Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 05:18

General

  • Target

    d54b900748e5e0d7a169b15f699894b0.html

  • Size

    32KB

  • MD5

    d54b900748e5e0d7a169b15f699894b0

  • SHA1

    05f5b675f6b8d019f72451f1a7f7255318fdb434

  • SHA256

    e35f3cab99c1a52e4ae872fc7f687bdb93df87b6fc1515e85570129e0cb53cd2

  • SHA512

    6e24f97f8a8c66e5661c5f5f96c41c0065ab2eefa7313d77dc533674476e5ff92a066ef2da94cbb08fbd246df6f5a8394fca32dae161a840c7bb340b452e0fac

  • SSDEEP

    768:Zcd9QZBC7mOdM09pC5I9nC4Y5rJw3wkwRzQyPd:gQZBCCOdh0IxCj5lw3wkwpQyPd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d54b900748e5e0d7a169b15f699894b0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ba3896f9d31ce527ead63d11b249d85

    SHA1

    18962ed169ac661d9143306b7491f4dc0bf29ebc

    SHA256

    b789d9a187bfd54b0d91a73f0f6b1ddd01fe03c34cf7e76a3442def07feff2d2

    SHA512

    e304d5b47a018c4787c736879f5170850a0beb0a264aed12ce256993419ab649a641437d3ff634dbafd748bdaa058f6f48b2fbd52455d6c12d30347e00210d7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49e8b34448af32ac6ac458ace021f015

    SHA1

    19ef9c288f17021a00bdec66a56824b7a0cb63e5

    SHA256

    736523d98f92cca75ba53fb9a62daf1665dbba9dd74f84cbc221ff4f2c6ef4db

    SHA512

    fee7004fe1969d87eb7bbba574602175b04f043f654b13d26075ba9e02c06832ae38ed4a186bdff00e721a2f8a4ed9e5bf4dbcb150ec6c5d7ba9a405af71d300

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b8350eb70b24b244aca7fc8b299342cd

    SHA1

    eec5958ee394a05ccea863fe7632f8e525279591

    SHA256

    cf7b80d119131e20a0db1f717049dab46f669f5fae4dd7bc088ff891565c245d

    SHA512

    69e231e86c9ae915108eeebe1d9cd23c706f073ea9b65a7862825def6ad42845801fd23caad167817a86a9c7b1e81030ea8d8c3576f6cad820aad22acd52dd2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87043dc65014f931007f636ae56329f7

    SHA1

    8e089ae43a26b71460fb418268cdf1a8a5dc7e89

    SHA256

    baf7cffd73095317f3e6a242d52c3ea55f9dc64e8e3b5c3e90f54346f3225625

    SHA512

    caebe6cf931d0f997aa408146af7eccba6bd0bdc4e484a043ccc723dca1fa447696b28d22afbc5e3efd893e4b9eee21cc4551ec87a2dd2aad713e99405d7d0e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c6fce75abb6b0557f51954b3de4d70df

    SHA1

    de8192f8d1be6fd74ca78db80ba7924eca96fa26

    SHA256

    3b5acd339c0af0162fdd0e46773a2631cf4c55d6b19d6124aba4f04a42de15ca

    SHA512

    6c91c9125bd92b1a77c0d6996634f5b0eb3917d75e96b6d41dd8e5c8b6ebe91e1ceca8a45db549e6aa710388f86c537374ba2cdbcad59e5cb4910662569683a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed445e14c4e765fe866072f4d5e3cb66

    SHA1

    faeb1d6bcb5401b057977526feda69d88b7952ee

    SHA256

    5cbc2c287f4e7041ee50265fe4b701e61171b647eec90c0277a52ef257e7f2db

    SHA512

    7f58cd6420a5090ca8cd1bf04ddb5451f5a82eb68afc8057d2df62f1f9f72f0629a86c7793d0cdf5f5503e5018c9a11fd6ad9a35d1f6b85b5ee6c97911e14f58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed2e318cca29383f1fa7c160cc7a282a

    SHA1

    370ae5c0bbb3c69d28121738e4ac742326faaa6f

    SHA256

    c779a2293b57df11ffbaea181e44dc73d20554d675c70ec26e33390163becb84

    SHA512

    38e747fe889d8bc05a3b1f7f57b3a9cc14f3fc97e65d6e5e6ebf11bd6d4868d3a2703781cb9b00ab36e40bf8f9885687549d764138b375cabee6c69431e15dba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c487c07f51e58b4dbebb998c77ed1e8

    SHA1

    8a4f2c04ba0e6505c99be7271aac40aff5c1e850

    SHA256

    4c3e4f7bfb30f6510ea0bcea56717435fd619e2a867d1c33fac64d3626d5ebe9

    SHA512

    17d1d405e5ef613b469a746d1c0c84f459ec4e509ab83486ced7bc5f7baadb201b2f3dafe76f24b57f68933b0931a4570d384acd7f15b5b9c66e2d948fb2a678

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f55d6d95ae49f86d1deb73b89b293cf5

    SHA1

    c2618451bb652f027464e05408bc26a2ef7f1052

    SHA256

    2892ee60818e2d4bac3588555f48ed51e1e99de7312a9e703369c17e9b452d72

    SHA512

    7a1785cc3ed3a61daa4720a0726a4c07981545c169ecb8a264e55853be8f98ef35c001c625e43740fad5d89256d90a0ea7ba4c5ea5a02a215564bad8938463a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5da60b6198bc669cc15262b0bf3bc0c4

    SHA1

    142c4f8e95a6813561d6e263aa0a1f96738429a0

    SHA256

    d294b48388ba9b46dfaa0e1f22de48791fa74eb125dfcff023c2b27c74e36f46

    SHA512

    61bc3ce93c5815f02eecd6370aa12be0434e1a2bab797b6d2095c012c7bc63598d9b189f43a90854da9f7fc50a5695ab8022ba374701e87937d6036a8c125544

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34a365bf9621bd7a05738e512894f8da

    SHA1

    691089f21cfd4955e448862024e2afb942418929

    SHA256

    12168471f264b19fbfabfa7b46323188b476de7fbbe8248270e6f1618d64c89d

    SHA512

    7ae2328f77f0efce5b4feaf19e1274042c858c48582b655f95d8f77c95da5b5595dd12e855a2ed2c0f14d3ef9a2f6048979e431deef8ac9f585d9d858d56491c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0ea5825fcb62509edd846a22ab7dd435

    SHA1

    72da03e4b728c2d0e340f038398761034bbb1ff2

    SHA256

    dc13724e37d9e2d3df70be48c292eeff2c045bf26cab58fb851df86603e0234a

    SHA512

    d1c3be7174ba8c49e5ea078d7d1a2adc2e959b75e974ea8b75b4ca40113084e9623a84ab1e063e728c5e42af2641fb2d11b58af35db2a59430ec863c78cbe4df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4410b085cf9b6c08cc71e17c2e6cfb34

    SHA1

    c6a743601abf1f5e3007d302531cc85fc7a9e2c6

    SHA256

    8f468f38a69b16ed0e709e85ed30148ca47822e3af65e2b34dee979ea3418276

    SHA512

    0a0bf3c72e7f7283232099abce60247523c7541aa511fc28c4e07209a96f08e1ec837885f320822b1136aae444cbcb6f0919cba3eda63f02b893f5ad09305029

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a4663a1f84bc970690a9950a1aac3044

    SHA1

    e8fc9b65404cbfd13023b18d1f1b8fc5122c2d4a

    SHA256

    e5249cf060dfe136be39d0e7f0cab70586252a4b841e126f3ac9821ad78fa7b9

    SHA512

    cfb44d2f3509f77ff118b48e9466c76d23d2a9e70000592711f9d9648a6390bf0a4bf299778927d7fd6c44fa2702cfc31bda885afaeea514003b03febc82acf5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a619df04d65e2a7966db8041f95bcb97

    SHA1

    f657b64e2b3889a3e92b6aa6b1e49aaf77ccfd9e

    SHA256

    7a45dcb4bb9aaaf1de98c99edb525f94e8ecfff3a36570575eae70dab6ff2d99

    SHA512

    806d88cbbd4f5762cc651df15eae1d85978ca75faa95163847063eb0bb7f52343db6b674054b56d6833bf9db54afd2e701899ed355233f297a39b299923276fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e46735059cf5555aca53bb744f5af49

    SHA1

    cc7fb5320dff488f5eed600bb8d34830a3e0213d

    SHA256

    2ccc0a386dc2eb4979138f361f2e28f57dba5cb511f6481504321d8c66193105

    SHA512

    17ae1eb60cc9d0ed92fae419647640a8db473e434069e88985500e2887c6d6f2bd13bd6c2960b17c0e6a4fd6368c335bfb2e659490cafc7e1a4a32f1d0cad9e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71445000b1e4cb58e9f2a30f8aa4b786

    SHA1

    ab1dfddf5f9a0b03e3007750d40bc78cfff78876

    SHA256

    fd31fe6682657a59c7739ace839eba867dbb134238fa5c571a3f134d185f8be4

    SHA512

    8cc4299b85cc8a86739e999b186fd4a1b775aa6bdb0b87b470d2c5e87f52c0b70746a6fd2d5b485c57c35b4a8234e736a5c402fd4a4e1d34c930ea040957cf28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ce347f3526ecfa67ccc4149676eab28

    SHA1

    2b1bb590575e5762521daef33a26d0eb08a214d1

    SHA256

    3e177f1452bcb0ab3165d78635b55249311e35d824850c7f29ea3e00fc9ee52d

    SHA512

    aa61d27317c6b0daeca6ce65109673b0c16ff71681719574885148eb5b90e1e28bda3a0e0ff6841087379fc45d52d1c6f204d9b686a8bfc8e0891f6f7cf57aea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f5bfddac5efa52261610dc71b0fe3d9d

    SHA1

    9ff1077f06621ed66040b9968738f10396253aac

    SHA256

    a986adfe7264c866e61799c86f35f027a0938fb32303ec2ae798a16671279758

    SHA512

    79849379d7ffef7b7f3921cb032abdadfcbe0a685527e9b08b84bd0e91929a7f8d63b90a70d08a145c950890976a001f0ca1be1eb3cdfbb44416eef326784d31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    df1a2820bc0ea188aa7f3658306413bf

    SHA1

    a3fc362f133cbc2abc176857060c11a1d99e21be

    SHA256

    d653cce7dcc716e886ef4c4cda822a255eb29d9c447f912c6f3e3f39d45e5726

    SHA512

    d2dea90da44fb6c3220b9e9e5ce0ffebf0b751ebad7e3e654a79b81120a5cde5a12fc60ae0f3d0875594411454d3e55ecb4d0bb8463616435a544bac5dfa44ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    70d7e6e2d42783707cfbb918bf8e0dcd

    SHA1

    7259181e4842a3b943c0e830166253da9ada4d69

    SHA256

    4d57b69753950e2ea49338d6d9641fffedd809d5fa7018d0d7acaeddb189b846

    SHA512

    7ea149ede34dce5e72ea50a08be217062a828de994c51310701f29ef706a66e21173678df35be9d62f357b45726f73c4f34712397f111e0693915a6bf4aa2e9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    81150c5c17bc31b3cc5fc3c65570f52c

    SHA1

    9f521f32c6f7e4bcf5eaced5acdc20b9811c2e66

    SHA256

    1d0c53f4957efa4c52e6d294876ad4b49726e6b731c7304aa7c9902d3fd0c0b4

    SHA512

    ce86ede58e3c3d6ee334830b838cde7f1686b9a5424dd582e51040ff28a95bb58f6b95d02dadc1471e518dd65acb35cb3c39d692032a63bdcd9828a3d3740b89

  • C:\Users\Admin\AppData\Local\Temp\TarBBF6.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63