Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/fingerprint/infoquery.html

  • Size

    10KB

  • MD5

    a59176cd85754ade88774c827c35bfcc

  • SHA1

    08782ba5c5a9519fd4ad2969dd3c8cf488decf98

  • SHA256

    d4addbbaad339b17a9be5924b0fde4ce0ba8be88c2fe7b0c73fdd31ca918a555

  • SHA512

    d6b8fcc211da6718a739b0eda0d295172df8ce968e376f027e8f7a915f80224833af5e9b9a95c23ffb311c5ad22b175746de2c6430d7a07ddf85c4e4b9604120

  • SSDEEP

    192:3AvirngJ4+U6LC7UngJAJjBkRJMNpBiNqYUmys1UirpYuO8Ftlh1hCc:l4LpB8qmL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\fingerprint\infoquery.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    13a10b18605582ea5a614ac3910fcd26

    SHA1

    990743ada7f677cd66a18f73aec4c07a2024f799

    SHA256

    cdb21ff8265b61ed92c3947fb7461909366bb536b3930f5b07a01e50cf182fea

    SHA512

    0d46373fd8db8a6264ad73733ea2912694b1ec63ee53cbd87285a428c67b2ca649314e4a45f91ec9eee41eb10a2285ba0d76176b89ab1326520af258bef4f85f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8f9b2c1f27aa40df89721af79868802c

    SHA1

    1bdd8715d2dab6ac7ba373ca954fc133480a0354

    SHA256

    f6dbd55a4823b54a8eca409d29e5209324e83e495e59e67208a2a6605a7fa286

    SHA512

    20e229aae6cbc6d784938f86e51206ab2993f5ddec19b309fb7ec8bdd4e437baf6b779c4911570e026251fe186ec85d0a4cdc86346de203f10645f8f4ffc9180

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4994044f37a75538e33aa6d406cc1f10

    SHA1

    97d941b775bb39150cc96881aa075ec4b4089bb2

    SHA256

    a737df0a8fb3e3c03cf6b39e0a14b27bcac41ce9a249929ff1f8cf3f3da4f85f

    SHA512

    5e0750c22baa3a35f95dcfd81943b32750a8fc067fc3971d5966a7f7ca1a0384846f2d60a318ca3a481e9a72ae6b8a73c7e7299b4b9a9a9895b4b6a2ad057f3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e94c0453e277b27efbaaab3ae14a67e0

    SHA1

    957ed368f580641e7db9d4678edb81e7c5773f82

    SHA256

    881fa1552ccdf6d7531f59f24dac184326d52679b7a69c488baf250fa613d3cd

    SHA512

    8221df73665213a3dd86e473c743f273dee5ce9090bab2f7948356d7b2dc1960af633a9888e0dc7bd60de87137dff25a38f2bcf6a9f24c198881970c5c54c3f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da756084c14d5e6c56008bf081aac6a4

    SHA1

    d0e2b0072377af4aac6465db04694aeff28973a3

    SHA256

    d44d55318e73339b7c47cb27b69553bbbe88e6d579d02d854aab49a393b1c96b

    SHA512

    5bcbdc4ab979ab9f4baafab9abbbf7e549815f1430cb7264b15e304f4cc2d5931a31e051dd70d732e2d833b61f90fa8a31a143dbde4c7b2beeed62bf409981c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96ce1b8a1db929c3d92fc11fd7a93c40

    SHA1

    e61a9ae420367b1dc663c752d9f15a02af8e60ae

    SHA256

    79580407aafe742804aa67fb884995b8f9f467a08c5a143a7b4f5e05ff35933b

    SHA512

    e8f6ccf9aa8d34323f5cd6d00e6bba2e83c08fd34c6d6d1609d4303a16bca28286efe9ea0dd502f31c02a9ff57114bb9166ee396442adae27a5edc68de844c71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1475dd6af29f1a8c22348f4fdcd81c99

    SHA1

    8df023b0c1cc3e1ce5e24de5a9f5dd646b31f904

    SHA256

    323e755cd17ba84fc155b6849b13ce27c5de54c985789173d17dbb87cc9c46c0

    SHA512

    7acfd1bb7641302aa56631f5a5b6b7f05babf33e4581bf3bf8d07506d1b1e2bb3160a8308571e3749a4be767ed60d019f5771197fa690ef97008a8bcc6ce77a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fa291dcab0f94d3e594ae13769ffd33d

    SHA1

    86327af55986028336bb175cedc37bf1195c6752

    SHA256

    9b3b528dd75b7e564bf232030c52da6f25627ca071860d36fcbcc0f5d53fb696

    SHA512

    1c07c63aa012460e68093f05b8b407dbfed1185c128203b757b27f771fed360568a20681537eb270c0aef388446d7c5a4ec6da5c691a99689aa6a6f7d598d7a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    535a410c67c5a1a2ca0252b08daf9f15

    SHA1

    3714e11a6f7a763d6b921c0b127c9b5915947603

    SHA256

    c37d8f414a13e29dcc2c658766949603bd3838293af2fac02fd65e4c069fa09c

    SHA512

    bc1c3d356493b24ed0b410767f9500cd9a3b2940f47ac9b8862454478ed73850b63b491db7c559a7a61543b5f82033015af716c522f0c60a3bc422b54a419c9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ffe196a53211485973f4a0284d49d314

    SHA1

    ed1d67282968c0b4bed912fd0f3e3c7294298028

    SHA256

    44a1e64e4e955e076e7835850604ca5cbb8a6e04f2b83fcfb9006f660e8df724

    SHA512

    7e26d9a8f2e89c107d8afca786aee1acfdb43a04032fbe3afaf15559afa893342df9b0c9a66acaa35121e57e730cea5df662b9ae0915b4c21c75ab8b5b1125c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6c69e648e8db511b97762115ab1d3d1

    SHA1

    7d4cc9120b3a5ca86664f7ce0a8c95fd3081de7f

    SHA256

    1c8999484526c50b8e8a3f3ee4e106790967d34734c0de23f4c90cace09e1b97

    SHA512

    147d80c81c7a29c4bc4adba447d8ab989fb807aee0e3098af6fc5ef5d85cb355d8101d112c0015466414e5ee4bcfc776da58d54c4fef62385b1e7345d23d1930

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1724776585aa4e8c114032135de73001

    SHA1

    6c55a9f74933b1458a4c71e5840f133089c9fcd5

    SHA256

    487a88ce4049c145c21ee49fe0208ca6aec02eda4fc7ecaf95a53e73e9237d00

    SHA512

    e81208191620a7841f66f8ea8515e699fe332aed23d78ef382639ac1af1097efd67b448914d4ae34a13af7b0e62ee46145f904b9e0ea0223298c0120ab267171

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dbe0289efa7221dd2d37522afe2787b8

    SHA1

    58703e108793e878bef50e6e8fafa570b279d326

    SHA256

    a60c89e0656ceeb740b498fab4c18d32656b54df7cbd1a9611a5d56ef66d7792

    SHA512

    0758a2911cc557c08d7067642ee5b1a650a05eed9b5a223aea7474800cc1389c3887b4fd42cd9d5ba17029e238702ede737926d53d2b2d7f374557d7c50b9420

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b028fe2496936e3d75acab357106d2f5

    SHA1

    efebf08c2b7632fcc1d7f063fd07d89bd39a65de

    SHA256

    90bf000be78f59766db8d12851c4bd34cf14fbb9889ab0b0c4a8ef652c29935d

    SHA512

    071447a5246b13f8a39b644a6b426f367a98ef626fd821d9607b52794d95fe2135e20292f88e6a7cf6ceb4b0f6cb7f89657b568b13d1a1dc02ec5f640f011d3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aed1ced8d266c8286e1f71de83668daf

    SHA1

    bb7358b4bd6cef25f60e4b80e47e1f6bc31bd1af

    SHA256

    5c5fb8005b31d8743ddeb1cc4b7be6827a3729db3165c956f92c1025ec66d15b

    SHA512

    43cf44c83084dee2a6f05fcdc010483853e2087252ee3675b443f14731d06ad63f377d0c3289ed7a89471c1897da0526bb098def6ad073b0db159e99ec3573e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7404c7433d5e0a6a99ac461bf2c2e4e9

    SHA1

    ae9f7c83eac42389a1149e71ff06de108fe52c82

    SHA256

    1759277282b1c3dd3d671859823a2f92f27fbe3d5be73c52f14dfaab3ac30969

    SHA512

    af2950bd175d57669cb63066bf5bb0bfd4b3c5ac72f835e3784b1df7f4ba24c16dcce5afa91af79734086ae1fdbb28f0c2ac872229b4ff76376af7488eb1ff36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78acd7fa58bdbc16d82acf588aaf0ae8

    SHA1

    8edd7e7a3eb9672c2b2c7980d5343a02b099452f

    SHA256

    2dd24172980c2f9e26c88232fdacf15498a82b9a9ac76fb744e1e3b1542238f5

    SHA512

    6af68ed43ad430eeb12ce1bbf6397cd609b9cd27f5cc167918f1367c3f9e71d134ee7164f34fbcbe7e70467781feadf25bc6a8a717f8f7cc98118c73e80801b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a3c5c900dfc7220129afef35b5d4f0a9

    SHA1

    19d866ef0a8c17104ff000252afc1aab7aa98139

    SHA256

    a4c7b31b7a7bb5d6d2311dae4c999a5ff98be0b8762efde97a38f909b122972d

    SHA512

    24673488f9e65d18626cee500705adbdc49d24483637a599e14a70084175faa819baee7a49339c7a7339a489a8fbf918dd03c73c034f4d0f7c50871f481b6fcf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    20cec54489a031babf107ba403f82327

    SHA1

    8160adf2ab5cc500e8091f2479b2f3404c1192d9

    SHA256

    8c383e57f9c53d04bfad3a67a9bc59ea5ffffa69762edeae4cf5e8b344c7ffd8

    SHA512

    48f8fefa0f88a5e50828b1bfd704f4d1189f0983050856e58c6472e84658ac8ccc845d147121b683693e5c122070630cd89271863455594937a4e6081b597caf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8808c22fb0af818b421daa5b3b8453ae

    SHA1

    a2f4a59ec5b69de83cb89ee3806aebe2e2ed09a4

    SHA256

    f41918aae0d22e317a5eb44ddb7931f97101d3597b693d7e30f0cfcf8d2ac433

    SHA512

    0ed57311419c05a8d3fdb7a163487fe48c0fe32e276265778c50ce8e558fd22da4cb73f075bbb5884605b8abb7f7c3d56894441c08edd0bbaf6fb1f3296f7172

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    edb2f60a694271f7eab7ea62b6caa673

    SHA1

    038e335f422ab457e077b48524b188872950d42d

    SHA256

    a0820a0388b5254569cdaaf15f5b7b38fe7a532f3c710e211e7502cdd75e380e

    SHA512

    17a7fbc3dbd6fac8d5bafdc8a1daea65918b7ef21f7c03a4805edbc461eb7e96e923b3993312fd097cf8a399d4c1e901cfc832919fee34e8916b32b6f5d471f5

  • C:\Users\Admin\AppData\Local\Temp\Cab3CB5.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3DC6.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a