256

    733373e1c1ca2353e9f4a41eea39e7d692ec275ead3947d2c6523d8175e3025c

    SHA512

    7fc6c45dc684187ba4b94d3124b5d1542dd3cad2400ac6f4c0e4e835a758232809a59eaf2eac23eba896452cc157ea6def68e327b4600ace22d85dee8477cba7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    14c91b383a0cd0260a9aca143f06a0d5

    SHA1

    5f4ec310f1c541c6ab3b6332cd89c45924da2cb0

    SHA256

    b58e91841c98cb61dac45a856e48a7086f997ca1998d6657c650bd5172fc8c0c

    SHA512

    f9b09dd0ced1b3570a883b67f7a83c45855146235a04c02ad441b8d9460934e38b76646d8ab667335facc84cf61e2fef0b99d6058b27bf3b3484d2772380d4e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ef7a28949230ec9e7ce7d1506cb0a071

    SHA1

    d0d3241984c6f28eb3e5272bf129a9fc644653bc

    SHA256

    d1a5828b1350167df4d5cc5d0aa2cc9bff024d161f7e4fd3b3343005d1d6b016

    SHA512

    f2c457145979d153ec699a16ec4956ff94b75c8936c4405ec259707a9e1f1ac3b0046f4791ba3f471e80a2182c7e3a351c34490c68395c41255d194f7e0fa1e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    53c1ddadc7ac692308fff2fb94f76265

    SHA1

    efb2c693cf83c21d7ac2d3dcc02200ddf791aab4

    SHA256

    8c3901c0b095b9f86826fadd7cfc2100dc21c36c71fd7e0a53da38aebdd314f7

    SHA512

    dfccea49d5c00a43c4904dc44c38a8f730c199601ebc649ebf975d93977381c893d10d1a9e521e38699a0cf493d4250fc505ab751362447bbec7fac7acb3f0f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0828c2907684c1dfe793a6df0b3c0824

    SHA1

    8586dd80e0c86f1f0d2505b6cd70cbad76c5ad98

    SHA256

    7030e7f55fcf256974ae71c3695772bf0c2b5c514454702c5eb7161688b02bc2

    SHA512

    b6044c52f974741f4e10a19cbc920e6c9dae3148a548021fdbfab46d2297b5d11a564abffa5df12d03723810c95a0b6fdd22419b8c98b0431eb13995e601fe85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bc8ff94f295545a88a13bd39520b5f1a

    SHA1

    6c98162de17c229ba28818b2161e0067a5a000bf

    SHA256

    24f85311ee1e6026f17aaba1c601bbf1ab091c75a977a5b2f32c7598a3b1bcbb

    SHA512

    0cae144fc69c05201419936ffa88e0f064c0bec4de31959090b6ee99152d6213184a739bee75a14d0872df25da3e467f541299fb7cbc4553d05c3a46fa973104

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    98228976a42ab1c8e9a657786942f30f

    SHA1

    a270ad14e3775ed1fbce5d7f70e65255e01c1351

    SHA256

    838a6a00d7ec7732051bfbbdf47e16db0c6492476ed11457ebed19f2961610b6

    SHA512

    2ffdc08e0214c613ff7cfcba29a467e807c51335136f625e2eed12110cbbe4391156f93d8d83dc92f326929f133c4842e4e8fe1199dc19bb8a3e2300de2be95e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f47b5c56ebda3e1cf7b562baf69ef691

    SHA1

    1d800bfa766372e8de8cf88e740c48ad2f865afe

    SHA256

    5914c6b9988d24e8d77a3ebd5f98781a847ac31328421d87e691afb083fa2f24

    SHA512

    0464e13874ff2e66e368c366cfb7523fdfc0b99a8e388780783027673fb547d38ec692bb223b6035f061100d78436e5b637ce935cbb626866d7beff85b521975

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78a3cf6cf2d116de2e0785759db9b0c4

    SHA1

    9010f5b86c281db1cf5df85ad29d036f6244c675

    SHA256

    54b6cf1106c664aa8bc19c3b3b7a1e11a595a788ced54ec7e8d76f32ee337afd

    SHA512

    376c66cde6556777cb46599649f1c27c8e43267051b1dba1f8b4345f2f23dad18bf820c7bde55237c0edb232bd4d597a6410717f4b0fe844568f80073f185c3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    587b2b404bbde1dcba0d964e5080d1c2

    SHA1

    79d584bd84a897d537d0b0e5fd99bcaf354e4664

    SHA256

    191824eee4aeed28e09d22a9732162b8e27cf9eb43c659a0c7cd54aebb6be4d4

    SHA512

    73bbae6c173ba953601fcf972e0a27ef136097801601da0cb70c663cd8431ab10bc048c97ba933d12e50b3bc8d4ab36d9002115caff0fa8846b0e3259f86640d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b78f478e83f3a8c4a5f83aff49c6915d

    SHA1

    245b98b3389dd822032618109ddb6cd3ba7e6294

    SHA256

    19c432ef11046843ba6efb8407bf41fc0b3dafe6fa0e29ccdbca4e3b3db1e140

    SHA512

    b39944f09d883ff031f0cf25378e51cbd50cd5b96c2967317480f69d82091daf15b3ffd56b456cf48661e0f18204cd016f0a65463d2fecbbc6c79e21ab31e18a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49ed49703a08316ec3c7486f140e073c

    SHA1

    57ee78e64d0388f3eb3abe3ce0795320cb1af7da

    SHA256

    c1f6c659132b9bc24c2cbda340c534b5faee8a62b6e996c9640cf4be133ed5d5

    SHA512

    c571fa513665a2059770dee0a8cab4543bbd3ef1bc0cfde1e9e17ed4c255a02d94b14146c50294013e724be513a5e1bd1ad45e133629de6f6345b89aae88d841

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8eb29121cb1e06279093cf886e1541c5

    SHA1

    eb14b30ad5f7175e614ba42bf21c0835db1946ed

    SHA256

    5238dd59e928fde05f17f49110cb64616c94b59f941e8c4eec289ef8781ce380

    SHA512

    4ae4e11dfefbc0fce24f8a6ced9b4932136f0ee58229ba5e7a45dd598b60c739483d652807842d561c5cb39b51a9c56c1d0bebea9be6fcf2ebba4aca6f42617b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3074f742f209eff12f36290857b55f39

    SHA1

    077317cafc07930d700d20c0177bdc45e124e5a2

    SHA256

    ee07ace12a6b2f33e61bc3a37ccb99cf700e4a1f925094ae14802be38058731e

    SHA512

    2b633dc6568bc5a88f05f4127d2b63b0df819255e7bf33d491174ea46a06ababddcfd88c2d17ba71e68ee9fd3366a068f9169ec2d9ebea92cd951f16c25619c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0962c8e57dbbff2e8df3c150622ba2d2

    SHA1

    ba8192e34806865795c5635d0d3fb1202ea311b7

    SHA256

    145c9378c7027f2d97a4becf31f68c18de540385e5641b924b7a23ccf6097faf

    SHA512

    11c6f3762d4f56eb4567ad49c1e632aac82d1fdc5abd03d5b7d1999b79b89cde24aea42da8559ae0da47c8e84b51f92acaafe526ed96a9661a896c484cd75e09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10c72e81c7e64abf834cdb27ba51ab3b

    SHA1

    645f43771d7aa56bf85fa03f541e506399451057

    SHA256

    20df3205240987ef2e3dae37d388997bf5908a158c0b575d05c0c59c41329a23

    SHA512

    2c35c20a45c12a626850f629c6e3f1f2901ce924c7b7b7825e740197fae30662b112eb06a12957d0ffc5ffb54a98a26d8470708137057ec1bf89ede773cc0c51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    40926ac181223cb8359a4c2e3fc737e1

    SHA1

    faf21032855ae49cc0227a5af5fa5ab8804f9504

    SHA256

    2dda04daee13d7489c5e499e0fa05706d58319f8f671e798967aa98ffb1cdbe1

    SHA512

    5daf628d4875803101d95e3df8fa75c3e121212a544096f17684e09b1d35d2c5e19e10bee1fcd63358c6d15de89fff8f48d35b55b5f52a560640df8299b37cd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0f29511f15ea8aac76191f934fd722e

    SHA1

    8488793af84bc6d1bcf13b0cd6aa3a5107fc7cac

    SHA256

    30825325d9d9ef637cacba3153d98c30bc0614a54d4a7b6418f4714ec4655d2d

    SHA512

    737867c17af4871db93cc89fe60ac9652c146847c6866b9d015bbe3b9466b1cd657cf33d8e0419f1fb237dc6a1d7838f66bda8284e144d56819e7da4ee3b874b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f523788effb96ec581084a8734a7c376

    SHA1

    2574e2bc26c988bb031fbbbf36b11e08456617b8

    SHA256

    58c34fa0911411ceb3010bfbf80b2be6274cfb60c9de58bb75845e18564ed1e2

    SHA512

    9a8504e8a4ce8ece496c6020352de30edc126d79cb1dd6f83587869e67689b151b98c252f2f8c5d2fc12f21a9c39317df7500ed3ffc3daf3a9d579825e204049

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a266d7a77fbd21a61824333744686e02

    SHA1

    ded7ee35b4c6cebfec3c8d5ffe1592837fbf40c0

    SHA256

    e0d43d1768e1b2c7dd72d53202d7df5e2945a01506ef26e0d52a7694bc3ab952

    SHA512

    dc22e1f2867df7d322ee31647392092390c9079f4b1452ba4cb12d4e167dce705761da8012ae3b465986bd268f21be519a7a34d1bdb1a34cfae2a0d0434475a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f95dd763b3bb4d2ea2e67fdb2b936896

    SHA1

    1c22cd16b38dcc14ed91ce7c9a974bb1ca5b6c58

    SHA256

    548972752a35564650b01357e0daa6c1b83233333c3594a74c06d252b2c97a2d

    SHA512

    e710e3572c0b07e7aa3427f4582560016dd860bcb930fe6174062606b4632db2e1df5c4ce25c116381a39a2a2324117981adce2fce8e8ea61d81854114314e5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87e9a3c2cf1aad2a6d37b2a9ca7ee76a

    SHA1

    434ffa5906f6523c58ec3296d68002948b3a92a5

    SHA256

    73b2b2cea8de6a260d979a8c9c4ade3871a60d1eaa2de72c6466c734b30ced6e

    SHA512

    0a7f0ed90c6788c8534ba20e3e4098bce6c88830b1e8ed3413a59910f7232482352da6b155b2339053c8bf4fc2ea2e5a90f14188f166865466ec74241a79277e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17929c9a07f212f8156eded1fa69b247

    SHA1

    ac18b840bf3e3b25766da409a6615ccc9f1f79e9

    SHA256

    0563de7d03fd1473862d73242c18d2213372a770a75754f8f0c6576d497e5543

    SHA512

    279ec8698aa2150f73c4c04fc4148ae0e06ad86b24b24eca1b5a017744bac69d9bd618caa623a31645fe36d28c2d60be697310349770b6a6de0a1b492c443b03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    528d15a682d4694b480d6f3c94f95dc1

    SHA1

    4c52ab60fe2aea4772273f6f1b57f119d8df2382

    SHA256

    2302edcdb608327b4be5ef642079c70106005c887e4762a2d6326bb065b09451

    SHA512

    f36711765232e767f695557443d08b62405e6dfce1f1bbe39d8e8b62aef087c7810b88ddcdb9a6048f54458d3ced802588a64a1b3776a4a7a5fdfbb568c37b9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3c9891c1de000af5f5b23bc28729d968

    SHA1

    053b6f53f3376efc0087c4bfd3c7cc02d26a9418

    SHA256

    8256a1a2b6aa8282f55598d509f93abd739cf8ae3d1079636780c8db37f40136

    SHA512

    6d30180884f67977b9febf193fdd1f7a02366f9c231a0a33cab3182be7e9c24c77a04646064ac4db87d1d7f8ec427e4643a84c19f144613d2111e142885c9bd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f155aff39f822d39f1ed96013cc8329

    SHA1

    50060321a6aa9d4ac759d46342bb162b00f532ce

    SHA256

    20eef276ff1b714d69134a759d45dcf94c628e9b786cfdb952b65a3e11549ee9

    SHA512

    093d6bfcabe968d1ee05295373ea4bb888e0b5988c637810566e1268ea8477ac35e7101d41cd08debbff8a4ef0ddfb6e33252e6429298bceb26db3329bca0d69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aa22bee6d2805607d5292fa11a2b5cda

    SHA1

    1f24db8d305758208fd05aeff1fcef7fd94afd51

    SHA256

    5042ec3e0331bc99e2f2778cfbeb8d5d227a429c67daee3fab0a132201425919

    SHA512

    ce95aa58d99201988fb079621d5ea2903604d92702123c8fd1b3a1a0dbbd9579db2270d8f6e5176aff586b019a4706355b78fe26f8f295ed8b5ab01313806d3f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFFQJ7AH\nggallery[1].htm

    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

  • C:\Users\Admin\AppData\Local\Temp\Cab628C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar634A.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06