Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 09:31

General

  • Target

    ukmanual.htm

  • Size

    55KB

  • MD5

    b9f20348346972a5d2e113486bfbf414

  • SHA1

    7299cadb4d9867ff85e0d8e1546d806da1e94872

  • SHA256

    d9bb0d8692420454d0c3c33fd7a8e424a897f79c401b2445f46ed7e14b5c82b5

  • SHA512

    3c9b32b6cb265edb90015ee51bd273d549ac1fe35392897746da016236c2acaac614b4bec9be0e1bbb29e9fa2618b613b27f9731e71e50d81d08dfa1a03258d5

  • SSDEEP

    768:d39Lj+Ctu5LvK2hDjmSdjhxNaTzf9H+vyDzzJUWxkYlWjDQMqDnMxTv:d9DtqLHXtYH+mDlqD6Iz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ukmanual.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2472

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d40e4f87844c4be2503dcd4bb0153ec6

          SHA1

          815542646d88949d7585e25bd9ec7374ab12853c

          SHA256

          696e26ddedfe5ed2cf774da2f549c8da11e4fea6cd71b19e8596e29f2004928a

          SHA512

          5a6d1c802c27e1cbec71ff7005ff4403485a5a741b616ceebc8a3225cb4feb93c88ece6f09a50414988fa9a61381d5dd806e9c049fcb308091ba2e938a6f8011

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f9078b4806ebd27a7be8acd17bc090ca

          SHA1

          110c6b7ad3f7f9670975a22ac9f80fd495a3e9a1

          SHA256

          bb1adc5c9a415c64cf7293405f26f207df799e96e76fed91f125f45c2872fd41

          SHA512

          16eb54ffd91d71e5dbbd73035c9ea632b1d521f3faf91dab30be27937925a72471ddb77ff4b0e15436dd976705b7b8a1ef58126bf765a9082b07590cce766e93

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9bbf106b73260e7ab3bf8c297c8b2959

          SHA1

          84cb2d9fd203b19a5cb177b601c17999b72dbfa4

          SHA256

          52f7c4c6454ef97fc21472993e20892bedfaa6085f7c929a799403bdd186f924

          SHA512

          9a47f69709c55a438d88c20be0f46137f3617a2dbe37d6735d05c1be0261b1c52b93d8d0f8c2c0c60613229e2e9a36a448e0010f36fe9cfaeb0582c3b52249ed

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b415f9222902bbdd1535115d8c778542

          SHA1

          7203283ed5759e944be72acf1166e6ec14231b8e

          SHA256

          d5403f21f0273da9708e9d2faa010da61083775b10b8e51cb55618b62e5e4044

          SHA512

          f278e9c683dcc9a3ed78a638f1d74a6141d2ebabbf9607299414c50fb4adcad8ee030c7aa5b95b948e6159cdfa547448bd35a0f8c74a5e0fed51ade983bb5b43

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0e180c725f44bbb68f62db8904a69d90

          SHA1

          adfb9d7c8aa8c03fcd1fa697ba99d5f1eb241f8c

          SHA256

          977cb1603d78ebcd3d15578ed38ed583d816f8940b61bef80f7e6e34c5a9db3b

          SHA512

          ced6db24882720a6a2ee86de81e24be864d4e698b8e29bff3bb93b626db57d47eb527f223d31b3bf758073f196a8e639fbfebf123e1751eb86f7ba23c99c5fbf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          681894dd668b606c5ecc83cc7d4c8b4d

          SHA1

          5057a5f9ace565fac9bdb475ccdbe6833ea9e51a

          SHA256

          eaca6641bf22f057070094ff538a1f1b938dc3943f70f145fd41435b152c46b4

          SHA512

          8ccc01a1e1feb507f64665881f08a737c6c3009739942c4355652de4a1a9bd1b719bd426e93773f1ed842badce9f6de16f9f533045fc03556c4ec7bdcbb995ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d4d0105a214c05da0a96f13bcfed8553

          SHA1

          e8ec07425e9b8182237f511a04e0d24321875a0b

          SHA256

          cc682e5630e357d490863ed06b47d96ad70ef1f2f5e87e6f82d8657ea2fddb07

          SHA512

          30b2133999a4aee8bf7652cc45ce8bc74bd2b3ac936c946d38e98d077fb6c0f8544b33079c81d43dc88b50eb990dbfda9ce1a9394ed2d930c8fddcf45369f877

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          28cfd5d23e78862f7900432f96eb0e12

          SHA1

          3514d25da681db12736d9f34177a78a838c0aac5

          SHA256

          79ae874acc6a13638af24f3af33a25b85ae917f0aae5aaf897a96b0abf18246a

          SHA512

          7a79c70e5f19c36384a29348c8864ceb9f3573eea03d49cd1c3f16fc53fd087887ff88fe558d8d6787f56334bfff6ee17b88bcabb02edadebaa191a18ec194b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          379a991ceaae9d6c2430cf10858a5c69

          SHA1

          1802f16ac3d37ca5ed63d8c07f8f0ada74e2447c

          SHA256

          f8f435819cfc54d167792aaee05f1ad1aa304fe9ebd862aa661981d01fb69585

          SHA512

          cccb9598266967dbb6e9b59f6ffd64df9d4051f14e99e6d4ee7fc443adbb1b3f4e74e4237bee5ad215d00a56af787e4dfaed6e72ba7ee644499d6909ab42d6a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          352d0bd3210a0b2f0f1085dd916c2322

          SHA1

          b54df2926a216446cd2ba9650830b69f18d36f67

          SHA256

          8a57fd63b8843f9cc7c587f15e630e7b4ce83c2cbfe03f5f9c91c2c91f023431

          SHA512

          d755f046c109023d23f2f96b6eecd55f2b2bb7b73b79ef380a75662750c2a8a6e2b449f89c8ae4f9a39389c5665c57476fc4097277d8682adf94b01d55428bdf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2b2a205cb709acf6519736ff695f10be

          SHA1

          6aa95f946bee871e248327f41d33729dc7f41501

          SHA256

          d7d7b922fd9c852309660f86d7c5276453770df0b4b3d6ba8601c1b28c75109d

          SHA512

          83c2b8e12f7b8c6b0e0d5aef1c59c5c6becd27302672b061dbf9426515fafbfcfcea33f86d560362fc326dff8f4944869b9448c3409a6b41dcfac98f5d4e5ce3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d9c3032ceb2b8b04d141175b8ac195b1

          SHA1

          8f68194962bac49848fb797480d99cdfad808e96

          SHA256

          531586f586dfa3f43f5542df8ace430e77f522180cfaa59bddff654236ffd797

          SHA512

          6a93c1d88c2a93ca5799ef98c19f9609e7e5a475bfa354b14922e5bec0285cd13cdf74f2db9073365790eddb2e7418158a7fb6c04a8cfb7ddf835000563d0e17

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b553ec6c0d754f3ff4f27f71cda783f4

          SHA1

          0d139386285133c15a77c15ff959932dc04a1a5b

          SHA256

          201447bd49fad966625fe46bc2b97953505c55eaf7c072c0a6101fc819cb89c2

          SHA512

          e31d75e34127cf3987f2f7b330adff376c70189a35472e9143809f9f18da3dc776a58a0976160900aead2f5da4ed5bc3f5c19b46617f804e1579a8b37bd485fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ac91313d0d2e90815df039de7e717197

          SHA1

          e07d6578ad4da4dcf04f2570fd21606e58cac461

          SHA256

          7fee66315d2d94926063da25f2c5ee7cbaa2788bcc7005b830d902318543327d

          SHA512

          424007649075cc95bae5002ba09c4e1c2deaa620211ad97ae7f532eb3479587b415a7ed90d1fd37f365e29da7a0005c1e98833bf610954b3f866a4dcbb9f4d15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b25b7c0001385217350115ee2e807825

          SHA1

          2bd2107cb1261520b883a0c4ed32075637695ac9

          SHA256

          12eb953984819e5f0a2e2277d7869f5ba5ecc1ac4887630c37cfb6b3c74fcaa0

          SHA512

          4b568c30b6c3e3da7ef4c7773d3e8132d49bf1ac7e8d397a8a917ef4d53ad566ce294fcb54b3c6020d207e9954b8f1a030906982f0c5ef193f96e693497dd8db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a950cb5e1f9bc0c9f74321136ab54a21

          SHA1

          b1a76ea7709b7acc76ecb38ccaff4166dd5774c3

          SHA256

          bbd61c2bdb7b0d5db67535c891e62197d44dc703619ccf8bc33156e34615a483

          SHA512

          d1e466d6c9f9861a04b574e51a5edf89f2ce8512892b532de9c9d9b82ef2382129ca9fe454ab2dd2c5e734dd155d598f130509f630c49836974a436db50f8af8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3b8ba8ae0537fa12abe5d2fb162d546b

          SHA1

          0dbe234bf8f29a64898ec02521b87dfe20806657

          SHA256

          75f67813b7cb693ffb74eef6ba126c49547546fcc2c391bcff2492cc7c95db2e

          SHA512

          1fbb475e4b4b79a269b1cc82e329ec2f9925fee0432143fae2a06e38a02870ba53d7ae35b664329ee2bbfb9090e39337df862213aef9b13752ab41796df2e4a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7c8856deeae08628c4410777c008735c

          SHA1

          9e1e5bea96bf37e7ef22fe829f60062d27fb30c2

          SHA256

          f6e89a616fb1d3cd719cc3d5a5437deaeda338779306e07f39b0f2532151cd9a

          SHA512

          410c8d89b22a46daeeff0c0c138d956747a1bee62adfd4debe1a0a3e36c4f99e2d4028ba0bf06a2d7b30c8598f5dc5eeadde5422bdfe2159d793f3abfaf6f8ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          715d48caf3149807d27340a1f5fd070a

          SHA1

          4e2b2697c499dd269c63d2fa159310c9954857da

          SHA256

          f2abe79f301057cedef7963f8846aba777db1cef0798c612070ce7dc23217744

          SHA512

          826375a0f1c945e24c121f3854f5f0c6cff2b646368f8343d699fffd1213b66bfa06786e2faec023a2ad4512fa0fafd911e8adea292da6adc66e45a1c050d52c

        • C:\Users\Admin\AppData\Local\Temp\Cab9A6E.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab9B89.tmp

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\Local\Temp\Tar9BBD.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63