Analysis

  • max time kernel
    117s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/hospitalBiometric/hospitalBiometric.html

  • Size

    3KB

  • MD5

    a0b960ddf9e0e2d0ac32dc2a49cd67d4

  • SHA1

    e3c77e0b11c588ce7d52359b806c5dfad2c7bfd9

  • SHA256

    27795ed72fe95ebd04ecb4ed7847f2fed6e0ded037f6f6c6e619146407143009

  • SHA512

    4348c060b28b62900885db676bbaac83ab2c0aade5a6ea9e162ba80ecc520ca7e4a65ca9026065ffb5b7a1520ac30545f1756619806c21862061d3395b60cb14

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\hospitalBiometric\hospitalBiometric.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c531ec2e8f68373dc2a8ecb0f17e8de

    SHA1

    c5583579a659b2df54a033e7091d816cea4ae3aa

    SHA256

    d52d91314c6d47610f2ad0f16699d6fa1d06d39ea53afcd12d99dd2c70d25828

    SHA512

    7e58652b3e7e9df5cd22fb7a445afc180e8441351f639e276ff8444510fb05938c599610068a3be501867d0c3f8046c3a9370b7d73d1a0dfa86d9ea0e95c923d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f863dd30b94d5dd6e7bde8ff5346d1e7

    SHA1

    ebea075241b2815888140fdfeee5bfb7b1002780

    SHA256

    6ba74c341d42c3b06c8611a0444abfb1057b9b6e20c086b1b31956b9e48e4f0b

    SHA512

    e1daecfbb93d90df33e255a7995b7c8ac844e676b55b1be118da3db9e1d68b4b686ca90f033c531630a0fd71ec383ef9d2f72f0f10125205019b48f2032cef45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0924a6cf23e073003f9dcdc89bf6a3ad

    SHA1

    815912e95047f3259b891fe32cabd43346fe2351

    SHA256

    144a64541d9bc92120ae90e584b8d8007b0b4b3760b6fbe6386eac332a61aa67

    SHA512

    a3e9b1221e063be90e50fa671eb3a2bc33d38fb68bafdd3384d806efa8bb4d34e3e4cef25bfd820bd8bcf706bd648bdce7593a6a6eec1344d89f3d53f4341573

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0fdf0cb25d08a9c1e26cacb086633c4e

    SHA1

    3a52562626c2461c3827659caba4e9a72869119a

    SHA256

    ad21c5bef1ea3553cbd161beabf134d30019b9112b14979ec258969bd7e823f6

    SHA512

    05b1090ec7e67e024b08de5ee83790b1652e589d37fd39d794d0ee458af87c35d035279ffa675e2cb88fa54c59c079d28339328943268f591ff0b270a909f252

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d3c330f924502bce9297e69cab75358f

    SHA1

    9c55ea9456697735244980d3023b25500a85bd04

    SHA256

    1df4c0e5ee713e0d6ba3a10f065abb21b3cfeb505bf846d0404b3c6f175970d9

    SHA512

    a736e1068c9140b6d1958852bf41706a1cb77270d8a901a42956d962a477d289edca92255572599bd142737d8c94d2a941dd744c2f4ad2d4e2f77099f5c041f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    33ab3503deccd2b45d57be84b9b37470

    SHA1

    a3b539d65e41750acf01f1e906aaf4b0a8c7a1ce

    SHA256

    50b28a69dd179660ab88e97de8122c26cddf3421657e96af4601d1f188749d44

    SHA512

    6ec8218e1ddccff28ceb3e84cebf4d0a8fab1021c515f4897ec2faea2e92255199d274f8fe6cdd7dceb6faafb5be15bc588792d670dd83135ba5eed6f126013b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    170291f8fa58e64f0fa897cd64aa0f78

    SHA1

    b7a652c4641347b1aa258c999435251167485a10

    SHA256

    b189368be824c7b5ff81ddaa04de6fb469cfde9aae16b307930dd2ec320f2278

    SHA512

    f767efde022d1ee2c25a251d7124979dd0bc4b5deae158de6d8898e9dd14fe57902c234559a58e5dc92a33bd8770c0f384d033be107a2f3ebc77c73241cc2e32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5c6750dc3fa612aa77edc1cd1fce542a

    SHA1

    f189d9f6a9d38ec73f07deee4eed56efd8c7b5b3

    SHA256

    218346f9aeff3a20242d811f4d491bbd90e3fbb3e3fe99cbf090bf195377dd31

    SHA512

    28c708c3c1ca22b13bbee417c90a8bc3c46c7d176c204c1de2080970675722dda5138f6a59c843c67c8b68305476b6af744501610012dbaffcb1aab6a8a9e0cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    89266429c125b487351d17c2e16ac065

    SHA1

    fa055d49cf71643be0c7c59ab734d88b9b7eceef

    SHA256

    a5e2d0035ce9522634c2a4ec606959c89d7f35160610d607f243f3a31b86de81

    SHA512

    b3ac6e7d7440f2fc617b17a89d11cfc679f60e0c47a9cbfeff00faba03605d6c05fa368a6785c96e1cc7635e19754113539f6aaf7471f5951240af032ccc859e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a982e28429c59a2755540e64a43864b5

    SHA1

    022be1d5cabcca8d2f721beb723b9ae8a4539124

    SHA256

    293e68ecad219479199a851bdd629bf1c0f80e9b1db735f0c1604d1d7a71a3f5

    SHA512

    ff448f6841f872f3c74ac27b9c0a279bdde9f5314200d4b0d0d8293fdd985c2fa352d217d497e54ed2b55bb0c51a45d62a4916fc6584a9759cab6023e7fb7a62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    731c0cbf352429e4f5da33c5dceb6f41

    SHA1

    e21456221c6c1e59cb81ad31efc3fee7b7944b13

    SHA256

    3329331f663d00ed0229abd99525176981a3f5ccbe332e7c3daa96e175c5fba3

    SHA512

    c63c847a54361fc8aa6a2c94cb5828ff7c99d806e8e769eb10c105df1235bdf73b5a2b9a8e1b11a696ca2dad85319843b5305daf134f46edc7b22c41aea8c038

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23a573083885ee803ae4b100c0809929

    SHA1

    aa8c39af9c4de437394035ee13af469cf8ae9a12

    SHA256

    6cf9bc6027de28fcd80c48689a648f1ea865f29190a892b1451afe1deabface2

    SHA512

    9bca22a62a61138c36912ea6729b0c0379b77489fc7cab910f9779e6122ad8427a01c1a784b67901cb6a9c82818596bdac54bd6d69b46a92703b97b1368fcd9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    58af582459535f12a3e5929584961f37

    SHA1

    feedfd8664c5870404308fb88ad5db59b17a3d51

    SHA256

    43d463d0173c0f0ee47de850e2d3b9a3a4119b4478ef65a9d5638414fbb049b2

    SHA512

    b683b845965e4f1a91c484744af28e075133e4a91054d9ce241411885aefca6fd16f63e69413e3b913be249a2cca26f4b429655e98b4f39a7d9b741c551ae3e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    58ec6cef0955a8d0c96a089481f7d2b2

    SHA1

    e5dc3c794f3d70e70a58dd0bde7d74067ac04a54

    SHA256

    699051baf3ce6f1eee34807d92ceea7834a04f02a01e972e0422c700ce83be74

    SHA512

    47c99bc39a49d77f36bc5e5d6141e697b401d9ba0d90d15bb2ec823647c4705f5c9545a039d632fe36ce2b0156417e378a2aa1ae02c4b006f18e859e98f25a50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    14b9b6a57426eadff336b738b06c3770

    SHA1

    71101b8b6dd942d828c945a71f9900f8fab77419

    SHA256

    ad86aa1f2008638283b09b58226eda2a49af5b44745ca0c2fd14dcd573fa5e57

    SHA512

    3061e09514f0578939fe324d16b1e77d53e7d845b3e56b068b78706d6380df161ddc74abeab05fd7ba3295be8e56cca3fcb4f7306d8cbc463d782d564b23b712

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    856b35e117d5105dab62a9cd7d55132d

    SHA1

    939a8b60c2c1584043c99383f80bd23597d6f67e

    SHA256

    91945943eb880cb733a965168584ffe0ea2532a94a8789dea3b13280785c2002

    SHA512

    cfbd6cb8bbda8d5ccdc1fa378888d81bf966262727814c986d46fc845f471e963f6c8089133e57071f01eeee937221e50224c9feef75a43ed0c4fae6621159c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71d2f6ad845b9b0dc96db8634971e568

    SHA1

    57577de97e0c51d25d8ba5c642b8495f251dbbc7

    SHA256

    c815fa62c3a9b9c1a8d9fd4502106a5787881d401b6e5af077b17e32c8902947

    SHA512

    09a87f07ab9b71659922d3a9b5e00514832c626af72abfd86d9d5e0deb9362676bd9df0753db5c36df3cd2de5e1cc579b3dc42aacadc75a68966fbffb9e33984

  • C:\Users\Admin\AppData\Local\Temp\Cab9CFE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar9F27.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a