Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/home/home.html

  • Size

    2KB

  • MD5

    49294fd0c48a6c2cc06e8e664c328bdd

  • SHA1

    ee1be99a5bd7afdb19fbb48e950bdfb654200823

  • SHA256

    a78dbd1bb9d7c61997f0ef82b4184c33c69700dd8f62791d1dd022d623e93c44

  • SHA512

    91d644d80844d4d9fea2084e31869ae37bf82b1c821acc41976f01ed824ae207c3c82d48eebe0a2f054731aa98d37cc90aad396025865da9637b0ee102f83fce

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\home\home.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    30debb2d49c38511631f37741f40b397

    SHA1

    3d9cb6ef90975123e85aed82de06d42a1236f6e3

    SHA256

    75bbe4dc4adfe54c04a1d3145c0fde239cf44b748a42461f10f4ec8cdd9bdbf4

    SHA512

    c69335c24fa3b27478303b4e0419bf5c8de509938f6e1bda12d7c4fdc0dc16baf5f61469d3025b2ed1a80b274de1e5caad79d44472fc23427b34cefdc3623b46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c15105c8280d50b2cf461399cedae043

    SHA1

    0f7c02457b5f4df2604175f69e01e8624e7ebd28

    SHA256

    df007e312ff4840e821d8cba5480703b46cd7b858110a74f8870fae0db3a96b6

    SHA512

    a90c1f756b0d35c0872ac5ce3d4cc381ead22cb027afdbb48c5b64087a555e9ed354c4f9a38bafd63b16a5a907308a6e658728cbe24b71e344198755582645fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fcac2974c7ac5cf40c01e41ced46f0e4

    SHA1

    f30a91abc347916c325f0734bfb656d34a1d1d5a

    SHA256

    bc5e8df44cca74d2e9eac48ee12f4ade0d55983f45d5b9eb7169b7d0e9afa8d2

    SHA512

    55cb3e0dca79e51331da516f100905036a1d06fe4a4e390fdaed0c5fdea114ee42f393e80e55f65538e08a33faf7b772e094bcd4a390c1d6ceb370a141988b76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8a16fb813b982fd8a2e691b2e7e5ceb5

    SHA1

    1e612845d852a98f1166e087b3ce6f86fbdec21b

    SHA256

    7e55147029d39b549e56d04936b42209057019639ac62bfa59e1dd5a3292d1fe

    SHA512

    dfc7f3d63b2810da8b9c512580c2033d641db5f0bbff0ccdb091da7b9b736b6cd7eaf5834c8248b41aa3c59656adc3e0fb9d1145671b1de5506cb1d8173c2bfe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79e8cd57c65e33121f5bc19ca2adb058

    SHA1

    1c8284e6f63a0e72c2de5dab31e062832ff3a566

    SHA256

    453e1bf3f670b24cacd8d1243ed6871f30f80674724ea06e701a7454c1d32a20

    SHA512

    dd02dfba4094226b2ed58e6b5db0ca2de9746dfa0a94643d7d54bdd0d25a8c01a39a51d061086262fe6a5dbb83a8ab151a3122ad2a927c8aa2b06025b13272ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    05d7b721a835e5db8390a2f1579109ea

    SHA1

    6a1a35bcf96a53ce12567533cc9bf9c3e60927b1

    SHA256

    c128c7098b2c9997a3c856c6ccfb81c93c362ed0baba57ba9abf077d10e97748

    SHA512

    6ef7f4a4c01723234149ca7b6ca5d7209781d182b7614ccf14d16679c3f05aabb99995867e40da5144999f090163a48c9a5ce5b45d33441447b526e7c249b73b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    56e03bec1176b224ca0234347e7df215

    SHA1

    e271fb03d8b77233ee0872e017f3d32137ba647c

    SHA256

    d54dcda8a8b2564bceda3931039c517420a20e737c797204f2019ac34c6d1256

    SHA512

    5e4ebc084a1c2794293e4d761907ad89a43ba9f8ea303f7d5c0a958dd82466dac2ff35363a8035092ca7c7998e9fcfd40ac285bd3662d625657d672dd1ac0980

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e1a4d814052c8065a63b2c1915dd2e4

    SHA1

    d705da33fbb06ed4bdc949f38139073f0f7d11c2

    SHA256

    8dbb907e031d7a481b96d404a76efaecdf0e2c2d5b415fce8be00dcb38f8ccbc

    SHA512

    03f668633f3646addc257f074f0d5dd99ca76c5a0c87f9c5efc212115ea4d0a411a593e2c6f1826fa1bd5090dc333fc5ecca52eef41cb27f821e80f2469ba05e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ad439c66a5b9de015ba7621468495b5

    SHA1

    a6d52e08d14eda89b92e6cb49b310b063097d7fd

    SHA256

    5baf58f833bbe116f90b8f2e78ce0f6246866849f69ff1aa5f969494895b9b0d

    SHA512

    5ee8dc9509d8637eac9b21288a0c1b0ba36904128c72972b8c19fccc1854d31baac28cb48554959eb57e5f927c22b8fec3e4c54584b47f79eb8fd799efc003ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e3b6677d040d8cbaff5310a4e8c40399

    SHA1

    1a107b2b8711e6e08b2b29d72c99ec486a7d3689

    SHA256

    a07701888ddd3385030e1a6f86f6d40040caffdb3ccba26363480daa920e20b7

    SHA512

    8d7115cc7be70dad777d35a8db8f822d828da8b51217b77de76ff34af3cfc2a954d22b32fdf2d8b698108269a5f06f459ccaca9eb68004a65fce7ed17335e196

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d52c7b7af5e19fc611a52d513cde4bd9

    SHA1

    669aa8e1972a12a79bb3be9bf8a86beb8662df73

    SHA256

    3457b9b441124017d0fb8cddd260f8fe344b6312d9f69607202b31d95f8632ca

    SHA512

    f29cab3c45d9f01907a7f548d2cb0244efaf92995ba5526cb1f4d92e3101cf2bb81a97533a07310051b87fe83cae3617d9498f3442f5542dddd8e1664390404e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    051b1069b7712b222ee50dd4b78de81a

    SHA1

    6a469b1bf690ef59b49235dc5cefc578b00a2b7f

    SHA256

    d5eefc390455116176226107a1b3bf173fb9af14098e4231ba3ddb9511dbcf06

    SHA512

    cc3ce5b2657a0a08e1f458f4b94b196b464f8e6c27ef44bcc772932de22b079eed6321e3e242a2a082059aba48ad46fb478f01e1ac2862a4f903c50f69e83131

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23aad7b84122d20b348e8643aa60c139

    SHA1

    78a68a166e0af9789b5d098f12c55da6381adc0d

    SHA256

    bb451f77ae181846451f28e75635864ab69fcb232369661431bd6af11c59a86f

    SHA512

    dbe5b2b5ee3496b94c17bf7df77191fa40e7fd21421cfcf73211a7e12edabefcc003e8b76e82486e7d650ef71fdde7a85b84763fb356a4b1bdfcaf3adc2dc0f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b7b6bf7886b5ca6e42bf04b4b49f4fb2

    SHA1

    27166758674e8093d9811a5d3012016faa1948a8

    SHA256

    d733f9d496b0f052ec9a8f2944b36fc1a0d6c613623208dfeb12a78a24d004ac

    SHA512

    d9caedfb02997cfe0eecd2ded3e3183849414c6cab803f5452d6097ac279fd344b0bde6c0f320eb8936271cf3639dac0ed4ae77e9da018b3888efaa265a614e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d795d9229a39431d56061af06475a1fc

    SHA1

    363b243590c950d42e379d437159875c6d4afbd8

    SHA256

    ca7924021b40a93803e2cd18061e248d39c0ea0c06ad2584a59747079aca104a

    SHA512

    e2bc516670ce2df4389f32246937d31d071b81331b88468d325509fad00363b029465066bbef950b03866fb54d2ed68a17a705b5d4250aac80e18bc24ba73cc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55244470a6a359a678010ce1711e366b

    SHA1

    9e6886d5a79d610bbcc5f93fbcabc11e772dbd2b

    SHA256

    a15f95702dc11cdcdc7703e1e76238d3e085833bb8b53939e8065ca4954a3fca

    SHA512

    0c1f04a286cf5955a300b63012ff74446857bd7ff237d057fc8be33c1ae93fd4cacb0c501918d08a04093cc30e746abcbd42c4c2099d2942dafb6c1bba20134d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    95dfdc0b3f4e3515d652348136115c0d

    SHA1

    c19c9d0aed6544ac69b00342c4f8185a06946294

    SHA256

    3457c16ee221d57747ded6d54a996b8fb2506def663ac80cadf6f20f9ff39389

    SHA512

    6cd9617c5bd8eaa990c5f827f775c57a36a59e3a5d518c7be56b0c2ce5395bff6ee2ecb257b4eafe397dde6f4100c16afaff0e2a709c2f685996c49218c055f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    218b6f1508205675156151ac6a007de7

    SHA1

    ab8327add6403d8d30e664d7c112f1878f0c8752

    SHA256

    1d243a12da457ed0dba564db002748e65f5ffc91a9cadab20e82033300164d7b

    SHA512

    731488744047e13e07c3e250ace7b82a38c3dca7f7c45df5658ab4795ec4d2f3b184335d25bc936c35e20b260d3ded21d9109f6991f6396b4f135e9567345c6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6c177541090accff9de628af99dfd8a4

    SHA1

    221dbc53b1069b1a30af40cd13d7b57eb5265d12

    SHA256

    64c9cfff32b083d6a816ac9ed392a405243aa410b966530017bb3d3aac2f286d

    SHA512

    d3e1358ecb31d2197152db68af61c34ec16e5c9860c7ce2521d8b1910babd6fa3f4c1df18f8ad6d99658a0a6e247aad62b8d91326ea324f5dd355dfe3bbf89e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5248d48f8147c5bf785446075ed5e46

    SHA1

    95ee944e7f3e35265c949eba06c8fee43a3924ac

    SHA256

    a726ec652990a28461e17e3f4e1c048abc79ef4d338e930eb54683dee373ccdd

    SHA512

    8aac0d4767eb9d7dea2343186c11099804173cf1a31a07c14527c2131da25f7a6c25a9e50a0a0d3a2aff069a0ec7dca3b5dfff35069bd9ed17f19c29361bb227

  • C:\Users\Admin\AppData\Local\Temp\Cab758F.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar7691.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a