Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-03-2024 19:34

General

  • Target

    cc3ef93c52f08ab34352d7459ae93e29.html

  • Size

    378KB

  • MD5

    cc3ef93c52f08ab34352d7459ae93e29

  • SHA1

    45260766ae2c646a7f70f306a75cf9fea361b446

  • SHA256

    77d24ee04e3d753093ac0f6a5dae68c5db30d260b1239633b7bc265923db99a7

  • SHA512

    739526eebc2b9b842f6d607d0a543be70558a2e3ae8757a4f9f15041a422379770bd0b4a48df85dede0b1321b22af833b3b2c4c9581461c70e680bdf7938a28b

  • SSDEEP

    1536:qVSWZQWyNAdJQsEaMv/PYEqQ1zCD3iRniKudm/1XT+DQKVMt7cef:qVvZQwssEaMXPhz5Rnt/1XTqQKfef

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cc3ef93c52f08ab34352d7459ae93e29.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1d0abd287868e02462b07c5bf32b2df7

    SHA1

    a646e9639a4ee37fce4ca9a401a1465009ab8905

    SHA256

    4f0840c1e263b530e36b9e95cdb0af4c0177e2cde3c9793001dc99e9d997c190

    SHA512

    4f1f663da144b34271c75b8d783d59fa4193ef8e4f750fdaa9a1846db47b116cc9f90f96665107d373331a5a060607c8f04fa4054fb35afaa3ebc7b8d128a658

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d89b3c138d62956169bca29fe8b83b09

    SHA1

    ba58844b64d9b4eec00c9203c466c8f36a8c77f4

    SHA256

    5458086be6ffb07af409395d759004b74130e85fb49dc70b7a46c374ed39ef25

    SHA512

    f213b3cae31ddd1841e7c3998722b5d8bdf480fbbc7df62eb88be492a155dbdedac376c49acb1966db61aeda2ebbafbbfeff797e717970c89815d7f20aca2169

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    09cef944545717041ef038f40b232328

    SHA1

    6c9cbaaefcfe2d8c32376aaf6a6a058528ca330e

    SHA256

    3a0dd29aa9e60866caf97b8fcafbd6b35ee9bb06bff560a012f07150c6e58935

    SHA512

    b1b11b96dc6fdca4e2a61e038be95ccb85b00e20a36a1c445e3c2ea5fa426867aec1bb9299d2455f23e2a292e90e70677f0320ee015a3b397fa0beee85f277f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ad255ab933a0f6898db07288ab76f800

    SHA1

    133df76f1ae25ffec4610d338c4c4f7677e1f0b8

    SHA256

    2b7bcd2f963ef9cc71a6de8278518f7a19ee7312250cf2ea40d6e9d8274421b3

    SHA512

    6134a91498f84cc2dd14aca52431e140b5b588413ddac0c73c42a62319d0bbeac6c9bd3a7bf1b978a0a2ff2e8e902823d6cf3c8c95574971d23f3b4ae5bfe3d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6d553c5b740c4c32def7771e1a86f42

    SHA1

    4cfd462e9ad7414518fcb6c00cbc641da6d5a55a

    SHA256

    753b6014bde5b07cd2b3d2a6a66ad4e2a893548fec628668f41751237424cf8d

    SHA512

    9deabafb0bc409ab730960696de80dce83cec1cd6605fbf7150fb9a529fa20a8ac93af71752c2c2c1ee2c65f2b1a42b6e90812f60e13675d6c66dbb444bafa65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bf779490ca7ab9ee4257fd0774cd3c1e

    SHA1

    809a1442e46ee94d13d0498a98f0d6fb468443e0

    SHA256

    b0f8cd1f066f2a4263b1becb47bd9477473b5737e35a7ea28c616017742e6953

    SHA512

    9f7f150d3caa8dcc5c51fb5f9a1d12f3c1be1c63db7fc836de73885afff496f5ff205fd85983db33d9fcfa7858cedee15aa31d647328a44591220a1cf21625ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9a2a91428a323796c3c1e986dd4658f3

    SHA1

    a14654a372644dfdccc47a338223bf4e256fea13

    SHA256

    ffc7b26555cf00a801b21dffbcd60915a5de26d43ec6c9572dd1a1466f573329

    SHA512

    325546d669a322223b7d967c8ce8a887af95c8bb2128a43453f1c73c78ef5c0de39cbe6dbafac48c1928560aaf661b20375cdbd58a814d0b6ae92adec6e714f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    12af194b18e30bdef2e36536ccf47f12

    SHA1

    451c84f55619835de4f378c9889c5febf874e8e2

    SHA256

    39b2b85edf3b2dbd855435037ea9e13e4f9a9f0fe163365613df664069f5395e

    SHA512

    d44134d3dff7f60fb3761d47f9af75a8c50bf5329cc8cb0321db88352fcf920e18ad880beaa0f582e5702f4bfc3f574bcdf32a4bece10bacb0cfd439086d79f0

  • C:\Users\Admin\AppData\Local\Temp\Cab5C72.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar6004.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63