Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 04:58

General

  • Target

    MiniIE/CN_MiniIE_StartPage_Top.htm

  • Size

    1KB

  • MD5

    94c19be339ce2bc3587d0d23281cfc11

  • SHA1

    899e95cf4acbae170065d6ca03bf6c70cf842991

  • SHA256

    5b0673a9d4881e87f52a9b8c03c6e87dafabb992ddec836d2135777037e3f3c5

  • SHA512

    62b30c18ffd2839fc6ee6ee8c64120d15acc521d37386b4b0a26f29dc4ca43875c480ea7d0b4385c99f50113263583965a37d02f489738f7ec32d491f82f8e2a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MiniIE\CN_MiniIE_StartPage_Top.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          15364c2a5dd9c481139bf62204a8d7e0

          SHA1

          617e269cb4f97ecff223e1b53b055e94fbcff7c1

          SHA256

          f6a8c3026b1ad236a10f071889968448fcdc6eafcea3cf213cbbee31eac523ca

          SHA512

          22992334436a77b55eabafc006db92dda6768d185b84aad5a444bbc4e22740dfcb8ebac879a84ce7a3889edf9c63c939cbb5514a93c91f785ab230c5ec23cfa5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          21f948478d1170a18336af3ca07a5483

          SHA1

          1e0e393dd07fd74e93f80f1676dafff41a6e5af0

          SHA256

          bf5a8ded4f36f910439583c00dff45005d856e9f2d2aaca88c616f69a2ac2423

          SHA512

          79a2b6f72054fb1b74b7e3f8b9d47aa0b2f08e570d61624b857ef96602611cc79f1aa1d0eb6f7e50fa0aa4b9dd670d0676ed7e660907c58b7eecdbf12084e24f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1a7546160348ffe0309b43fc1caad3d3

          SHA1

          aefdde01cdd81631c7dc65e5dc85c770baa948d8

          SHA256

          dbe34e154d33e9976ae47dc34ca3dd1f648843da02e781580c839bee99bf8993

          SHA512

          6754a7d8c92213c732e08830330762507253853bcf477c831ba2d07689520f887953c89a3c6cbc8fa80884bba3b5709792c20077f372abae2b33c08dbf0b3c0d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          febec0155cea67a28b3b1e65e57e0abd

          SHA1

          8f5b27476086690220a5b85b17537463deae230e

          SHA256

          077cac8c7ba13dcbb26dd98afd3eafef214c76ac7f3933aa6a8ede6278c046f0

          SHA512

          adaac45c32ca75bbba27302ee07161602e2bf6306eeac8d8f8d976dfe91f51c3d34a7f756c3e4960ea35bb50eba16d3e94163aa80d0203c4d45f5ce4356ca734

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3e5dd4997e8445e029fef59b3c90a204

          SHA1

          e1a474e1e8145b0d3b5b1b596a6ca6967adba0dc

          SHA256

          98c4bfa536d7391eb5a1630981fee20dee5c961a567bb42be8995a2c5edaae9b

          SHA512

          140f6c73373f026a13eb0bf2cd42c87ce610ce806566a1a0426426e3701baff3e25c00f9c381d6eed61b1a707a9fdb7400daaff1cad8246162d6ce78dcc06cff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ca3a91d8ea5435cbda72df0e89027d77

          SHA1

          bb7f9d43a91573e3ffdd1172508913235dbafbf8

          SHA256

          e87fbf06c2df623b0f4117b1016bb1a6283b809ef563732061931886cea2bd7d

          SHA512

          69c89daf7bc218a4ac90fdedf2e9a7536814d9bff9c79c9a3ec23dd8e02df9e1e1d731b0c27a47d7be71b49a3344bbd025078151cc80a581e5581c5fada87ec4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          69e917b4c43fee249e1b74b258454cae

          SHA1

          02536024467a3a61ab5ccf57717a5dbc87e4656c

          SHA256

          22ff1116b09434e88fa0156eacc8007e5cb660cf9841fa0e6181c097c9b213bb

          SHA512

          b29fc2f76f7f1cf4c8132c91845b7d258f8494ef80973913b149cc5ca43e669788c80c7e20e1b1ba58923a2043bf9b50cec863277fcfbfb38282b2211cc31cc2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          05997dda6fb16e736de779a70d256fa4

          SHA1

          9eb3ecf7007e0bc66236a17b5db7dbc5038462d2

          SHA256

          ee79a40116de2b2f8122b1cdfbc9f094227db38e647f79dd8316dc1d77fb49d2

          SHA512

          1cd9a9eab670a7593e7b2c2de2ab601d20aec6d9cab78f6e4be2b8162620d631dc78f1f0fcaca5c8bf6eedaba8096eb3f45e90007cb180f82c9d82b46533bfd6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          45deedde2344d6aa29c0c889e9e8a2ee

          SHA1

          a53b781704fd72472cfc161191431e7b99b7545f

          SHA256

          0ea8a3b09e53641938b81c8e52909c17fa83bbbdaa55810abe5c20cf917d6baa

          SHA512

          f072ec4dc0d91a55635f0caffa111ba31e6ebed5d64ed66c8c0e7920de15e340d087668dc0e4688436b572d9ad6751a4edfab0471756d3866f8f44409ec3ecde

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c74e579a1b954496fe9266749ae0bd50

          SHA1

          40452afce44fd2b79b5533f1597dfce35d95e18d

          SHA256

          2ea1654ad57ab28588a9604786a3f84badc4f16bba108fe5321a9d55b7cffca6

          SHA512

          e468675086447716aff85cb818736e0fa71bc970b329514ef9b8ce379a1aa45791bc753659f7e97581352ecc5dcf089ac102c723128ae69036383c48c3cd9fdc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4c6b4f3e86b82a4e4443b35dceb7c964

          SHA1

          ff0ffb8469a23dbfa242804495cce4bc2115edbd

          SHA256

          da65a702ec692f879c6f8f285991144a9eca9633d36518cdd90614515649cac9

          SHA512

          156a67b83faa1535e5572d5e36cedc33ed1327f3d7e38f7e94c6b4232baf58c7e1e289d86b0f16e712c1f7d50fe488d7cae1bfcffbec03c92c7490890fa0c318

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          28afaa5ce039fdf3cab1de458da43aa8

          SHA1

          d0b7f4e46826cde194b4fb05e4a922da6ff2bfb6

          SHA256

          cc0977f5d7052a6f39f39a503b68e04d0fb785c582ba750b40fda06e53a442dc

          SHA512

          6d86c57c248bc2c9bb64115095fd96a96c7fa500ca8e65fcf8b6276fc39ed90b2e0539d89b096b60e671e522407b0ae82f148c11e818b7ecad438f8137ee31d2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          76b7b10d495f6304cd6229c26ff897f4

          SHA1

          d9baebfe2c4fabc8313b208c3f59cc726aa87041

          SHA256

          c24111782d1bb824c64c13d08409dc3b5f089e852660c5219d221c09ecc3cb4b

          SHA512

          5f91bc7f9fe9f905f12bfe9fad1153393db17187ef3e02efd001cbacd79087512a9377001c8af8a6c77efac2f47efca4b99c20b373bff882c83a2278dab24a03

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          411fe8fc59e165276c9d0e80e5d9b43b

          SHA1

          53bc6f36176764142649c14b53761e6f07f32049

          SHA256

          c6c6ddd25d5af0203544dc438d4958fe71d90ed7858e184385d91035661dec84

          SHA512

          5f022a4781cc8f7df0855c441a4ea111bfc80fcb51ebd5f527631e3351198ad71cc11fab07300e9fa49158855769e0233ff3de5a1eb38b5b4c03064b746137bd

        • C:\Users\Admin\AppData\Local\Temp\Cab80D4.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab8212.tmp

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\Local\Temp\Tar8225.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63