Analysis

  • max time kernel
    135s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 04:58

General

  • Target

    MiniIE/CN_MiniIE_ErrorPage_Search.htm

  • Size

    1KB

  • MD5

    0a01a48d5369cd5647df48195ed2c699

  • SHA1

    79c125c2de43fbc80e7ba2237e9ec262d6d68e18

  • SHA256

    9037edda884b61d2ba859fda100c3f925e9046e5239902c4d99859cc94e3039e

  • SHA512

    926cad89eef944b88b577b59bcc80a1dc747172e4f3b96e5c7f34e30efcdd30ef3a2bb0dccc967bf38c578117520889f2216b3bc927ffcf3022918db336b631b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MiniIE\CN_MiniIE_ErrorPage_Search.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1296

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7593485c477d0702d5b3b380f5bf5749

          SHA1

          be1526606c824fa10ae323698d97e80b1941348e

          SHA256

          930daea94efdcfefc0e902d20149084cd7bf0c71ab81a5fab6ef9eda6c62c181

          SHA512

          327846d0a74cdf02cc407f096e0b9419ca468d7f8e78becf2a26515929e58578fb2babc51ec5d490011d44824d9c65f87dbfac4b6c64a25dce6e0276dc05cf99

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          86ae0e8060d4ef848ed9a8913305ed45

          SHA1

          dba63f1ebaec7c4ffbe8d18ec9d6444c217de665

          SHA256

          15fa665275667acd1662cd6dda0befe0038d78e17e8c553e4bbee629df2d7fd1

          SHA512

          5e2100fea0996329d92def71b87cea8cd4a9ee856e1f6e6fd0dfff377a41a8c1119623d810900924eb0edeeccd3a2c9be7f77973bd2210ee19993f4e01247e14

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6c8de925cec0ff77cf3a7a770b00f2aa

          SHA1

          97ecf8148ebca194855d07443844c8fe107eee35

          SHA256

          fd769c79ad624a5e1aff5307acb3afcea7fb47777de425b52a7c63db259ed292

          SHA512

          3dbd68a8c6b7d50982390c7ef900c94d4c5a40169baad548bc4991ba2fe223f80612469048d91c545ae12794e67ddc3457a10256fc660ae6b16de7e959d4cd2f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ca7ad89aeeebd1d3ef830b2284041410

          SHA1

          8c242aa0bad72c5ec0c96dc6ab72c1b45588e9a9

          SHA256

          d339cc966713782cd7b54221348125e659ca751f8802d29e282ed351c5da4531

          SHA512

          852debd132b13661d3408fbf6d0f4b488ad00c3dabdf63496b3b96b68456e4d57771c36b57ee59005e6841a0f22bb3e6a45290e47050319fe0a320863b6b6a8c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          30c110fc6e5046be3d9350d431b3025c

          SHA1

          42b170e8da0d94ca0cf2bc3328743d42c020cc52

          SHA256

          d8d5206e763b4e17e01d6de6130e243dd0dea2dc3b47e8ce31bb67ed982d9c73

          SHA512

          f5a787e53f6aaf3c34942b1a0d8ff4692cdf5dd280439862bf602f573fb46510a8908fc03bbdf2dcdda6f1436d9910db4d2d7b01c8c67cae8002cdce803b9232

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a35ba13edbfec702b92fe759d773b6e5

          SHA1

          3c162ac2f687746d32182a5f9457575dccd66a7d

          SHA256

          c00132dffa66822e7595feb60e4c57e250c40a56ba74c7d58f71f0f424dcd794

          SHA512

          e1cc3d08828c1d2329be174f1428992ceb0870fad6a288d5d65ad7f6bf525f5df4f061347231858b0b9b8ac39c99f063ce0ff6b4e2f11938b95f5adbf304486a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          90eb36f7e11a917fa3e489e56e4a1ca9

          SHA1

          4a7f2f93c2e86001ca5d71a96e7b9915ef269be4

          SHA256

          e410ab2d6b44c6d367102275c003e3a9266ba86fc5f035bae1b3c1139598de76

          SHA512

          ee5bd49ba926c6829012b89c8b083220e81d21505675f6bfb4686c794ecfa4db946dc35443e12cd1a1828f326580076620199438b967ce5301e2be22d09ca6f6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7813ae096bbe235a558f25f4c7b43de0

          SHA1

          1b07ef551233cebd8e53b19291cb56bd503102b9

          SHA256

          319f6faff4fcf1bf9d7e5e6581f8919d3c3c5dc128c16beede4c986d98e016b4

          SHA512

          b42fbe076a4a260ff552b3607641ab2e7f92c406437caf483eb4d2d660e4fe41d478252cc7d6cd2c0178e932666f32587d95de3a41be84e8ebb829104ff7bfd2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7c92edd80d2244488d41fc2da9b41d40

          SHA1

          2ad2a5b99b130a9d3cc5d6b38688c8f5a546482c

          SHA256

          1ef2bdb9ec9e72e407947c378f40fa3466dc8df177c6249b482a6a6a981f4232

          SHA512

          77b69df1b86ac9f7621fb4d3bf74123032475260774e836fe80315729910c3917c347c6f7ebdac38e836cb4c9f3eba26fc53555654869cd9c7469b13985933cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          598d9133f8496c06e8733ec9f9ca0b37

          SHA1

          067daca6ca543688251fbfbf0e766d4a8a7381ee

          SHA256

          32bab912a33dc46cb925fb0df74d107e2b071f3f8294a6d54d9ad9a9304bd353

          SHA512

          5f55f29189277542911661ad66619997bb79fe05dc2cbb6d47b3d66a443012971e83618058bb01d9c57b5cfa817cf5269e01ed08635225142dcfd62be7f18710

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f7f9a217b9bb84505adc1b749334cba8

          SHA1

          6a2388f72e0627f179fd0e5976431c841b686c9b

          SHA256

          a5ff3e023eaacab59a0d7a45d5601f64385e93f9b495cbf22b106c57c926ed75

          SHA512

          b049132855751c4a3b99f03a427e9dc36ceb7bd497e37e30b247a10bf1d4ee810aea28bc40701f75a08738c964a5ebdcb9c02a4ea3e79951003c80f2b7732648

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          06ffdcc77e7ffbe9e6a62e1955c854d8

          SHA1

          9e142c77c5b713581eb3a1484c3ab7f186168195

          SHA256

          988e6aa0e0f71a12e7d3f53350796c7ad9ef04f00adcaa871eca85930691a471

          SHA512

          8bb8c0cb3e4a28be357a4849760b33538b18624f8a651f0a86c6aef7867e76fab18d2085e74f70b0b2fa7c35181fa5ae3e84c1b5c937ec9ca93eb1883c6eb9ca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4d390405fc462dd2164f85f14709f53b

          SHA1

          c3ba50607ce08ad46b74b0cbf744545ffda4b247

          SHA256

          f9147d1e555aeae09deb488fc900a817cd1814b87a5aa90f3849c648379062f9

          SHA512

          34d2003a99654a1d5b989fe168acb610579c419daedf2558810f4c9d5e727a8c40441a99192bc884f9fce0c50c96160a062f452db84c76f5d5b753e6bb33b9af

        • C:\Users\Admin\AppData\Local\Temp\Tar6917.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63