Analysis

  • max time kernel
    145s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 04:58

General

  • Target

    MiniIE/CN_MiniIE_Search.htm

  • Size

    119B

  • MD5

    686a04765055e807efbb732e324c448e

  • SHA1

    c3f85e075f9360ca2b6b23b2601b9cff14b3058d

  • SHA256

    463b22a78efedc8cfae18b5a1b57d767a93b9ab393aaf0535fac9aabcc50e6e4

  • SHA512

    6d5491c4ef9f5531c80ac922b56dccda595cadf41e29fd7ac1b6b191d72879a5e39782ac45f6ee68c2ec281aa2f3bdcc73bd41b4c5c42e017d165a525780e185

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MiniIE\CN_MiniIE_Search.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2484 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1924

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f4d921d4293338a1ca2ff53d002f0c20

          SHA1

          36cf0868d34f1a99916cb23f87288f94938d4875

          SHA256

          d93fe18b14bbd8fac9e71ddb1dcbaeb68ea0ef5992e80842ca50ff5e7f447134

          SHA512

          1905c7e021a042ab17412ecc75a95b0e5b07b1efcaf46237bda3e093f419038fffd13a4d9b325ef39287973004bd09a557a323ac1b94b28d5780a9dfbd14bedf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c1e4a5ce66d96236ab341fccaa63b766

          SHA1

          a38132265f936d1252b5dd5cbbbd1a5551dd6d7d

          SHA256

          55b85856c1934c49908d70f9df0c299b493f97604256e08cd49e02be22644868

          SHA512

          1ae630d12b09f4486a15dcc499fb39098a0455aaf96af62c530bf20c483bb4b2659897d4d6b547ddbf1c1ba6c5dadb67435a0760402adc1342adad3d37fde346

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fd5a9cdaa22007862b1022344e98a741

          SHA1

          a85bbc8abd6a5c2e94c31bc910c2e63f69de155f

          SHA256

          30e92973b1a67f22a92581c57490df5ab52ee3fab3cdbbb782e367a0fc9e4579

          SHA512

          6f26d7662cd39397088898c0f53a0c752834b5937eeaec39aa8f38537544ddaffa6e752d2202979eaf9b246404f55d40731e2016916c35ceea6d39621e47077a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          509cbc6df953655d0a7e9c6578468f0a

          SHA1

          79bbd231bd4624b4f38920d3b40a43fb98ae3222

          SHA256

          f4a672e6a03c65cadca858f41b28cce6e02d4b4397ea078af089bd6fc9482fda

          SHA512

          f28c1aad57a75979ed2d86f648b3dce78386f895c86e5fc7e73d126ae81dcee6ee1f0c497af811e643670eae48bfbf9afb125f925e5bcaf1bdfd4bcf12bfd611

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4861eeaf87791e8527ebba1b4c114827

          SHA1

          edea2a88b61f3145dc4b022d463e7988c1c8fa37

          SHA256

          83b34b1d329a68bae1485af9a6eb8d8c31957d3952df14cc541a0ab95ad4f84b

          SHA512

          5d939543dec92490a45e2f0132eff6684910956c19a412c2f9918f34f660cecf788566851c3366c278cf5b5f7a9fb59a7070992727a1c7913d86bbb6e4afe82e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          906729ae56a6fec6e71bcd0051276a6e

          SHA1

          d0f987f1e4fbb221ef564b9a129d707e966a49e7

          SHA256

          fee9ec01a750fa348032bee0d72294fcf988b2d9aba992a3d819e4a43f60670d

          SHA512

          4d392626152a7baf7d605038529952c4d8955f225905b63e6ac267913e80aedcff608b4f5373c56c983abaa1c14de02dbc44b28b57d9797f82fdcdc391aeeccf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e150ed2c2854f9337fba03f1fb071f18

          SHA1

          7bbb23a0bde47f6c5643f2c4398623d2b26c6263

          SHA256

          48d51f7970f941782fb393eb49adcc95c7c15c02966a306b47397cb04933a013

          SHA512

          be6fdd926de32f76bd32f467208a4f6b92849b2033eb7a9546ac0c651e1d86229547536b7d6addf59a96f8031dd1cca524a1089b086554b6edf42c1d416ff3e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          45c73e77a7470f1a39e7e9f18a8455e7

          SHA1

          68a276e2c13d9587a6dd900da6b92be5047323c2

          SHA256

          56032b06e50acf4dc457f0f98baeb7724d545dce162bec86dbc2a509bc8cba9a

          SHA512

          8442d6ef7b93ca296eff893bd296d629ed8c2c17f7b65789e86a159b7779cec81b0bd5513f3f7cdbc5b0d62064c6115ec2465e7cbf3ec257508e16c8c903ae9e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          70f1cac11241e905e3e93e58428085d1

          SHA1

          304d36fbb3328f8745164c60d741e86afff7768b

          SHA256

          f0df80b0710abd00c6c64cabc60a0890665bed44186a885555214f2fb939e86b

          SHA512

          dead253b527bc6a74affdb26747e377eb16916eaf53a589eca79396d92a9422a6c553e2bfdf3d804de0774df98a8335255355eec667335c7ff5cc695dd92049e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          749f48620166d6df12844a08dbd3e660

          SHA1

          84778ff5ca43aec9957a951e66f2d56a8f676b7d

          SHA256

          9c56dee62d3d8591fb92e3019cf9d4d50c49752b029430144289e4f5b13965bc

          SHA512

          6509c74ed69f9dc64f01996bdc7dd5742960f35384e6adc2565f354200c8941d224d0745c6f0d95c3ff090a1ead4fa12b0e3b7c7ff680752536d8557ce96c8f2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0137e37327ecd58996d7176345fa60ec

          SHA1

          cc0dcafe9aa612d726e95ebd014cc73ec2e2e4ae

          SHA256

          7e1a11981783314656bec2d4c83e5d0e2c02b00a69f344f8c7bf2bcc3e7a46cf

          SHA512

          edd846f0e20f875d6cc9fcd18284a0d52ccfeb29654c8cede5e28a8cd84c7832a6018accaf279f9259fa38737edf04ec819ef7462aa20b9f57e711c6206e254f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8e6e8f51c76c7a40003d3725274ed176

          SHA1

          31e35a9cd1bf54c1809b81e6718680d8a96c78c4

          SHA256

          9ba7bdc40d7479667a62265f3e760bdfe4b4cb527ccafd9409282db9733ed5a4

          SHA512

          aa745a26a97f5170302324fe8f8e945d16e107d0f37b4b6273fbfefd2a6706faf5bb21362503a3b197d2666c580669f5fc4ded8933bacb88c40392d4b9a7ff27

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b45534a957bcda1f3b72e62953259987

          SHA1

          10b04643646009307ff724b22b8ed4599926bc38

          SHA256

          0e53e96abc7973f0273c495493485f63fafd02d8194552767812a7efa0dac796

          SHA512

          faa9f53c67241026d57e396fc1d34c66a3bfcf36bc0c384622df9f98d1aa8198ff55b7240670b428ed51893d16b55890eba9867010801b773b005b76d5f983a9

        • C:\Users\Admin\AppData\Local\Temp\CabA537.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\CabA70E.tmp

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\Local\Temp\TarA761.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63