Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 01:58

General

  • Target

    default.htm

  • Size

    530B

  • MD5

    318dd7c001cf8104a5ae0a0803bfca83

  • SHA1

    bd789cd0425a5635146cefb32809d14840217b70

  • SHA256

    917ed0f5e82765cbb05a342b6cb9a9dfebbe60c6bc12480ff1e64fdfe03dfc76

  • SHA512

    1e466964e13a72c5ceaf9fa0e3783ac5a70cf3f7988de7203af0df4b512a87cd09aa8527e33c29c65b6a4d6eadd9ad8d699567dd41167aa3cf205d022e263500

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\default.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5f6cfd6fe2d39a10f332e7951fb43ccf

          SHA1

          deed7b74fb948311a824bb5f8ed60fe9dd0e653d

          SHA256

          e64bfd00d7f4b4c7a4318a908ee81a2c4b780ab165b8e0c23ced54ac2b1b8d04

          SHA512

          200e3b4844f81c0f1572ef35dd0f77d0a5fe47ee47e9660af98926807c4ed053213e3b10e62b0b9af7770984e509f08fea33ec6a0a295dbb00b4037a773e1de8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4d7e24a9f61a7057631e1fb1134be89e

          SHA1

          aa4b9175978d43f450810dd1b062da164b50786e

          SHA256

          a5cec03fdc1cf56f928a098a564c7b56fef3023add986e068d14945656ffda20

          SHA512

          afd075f6910e0d1c5ac877858753dc277ebae0db4d8ddbc98c5ab3035447b03e36f25b290e4bc8c877a582bc5914bbfc1ebdcbbd759e76cc092eadd99fb21fd6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ce432e346c8f10cc56b49120694f8a1a

          SHA1

          4ecadc7cb66ac86b6c44d1a2704492858a031fba

          SHA256

          415b7713e513798add3dfee4d0ea6dfcedad8fdc9b7628caeda27236778eb9f0

          SHA512

          128ac930f02a081e3bcebb82043cdd9a441bfdbe53fca001acfb2c75a622372dfc9030e41691902cc365760984f115dceff5b6908e067faf0307ccefcbd22618

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5549fb807d2b5965387f2d815fa09283

          SHA1

          387d6ff6042d4da8b6de1954238a10845bc9ee67

          SHA256

          5c50a42bcd76edb5cd5d32f3d0283b8e05cf3170fcbd71f29a110715e1b84ea9

          SHA512

          cf4a41311f12e92175812a97eadf9c79a9f6697c63fa1b18cc0ea1f3ed2a8f249622c6e01a68608972fff97d5e2b1890091e59f29d2ba8498258745e3bad86db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c5aa8f15156215f5d6b81b76a62a56ed

          SHA1

          490bf4e9006c092a4130b9d65e3c6173978da734

          SHA256

          7175651122993ace504ee4abddec4405b8b2770e896d0ce71574e672fb9a1c33

          SHA512

          9fcc5b2683b7d3ecf06e1458d572b2c0f0a6c841560f9fa72cd91cb30ba88fbb8e8f43da3672185a2e1cc05c273772b4147a0d5bd7b105e197e5151b34b75e25

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          11bb36fec880a428d089f2f395fdf0c8

          SHA1

          86ce8936e00192198c226a58782d416b2adf70e5

          SHA256

          f9ada2b5785716e286c73d9d881d6b8123a96c41bee391fc6dadef07b37d0146

          SHA512

          8073b6fd48833f60f9571a796762b2ed6020efab8e1b00e04e8caf8f1b7a83a982e1e4b1359dbf6eae2c0b14340594fb93b654682592096476d8d522bafe1c9b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6e2cc0bc59aaa13bdb1fc46a514ba0fd

          SHA1

          1fea33026a6eb2afb45f4d60d4c8ddb1a17889f0

          SHA256

          bf6a5de500a0f30b2c1743205e90c67467e8de4999314c42c25f0759195bce11

          SHA512

          917dd17f244e0b326295928ad69ff1f63e3ada8527ef4f29bb906c6cb3ae67b30476e67c50aef64f8ccabedc85fc93ff271971222bda2802efccd83e3a06d4ac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f7aec9147fe027742345f17f3946d0c6

          SHA1

          306294af9f256b10ae286d8026ba85c7df38d4fb

          SHA256

          47890b96a4c8b647450f3d501f5b4c241c1d015f35a223232592604488101fbd

          SHA512

          1fd2979436547fac22cdd973d094214dbba0cca32c79eb05832f1b5af00c201d5c6ca34c1e90d9cf7d2e55ce3f64518083e2d5e3df24b3039854f5696c9fb7b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6045caa4f415a11e616c65a5d3e6d121

          SHA1

          81e798cf7e96080ef946070faff28d3e276e14c6

          SHA256

          483c9858dd11758c7ce1bb992413d3292b77b72a04c0477432ad8e44eeb4128e

          SHA512

          1dd3a119af1d87767db01b612bd6d629ed82561bdcec310bedd846ee69ad4cdd44165658d1f00db0bde3547c9d506fd271d24b314fe31693977f1b0c72cda0d8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dd88ff39729c0f8d3e31baebceba16d7

          SHA1

          d842c140c2ff0f86dc8f5839895400cb98641d93

          SHA256

          bccaadc67fb33afeedfbf72f504381d5be07185771f9ec9ccb2bd6ca0691e502

          SHA512

          ec9935e4d08c37d99eac1f25abe2cc557460975a684a1a48c32d9cdb9f6f24b6d4156255c213cf36a68cf92cd3a05ec7eec91f5a2a450498864bb69a4600b764

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b8941eb8b40892f01f607b2a12282799

          SHA1

          00d24c3cc69d0f397edffc326a8f4a551645cea6

          SHA256

          4e08f7dcb569803f5f75994ddbcda9ba6e9ae597c536d3c064cb4dc4550a8589

          SHA512

          b601a46fc46e2b3742b21bc55a20b02e1655b7a435a2a122345865edb80711b105015cffa23cea923e69580fe7e4975e1559b39136c142198d2581210f84ac23

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6810500b3888c6b257d4b47635ebb12f

          SHA1

          db5188d5c366d559877be096745fa53ec1a3dde1

          SHA256

          ec156c88088c8cca8ba46a6c0462e7bb54d771004e86682ff566bb08917b979f

          SHA512

          e6e0aae3bc5315aedefc82e1a17108c5374dcbabd417a0a7358ed3dfba5d9c3a973cd008be150be780914233ac1e2b2507e4d930ae1c9a3d8ef83d89a66d73b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          060e7290fbb6e50bc5249bff0f2f2ef8

          SHA1

          9335468e3789d4d4c19c5dc85858cd829e202b30

          SHA256

          6f87e8e7245d4abe4c0329bc9409e8e4a25c683d707ba508e5d6febcabc7fd51

          SHA512

          a7be0f07118b40cd4a7d2f1f2084041f23ceb168b6405398dbdfb129798e1dd83995e2a1df8a80ca10aee2b74e40b1379dd95dba01a7db840afe4a49a2070104

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ae76815c4d7798900b94a5288ae8dfb1

          SHA1

          510e6c1c4461a0d4c0a1006503792e296e25add6

          SHA256

          4227fc57ac5572445bb93989a20db3c709969bde6ea02b6b33e78f0e47674359

          SHA512

          0c23bf78d3b19261936a3494eedd2c95d3babd8682ca57bcbbe5851bcd41a498c6086605e6d5ad585b7bbe7bfadf350965306d1e2aadd873dc71676a4fec8278

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6ad775f95fdacdc62734d3cccce6d387

          SHA1

          c4245a62715dc12b9b86d339ab93bb348ea2d135

          SHA256

          7fc29da14e7654c7390069df133f9c6ba28a276427ddf5d034b8c433d16b2bdd

          SHA512

          8f949f8f9e62759a907ddb77150380c459b9f74ab9cebf79c407336790793659f98122775b01a8d82930e81c0849b8cb2d751df745e1fc190b29b747c56ab5e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          227aba41c5380f13a64762161fb598fb

          SHA1

          24bcf45e0d8edd180ee37566fb6b6bf3845edd6c

          SHA256

          74fbd7b88abd02f8dea231aabee214ac8ceddb0714dfc8f1de525096ce88bda2

          SHA512

          cd74b41107c29ec2394b740a9423097b7e00932df067da26bef6656b94fb686d29f3c391b14038b5a249070bd8b8fe07d61c835cdde3fdc827dbc2e8601ec314

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e882676c2c94fa6530a1f30634afad9

          SHA1

          3f93d0707541329e6a52a5f1038355670134b6cd

          SHA256

          1864d330e69f929d8e2236602a88f6ad17515c3db1c85c7341f4b2257c5dec2a

          SHA512

          5dd193e841945e00d37064df65c4cd0f585842998b7cc16d523bfe6ace9f1e77f1e0000bcd8a72db9b8d11c05e7d4e49f75a87b23d40a3c89711b525fa3c6f02

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1edd2f39d95f2e66d6664e779853fa5f

          SHA1

          239fa54bb18d6127bb96b4cba30689e5c3eaf568

          SHA256

          a5c25946cb78a952f224107cb8313c8f8726de3897103f6c89c23beef218960d

          SHA512

          f5b976032e4749e528e0f41121a228d130303cd0c0f58395dc2cf8209c0f107fe3a22636a8ca1b62066d7548cb1d62936463ff0b3f19b96a457d78a2bb6ba4c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8cfda886c35a22de92f8c56a499933eb

          SHA1

          8266be75d85f4f6b6a7cf3bdba6e35a5b337c466

          SHA256

          37fe79ac44e6cb71627bb3e5957299587dbd0c86c6c5163a0445fca6008744f2

          SHA512

          a8aa6096792a8c5ccb1eb38283d48a75956e4d037be2734274b9e77cb34f98b2155321e0455504dd9a286275ed323c7076405feb6caf0f8b88d9f38bcb586b38

        • C:\Users\Admin\AppData\Local\Temp\Cab2196.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab22B2.tmp

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\Local\Temp\Tar22C7.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63