Analysis

  • max time kernel
    136s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/home/biometricsMenus.html

  • Size

    12KB

  • MD5

    9cbe61008cc2297c7d8d870b04d70267

  • SHA1

    5d90820eb5610458f7d30a99dda6786e84cc8a46

  • SHA256

    25e811935de74432e74a54b5c049c96c9bfd2d8dcef92dff08977acd7f371b75

  • SHA512

    e761674c8015e9ac28fccc92421fa40fd90efd093366463156d1ec54cc4bea7843e9646cba6877502c02aa21684bfb0d89b5a554e907f6d001c1972c4b99451b

  • SSDEEP

    96:+5Masjqy/SqkprKSFa2pqhNNDXGk2pq8jG/FqeLa8cqY8GqNcqHnlsU93dXhDzmd:+3pMdD2k3c85dN/m97PrWA8lp4+aHB

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\home\biometricsMenus.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1a0d5ae7a4997d1699b0380afa6bf4c

    SHA1

    c5b833fb54b2edbcd1202f2e02a2c2e8215423ab

    SHA256

    a164295ab1713b1b40debb82b27b6cf958934eaa246642622c9368cc13139eb7

    SHA512

    47137fc5453dd6161a710d637c0e04aeee70e95eb7e2116db777de86e8a0ddd458cbcb40093ba40394ee2027619f5590f24c5aeae97f58021c5e9a6a274ab5f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f7e32bc53a5453814c2711aad64fd00

    SHA1

    d3032338db13339bf80ca6705a3fe8d3257e4127

    SHA256

    432c4ab95f7cda2932f04b53df94994e4df4a9c9c8adb8059f72e1206e5a1625

    SHA512

    03aaae1214b91af7bb44ecb1c8e7bcc606dfbb14878a5afa796b12f43b42fa7930500fd365ff5c7df60077dfc0cac8ec3b4c9f56baba84b5873b2ee8621a2183

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    12daebaf0ee61b2ddd453ce083dc43b0

    SHA1

    778ca2e0b2c70e5e00028e6525ff6e7866c37eb0

    SHA256

    fb86d8520cf53d639a7355321c43f1c59dd1c1f016074cb9b9fe74d110d701a7

    SHA512

    1d439d4f3047e79d9223fc97f595f46cc8a7a2b7001ff5457e0475e50382cb6f321ba350bdebbaaa30ad55aa0a6a7bf0bbfb8f9e987a23c52c0bb30af30c8725

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    03dc220ec80b960703ed084cfa051b82

    SHA1

    7a59d1648df923ef8a95a57efc2a52601cdf9d5d

    SHA256

    18eb387406a56a9bca155a3a1bb8b1aaa890be987ec3fb613b5ae535146ee00e

    SHA512

    bda163e7a8507ab125f28a50dbbb8f5a4c1b533d5d379bb425472f8a5f561ae1379ac56eace8cf0d5148f89fb478685443b47af1c2e4f11f7752b2703d75dd31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff15e8387e50e80d45574cc0576e3567

    SHA1

    20b9db92a27039d106a6e15865fd7c3016ad13c0

    SHA256

    6f3ac31b215f7fa36a40b5df1ebe25668b2b1fee20efc1ed12a9693e823ab0b3

    SHA512

    adeaee5e4e66587f4fd915eced5661e4f04f0c910d410b4b78305d5ff706fa43b742fbf642574cb0a498042c63c0a3af0915fcdd23b18022ef5ccfe9f9ddfeb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ed7eb83b2d1519b40c4c02558b77ca7

    SHA1

    9f9360508e384fc8ab3948d368d6d5dff544eaf4

    SHA256

    fcbe5688f3a8a461797830bee0b11fd5677f1098aa256b292cf5577e35af676d

    SHA512

    04ee0ee208d78a242f3217230413e59df506b90487adf812bdf9d77c9f88c853f46325cfb07386fde2199c748b6b70fd43e84afed6a6a099a20b3aa46edc73ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b7e51974c29a7d32b36d277514e56d1d

    SHA1

    f1d5d6073e8379e31be21deafc5c77c5d21469eb

    SHA256

    117bd7810b070da77b74931510da6b98bc180bf9da35093c388236354e9f72b6

    SHA512

    3a7fed0780a9ca13842b565aeb15c594e0c3c7d08bab2420b1ed008ac74fd0f1be4c11e96a73ee612071420ff554c5af5121b2e56fc18aaecc44cef1301f297c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f7d3f77ffbbbe9b9d37882d8680deab6

    SHA1

    23eedc7d5734f49e21e7f66f06d8d714c013f9d4

    SHA256

    2bbbcc099b4365c5c2258eb156a72837b451aa7c6305fba61915b22cf058bb5b

    SHA512

    0d4627a8714f5f92bbdfddbf3e55fe399c59fdb717693a07a5dd68f70919169441a0ef3b5187ffef6ab2c03f21c8f417067ddb7a46d59e162f54ce961beebdb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    705f0b2ebe7fcecc63360463ff0d9192

    SHA1

    cf989b51e8df4a5294138a46f19f7d56733a9d21

    SHA256

    d6f968ad91b18c08ac977387a8ca6e8e9b0d161e0bf18ffa88205e1d09085de9

    SHA512

    857e382c74187b923b87021278f26e27934a2f2d2be40ef55c479b1f749bd91f2e2316cd66449c2434c0d53fb63f259d1d0edf5527c6897ac0827bc00bb46bfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4c3c380fc6a59705c677c181eceeda32

    SHA1

    64840c33e0efe6f4a9b0b084a85e8957c4972479

    SHA256

    313459464c3d7375ef16054665296b85b674e8dd10e8fbdfad377634c8d81d21

    SHA512

    b5537b76fa8a4e376e1f5a9eab75c6d3325a909414a76112e1bd4c1369f20de0838bad997e05377aca4e6c7c745e1f0e093eb9ab9998900a6429f0994a1d7377

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f50b2de1b12da54ef66884be029f4226

    SHA1

    bbdf5a5700001d60cb401914913db6836d97c3c4

    SHA256

    c6f75a737e5d4e69cfa411c97978b1d92b389f00ed1e3d2dc70e7304b64e4ae4

    SHA512

    8dffcc5647c0ecbb021bd9c406000ee7393c44f66430b1c99e03d71ffa75c27cdd6f4f7f54fc40fa91ac507b734c898903248ef72e787ec23cc36aa2ff09260e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    03375a180a65160cff96432473807923

    SHA1

    5704f894649b3ec63f76f8540fb6f1bc8afeb368

    SHA256

    552f10c61dda1ac82b75ba57a813faaa1652cc65a8ce3dbcccf64215a850c562

    SHA512

    3105e2419cea8a6773250651d7c118d74461929c6fd139ea3a569ae4eba57d5a23409e3bb7302c75c8141184f09a78a0aee2affd804c0c877c319121a4cf75f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e71160c370169047d3bf6b0f45e15d18

    SHA1

    49f0ab9b7084bab1bee18be15039a2f829458c7c

    SHA256

    f7213732f13af16f9d94da86ab0027eec000e2c87a8f21834e3b0b8e30cff1c6

    SHA512

    e024a05c965defc5ef9c51b3f710900ac923d41f3ea34ce963b37f325f3f235d5583617f64ec86dec7a14f93e7331164a03352390281e41ce5b2a10390965d3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b1f6c94b0dec94f55a223914b934e45e

    SHA1

    8903cade250c8d9a3de84febe313011f459a5ac0

    SHA256

    e4cd3e123272624f6aa2c2db6539f80596e891e1a375573474745449f93cb5c1

    SHA512

    932701bd74cda48eb960fc13051871987867f3661541e495df69548b66ed0c67867c69fa1f05126cf4605e9699165d6c5e1230e19a46072aebfd0d357c18ad65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d930d9d8d6f3deba8f975e0907c9b14c

    SHA1

    a2ae76059a2e4afb3e68467abb8d9910e0a85f71

    SHA256

    d216a355d8619799a0ce7fa6c91e90c4a667e71ec60b561a8e1026285ceb5a7c

    SHA512

    27c90b0bb3ac2cf71756de69f40a37f849c9d352edba074f33569bd17860bf3c00ad30df765144e3c9a7d5b0e4069b2df843ab5e7d6d00754ee7c4e1b4d7628a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    841eb2326b00c2c561926c3ffc494a2d

    SHA1

    c0ad44ee169087acb5e424a30f820778eb7db26f

    SHA256

    bb4de68d0ed8a0b76dbe29f3f5fd1597b898121932fe5a1757944a087f145725

    SHA512

    4ab180209319f7fc1ddb21e3d9e6524d56d3e5afc47788e490465ccb70e5dcf9db7af793994c914ae0ff20edbeb92a0e7dfbbf892ec8d1faf558b13b0c47c431

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    07b5dbf31cc033140c8d29d91d0d2565

    SHA1

    4665a8019e41c8cacea055170cbaf0efc35c92d9

    SHA256

    a6e418ef1d6b851b54cbe6edb15e4ceb717cb96673b5e0349471b8bb296b8572

    SHA512

    3022778554c11626221765bcf54b58a372d2aee900e36edfc197f17c45d79c2e5d4e26fed55769a5a5397f82dfcef5fb4585c7988efef715776913479b41dae0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a4147ba764fa403690907cf617dbf8c

    SHA1

    1bb02e43e8a52c8c25f91ccabf71fefe50778cdb

    SHA256

    fadd18c23110d6430ca7e76fbf302eb82dba267caf5d4215b83a3ed544498091

    SHA512

    8387bd65d5e86f07d5f657dee5872be622feda20e8ef2f3469bce96f72f2011c29149771d0c3e7ed6e53ba22d51175d19f187a86e0caa4944aa12b9345b59068

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41d64bb6bb70f1aef6551ba075cbeb49

    SHA1

    eba5b8b953d4a4279414101ddf58b925cc389d70

    SHA256

    092839692e285647535a373ba1aab5c29e14b6ebea693c604dafec6f3d4a24e2

    SHA512

    910758f326046c4bbca46e5ebb8017899131f951519e597de88608947deeceec90446484b2f759215bdc6caa0f18e37bfe9bbd55da8b6adf929bd574d13d432f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    60a3ba309d4626ae607a783279c1b08a

    SHA1

    222b8e76b87da904989143da184f88dd50394444

    SHA256

    8d3568a8e9c48035acfc158a0f577e7e9e7c9fcfdcc32119599902216b9f6977

    SHA512

    5ecd116b8f0f0b191297996361451506b609eeb927779c6c61a102ee9d7efba688240c9c51730da9fe9c4d1943f595e1962363967733b686aeb5e39cc3b84d22

  • C:\Users\Admin\AppData\Local\Temp\Cab73AD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar74DC.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a