Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-03-2024 13:34

General

  • Target

    b8da6afcb45f23461c33b01c5f1a8170.html

  • Size

    984B

  • MD5

    b8da6afcb45f23461c33b01c5f1a8170

  • SHA1

    417c79f875a4f4ef0cdb9b0d99732d822bbc631f

  • SHA256

    00c49c9cf9ad57d8a75c230f956d31ded540c480f549100426afbf8dff47efbb

  • SHA512

    e5f1e8e6a4fc052ddedf42bf801ce4846e3b575d5aa202f916ba9b46e927e9b7bc10cd11765afd4306c69daa2787b090d2ae1ae04716c8342f753f7a7ec5995f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b8da6afcb45f23461c33b01c5f1a8170.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2004 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2308

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b5224ae5cf1535c645ab1ce2d00d3ee4

    SHA1

    ff4d1406adeaa06f26b38cb13c89db412f88225b

    SHA256

    e3dc859a45433d53099d820ee05f6eeaa05aaf1d15b9654d0e3bfdc40c3cadd4

    SHA512

    2c25ab1e609143cd0c96abb24b8d587ca2427b8cc87516d0c26b681ef902bf350c22b1156c77251341bfd334d1f5466c5ad58710fb617479fa5a41fb42a84718

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7a84e51474e9d06312d4b9acc53c099f

    SHA1

    89fd8c04832a3be14267051c94355f6d08193d85

    SHA256

    3446078c8f071501f4d80bf8b5b571a877ea9965714a744832ac7f152b82660a

    SHA512

    2b4949ba2f23763026f197c226cdc62a621c4951b0113a82a6496bd8f68b99390c3ba665c6691e9f0adbfc7dd8a3efa348097128b4dcc43c4d55075dff537759

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    137c0d2ff5280e9b126e051e13f50571

    SHA1

    de07bdc862617d038f80424ee7b8793515e90c76

    SHA256

    0c8014b70d04b1bc9c7dbe62594030af0b479483cc2fdadd14a15df79b432ec4

    SHA512

    cd1d2ff29d9c45819d2b64de1dad0ac1200e3bd4b2bec624ad76836c5c23c330d3d1ab94cb483657beff2e0a34b5cb49d58f6a218d215cff3ab1f192d12824f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f3bbda1a81e7d327a459b12e6992f5ec

    SHA1

    639f7806362d1268870b47b7b34ff77e84b58794

    SHA256

    2f1672251921e5e946068a00a7deb751635dbe74bb35859dc17c954617985991

    SHA512

    c25603a5b333dc508066ced2dc0c5b8c5a675c3e0bbb69574709ecdea8b96fcdd89ece95dc91175a16593d2bca0a9eb61c73930ad4ca388de5a6487a363a8f05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b6740284a322c5677ec522cd4fe58557

    SHA1

    8ba8c91e8669b78312cc514227866fa1b2a3c645

    SHA256

    05dcfdc20ca52ca6e04b842c7503da230697f5cd46518a8a9513d1088c796243

    SHA512

    348db78eebe75fac1416086093564846ac5ecfcadb1f9ba4ea09aeabbd327682dcc599f3c4d84827ed959ae7b97d632a0fbe9ddcd7246c53a035869ee395e9e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    87ad8856b7b4ed93cf62480aaa57daf5

    SHA1

    f8cc91ebee010f0bfe6b23e864071d407136c2f9

    SHA256

    0640343ddeb52230767f861c928af5a1bbfb9ce8cad008df1bf31a423b1985b1

    SHA512

    a677852b5754cc48788e3afe52eba18be9be145dd825185e8d9434a9cb9441c562a61cc7a67ee1a98c8858442121df5fafcb68afcb52eb1935116ceaabf1459d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    74f8b62a94489a57fbf22f62233b84fb

    SHA1

    160eed9008f04fd84eb15e3af3d318ffd203b67a

    SHA256

    2a31bffe56e9483ec17b024b9c66a1a188ce8d04f59e1b95205d6d3c85d1aa63

    SHA512

    1e33d368b04d40acb962541f824980fa03f8dc6ecc0ac1b40b760b18065004e4d6a6bd6cf54e96aaabc41d637f0d5a57fcceba1ec2fe030ac679af9beff6e353

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4c989962d2fc8e78cb62270f7082facc

    SHA1

    2a2c878140054e34ccc0aee73788d283ee1290e7

    SHA256

    426ee041ebb425228593a15e7e516f82b1bfba0231b09a801beef33ce01184ee

    SHA512

    8e0d6d5784087774b9cb69154b227123f0dbd0cf879e8049b8b5af98480342752a00ffa1dfb0f8caf07e612ed56e3a6faf86ca9d3acd91d5c5efca5ac2736f32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    84344e80d49d655d55c0af9431156ca1

    SHA1

    6492b798e989d43d8925ec460f46677eac14594f

    SHA256

    78852b5cce8cc3aae88ad01ce72e532ac32e1ec94e13c4c0733c3945ff30ea94

    SHA512

    9a0d0ee8bff47ea69004f7179380de26c0767ec534c32c9d0e3fddeb1cbbba1159a2693caf199611064049ebfc9e722246bb301f459f99dd413eabc6ea3a95dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ccd368e7219b079005a2e07c6b156ba0

    SHA1

    f433dcd227adabd1e229cdcb5f917fd0d25acfb7

    SHA256

    0df2d588c18cd7e16699552b4bd1254d22a453f0fdb6f9cc4d3101e3465a0e1f

    SHA512

    88f0c2f8609bc4a347a18038d690aeaa48348173e539ada17705f2e32b296fa56ce2244666e5ea325ca79ace6181f1b0f9f7b9ecf95f4f419b0063e0e008ac8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d80b1701630723437d1f0d05d5bf9f3a

    SHA1

    8c229e33436bdd7822876ef79029101e9d665bbf

    SHA256

    1567e9a94517d5a18e592e88098773bf00222b9e18a88c69b325aeb6efe1473b

    SHA512

    79d7f5f38a25215abc09429a1a1dcd89d95573ad38f503b616ad37b9a9095a925a90cf52e7d79b390e452b36bb0ffbebe7a24fd85b3103912f4b30e6e6794bf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fd841a411d2184651917d9d88fb64db8

    SHA1

    fd4c5ab11bb334df0468fb63afe7c227dbb55f6f

    SHA256

    cb225d83c4ddaccbcff4173bf413b140c66f0c4d80ece403ceed4e01af329ce8

    SHA512

    69bd2a6744624b580f0bede2f2b94326fcbc4eb8f6a4c7e1eaeb07acc505ca7659fb0efc6d59ee639bc227a7671dab12f25e46451d8019a3dd49bb040af5cdaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    630a82d024470c48a30cae2d9c9ead28

    SHA1

    584248e9090c3d9f6333dd976942ffc5d64c3771

    SHA256

    0ac29384e8ca0e8b35a93afc2edb17189e13b915d629ccd3918d38521b9b6706

    SHA512

    e7f0600255c0b6d6389863ee447354d362a0270ff80ef771849bbe65816192f2ad4e7dc5b1284895ce4e721253ed7aac0aed6066c8ec6d3e270af5b73c9da95f

  • C:\Users\Admin\AppData\Local\Temp\TarACDB.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63