Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/home/success.html

  • Size

    5KB

  • MD5

    c16a9850117b11f650d000fa982a1f88

  • SHA1

    b8fe73d19f244b3ebe6701417add72aff574c365

  • SHA256

    3e80e05bcaccd4fe32838eb1938fc8e7d716a7cf1d3adf7220aa99b635b748b0

  • SHA512

    096298a4e7c097c867da28de77cbb2028bda36714798b2e2adf5f2a6eb200a76f8e954a61085bef5801042a796b65a10dec5929812a61b133dd9aed68ffc4d15

  • SSDEEP

    48:tbf/GJSuAXZVbTHkDX5zpa7HiGCc7Y620yz00cuk6ekXxkHaBakGqNq5xB0f:gubTHkb5zpa7HiGCc7XoM2w1SK+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\home\success.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2272 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    30902f337ff8a706e0c9f23e81bb4bde

    SHA1

    5c60038cefe97d251583c9069eecc5490973b9a7

    SHA256

    87926a0ba7be5b1c4a3a0f4d3fdd49538dc4972f02a7eb83ce887696ab05c209

    SHA512

    f0c7126be72eb6b0df0dd17e148c2cc059671024e4e34b85da0ef7a62a1b0186ee2c75da13e7be7f13478f335256832f6826cc11992b840f46cf111891568b0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f2a078e5a58dc13e9926a684fb0b1481

    SHA1

    ffdd7a5505dd81f706e70d2087f981931aa54580

    SHA256

    4f8ad8d65da1c3ed092f4398cd372d8c386b0eb059375a0303cbe06b4c9739e7

    SHA512

    666209cfa9af8dfeaccba76f350bd4787ec1d422b5627332ce0935c44f26626d92a5347bd021f8ccc7365c089ab496491b462b88785bbb982fca44e51b19e2fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e9789533445e17997d1a1c43ac50d49

    SHA1

    72178b6d91ccd35b3b01157e00e4422a553b6067

    SHA256

    2abf980e6fbeb7b2dd8a194a1115cb91afb7ac48327cfb55b252656f19609c9f

    SHA512

    27ac3ed841e3b1061578b5e84bac300276e3e59ff338e583557a3766d567190c9dfe3dac8e1db9a3e4074d363f1ab7127bc894de06f37bb2a862bb950a7143a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e3e3b481c1861a7b3ed337ec9b12c8fa

    SHA1

    c27327a70ed1437cc1452cdc164eb44208646867

    SHA256

    ba4d09d69f0c0257cb005c618660db6a38cc33b9de9c178ca1d263b647e43a32

    SHA512

    d9b5a66d181805dcaa1f4c71f91b393a4cd63fe2a478cc517a45b500ea94a8f180d47769a8957e745d0e08bf3453e3b1c1ecb0b0d95436caeff88eb59c9629ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aa0f5da7d01ede23a825b76a6fc355ec

    SHA1

    0acf506663cd74d2bc7e8f3bd31f9a237fdf4ce8

    SHA256

    e73d070b2e1b9167fafcf772e8bda17e5b88db678bf412d11e1b451d357c9d76

    SHA512

    975331acbd17eaed31059ea276e08ffa230b0324f606b34ca118a774f97a063ef17d0829701ead19b6d8b586e819167ca40fb72b92796c7f21b6168f7ad6ca01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c6138b58ddcde19704eb5925d25efa55

    SHA1

    64b102cc34f57ab805bcafa6e66a62ce91f6114c

    SHA256

    30c9c571c9fe4b0b7d9bee72bd8aa62e112001d35ac4538d76918c638abf03c7

    SHA512

    0e14402409ba91557d5e3847ae288d79898185b06f82c4adc191394b2410b38f686dea331429cd063db393088f7c2baf429c6fadee2803e0f3c257daf36eb180

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7933989aace41464cc5319bfb990149a

    SHA1

    9ceff1fbe9d3e9d2a6b6552931548d7f556eaa7e

    SHA256

    9e7d23baa34403bd208935094c3366ccf4fdef731848b0613127315e712ef397

    SHA512

    ee847d8dd57e77f153484af7b9b79b2a34e78506f57a54f0bef61160563a7fc02a863e3304a627b4c78ff2b9f70c9a6f54011ad90a50142c08b9e7215926835a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6ad290b39d0ecef2fb9a337a626d732

    SHA1

    d0e0787a6e471313d5e2d9af4eb262229fbc7182

    SHA256

    0360ad87fc23694fb7257125e8a600799f790c0348e09ba985523132cc2d4275

    SHA512

    04d0c253335d053b97cc334ec3da89c14061c78be9fb086978b598749a765db47debe933ec49c32997eedec0203e266633cd30918f06224f7efe3d6403d6bbc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3cd02c44c9a5ece149c95bf34445c326

    SHA1

    758a46de76e0c2c1051171d4499cd4ff41d7ddd3

    SHA256

    27cdb67d103f5fafbd424483d202c2d3cea390fe6f674f5cad23e0ce38b4ac11

    SHA512

    4d570a785d5d8b6a37b69f21ced44bddb6c858870a59f93f6a66241634434b09ee9d3a09b095f33a2d407fce15d7f3e3078886f285cd3120dbe808a195134ff9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    079fa19b941ea90a9234e9e0a6a6687a

    SHA1

    206488eea0b6c915ee2590c8dd9cc7019c52b433

    SHA256

    3ad1cdfff6622bf41728647acc8c570a78009512650e038e3cb8343862232746

    SHA512

    291aea7e0497b43f6148ed9c1f803f936990b4784fabf67b5b106507f5d55c361d4d428fd70cd486cd6076f0f7fca0fa69ea514876514ea6ecb2608a0652122b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    59aa5fd5f7005be7963afe671edbd664

    SHA1

    6a93ea38457a88f4f153ad1eac88ecd9806b3475

    SHA256

    bd19d8f938c9f547289cb9f7721108c184e92542451e6f184f8466df202465b9

    SHA512

    3d778058c64f16d7828aea8de8647698ebea7c2c5d8d0cca573ad66cd7134190bfc18cbbb64b1b4ed3b6637c66c2b134f7841bd0bcc1a4738d49ba2783953904

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6976eaf86e50e511cabbd74c02185541

    SHA1

    6bdf1627ed7c244b678ab78e0687bb4741d082fe

    SHA256

    39bc7cb51f80ef6430ba1605e7721379000f8dacc78de4ba0e3ac1c3b3044503

    SHA512

    446a63dfd86e61c44ef8164da15a3d2c5dfb68984720933d30bc985dc8aa35e225c31a473e1b5f174f5a6daa79c48c6a9ae6abdb854f1ed59a1d760fcea83b0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    567ad52645b2bad3f72c069c6a9d7211

    SHA1

    cf67290000aba46721056bf86edc0161b6cf5321

    SHA256

    b6955157f691ab8097b470515a432589ec65722f76719383d3f455583559db8f

    SHA512

    0d963f4dc6fd25075f0115ab96a3633d69ee84a0a47bd5fdf8882498a8bb40653c2814d502d7ff9f61a31ceb3189b0d3448a04451863766b84a2d46edca8703d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    637c4b3a543d6b167022c876ace19f60

    SHA1

    bf4149c91072de67aebbec4620f118086cd10214

    SHA256

    a713c573743311f54750dfbc5c53175897129cc85148e8cdc603b4d48e46c549

    SHA512

    5c93c0582b13f9cd73d05aa010b339cba859716af4a3ad2e0ba530cc4cbcd2089a9fd9314b4e129a84947680fdc15714c469bd805a495f4a682d138d2ff02815

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e974a9e967d25712c871856cae8d0a6b

    SHA1

    c71e42ae14d56ca65b0af1fc51aa1b38c2ab9e0f

    SHA256

    e39bef8dbd96fe3b93cbeac51e7a58f663c15c165c962673c785bd6a2f5c959a

    SHA512

    7161931a40b3977120f36ea704e17b8ac01d380fab95967b8ce14094fe6c180c07dc4e8f598278186e2e89586f835f7560d178bf228a2f9592e9f2b4953a3033

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f9480666b84dd4fde6b855310a8dd01d

    SHA1

    3158cb02245abf783a2e851336c0be3bb1884bc5

    SHA256

    7d8c4e09ce8d38594f688a39ff6fa7ab1c01d8893630563ea1d7060ec4ad7dd0

    SHA512

    91bc54b5567718a1a0e503afb64bf8017562bcff1b6c3ea5c2a3f43b047aaa091f41216c89727b99abba6e5bc154c921efaf088c424a39f8d5d269b47d920dbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f37164beda23ddd2a5ffc0a82592a14

    SHA1

    ed03b548c307b39c44ac6399096d08f891044472

    SHA256

    d2290bd27fd761494b9af91a40cb8c291d3d6c2707714187ec9a582ee3688f52

    SHA512

    b5bc6c4efc316cf68358a124857af8a82fb9d4ff06c6c39e755dc3a8526123cf600d3b6d68fb9bd222dcb2bf134aaeacd3068d2c76db05ab4250346e998edf25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    33e94107747da452c50208a157b40467

    SHA1

    cf9b7700414a369f5d216ce4419c21f28d4a928b

    SHA256

    b0d5c6d01374b150e6ff540e247fdba40fef673af814d2bd8e66d9669553aa90

    SHA512

    ddfdc93e8698104bf0b9e5d993bc2201e12eb05dae9103358eed2092e0e06ff9acd295a44a51d12832231a882d8263340c0cdebc3f8c2d30ee4502b3025a9857

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4039fd7d50e7912b6c4c69a05c4b8acb

    SHA1

    df3c58895fbc4e69cb48885a0f265b6bc1ed177b

    SHA256

    9abe791541b8396e8d5f49b01c4e8b6ff5e8a7376813769284ab73b41a913497

    SHA512

    3d8d9120d42b5f69a06e673cbb7d012e49f9be017c41e60e39a918149451a9341e377d8da7a312a22ebb3b98463e1a4591ad24bbec1f8c2677d176384d391869

  • C:\Users\Admin\AppData\Local\Temp\Cab2D2A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2E08.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2E2D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a