Analysis

  • max time kernel
    137s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 05:35

General

  • Target

    c7d0d7b6b81483cb8a893d36e4fa86f8.html

  • Size

    53KB

  • MD5

    c7d0d7b6b81483cb8a893d36e4fa86f8

  • SHA1

    a2d9b42088ea0751184fca799ecf8c8cb0441746

  • SHA256

    e018f77842490c1f3608d84b21361af63ba3fe5fe8a1e029341e10272d4c1f1d

  • SHA512

    aa9798a444761be1f6cc4dc8663d4994224239029262ee6f47ac9abd3b3c5d5d7c35988f8a1b001b4ea6cad34bb001e4aa3dcee878887e5dee95ef3095ecdb7b

  • SSDEEP

    1536:CkgUiIakTqGivi+PyU3runlY863Nj+q5VyvR0w2AzTICbbloB/t9M/dNwIUTDmDX:CkgUiIakTqGivi+PyU3runlY863Nj+qk

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c7d0d7b6b81483cb8a893d36e4fa86f8.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2332 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          40106b6e952188ac9d1060df8f353105

          SHA1

          7a14f791ae1dbf3d37cbda9cbdd7e22d7066267c

          SHA256

          f33bfdf8a67d1e734079cac30f0240d89761db8369f30004932996c578061a6d

          SHA512

          20fc608804a7fd47615be8edb0d75a11796be6b9af7f58c637010365fa0ad860f03ad82dd14837e0a7d188e90a07ec48a36144f8d221a4ebbeba430807020a88

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8b608ce35c9f441016f13d5dc1434a68

          SHA1

          29c81c9dd19d414d4725cb492c3e4f6f6dfec760

          SHA256

          f25445c3fe6a0827b19ec0a8ba12247dbc8eb6d79875d092c6f1cb2956daeff2

          SHA512

          6e68d6e9be027b745f1a2a31db3ee1956287ae627fd9082e6e4d940a3bfba6e76fef24c3394ce31a5fa55380b895569802e742fa4593c37729c1d6aa70cf5aee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0684d5c8a26d6ee16ce63e0a7c83f137

          SHA1

          57ec94966086048aa09a7e764b7b63ed36aac5fa

          SHA256

          a49adc8a779799508177727dba05d9af3fbe778245fc53b22acd239663db6176

          SHA512

          4154967bb6665afc7e5e01c0f2c0741e39abc168192c9460ff939c5647ed9d1e9b6f9bdb166aac1732ae8e78eceabf76ad404d24083123f6e78635ff602e5001

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          514b06a3b6e796994a8aacfde1b0b63c

          SHA1

          a2cc3736c039f189bdbbf985131ce55e4db198b0

          SHA256

          19dc9057b23ea5c3056af22f9bed1ecf7b9557fd60ae634767e7649db3a48bd7

          SHA512

          b1079f446e50e6dcf14cdb0b247f771fe5b312e122b1e23d653a31b8fcac29f2492fcdbb523b4fb5b8aa9ec9a7d8c94142bcde9a64ff362308286140abf24e53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b8708333c2c0d5221067a4ef2a92b1cd

          SHA1

          ac4cf042da5c5c8b3002ffe36b90201d0b192007

          SHA256

          389f10eb2498889b6656f6b5721fd508b4cb3d137474d5ff8f0f2c92881f5f54

          SHA512

          4c498e19ca9ce76618743aa85721a13fade0b38d24dc823f9209b4d0d0f015a8f3231f77e32c732f308695f93fd38fe054d72a37f4b1258ff2125cf51bfb4ad3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          90c95415a4185c7b09bab9ff64637b20

          SHA1

          9711b9f2a1da19177d4878e92d78f9c93bfdf570

          SHA256

          a6a102e3795957d48f25202d552e6e995f295b7aa2c0f870dd5e943abc003b44

          SHA512

          28d550b7a17043e86070f3853364f14f33db475e1580dfb9a511ba67d1dd42ff3055503582b4f27616e0687e55d28c17664ba9b93637e469eb7dc62d503969c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6b03b238adddb071afdded5d6cac7f60

          SHA1

          c3c1175eb21d5f88a12ed3e2c4346b1e27032907

          SHA256

          ba96ee66e77fe9809c8a16eb6c4a62f4bbf934d4c991a636c7b1cf8b26d8dbe8

          SHA512

          c30c353c8f0a1323745fb1022beb654e1610d6ffde5e26a2f2122fbc0db782d9572d4b063b4e0823ac19aa3ad29558d1543916df9ababdd977893b8e2460a29a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7b3a4cb8e1bc9b738c1c2811bceaec29

          SHA1

          ebd485dec9644fe9173aff70c5a44fdf67330ef5

          SHA256

          744c117c8a496ca7c5b7e0dfd04c436b9334a92ad51680f101621538de6d059e

          SHA512

          43f27c8ccae4cdf906791c13feb6b53ee92be62725729b667c7bf920fde866980e0d37a590c83555f9cb49883fb487ed6bc096e3807a0098bfef05e103742faf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          71b16872b4245525c097b154eeb27a15

          SHA1

          acf8eeb08817d479dfcfc8ff8c62b22d4c1b8c6d

          SHA256

          768d87e3d696caaab4bfdc003af3b1379f9e00f2ff93fc0e8ef32cdd097495c9

          SHA512

          abfb8063eaf1229cd47e965fd84d50636170ec309a1de6a092ff4440324511ef4353186169453c11824b9fee3cb88e7ff641400de15ee285095c6f856aebc9ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ee601e1b5d827db23d345b69250341a2

          SHA1

          367123d6185136bf6063791340aa8d46051a0008

          SHA256

          e073cbfa2b4a8a05d6e496762985a233c17a89c90c0e0d26357c65fc6f774114

          SHA512

          20f58849ff1027c8ebbcd8bd104550d1b45b77fa0fb278f88d9685f217dbebef7f60c6427cbc013f70e0e648b651521e7f771f109fbfc3d5f9a017ffd27dd8c7

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTT6L9LH\style[1].htm

          Filesize

          706B

          MD5

          67f3a5933c17b3ab044826d3927d0ba9

          SHA1

          5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

          SHA256

          97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

          SHA512

          03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

        • C:\Users\Admin\AppData\Local\Temp\CabC880.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarE625.tmp

          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63