Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 09:31

General

  • Target

    ukfaq.htm

  • Size

    24KB

  • MD5

    796699abf7e3066aee796dc40e4d4b85

  • SHA1

    06a40c69b48d23d5c192d07e7596af935b269328

  • SHA256

    034481703a0b664a7f86660a67e54e7cc755cd90d57cfa4f4b8b3b7622ff126f

  • SHA512

    e120d2edafb91a1848ff0521a53f2bbbcb99900998dd1ae67dd5d214c065c3bec82c068c1e7c97c8f6f2d52cd02b7b5d05941bf630ceeff422806b1186c3b984

  • SSDEEP

    384:g10z1xhd2lVTgEuNSzLE9GgzFu1EmMJpIokAuJmpJlYeJwa4eNzzxkGtQwRZ6O4b:K8hcVTgEusnJKmr+u0H/bnR4b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ukfaq.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2164 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          eadbd5ced3469943d27de381d71ba7d5

          SHA1

          12dccd4d26a7f7cfd2da413a3eca6fc2d0151aad

          SHA256

          ba893885e6ffc31496b30c9a230c6ceb3fdf53031639f77b83467068a9ae3441

          SHA512

          5fb1dd3950fb9b9fbc2fb90be64595fafb7e644381d9ae93404cb79b82e5ab0ebbef8bb42cc1de206b60d9a95951eca03e57db0c288516e3781df01a582c2e07

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          aeac266472abf46418d222ad2a494f14

          SHA1

          142d95e592f7a5f9fefa9fa55a3437ce718b0680

          SHA256

          fed74151679c88e0eb9d509b61e196b7853b699541a3a0f2dc9ba7b570d15ccb

          SHA512

          51ea69793baaa6f0e19c2bdb4da4a7c61bd2056c0ef9d05f039c28ff091a158a8af5e302f7844466a851e741ff0ce7285aeb1cbdad6acad232880e30c759dd40

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          082d8d27d6157fd9a536baad2925362b

          SHA1

          2ee30e572bb321e9fcf1a653a2d929aff1424aba

          SHA256

          d6e6578c92432568d4dbf60c959937b12aae4fc6f09c4bb32bfb150ea56a88ff

          SHA512

          b32c76e8d67bfeb13a9320e98ce73623b693b9f21719de54e91ae9e8f2463e04c73780ee107f1442e51e294470ba5c8e0fd9e347924600572c8747ab18405539

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          09e1ed0451b6708343b5af6ebdba254d

          SHA1

          feb0d69af27fa4dea53413a221fceb6a40ffc35a

          SHA256

          aed227ed389d5623e4e4116da5588cdd0dc2fa1b13cf1911a479c170d1d2d6cb

          SHA512

          2e5f0dc443359f0cb034719533dc50751633ff4b58e168d7d86f6011145ead833f9f89f0a87e4c52d2de82f6dcc058ac107d8f105ff11fe290fc99f55782aff1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8af6b6455a1f5875492b0371e3993a1e

          SHA1

          e5bef6ffa9d84959d270d9fa8461b5917677fdcb

          SHA256

          c163a19e63b91cc964a21dc79fe01c9cc77031d09c62a3db94aec06f81dde955

          SHA512

          b65025d532b2d0cc4a18181481fde357ac129e11525e2c55f5c4665361a1aea5d67951d22f8fe79439995685ece9c48fb95371651c4417b747630eec476e57e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a705ec1449046b527f41955863cb93f1

          SHA1

          517e69ba27889a92b3b653845af8336ffa058f91

          SHA256

          23b0214433be9cd18bd68c32cbbf428d594de10ed93a35cc63ece9ee7e5ee69e

          SHA512

          ab0bd8686ab2a4eda388ee7cc0ad7babf9cf69bb9743b59097b7058dadeda3d328bffd9d36550d74f2d3746588be6032db80516f283a5dd985c5e38c18edef73

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          68f813dc3047a1e7fc468353fb1c7c35

          SHA1

          887f6acbb3156c897eefc092b4fc1ccf2ce00973

          SHA256

          5ab7df1d3a892742521591fa2e25d98aee88a5633eac1de9f50aea284f217545

          SHA512

          912913b1c5c45572219fc950f96f93e73e5a50d215da23cd9f176aafb60bc36df9335eb048e445685a42199e19f327bb2b1a00f9b8e5b7ef1b106591f5ebdc1f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          062db21a059651bb6b5d251b15fe0f3f

          SHA1

          26a7f9b021266aef186b999890ba583ff159445f

          SHA256

          e7f32cc0bfc337db06df6a665440a5f213169695439da66deed8a293fe67a342

          SHA512

          a58831fb5673fe0c6e6878ed039fb4b1334db87ff3258b15b792181cd4a201297c72777f552ef0e13c6ecc947e4dc6484134091bcc18a2b3d77f54cf9398ebb1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          182e434319ef0bb52da6771ae48cdf59

          SHA1

          7d3df48d2473a60c352d58e89054919624e040c3

          SHA256

          e96a220c5044829071317dac70989f9a2de163cce8afe46388d732cb7c4f043e

          SHA512

          c37e68624d25fb1402baea77a563d423c87859b5be2a3a5146ba0b222b43c558961076880e20f45ee203478c36a72b97f492090e1c95fe99daf8247ee3c222af

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          818feadde94b20f268dada87422f5989

          SHA1

          1e517ab40bfcdace0d40254135fbb9fac4e34c56

          SHA256

          330837ed64631b596e867c5b790be35f8837e099d9eadb6985138de9f2b49525

          SHA512

          b64afcbb422f81d84f576ba536e3dfdaab87c017a92b096544d767ad405e623479f8b4170c85845f19fbb2815584a96ac952f0bb2b731b61ac2229cd694e7173

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a3d716230b5d173cb499c55a573091bf

          SHA1

          83bf5f00edc1e831edb52afd47c1259b23ed6d50

          SHA256

          8f3db33172018df541a042295a9ab5fd761799f3beda50e275e636dca1c3174f

          SHA512

          f700fac01ae68141a45eb5f2e74c2d18964292d16fb06d79c078e68f98ca572a727001e1803975c8993c583859cfdd71181135e01e5754f8f8fe07a0bc5860b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          78c6ec940e3124b81d74f518f1a72b98

          SHA1

          05480e78626fa0f5e96d45b9f5db7651fc0bea5f

          SHA256

          da9ea606267a7304fef6e8ad47bdf5787c42b61c214ab943f0d7ce170c6bea69

          SHA512

          342fc63e377431fafd8ab5210d36da7c33ea2a8e501e3a5910a4d7150f28a833e7fe0f913f3e4503fab44fdd64342dc58726aa5ace28560db125aab3b91ff6bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a78f0869c55dffdc6a4abff0d926ef76

          SHA1

          612552550c1043ca68224d9ebfae8016534efcf5

          SHA256

          a303f10986c64fcf603b2062dd28444487bae7c0206a41dfc1fee0c0fdc71df0

          SHA512

          238864039f3a64cb414682ce4cacf65817e11d5d05e67a33985f1dbf190a73fafa7dd062c82f31fc690a1e0313ac179681a776f6e30c21f7096a488d643db8df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b6cc467605480c0d04bac6060ba5ae35

          SHA1

          098d0193b8a3f8a5f3bb29503275a11b847afc55

          SHA256

          c1e44680c4b7bdb65e9bd374d0c07404dc09cdd88d8ae39764223b56651e0156

          SHA512

          fa4a3db1fd5b8c16bcb16319bc78ccbf00ba767f68286aea68187f8e6bf7a086aee5a53589ce032716436266f12eea29ca841ac433b9a8efffbd242860d510b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          34ecc65dce46b338e2d3d3c220e462a5

          SHA1

          043eb1ba1f081f1f57a6e526dfb7df67834362ff

          SHA256

          800e360545a1b49863b7787ce6bb63d34b6054912979da10a16b6880a2023f5d

          SHA512

          bad2edc47d22cd78fc2e89f589ef54095c7e822f03e994f3d0ccca47fab2a3f1bcc5e62565fbe698bd0980a851d8a79ca10cfb60c51841371d9e6f3b686b93c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          62b875ce5623b77a69a7802d9d3367ce

          SHA1

          052e07897a04ddf88313fbb7b46066ee9f945fea

          SHA256

          38a3affb1f589a310db1eaf7b0ca5e6c066a2c8cb64585ae569a0176c3c697e2

          SHA512

          e9503a039ed7965845f1513958c04fa75f8252224f949e086e0289a1ef2d5bb1f6bb3799405d062b7cc13015e10211a10e5452a7cb6df43878061843d6702b8f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e6e2a1ef1c5f0d28d362d40778cda905

          SHA1

          bb245f4bdb98398f6571bd3a826dcdae4e04f901

          SHA256

          09a4c0aa0e126c088faa01b73b0e5fe26fa70fbef420c84cc79cacd0be6ae7b7

          SHA512

          172d1394fb119ff7a17a030121dc97f895a8fe994e6f81664cc792c5ee2e976f514342137ca774dabd98e1a69584f27a6ad5d217c2a09ce04ca5c229c2aa4a25

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6380412d149719c7b77cbe6c485d49e7

          SHA1

          21068d94cd475e45a33cb8d68471b423e0cd34b9

          SHA256

          387dae764a7457ebc651eac313b3f374fb47fd2ae3583db80f71741041bb22ea

          SHA512

          dbec2e871b91996e31cbd38fb087ce1bef62dc0c3b12eef66f4318ca9c13480cff162ab209eee6049f222600585da6107839da32993529407f8ac3cb401c7239

        • C:\Users\Admin\AppData\Local\Temp\Cab3A06.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar3B46.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63