Analysis

  • max time kernel
    141s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-03-2024 11:48

General

  • Target

    b4a10d3916b621ad286f33b466c983b7.html

  • Size

    109KB

  • MD5

    b4a10d3916b621ad286f33b466c983b7

  • SHA1

    2f38778fcd0990988f894965b839150663b17ce1

  • SHA256

    5ed35091275ae6c272004c792e5cc41a6bcb2340c84c00de332336086107ed61

  • SHA512

    bb4e6138470994ea9ec5826312fed74e6e96096ab13c9e8f5c07d9e3d79e2a19f67307698c8e6b1f52d66f75e1d8ee29f5496ea71aeb7ba4ba3bda7b4ccc23e4

  • SSDEEP

    3072:qjC5aFf2aKlWN9SQY4ThzENHhTHS2uOjF:qjC5aFf2aKlWN9SQY4ThzErF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4a10d3916b621ad286f33b466c983b7.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2880 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2300

Network

    No results found
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    897 B
    7.7kB
    12
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    851 B
    7.7kB
    11
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    875 B
    7.7kB
    11
    13
No results found

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c4b59a0c4691fbd2b8f92bb2e63da6e2

    SHA1

    f8211908870742ba39374432bee27f96a0cfc305

    SHA256

    7dd878fb05b996aba5719718ffccb32d7a30031e3a91b37a0a0ff122b94add51

    SHA512

    e25b0fb8d85cf5aa62f000fb76da2786162e62f89d961beb11fe0906752bd2598c8505949bf93073631d20bec3388c66681ce7c13e64290ccbaad3434d453c40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c6774a203ca78ce7c712ec821240fe40

    SHA1

    cebdaa72bb35d728c7d6da8ba2a28bb1ec22e669

    SHA256

    0b81e6dd9f57fc4740838ed49bc1fe8cc2ad8c20e7f02bde7cdf961f0d589940

    SHA512

    9babaf9a47a3f875da66377653031a0dd0bd730112a295cfbe2bb037d2d07a7d1951f7c17e9c91759cca75bfc1bdc3f8066b6bb4c5d4533538ecc53ff3f00e07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eb8bf8dd5babc8d00cfa043ff4c7972c

    SHA1

    c0256e72684c651fdcc1b2a3ee324e1f43a2e362

    SHA256

    2b0352a6a5f2a3759f1693456bc4832ecea877d0a304e5913f36f179d544d751

    SHA512

    17735bd3a20ab6eaf330dbdce97ad7e7708f81b0263387d956a9511c1807fe8dfe34c1cf703c6a5398cc7239ada7edc63d9e47edde7eb97b8f63c42ea6fcce71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e30d5dd65214cc1e5efd34d905d5af5d

    SHA1

    65a8723a12bb425ae5134c1c2e0fa1a1d04127d2

    SHA256

    c3f93e78d15673b9adb0281fbcb1a2e98a73ac8e310b2c2070ea9010c4bba01e

    SHA512

    c17a7558774c50926010fa903574916664a70e11a8a63a54a1cdb7cbfa0a486907d07a57ab9af0e69b82d46088e8c3ea3d1fab71ba23cdb2e42e4264ae2c4b4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7d5e4c3755a87b510b9f8c8ec9184bf2

    SHA1

    2ddc480e745c550640fdff9ad7296d2adab0fb55

    SHA256

    843d3ea94e973ebf157fd8d982daebf3d2a3e80d907ff1a49d4d2bd3bb2fbec3

    SHA512

    1fffb105a7e76990fee8fc03aa6bd1f9f03333b43e8916a4d4eb05cbfe43d8a423e56eb7b2f35518dd11b1e4730d6552c82d52ab5eb44aa6799400e7afeaed1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    84b949a8dc402aeb7c961e219db19497

    SHA1

    e785734aa6a2ce2e34af8c99b3708246b9893b99

    SHA256

    241f8cf445d44002a6032ecdc4433ec95c8b0f305806d2364657b3d72f728474

    SHA512

    5e282ad9fe860db3c3338de1984a453f03744cbd10d646ab1dc0fccbf0d633b73ce598bbd8dee608b14bc9b66cfc16793e2054e1912cd19c9787849cd191ff2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cdd718b0f4b68663878971df426e1d12

    SHA1

    e4fc5d22d761047b2f1698ee57989a6b5f9360e5

    SHA256

    9e35452b1264b0d04f6001761e517a4dfd9fb186772ecdd1eebd8b242639ad07

    SHA512

    345d93d4beeac23ba06cbd513e0a0eede9cab7e2e7626eaa16a32a86537297c08cf86ec7e6ba342d25e63f60dbab4d9d0e3e157b53ac4379c0c0018d61c8229c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e795e78875f24dc27ccd7b15abc1a5f1

    SHA1

    a057d96127990968228df1c7d454fb3496342555

    SHA256

    5368ea6d464b49f32ca254471d0eb0e6692a15b5fcdcbee917adcdcdbf450685

    SHA512

    3b40b2d611fbfc08be3ef5eb31c5fb43f84ab9dd355568337f86edcd8bee2a1fcea887e7644801ca2cb98520e62d7915c4e91f42e2211f49b1b68c716f6093ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    604a376def2e549a46a7631ed375f88b

    SHA1

    cf01a10c74838cb843b638142185cd17ec0cc2b1

    SHA256

    cc29250ad91b97342f5d3398e170e5a55855a44bb32d03cc9b0d776131aef826

    SHA512

    2f07ae165a7297380ee216c6d133bd4a266506976256aac42d40c2f58b689efc38880871886f11c8ddc3c37bd5e4aedf366d7d2a778f7fbe38b4fb9f22b62109

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    664d80f751e37055ad0a8f539cfc6a6c

    SHA1

    23c5a9108a0937bf7ef1c71a1f2c90b665efc66f

    SHA256

    9111096305f61483215254b834e815bc3caa41f0fa919187b8128690b0d30f41

    SHA512

    ca61a3109a88790e523ca3295c7825c6b11b3ecb9d4cf602c9f28e217802628ce468511fc4b4be472f7085c364a1df32efe4980321015852ed63fea6aee3c733

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3d65e09090d50619ef88205e42b25aee

    SHA1

    4c6b262444d03fcb3c177350889a2aceb4748b8a

    SHA256

    1855d2c7f2c5910870fea2285008c6ce7321d932ff0271cdc5e659650c50fac1

    SHA512

    30f8e5cd6b3ac0855852325a901e1bbbe1cf61656c918b7039cce9120770d8ccbb4dd002cc4d4b66873683a2ff873af4b88f5883b5a7442188370ad39014775b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    be48fa889ed6ff548188de64dd3d699e

    SHA1

    5c56f3f006a20eca911d32a9ae9da23cebb300e1

    SHA256

    2cdc194b68c0442dc386ca3715900b79e07d26ce93a9174fa2ef50e8ecf8060d

    SHA512

    290bce970eb0ba9d2ec64fd3c3985904e268085c492cca6e5b9ecd774e8399ebdfeb27c240e1cbc9a8725dbde0f03de237d194dd2a7930401af2f27e8572a4bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e0248a18a9e9bebfed29289e334dd543

    SHA1

    8c00cd96c96ca5e5db706dd384150e9cf357c084

    SHA256

    27e807650525d36a9080526878198e58a24ef5e21b7b6daffb1bdd3454b9dc91

    SHA512

    96f1e8d2d669d158576d045c4be6bb28552d94ad500ffea4ebf9f2ba054dfc9a4227c9ec73398b3cac66d84c4cc19183ae15a99b6d43bb7109485919e78728f1

  • C:\Users\Admin\AppData\Local\Temp\Cab29D1.tmp

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\Local\Temp\Tar29E6.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.