Analysis

  • max time kernel
    146s
  • max time network
    157s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 04:58

General

  • Target

    MiniIE/CN_MiniIE_StartPage.htm

  • Size

    50KB

  • MD5

    3cb29fb9474675458535a4b8acdef90a

  • SHA1

    08c7c76dc87c4431f4d153534169e19b420523ca

  • SHA256

    9db6b000edd4944f61e5953d89670b2c6302180b18e89ef74522acfe5bacbf5a

  • SHA512

    284efea1681fbb48e956709b22d1d9ee74ed1d6f2af2ba28b586e11b7ff2858976dfc0fe45a0a4b181d4b3bfbb555ce7a88f129db6c91d9589c08bfcc94971c7

  • SSDEEP

    384:1Ncpsmf4fff+yunQLit64mfYdzdzGDdpniGw3ge+QxaltHy+6PhBk1YbRpLBgb2r:H2RAunQGDmfSwDdpVht8hJT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MiniIE\CN_MiniIE_StartPage.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a7126681c1e8ba1c6ab446295f866f3c

          SHA1

          c9bb6a335bf85c22d9b7a056ce5f57719da57320

          SHA256

          6b954e01fe6b7c15ab6395e69674af1ac541e0a1b6b9af44ec17351dea7968c8

          SHA512

          e464f39c065c9288291d7871fdf78ccb7409d06a1a7c8b4d6f53ef532123331ad430fb3a89a672e0a517b3926101bd4dabf988198c747b862a212df50fab70ac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7ef373433aba1de9c0bfd4b66332e3f6

          SHA1

          11c2bacdb7903f8ad7e4fe66e1b0f11c17a4503d

          SHA256

          4381a7be342f817b64f01d9c7da9d95ad3a85a0e4d0c9a59d29da55afc2ac769

          SHA512

          022dc3a11a0dfd6f3855f324f83c6c1ec9a0f82ed0e658357551202ed172c20083e03a09e185d6cb59838eb5045de2e6e765459ed3e04abf366e4bd4a8d33ddc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2853d65619cd03cd0448a72b44340935

          SHA1

          482faeccbdb0bdae526aa06dc5cbe6d2b6ce0166

          SHA256

          47dd0b8448d55f88fb7331038bb7e3c333115dc8ea14d1febe40c24d5bb9b7a3

          SHA512

          36ecd8b72aab0f90f7a3e54c9be822592963f8ce0ef8b4eba2e68472ac7826c43a47300ec560e88d773eac61cc0e9c31bc4123711aaafb4ccce3324f0e4a6de2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7df39083bfe059905c6ee33c4072d587

          SHA1

          d15fbcd9ec96f67ee21d1eb01b7dd8cfc4b237b0

          SHA256

          8c15f2d90012c76b8e54dab47aafe40f308ea3731f495f81246bb429bfe3f1b7

          SHA512

          cd6331d792d6841f13ef4f3fa22690b5221e8951d8549989c75899ac3a8004ff1387ae77c6a9ec75241fb0647dbb027c616a92bc30eab56ec5fc189f0afeccf7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8b5195166f6406977372c59ab9213e4f

          SHA1

          b439e867bbf5512817690c8ec5e913906249490f

          SHA256

          e83b5c3397bb3ef581cc883e081e6647e71c725a4043d55bfa701488b54cc6a9

          SHA512

          4c0913b718b3319f984427167b566e05ca4b6e4b4990de15afd59673538a3ae7cba532d6f454e9db0891e93cdd9e3b5019739128542d1ce216125ed5f4432ee7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d7bbf1403e57bb478a586bd79aea5e15

          SHA1

          a792e878713baf360f3a8a5d13af04cdfcc130bd

          SHA256

          cd01420a805d55c457e6b2c4e93ad153409687aece39b74af974d3a77a7dd162

          SHA512

          f739fe0aa7ed817fa42743f0d08a727b66b50c727787132fd2c5c90200303ff4c9479aa33ca871e8fdb10f344c90358bedb97f68aa9ccc67be82a0cba41d475f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3723a785e23d10fce991464cdfa88730

          SHA1

          34741caa98dcec0c5dd91d5bcc5a5cb0f2519d4e

          SHA256

          f6c39b37182af0909cc37e10e0cd7dac925a7ef0685008cbf444fbfd2db41142

          SHA512

          741da3134abac287e528b671cd96b4bf37b982ea474b2b5606ba10f6bf1c7e96f09c8fb34a80c0e91430736f024332f3d7c73a9b30f2790060f886cd5d0e6562

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          88da7b31f6cf1f9b9a7973c25e7632f3

          SHA1

          bee1c77c92aaa44f2cd4fe3a19673da356f49fe0

          SHA256

          18168821c22ca96180b2617a045dd042527fa0ff278db553a33bb6b8d9c1b549

          SHA512

          5a89d1b8dc7af1b91ce9e45bcd25fd14bb96e54d9ba33df3e83ad43ebae6b7690dcaac1c4c7ad9a4edcba829fc4c5a543e53219fd08bbf3a58fad64bd96a24e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          56fae3cd29aaeb5fa07dea1c31a8b92b

          SHA1

          64c6abff3f6fcac01fbf80abb97c2a2bdabe3b1f

          SHA256

          14e2fad946a5c82006d3f9140e09834d660d7496babf036b66431f9831d183e2

          SHA512

          a196ece612991bdca572f4d0cd07dc79f1e77ff8d9ae665462bf88bc1124d36b4f5a2b6e947d309e06596eac4bd32741e8f6c2b00c48e1ee85ec5ed328ff2378

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          edf3320c0497fe2f6d189641c3acd741

          SHA1

          bb415ecce92c15c8b1df0519f458786c5c46234e

          SHA256

          6927621dad3edc42dcc773e4ab7f77c6ee9bd17db1ee881752c0c56890c8eae4

          SHA512

          fb48139c11efda6f2776fbd75129bc0c99890a49d25f5583505d9465eede01f819df8c3fa9abb22e9189c0a4f5391f32463577266121c85dec26a19acc80ab20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0beb90d6e7e6b4b60860e86c0f751b6d

          SHA1

          2e3b60aef3195c0d79bf7cc844ffd0accff66f56

          SHA256

          2b75eb30cae88a8d96a483f5e29c3e103de2400219dd6a2e3bf15d837f869f49

          SHA512

          e80820955c68e1b161d4b15bb896b44999d1f463b846aef7d2a450c6242b077a9a9d810655725468654ac6f83814611111672dfcd6645d9b0349d0db9e98fbc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ed7c09253d4a6c1e3333c6949f31d12e

          SHA1

          f6114d9f9fe366f718c70ff5c95cc48e4e2ac479

          SHA256

          7fd8649dfa59b43df797bb842540cf003a09514ed94d08820eea9c869885b454

          SHA512

          4b56073e3af81f1187dbc8d04eac14afd28cefd21458ae964eed34e80fca160d3758cc7f77667dc7b20ceaf918a55cbbf9c52a32ad305c30fab63a277c1fbde1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5c63dcea929294a05360e60d0b55b980

          SHA1

          164f1a5703a2785c17145189a121c0f5c153571d

          SHA256

          a9e27b300a8942dde8705a76658f20d120672b3dd3e0aa8e89b0f1e86f9e79bc

          SHA512

          11bd184293865d3c360354990730ac73853ca5150c5d1672e741c54de82acbb488fbe8fed064eba8d08667137c1c36f858abaf2c87f5c2e53c4f31981e8dcca3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c0712eb6a615671d5bfa07139db9f135

          SHA1

          73c5406676f32551a69c50e1d58dfaddec6a7f92

          SHA256

          b298adb67777924271af307f8c831213bba8cedce93f41ff56f69c757364a63d

          SHA512

          3db57c0da0fe953050aeecbefa53b2b6633fb5d51bccf36228f41c5e3511ddda2181360be1d1b897f9855465bcc7e45ae91b00b8bb4ab5ff5ed25ec13b57ab0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c1c1b26a1ff42a8ea7d6dc94e87cc785

          SHA1

          ad4a5e2d9686c51aa747b09344edc6153683c7b5

          SHA256

          c9d464396caac0ccf0d9bc117be571d575ac16d623842dc4fba77ed303c64794

          SHA512

          af3f1725ba67a5eaa9ba4c823db4cd450af88efbd5e553260157fab7d86eee0799ac33180376848c921e4fd56c894220378a201fe24aed63f58d73d35c4b53fd

        • C:\Users\Admin\AppData\Local\Temp\Cab763B.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar7D26.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63