Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/home/personalCollectInfo.html

  • Size

    21KB

  • MD5

    a95c7ad5a4c6634a6ba16ed3ddba55cb

  • SHA1

    e73d62dd58a1f5407f087a8ce04f5c4300a9cc00

  • SHA256

    8cdbe126df6b07a0ec8eda504bdf35b3e30b848b28f0fb2ca0d29f11123ec002

  • SHA512

    ded4a88525782205976cc66f01444168719f02a044541b358c6c84e238d615a3d011f07916867d97c2e54009cf49d5087510e35357f666c881b64332d706bc61

  • SSDEEP

    192:2/THX6Dby3am5WJhId5WJB7ddp45WJB7dBasIyIwuubUoEQ5t8EUHAA1nPL6UHMw:2zORLHcx8htt2vPAW37

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\home\personalCollectInfo.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2092 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    97d2620cd21f551b5d2a1f16c3948f69

    SHA1

    d0acdeb9c1efd11c085a7fbcd758c084e8f74aee

    SHA256

    485a862f4536c11409156881591270e95f19aa61fb64be59034d9365b76d9f3c

    SHA512

    f06ba84084cb982d87d5135428c78c5bfe4277e7fe64fa0eb95f317a871637542de6a820f694c276ef7d40ad20ee14bcb045fdba84bda6df7a2c0763e20c4158

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02e6671d68544e11cc1b894ee90fc3fa

    SHA1

    8dd016a55218737847d7c7ec733e1ef245352dc4

    SHA256

    921bd5e6588edd17496139379ea03a914b95695b9a7182e31a83e08731453b0d

    SHA512

    6b536257624989b549fda4dc7d47611aa14d3a4ee2716c49f5b14550b26f20abf6014453f9308fd51352ab6baa031ac4b3a57c19a0959ccacca1696fcad56f19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a95f9ef4bfa913757b03972c935cf87b

    SHA1

    c1455be5e71392c7d0394cdeccdf59de10d0a23b

    SHA256

    6a3c7d8f416a9f94e634946a48c4aaa3562da4206c606d966510975d5d009d13

    SHA512

    bbbb01f7d65001a4cf85047fff885fffed2a2cf38447502cf25a8d49dd94e4acaf1ee6fcdec4a1c28941dd523e3b911553cbeb4dfc3b60aeafbe9da69ef6ffeb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    09f8720f55dac55e9db7eeca12fa1835

    SHA1

    ef9c60bf41a15009c7f139a6031384c0097a66b1

    SHA256

    5c8d57702f9dc1580d9116cc3deb38a52bee3ceb81b3d1d1d53fd28a0c888691

    SHA512

    7cda48176e0ad4d30ddbbb98a0ff5cda29cf93aed4c25c1ed447d26bd4788e48f6e32fa24ac4c3bfbfa532c0a2c4dbf52476c9c2300134e2f8139b3569dc6c4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c820d857051eebeca7ff4e44b967681c

    SHA1

    c1b8dca4887e65af7e2414e63a45dc5e2d0f5170

    SHA256

    2cd27bc1d30a0720178c132539252489bf430e671e3795df008a91ceb852b341

    SHA512

    ef17854b4a70fce384777ade08f081b25829beb6acf925c357b15d33962f71a90bfd100f565668076f76076c4dd3d094e0aa085197cf22fea5b5e769e26d68ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10e8045324b9874f14451388fc7be4ce

    SHA1

    65618e69ec1ae93cb8b90c616d1db16ec3c2458f

    SHA256

    794a17c0f0f81597985d906694271ab41d1aa4566c36cdf1afe5630b11f5c054

    SHA512

    929cbac911f8354fa7e46633d49f8ce39b55f75d6d0df718363b47d85b8c9f9258e766e0f8a5cfcd6cc0ebd95b75ec43156de2afc8a5231ef2e7a19d35fce4ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0cbc56cbb73893f1f4adea95059d7a2d

    SHA1

    82e2e1cc48a8c53591a9733297669d5143a3ed36

    SHA256

    83a4c87fe34b2ae9161b6d01eb820d23a961d90db7932302d35bee81ff3abc2a

    SHA512

    c8d18bf7495b3a0b9f65818f4f40bb574df4d62a8e336c6b97b6b48401a1db0a1b4467c5759e990b0da19f22967691332ae8a4bb257cc7a63d69f1b94be5f4eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f2ce5094f6977008e749625924fbbb4

    SHA1

    2c8fb4038bea17d5dd6fd9aeb1a2bc4ce093de2d

    SHA256

    2968628896d982a4ecb6321977e58a4c9239c492dde3a251990d4f3ac2e76fe4

    SHA512

    8839946fda66a3cc93c4e783f8c041e0d36a84c0bd5b413eb0034622109d0153a0932431f0f005df848d3ba30b8c993700442b3757deb3607c1d11aab2447af9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e765ec54d524b3ca5b5188286daad159

    SHA1

    8cadde22f89572e29662811d8a080f509c013292

    SHA256

    aaffb217c1dba40e3edf7ecbb84f7c51ec02e2204060ae16cadc7244094fa751

    SHA512

    5111e708ad5e23bb0f681bca0843a60dab7116f0311a4a8e555cac41fa14d08564af62a7a5b80efb2b82382c1f76fca72bf407f2a49b060334066c5ece46c126

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5700b87764b5b6da482082dca19f35f

    SHA1

    52c8b0de817f22b15e168a916359c60cce5ed924

    SHA256

    29ebad862b2c574e44ad59328f5566fba173664d08b91039b6a4a8b8bbc89f7b

    SHA512

    8ef47d949d9cab93a1a102f7f917b6deb3780d534dc8c0d9ef58a17a27fd399e763d51679c3235031015ad6a6fac505d383ceedda9a79efdae9dd69a917f9faf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8ef45323883bd9237014049e958d8797

    SHA1

    cd54f3ddbb75055e8ef7b28250596a5cd8d45935

    SHA256

    0dc6a6fd151c581300d7dd76861ae10d2baf0883dbef7de35e8fd915518b33fb

    SHA512

    dcc8c49b4df645b3d5673e8441e50568b5bf3e94b0830d6d4cd3f0ada8a170458f274991cc93631ee2360d784fcd77a3bb5bf428adcaadaaea1d6df9efd5b2b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d5e319cfc35d4a40d0cd9ccce9b82809

    SHA1

    72d72786dc0afd42a2789f484009344cc66e7a45

    SHA256

    352acca1dbf6359e54a5b002c24d0267a5e7b5c279ae80d53da2410d4e09d1cf

    SHA512

    c34a7cdc2b023078511f5deacf034ef7601d695b8ea89c11ededf2e0336cb4bd2af08f16db343bcfd5267bcb2c15e929bb9c348acc178c98d2c90d5d0e04b730

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6eff9a087db3ee1fa6b9a68999ca7c97

    SHA1

    daf215227834db64eaaec8b7beea71c43525fb05

    SHA256

    3966fcfda6dcacdf58be868f888fe5cd75bbf858ca7ed12623d646448a3b01ba

    SHA512

    29cd09d8bca0d86d0fb582de226890e167505bbf69e41912ef437d285904346ee5708f691078352c51ccb5ba7e4cbaa6de7895d5657e6c541c7c20136945a7de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    235e34cbf886c652b30da16e32fd7f82

    SHA1

    8c9942df16256543753a69b65d98444d642054c6

    SHA256

    64a1e1d7c3bfe57c3f9b2a186629a8d343f3955f54e234cc5570e7e610870396

    SHA512

    66b66752e904394497ab51b81ebaeb0b69f56cfb08cd5cf864827f3a38b61f5abe0e42c48377241fbc8d21c40c294fdfecd4fc33a36622d9febaaafbd4b9ddf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    62440962dc661af698591f130612b9b5

    SHA1

    76805d0d9e5194f939330b3d2c669821d76afbe7

    SHA256

    35937eefcd0b55d8257123f60b4f10da8e16f9d3c8fcdaac0d121d52a4160d53

    SHA512

    7de59afc7fadcdb936f463da41a40e6b68269f531ea7b2cb6444633ea937a86849258829c818852e87a320da1285d2e42bc51e5ec356e51887b153e43ef29d15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49b7c5d63a2207ec8db00f8e4fe339da

    SHA1

    2842c918e8e31f9ecaf4623b00dc744317421146

    SHA256

    5e63cc7b6183839b643985202430ca1cb337e7e58a945c18bbba12836442fa67

    SHA512

    7e37650cdcb98a25df7618dd60cdd2979f967376f7f4668f0acbccea1e23d51d6e83aa15b562761931ce96e999d04d053579e779555440324da41f48042427ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    77bad0af0f6846031924b6aa5701dac4

    SHA1

    dab972c7bfb55f41f406f60b248789a33eb9b2b1

    SHA256

    b5b5a5bbc99c4c4a0b15709092deb3480e328e7207b9047991f40adbb1b2d9bc

    SHA512

    9628fed030c7e3e5f5db5bd977409f92249375d4ce8abb838199592e679e4a1cb190e934ca4bca64e4d3954b2b5231673bbfe4a5a46a9a61ae0b7c059787d3a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49aa90b41b5bd2af4625049cb135981b

    SHA1

    30e5a03377764a75e7d1aba256a0b040e587e52b

    SHA256

    1c7d1082350a6368a521e23ad483894fdc94c06892d507e53ea210b4daef0b01

    SHA512

    801cfb0d326147d0a088fd8d0b60ad7fb6b272d249c7e3316d1ba486d52580f4370009bec02590d8eb40f35ac80c219e96ec2040a6099ddb1f1020a5e9bd031c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    59e271ca3e952bf08953b3f9391d8c04

    SHA1

    46f8190e017df4668976ba6c8eee1f2e5afa9715

    SHA256

    052558cd4e3b8ed9a84712fdcdf7ddfba8b92123e73ebcd847e99d6deb052c16

    SHA512

    13679075f09a3bc38d3b11128bac4203a227f981a8d2dddc3af8a7d65f47cf433c03d51f20e936aa17e0fea9a3d49d5f68132a7de2b7ff6e38174616cb762596

  • C:\Users\Admin\AppData\Local\Temp\Cab408C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar418D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a