Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/home/personalCerInfo.html

  • Size

    21KB

  • MD5

    b59b427d6aa02d226edd8be72ca4a621

  • SHA1

    b47a5c6002c150251cdda9d8049ce1f566288a3d

  • SHA256

    8f7fb8968a67a90d3324a76b2dd5a14a2784667f51e67f4f5c6a1322fbb97971

  • SHA512

    4e5158bbc8d76394472026bbd81d99a204544bd4916ab6cb30b42104de4e79283fb31f2e1add11559a6342456cb547d211c6d45e930a8f5227832ccaa925683e

  • SSDEEP

    192:2+THX6Dby0am5WJhId5WJB7ddp45WJB7dBasIyIguvmUTEQvt9PUHT91nw21UHMl:2EOyLH8xbDmt2CPAW37

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\home\personalCerInfo.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1796 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    91b60c4d7c324abce8a82aaf2c08d5e4

    SHA1

    a20fa152fab3497d2b8c39d041c3f35f246d476e

    SHA256

    99dcf4b26929e15fc47b12847bee673dec51658cbcfd47a811d26530854d9191

    SHA512

    30cd9e72d6f3ee2f930ac1198801ad11d57e8b80a5e734ccfd2febc4b0d3373d93245eb840559e42afc8ffbe39bb3a191f4865bb2840e49a4126e50fe103683c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    30b200d0c41497e73b2b5f7a0d543089

    SHA1

    e37d1f4dc031f96530ee42cd513fa90d8d14a998

    SHA256

    86e1836cc0c6e371fa1f2dfc69d978c973aeedd12ed4828f50249d717fa5cce2

    SHA512

    0829b571da5db8ada60ffbccc7c07e70a0ce1440a4236f2b2d19481a762c8979559faa5a6baabb4144c14f4ec5172b143f8e09616991e192478b3ebcc1671ff3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1aa0a21ab274511581e3b772a33454b0

    SHA1

    a9d16a59acede758940989ef8ea1788a12be03e9

    SHA256

    8b7b1392b665e2e92a821e158a5ad4587ad21835be536aa26a41cfbac3c2200a

    SHA512

    11ca97f5ec836334aa753d4d233bef5bc0d8bc3a3b644a610f90f5795817eb530692f68251116b1ad8887c8fdc3e530bb83a19932101d3ef29307f47410b696b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eb8cd54802aae5571206e861c9652247

    SHA1

    58f7c82ebbe7bd60e86f829d2d1c9fdb15bdbbcc

    SHA256

    22341f7d715ee7c087c579eb51cee05f2f564b16c0d7372acaf76c59f15bfc0f

    SHA512

    8ffa72820cb5f3fc6b5c6debd1fbb3b1aa21da2adb4169991ee24bc02aa3af39a4b499d28b8ea519b8747a4c60ea14536ec71d5026f168c4f5421425236331d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b3501cc8b93de9f220770d456b3e9fbc

    SHA1

    b8b6d4b8b45fcf35d9fbe9e20863dd94df7230df

    SHA256

    21dcc8c6f0aa3f3068e5a3ec22e2a8e49850552232092c6ba6545324f00aeaf3

    SHA512

    7f0d3d5a5e956252e43b05dd046d20bb0e74b17113e8201ffb901dd6c0624992b41b397cccd7fa9f45a01b83deac099d34772e4c5d06723a652792ca75e5d7cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5e4df4a587011204364ef7498202866

    SHA1

    a875aa69b258927e98c74a5c1edc8b1c42052a3b

    SHA256

    0ec4fa518346e6b5070b34bb61e00c66ef7b58f67e9eac5c3c54be668d9a1ce7

    SHA512

    c15e8a8d5dfb874bbfc89089162eb7f2db1dd169d6bf29e5583a939b9d5660223e61d3faf2b9315dafba9eececdb195c4951e6d859b3b1da9e5a1efa0ad85973

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9aca55a66506e76da1a8ef83339f5c26

    SHA1

    340b99e6f5e328668a454b032031e3e7560e2f7e

    SHA256

    ccfe5228ccfe24e2156aeb199f5a84547351e5080b72ecbbd993b88df70734e1

    SHA512

    464e34f07dcea3d1449ba18efbb3a6d444b39ba1c52969838b47e2b7974b8b1ce58c85e99517eccd746de94a13bde11567da29fb91b782dd3444a2663db009b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ea4c02bc7e940b8bfc6348f388f7adb0

    SHA1

    18a11cd17bacfbb57718e35f56611a50384438ab

    SHA256

    c3b32100c08641f67e9220361b0b9c4378821ff6b608706ab9cb44f54552b5c7

    SHA512

    7699f416d4d3036ee3dad6905ee61c0e72c95d8ed5e796dbee70c31cc11337ce838601932bb88f0dce9352aa0a4550470ba187de252c9ad50e6c7de6f47c9092

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    82534e65f21c123c222856e1ccf06275

    SHA1

    8f77edcc20c7193c3a53aa0d4d68d4829abf3d22

    SHA256

    88ce3270c84fa665e0ac06f2de7aae677fd1f5a82cda486a24a52828d07c7df3

    SHA512

    007ff4df31ee11856ada7ee92e903b068b8c7e0c5fcea5cc662c256d0c8a88daf188165d495086854716742e0e03d7d50ae731ed54c7a0fda549df0b0dfa5862

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1888f143f8a50ec99dd5dfa050aa3a6

    SHA1

    d41c4af81cb8ce8513731fffd8dd01b03b2a9be2

    SHA256

    78eac7ea3eb97af95523f8bff6d41bd8d09dc935c2c28e16c6c58b13e438f015

    SHA512

    a47908302f0ef253219b0bd93761fb626a74a3f73af4fd3b47934a78929d7abd800e3e23bbdc0bbba90736844fbba9679e13d7da1a9eab5eca3e79393ad253f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    133358b633214a0d1223c4ad45931aa5

    SHA1

    24ebd98f842c1a71806d36357fd26e5a8dcefd78

    SHA256

    0e577b060678be282e22dfaff1103534b9dbf878fcc217ba7839db6d0ed5150e

    SHA512

    4d8f3d2ae4dfbb1edc6c3f76ea7e48d1cae98832aebf4a7c5090052cb61fdf0d979a6d25b34ce54bd09a2bac6fa68c79b8966b1209093c21e38e83f023dfc7c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ce2de4200211a00ed46f50fb9810cef8

    SHA1

    32eff5b989cb6667c7ba61545dffc445294f63ed

    SHA256

    51eeed1dc159df5f33bc9529a6e27e899964d281add8ced4c5e5475657e1e9ff

    SHA512

    1d8c7ea2d62f8edccdb6fef049844dae72bd62b27575b0c937fb27fdd6c970347cbc0c024449d0cd9294eeb6eb8352a9b1bab4bfc6508d0044cae4a13baa9d14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c3627cae896930f3d7414741a4aec74

    SHA1

    e9a4231fa82f71a93dfdb7b113eeced196f8d46f

    SHA256

    ea23f169581cbdc738e0db40e401ddafd6520704675d6fb64e2f53c5501addde

    SHA512

    6a705788b3dc0fb8862a0c1b2c6f911f470ba1e7542a22798775be18d45adec5faf866b3d5c134ef9b0467a7f59cdd504df2d3de62162e87608a23b1058dc05a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f2aa3f68e66995850aae7e9a55d4f261

    SHA1

    deb15a13ea58ee230aeb450c7fb1abf2cbb81f88

    SHA256

    3dee4627226c831094928154dc19150b3b6f7f1846d4ff6fc977754696220c27

    SHA512

    6111021fca81d30fda5d773f614f4d87d86b39b8a0011bfcec7a6e9986455b59ff636bd447d8affe390b9f3ee3e44ed40ecb967c2e887318cb59ba284d645cbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3140289e25a00ce4859205bf4977bc6e

    SHA1

    4e9ff7c5cde99f7ccd0d2ed1347c787f8fa27a70

    SHA256

    4d5865da85352cee66ce2588c1cd47d95f3d1365842bcd96fc2cbeb04a939158

    SHA512

    c285fdd3d59dff40d8e6259082daa40b16ae64c6925ed9fc55d40c8a659bba9694b3f63b7923308339894d182db8927755fb1a08b89d1c824eeb5477f181ef4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d000b371701103f87505ce23192984f4

    SHA1

    b6a59a95422fefc1cf83995ef6492639b11e607c

    SHA256

    9ce9fc691afcd5810a69b921476a762ea04dc51f6f5353884d73f3a9f772d877

    SHA512

    7dfce3a5e33b4bed0160b943adaaed90b3fe3980d2c009dd5305e1409d7ce0252946f6f7dbffcfaf738b3986ba82481501f594fca5588cfaee5b1b6cae8dd754

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cacd1fa6c25c059988106203065f544f

    SHA1

    d2535f9c92c98f17c737438b3f8197364c23f992

    SHA256

    5b95522ba2c9026dbfa02050c5c58b8e08a70d8e6d4df49d4df0b2dbb4ab9598

    SHA512

    da926c3671f0764e8eaddaff305eebe5a5b3b0694025f77eeb1a80d97ecd6e86aaff3d72d828efd094fbf9ccd8da9179b98aa057d06eb9ef818d2536401b27b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aeac69a9a6992c5ccff61a748d9dd7eb

    SHA1

    7ba1eec0cdd7fc2dacfe13c4d9967c2707a5c3a0

    SHA256

    e597d4fe459c544610fe8f1cf47b1fe30c3fe316dc03cef12a1ea13f7b6faf09

    SHA512

    f91c3d99d37c7ec80e29ea252d28ee29679613d1d69dac6af065ea3ea1ce4330030c94e5a63c30bf137b14ac2d43e11b13746745859dd520ac9c26d1ad5ee1e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4410774a4ee7eb3beba69b7330a2612a

    SHA1

    2129abcc0725d82241b32c9d106fc19bc6142625

    SHA256

    337b93483ba31fcb8c0df2a5e72158d4d8690ff2508bbeed0312f70c63c1666d

    SHA512

    aea265e9b22038fe60949d3e456f500c0286e867a1a1140604848d2b896dc5b7200b5f2403d80738197fc3203f4081578624ea4f1e880f1cdb3e929dad3e38da

  • C:\Users\Admin\AppData\Local\Temp\Cab3026.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3138.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a