Analysis

  • max time kernel
    148s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02-03-2024 20:29

General

  • Target

    TheMalwaredev-s-garbage-main/Install Windows20/installer/explorer.html

  • Size

    1KB

  • MD5

    a2c99a77848dc50a94565b99a7fa182f

  • SHA1

    91d49bd2874a2e2538aface97db15602c6e48468

  • SHA256

    5d8379af3a8e2b1d4de5fe2f138e81651d6c874b2992f120298b633a09596c26

  • SHA512

    f73c1f20fbc979510fe6976db2ca041991ebcc677089f715acf9a7fbfca19c89c85536bc42274854f27f096a3cf63e6d9113907fce7ca84f96c336956671a6c6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\TheMalwaredev-s-garbage-main\Install Windows20\installer\explorer.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cad1ecafcae5774209cddc57d03a7948

    SHA1

    4a5a743e8107c22aae9cf7a22c2438094b6ff246

    SHA256

    ea145f3c7a91eea141d26786556d472457b4589d3638cb46a93ecdc5480de2d7

    SHA512

    b5fada307d535e12e9d54f90845b84ceaa3ead0430608afcca8961218c52582e6a87dad86137c8ef9436daa2b67c4d2a01000e152a09e72988491b177bf074a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    413f4cff86f9f178bf93d25445cb7fe5

    SHA1

    6c6c0495b0713f6b38b3bfa50c898226e5a086eb

    SHA256

    98a5593d304df0df9c66cfb60a23f7483d6fc3a368f46d259c382f3142abeba5

    SHA512

    47d4dc6c46f158eaa48e92986b1946d75d4e1c29d5805ee6963175f8d49e274880a7c8b1fcbe7e1c2e552f03dadff75e5589f028a5ab4ae1fd07bf63701080fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e2176554c2abee26f685cb6064f4313e

    SHA1

    9642942e58cf96440aeb00c24f822ee1343e6a98

    SHA256

    e52b3cce6c29466615d30ec11eeffff2d194ae7e78cfc55ef573efc23baeedff

    SHA512

    79d0a9f835e2008f6ac4f821e2c90f5e6dae4a51cb95f8063d3dad081b0378b5df9b32e10a70a78403dc66099bfe99c1e535b8102ddae165a9057fa39cbe788e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    551505a9ce764df166efd51ba85ca610

    SHA1

    d329944140f04af7bf9732abdb444b2bcad4ef41

    SHA256

    064eb3a50f6763eca732b56d63158e6ca9a0ff38a14c206731044261b2596d2e

    SHA512

    333b00e75a032df6b60464b0e16774437db90c16b31b25a48049195f8aa81a3ed888a368a09fbdd8b965b8ed30f428df27d06753968b4043b3412aeb72ca15dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8cfb93fe99164a384383691afce4f9b3

    SHA1

    3eb3a05b453e423e3d73d23ec45192e6def32556

    SHA256

    35d7e9455a74a723ed6963b9f2e49a8cc4cbe510063b3d1b031fa6c2194a6615

    SHA512

    aa125a1d532c50c6bbeebd5da6668b8614d1442afb803b19abd80270aa5ec8f1f540decc9996325c4641361664bce9d99d3e38f98557f71381bbc67be12b082a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e6abbdb24bbb802fab5c7836032049f

    SHA1

    5477457a2c568762e96edca210866aeb56bee2cf

    SHA256

    329776f0b4588a9532b00ae749817830c2973f70f1708cd8ef7dc96e49762316

    SHA512

    58a1faea3768eeecdb80f09f840890f78058cd8e29b93c6544d317fc351469b878552924d4082435bdca9128c357ab7bb56d78b4465845675e898d7d7ee32dac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c24643e1af231a47d264fb5d3bb6485a

    SHA1

    fc76434ed764cfed438d310c1000e9b5be79835f

    SHA256

    e8ea37332eacaed4f9327820b88a1924c0fbfae99d6c9892762cd0d2ce8899c4

    SHA512

    5b292a78dc544c879dd6f75acc5929386528a8d6b1faa2af3cff1abd7c794d1894266e146937eac75568a36fbb5a695bf7a65fd2507cb0b8acc2d538406f31db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32c4e06b43fe931ea2ee39e6ec7d3534

    SHA1

    69aca00d60b9e802b6f54efbf26c4eeece93eb8b

    SHA256

    eeb01fed55a14657b2ff5dda2ca8506b5005124546e1d8b01699ba8e01de13f9

    SHA512

    e82fd4c32d656fef4531bb1efd0471359d90070a01ef0e771cdd64910fc6f7d298a00111f3cb403eda05373c7ac22482dba8e81b5ced4baf332e62cf9ade9fc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e98a725801a5ae410da310bf82a41b5

    SHA1

    ecab477a73ff7f73e88fa0c7e4db13fed7a2e148

    SHA256

    f61bbb97b5a1ee142045d25015f03f2d04643a8eee50d48b4bcae9993e6cd91c

    SHA512

    b04e3348550040bb4681500648d95aef1b6afeebd369aff29e429837ef88e7dec7936a1fefc27e09095504d16e2d0873a3339303f1b2b49c71e9925f2695dcf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    75394cc93b234208d3052c2b685f42b7

    SHA1

    3298d4a36e3b5321551f5b928c13498689aaf1dd

    SHA256

    3f180abb12d254eb2705e29801f23d20118a59cdc3861d5ec4fcea74023c3dd3

    SHA512

    8f07beab562c9b3fbe2386e30d56b8eae93a7860e6d227732683c37c688dac291638b00543197969ef1a850bc0af3a5dd9b7d07ff778342e3c4905105e91d3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    183dfea8c5f3c05937b993e8ae839238

    SHA1

    daaa4af6d9612f9ac70587e926046025e7a7eaef

    SHA256

    69054152252460a5bac4626391c8a407838df52be5b7ab7dac403c193dba9981

    SHA512

    7dc27db96f9066fba8806b7af1c9aed4089073351d37633cd63d80448bbf20bbed7e4948d1c4ce7eb318278009aa9beade05fce048596b82aa16ef56399fa44f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51fb01ce105bc9e22441497a77027dfa

    SHA1

    54d01c81437da81244f20609f5725fcf4e8ff1e7

    SHA256

    b8773a351fed13f6df1e4df87af05b0d995523762664039cc6c4fc60e7a74cf1

    SHA512

    3ca43c8c86f4a71e01b1a935ebe7cd98032c9ee5c50db51ddd74a6a87d0e59b6b4513a5bd30b40b24d70fae7a95e0f2d01d28ec42393f4bb9ca3a80850a59eb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c984a6a32212ce55f1baae8aea6bb54f

    SHA1

    d507db207af7ef81bba29e904fbae431c90ac35b

    SHA256

    5501f2304edfd109e2eae71dee0f19b936c4876a86d7044c89935527bb2bb76b

    SHA512

    e0eab56db21128f05713c74731f2892aa0776b1f81d211cd9465445461136484d532bf9d16e0da7fdc5ed4ef0139399847840284cbc2a27f8c4acdfae4f31e73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e682d5727eb3739fb50d240833b01859

    SHA1

    7fbef496aa50932c31f5c46e9ff2b3fd0853868f

    SHA256

    c76caf687edb6367fb9cd76ce4932329a5234953af51db0badf743c882a5dca8

    SHA512

    e96aee268da2901a503f24519612520564a11c14a275da02a7ad201523b43d8b746d7cb5d96413e5088da11dbe3e02f3721efa9bf21b88bb6cadeffcfdde2249

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    59120ada190a0d689d754e4f5ada0429

    SHA1

    58d76ba00f127fba5e537e3b6bfb9646c2ee72f0

    SHA256

    93df48ba638c758d199e54d430079c690f5513c5118e5848aec328af071fdfc7

    SHA512

    058be21ca86a83ee66c7f97ca1599c851460beca665edc0103f277e7ffd61aea45cba0aacdc254a5a958f27ea860ca90d0d054ab4e4dd0f3e6b5b7ada7fb4b1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de34fdc598196d5ab10540a9a3c423a9

    SHA1

    709a1a58c4247d9210b8681e49db29bae7bd49ef

    SHA256

    d444d6750142f7260059251de3f69279515fd101fe9e2aa5bb29b24a90e77895

    SHA512

    c6a552ef5e28e51325000a5fb610d062edee421851047f176dcf644c587c651a23b4048669edd54ec8f9feff3d6f57beb89540e95a9506fe88736f73873c1b20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5b04b000cdae0edd48a27e83ec5fdc0a

    SHA1

    96f93212df8d16f02e9298be9c4adb14e09c5eae

    SHA256

    d806721031b86097536b0dd029ae440fef4346af35ea6d7885c60378e2a63074

    SHA512

    9c9aefac2f03201b70e53dd2e05f62bd49ed3c740dcad00f758f787680fcc0598db1ab560995c4261b0de7b4135bb22c82324ae4bffbd42056d093ab94b914ac

  • C:\Users\Admin\AppData\Local\Temp\Cab44FF.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar460F.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63