Analysis

  • max time kernel
    143s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06-03-2024 13:07

General

  • Target

    b778fc884879f08c5708576bbc8cbab3.html

  • Size

    153KB

  • MD5

    b778fc884879f08c5708576bbc8cbab3

  • SHA1

    98371d41ad0c87f793d8872a5dec6e23b09b4fd5

  • SHA256

    a53b5d3ba622ce3d11e85243d3b0ec964fe638757ce4dbd2c27b09d51585999f

  • SHA512

    5f1d94d3cbe76871cbecd3a67974b2622423ae22979e8c91f0a928c47946e186ddb5475b02fc742a6af45f3d9750ebc7abe617e48cb31c311d613503983e180a

  • SSDEEP

    3072:EF5SR3Bsza5krCO0/V/8rnOL55ShutTy8mMsHuHw38fU7ienQpfQLPya+KIstwi+:wg75krCO0/V/8rnOL55ShutTTo38fU7O

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b778fc884879f08c5708576bbc8cbab3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    d5cea71e2b749fda4e7731fcace412bd

    SHA1

    8dfb81b04927d879200e609c36eebb3a520c90b8

    SHA256

    d6dee3b356ac2f4b0573eb7562599ac4b86d1a862064067752cc0a23d2e444e4

    SHA512

    02f846f07f9edcf08b287d4413fdbc1a6c057f688c5c4f6388ab39ea638fcf1ce7b7321b58d33827ef29c7f9101738d64746bc47c559947398a12a9f7ec1c6bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    b102514578db663ef62068020c0b1094

    SHA1

    2b499be2e50a7e0ee3ea0d7a5430b7abba2695c3

    SHA256

    f93886a0caae18cad46e5cc1dda981763860a1370af593a2dcf849baeab0b8a0

    SHA512

    208b553ea7370a0e17b4de33bf80839563973dfd3d6243fd42cb9092f4fb10887e39a1560fc6857ac805b55acd3e8f2b7b506346909132ebb90661c2f5e3d57a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    33a290c3726f32e388a503dbb12948aa

    SHA1

    20d9c1dc36dcb99f0aa0e66e5921ffd29fcac9b9

    SHA256

    d3bf52e8c06316590a6b3a3bf57c65c446cf25cd471a526bcc5a3b85a0c8abc4

    SHA512

    bb5deb182053aff769463eab1c180ac94c7d332ddef939fbcb3cb6cc3d01b8526981f703f2387a88bf966dc0fd875efa677eaa864b877e83eea908c1f34e4bac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cba4ced37b58c971e2462bf2d4e6b072

    SHA1

    56c49b309beab05d0d420db856708ce92e612594

    SHA256

    0ee9c50b63cb62666ad4b59dd684bf2451da9093ebf20ceb7caad1792feb4ff6

    SHA512

    49ce96e46cef3a89ddc6eaf750e3f275cfef5f27336fffb6ea6595b7daaab04b437904f275ff665dfba50bade9ba0231f5d5b12f6864da19e7d06ca9e7de373e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2464e02e86c5a93065c096c356e84ab7

    SHA1

    899e418a0c786cb0c72e4e88a35b11a21f514dd6

    SHA256

    ebc91dbe378917b1dabc9896dccec94433324d1c9a15565a7ec93f990a61ea13

    SHA512

    aa13e9d4fa220e3fabea0df9d62a664314548b4bc20a9479756930062a94b5dc457c5b5b78693b15fcc642ba0f71cd20929f03fc417d2e7b385980a23855fdb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    44b9c44d232f538be9fc819894f0fc94

    SHA1

    104eae17dea2aa229c2ef7d20a06f8836b4f1576

    SHA256

    44f4057213500d0a6eb61a127c20629db27da268e29c0ac85719a85ed2ccc24e

    SHA512

    d2e5f35f8f3579ab1c942c170ce6831552834294f7505fa70c7eda080fa06a5f8f80297b36e01291d504fe6a5f9566858a7bfb7f7f33761c3984a0ca659a195f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f9367f255fcb76cb8290907e2960813c

    SHA1

    e4489c0b625ba8702784d1cfb4512b1462e455da

    SHA256

    68512b1c7086b0151ae65f68b735bb552f035b734b9c9b97b11c2d5db418df6e

    SHA512

    1ce05605750d162908003c3617c1270248f22d4758c28c722db8979462cebdbe65e8fb6763b059626f0baf9d317073602e579ead26dbaa7033e55cd75e7c5eb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a5904172c29011da2508740e5da80a09

    SHA1

    02a5fb0282f21bb0bda8f830c2e58ee18a864226

    SHA256

    54432b5e86f5fafdc7aca63ae32ddd9649ec9890322c39244180b9a2ea7e90f4

    SHA512

    a02b7f3ab29f022a5c5525e71adf3c8922646e5a58158e1ae17059903f36c6a4e6fdad8f244f550ec94c23ae9d1abd9bc5ff1699a2a7fa22393af6a608787b5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c198349acfafa410933f5deacb572e8d

    SHA1

    53a7b91a5892a77e2e4e350d660e0fcee09f8d25

    SHA256

    0405d90dc13ac7ad50e56a0453098ac07957d185041f8bb5ae4d00239ccdd425

    SHA512

    1ba9eaa55e65e5b0a39740b4d1342fe0e6bbf0271724917a37aece975d60ca3cb5d878bbf2b7c7ff02b69b4ebc2868a12d8adf3688870656bc1b30577c70ac9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    37b25787961766120f7f3bb2c0537690

    SHA1

    56be5fa3fc80101b20a4081ec71afc6ec9e2ca0d

    SHA256

    5f288cc22582b5b16cd6ab58289824d8bacc7db56d0788af8e152e8da48485b3

    SHA512

    6f9967b45410d27ca3a5acb7be840cff996ff61f15f2e408557cbd1b113dbf2f289602d09bde7c018e0c4ec7a54b4c2cfe4d088ed2252b07ab709714e2c7a790

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ffc9eb8c9859d466ce6dd152f5b3228

    SHA1

    d412320c55318843283cf2221a0e415fe17b7aee

    SHA256

    6fdd6195f38f5289ba6fc51a94351be4b3049bf21cfe77bc50eafb7fe010f9aa

    SHA512

    f8684dd48e2d869f120980154e31f44bc0fe56e5a236e13bd02f8798be257cd6444942a043635f1c3c8f3015ac198d84a10e8dbd3d6913129ef0b88ce4eca29f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ad78892c9e9e73e56cfb54688d6cd36

    SHA1

    486ef86c2c093ca5c7f2a7a286153f51dc26c2c1

    SHA256

    e6228725ae2a99affd647e129286292343cdeec8c2e87318be7d66bd9b60c59b

    SHA512

    2031a6ea012b21e7588ba0b9b22b6b95b160512ad72fe5b25c0957b2c2ed30df32e35e7a63683bba9344fe3f782bf3ea11d9b3099e437c3d2e72e06269c539c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c1f43ac01d039019a0eee6640cf4511f

    SHA1

    f807db2b9588438700870b0f806a6b532d944fbc

    SHA256

    cb922d11a28cd02f0919caa18575f3fd8d4f2acf00155311a5335436893c3e23

    SHA512

    c7ca63f7101ec52ec6bc7160304ddbdf4f57581505eba1f2b5a5acc40cedc29a76ecd19cc4e865f51ba27f836d28c90973c0a9e111cba7f4dec62e4809c10c39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f4aaeab530be6463a51b4994337fefeb

    SHA1

    e3597cdfa06d480533a848419dbaa30597bdeda7

    SHA256

    6c771751e53b812f2b553aaf6fc7500a854eda0665e7ea088a51b050e36620b6

    SHA512

    cc0d19bf2ada7cc16d3bd968482e494a20213100b5298a8188e71bd08333d6dc238bf0739d134bcf919987892abd64e2ef376b270ab9f997518e39396d35da2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1dfbfe3e2f0c66dc8242f9add9b00431

    SHA1

    ab4baf03ff01d8d2b0c5abd182d613f370723dc7

    SHA256

    7e8047f3503da363969088e2ce1029edfb521fc6c7577d841e804d60dc321a1d

    SHA512

    26109c5ba9acd74b5e96313d1ddd2759c9bcdecb2732a39792bf6d0d6e1e06921fbe0e2444439aacac2d69c927f91c22985431a0a68bc85a13e4d887dd1773ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    56e314a867d66c5ae5cef63c98411355

    SHA1

    781fa0399fe8dac2a46cf2fb881ed1393029cc74

    SHA256

    f02b577473818e3e87c251e07614f9034bd70a2ec7d3bfa4d77d16260f08eb26

    SHA512

    25f95281ee57f97d93b7df8f403ac5c81a16334c81bc79142d95eabced905bf3375c6e557f5dacd61e83464f8fc7f38019dd04809717baf3407218c991e1a21e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff1da6f0bfe9d4ea24fdca2073da14e9

    SHA1

    3d7ee2c43eeb9cdaaaef356303aa1be3062e96bb

    SHA256

    e4b00e890ec11e28c224138ab2434925cae5802ae8dd809cf9bfc01dad0722db

    SHA512

    1c5c4fd03dbdf2529c8758353c648188ab8c595203c488a4ffb6ed13889ae23bde45ad13a2e1189e62bbaa9e906c3c4e6d31a3e8ef87c760382b509150253dc3

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFFQJ7AH\G8JAVP11.js

    Filesize

    157B

    MD5

    67e216a27dda24bdcb086c2385b0cb99

    SHA1

    17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

    SHA256

    9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

    SHA512

    802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PU2MMJX7\platform_gapi.iframes.style.common[1].js

    Filesize

    56KB

    MD5

    bf78e91c4b8c660626008446d6d30703

    SHA1

    db09dae5dda987e24027a540e47650cb970e31bf

    SHA256

    f554260f317f497231227b9def0144f0bf370ae71cdd7a54ac60d0ae1a56e096

    SHA512

    15cf262865ed7a9aee617939501430586460eea04599e7c09f5b223ecbebf454450e9e6ba93b81e6e1a35b1039d0e80039bd4d4c768dc72ae5e3bb3ca1f70fdf

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PU2MMJX7\rpc_shindig_random[1].js

    Filesize

    17KB

    MD5

    67d30bd5193f15ae8ee6128538edd798

    SHA1

    ab010651bb8f61f38d2659fd9d4026c192208a84

    SHA256

    09308ada60e95c434dee4dd6e8dd7a4f0800bd446a770fd2aa915dc178ec7de3

    SHA512

    1af993b336babcaf70031d8a1e416ec698a84c49ad7454ecd6d87d2c64577536c0c85460c90bd9c07bfb7404acd52fcd8efdf5be96244ae58df7a6b031e11d21

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZ2A9SGY\1005847222-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    fc4f777baf3abc58239cbc8efe48c659

    SHA1

    32a32fb5bf485fa53a8256d24db6460e8eb1ccef

    SHA256

    fd632e2d64132d33c6becc1c4f1d35b828eddac1bf48c4cdfb326b53b161885f

    SHA512

    d223db5d31692f3f5289d6a8999aff916ffe12e16b5f4baf69716f31423de520c1056966152c906d34f8ba0f27cafa529dbaf0e0e503fff03d30bf656ce4b6d3

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZ2A9SGY\cb=gapi[3].js

    Filesize

    133KB

    MD5

    c8be3350843695958a33474aeb3ea8f1

    SHA1

    ad92694d9b189ee479c1be438636e39247b216af

    SHA256

    22494eb4f5fc2ef8c229b9df2e171990687e4837282655145cca0fa302af1278

    SHA512

    54ba5d4076fe9fe4c4ac22f45cd7d2ebb4e8027d8b8f82580436dccbcd60fa2adbb948ff1234d9912c663bf1fb33ac834007850f5a3f2abfb96a7a4feb110bc8

  • C:\Users\Admin\AppData\Local\Temp\Cab4829.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab48F8.tmp

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\Local\Temp\Tar483C.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar491C.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63