Analysis

  • max time kernel
    141s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 04:58

General

  • Target

    MiniIE/CN_MiniIE_StartPage_Bot.htm

  • Size

    182B

  • MD5

    02190fa64f6affaa9324d0c90651e816

  • SHA1

    a87432a16c1a71c00e75f34d9a74dd126dd5d505

  • SHA256

    45c88a9ef5d95b34f96489cb13248e558288d8653bf35abfc4c1435b4c6ed43f

  • SHA512

    2c600c2d08a4a240ee09807369ba4cb4d645fb9d5f9afdd37b4ea6b743f6c33b078b99748b708810f6c02ea6407253fd7b599e8d9ad52098a77636f8d4193748

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MiniIE\CN_MiniIE_StartPage_Bot.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2108 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2892

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9cc678b711fcae3760adf4b6a7091f5c

          SHA1

          35dd40a49b4672d18f98ad150427c5f964380c1f

          SHA256

          745bf09852993baf2fe163e4fb726c25462e15b64f5c8000e54c08d63e694c8a

          SHA512

          f325fa4e149d071fc4acd3c691117c9ad12c398d243da8fa970133ad4f9bfa453fe108cf3f0416141d8b3cfc29860fa69d7b828cadc9cda919ed3e4ac775e4da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          279337fef6d86d16778d343409aafabb

          SHA1

          13769ae63ff139357fcd19b0970571c04007e91e

          SHA256

          6fbf0467dbe7041405b2ec739d0999c8f8d267208b5c348f74ffd9018f8e187b

          SHA512

          619e818f99fbcb0539ca0ccfbb1d64de7c214583d2b65cf9bcaf771c17cd21f429c3a9af0954aac678ff00221a9d93c78999fce92530c05874714c1f01ae109c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f752a0cf5f8f9f4dac43ae35d12bf1b0

          SHA1

          f27665f2ff8d15bee67be379126a8dedafdb541a

          SHA256

          777fded2389b0902421643224888234cd7d2d42071721b56a4f6e0594b0d167c

          SHA512

          9541af6c30bdd40fb6b4263e86009da8c1e7ee12427fc4aa164986e64ea15c4d145c65e3b9dcc0051723baeb8e5b33735b489359784c109e688979da2e20f337

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          27f178fdae6372d2c6b8158ee1dbe4b3

          SHA1

          35c81882a1634314df814699c1dfd7ef8c65cf73

          SHA256

          1297230afb738c6704b933a436810a2efec95483eab25725af44f5f6bc243579

          SHA512

          00ec73a66c20b1c492b64d4cdb5f9ec8a847e46dbbc5e7bc7c4c5cf5d84bd9430877a154a03d2e9c38e3a008c410704bc11587a36871a0ca5e217dd39af3893d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          73a9762a6f681ad0e2b1c5d80eae6248

          SHA1

          755fc184e8c2588bf5a75b4c1163f76fc3344b7e

          SHA256

          707ca30078af9549ed2d142a92aae7e6a2a59b7075e310bf4953f4f3996a1089

          SHA512

          54c47a9a8e04f02bdff3b4a950bc67d58b0154482670f4826be98f9c4ee0552edd81edf9555129181c9c213fc662e2ce817d9da0f1e2f48c5efc24e2aa15a0ac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c2d1995c7a2892fa0657b91f1815d9f9

          SHA1

          697edfdf3171db1daf8369f4c8e51f486259dbab

          SHA256

          ab2d3fb6ea7bf57d3ea58b3b24075757aa025e44b5fb397d53ef20825e96d41c

          SHA512

          42edfe4e14d0f54e04886b0457c9bbaa0ba0b6f540fb1c9b2d9669e0d4d5607eb5f2baf2f07724ae7816f10d6c1afd9dcbdbca0546282358b180890d1f303e38

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3cb2743177d16d83275217eb156261b8

          SHA1

          417becad14479d996aca3e80c9e5e48e6da62b81

          SHA256

          cc155e4e1dc8467a34ed881ccf6dca950205888012c52b343f0383821f1291a0

          SHA512

          234a56b01964413b3d6a35602c01e6bada9d6fcaa102368b7de224a5be9a2c5f0a45059eaf696ab520adc9d9883b4870a28d58dff512bcae99b15e24173e1078

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          22db1d7fca131cd0eafb2d1586766d59

          SHA1

          9aaba78d675d88ee6d45a04b0493b7e808402694

          SHA256

          81993cc0d477530631c5667b481d776479e44d22113810abcb6067d95f7c9a14

          SHA512

          caf42ad34320c84da6cf49e6033a007df8e297f1c216e736825ca88b22f45ef4538e487e522a2fa5a08501053a20ec420434c96ed894a80c49cb18579f5d68f9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          634e402000d4fb52db37ca5f7e1981af

          SHA1

          0cd301503d2f976b58280c2b7c2694bae48055e9

          SHA256

          29d714cdb3138a205690169390d30df13901e83272a596bfcacffc4fb11fe698

          SHA512

          126276a6f79e8458585b5498dc153fc69d78dcac8f0170bb8e041ac3a7d063edc82ebc7c5279d1cc4cfd65e69d188f2adb042914d9f0df200c61f255a3fd4786

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6b33ba2bdb0be4004aa6aedb2fa73db6

          SHA1

          12488c8c3408cf001808baaeac02b1957be2dd2c

          SHA256

          05ae3465afd38156ea3d8a3872a468a407f94a60f2d02d857931675679cadbea

          SHA512

          229035212ff68487aab221f761e66b98f7e326621763cd95ad161c3d3f8848a142bf25ed9956e29a80667c3f20353d806aecc2fc1431b8e0554d783472a8d49c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6f658a0154a143f1e32087f2fa32e111

          SHA1

          3abf21b3c84b7dec0b459d6378b892d5c049a841

          SHA256

          7ec746f54480622d3760a5aea85eb70b82342c154c84b6f0f0972c9c8648971f

          SHA512

          485403b5acf50b29640d026e379760dd30843fd02b92b4e66ba4348e8c6a2e6941871d178811b13c644070b015919a42cb0ed0d38528f59c15bba07e9b8459bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e3a40d4e61856a7c5c28f0480cab2033

          SHA1

          d20c61b8c58e316a02c78d048d212664d643457e

          SHA256

          03adef8914dc31a360acc3d8eb5c34cdfc91d43432c3cc70fe58c1f0185c9a31

          SHA512

          567ccafe013c72d3aa8b5ed9e6bfd9c6bc75ab170ee4392dd6f60b7f8f64368691408ddfdcd3a14bdb4a3226ee55babcffe753d1a16223ed784037ad59f8d5c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fc6e9f488f104e576b4b3dc763c0a87a

          SHA1

          f02bfac6989d1e59e907096da5ffee3f91c782e3

          SHA256

          1bf8b5d7dc202eab57954c96f6f709547be163b8f718c2b78182bb424be9add6

          SHA512

          1a583bf95cc2ebf43301db64884ee4a20d3b166317e95bd8d5d1c16fedc8aca9be30fd47eb067c899663c821f5fbe9bcf99c3de8617eff894974713b7b8b9a70

        • C:\Users\Admin\AppData\Local\Temp\Cab6B06.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar6F7F.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63