Analysis

  • max time kernel
    119s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 00:15

General

  • Target

    widget/biometrics/fingerprint/fingerprint_cf.html

  • Size

    13KB

  • MD5

    80fdbf45669e1773c5257c844d8405df

  • SHA1

    6f67b9af935f7b83529dfbe625abd51936e130a9

  • SHA256

    b803fc9fd78508ca8f211ff2be9927f36d9d3d5ac9b2e61fd5bf2dff782de269

  • SHA512

    b4e137d616d49652feb6be405b77815a4e4d0999bec795f7610c0f71d58dcbc803e67671987b34bdec3f8df6d36e72229e721182540c20cb578c7094a0d164ac

  • SSDEEP

    192:1AireIWP+m4U6OeJtIngJJjmiKZ21/JMayxGPF1bW/SGsmTD11Mmy1i15qMmwM0l:RXracv8ei15tgG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\widget\biometrics\fingerprint\fingerprint_cf.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f7e32bc53a5453814c2711aad64fd00

    SHA1

    d3032338db13339bf80ca6705a3fe8d3257e4127

    SHA256

    432c4ab95f7cda2932f04b53df94994e4df4a9c9c8adb8059f72e1206e5a1625

    SHA512

    03aaae1214b91af7bb44ecb1c8e7bcc606dfbb14878a5afa796b12f43b42fa7930500fd365ff5c7df60077dfc0cac8ec3b4c9f56baba84b5873b2ee8621a2183

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    29cbb573e925c6c890be6dfad71176e7

    SHA1

    1614d703175bd697f4652608b0b72e1ad33f3b48

    SHA256

    d5790c53f7a87cedf6f5a752861ca7565e4bc7258b348c2ade4a7b44e380bd7d

    SHA512

    a472aa9a9bf0351750bbd4e5b97a7f5c7ba8246ba3ddb9797981b8305d33f1fce138dc80fe90961a87620f4a36bf4fa87e3327264586cf1bfc800fc72e858bc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ac379533da34d8def2787668815098c

    SHA1

    0a4d44ac841bb7e82c92bcb34471b74ff321a87a

    SHA256

    f7b2b8eef7c8b2ea5399674c7cc328ef1740a6857dd8ca1c8928d506237bd376

    SHA512

    23aea992d4e1e8f0c1387224d711950bb7a812857ece443d97fad4ca84962bb8c157d73f9e3b6efdc5f99816954fc089d62cc3d5abfd0a20e8ee9c8ef188d57a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9fc00af02f4c8f714ece35b3b3e67ae7

    SHA1

    09a52cffa3a69f371416f9499bfcd9a64149ddc4

    SHA256

    78b9aac268de09d82a267aee4108c50b7a348c4750578ccb0302af35290a1731

    SHA512

    3e78e9d67815d55dc401d9ffc8f911c304e9325fdd332feadc32b5e5daa285fa939f5324e4f3010162ca58c32749e163749c17859d23266142b12ad2bdf396e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1153b2d83c1709b1f58457e575a7d304

    SHA1

    8c5d931f049d31a31b5750ea0e12f6b7339cfd00

    SHA256

    1e3d662287fb2eb85598e92c125e34c6739732e81b307cd52406368895975e53

    SHA512

    5776dfa10b6eb79ac35b7a773457e957d1b8004053bc1910edd30d6dd610b3ddd25a934dca1c5ea3d5c02086d807c563e7c6939a26d83b02cded507c54e6e0bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e54e54935259df075a14f7dc8f4dc813

    SHA1

    b8fdae888e30442f9a455a2a954be52e011c41fe

    SHA256

    c2c355639664b9b0ae10392c1bc67cc57a1b56784dbfc1f8a9f059904382328d

    SHA512

    cedd1dcf3a89b32e887c9b8b2c63de013592009bcc7e62422d0e66be68b5f264a7d5f9b513c64d3c8b66397e93557ba7f818a6c69f1996773af5c790ddcdd331

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ed7eb83b2d1519b40c4c02558b77ca7

    SHA1

    9f9360508e384fc8ab3948d368d6d5dff544eaf4

    SHA256

    fcbe5688f3a8a461797830bee0b11fd5677f1098aa256b292cf5577e35af676d

    SHA512

    04ee0ee208d78a242f3217230413e59df506b90487adf812bdf9d77c9f88c853f46325cfb07386fde2199c748b6b70fd43e84afed6a6a099a20b3aa46edc73ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4df18b5f9a19cdddb247bc16824c07be

    SHA1

    3b05c457c83fc11d8ff53571670e209e0f0a0f9b

    SHA256

    1a780e857294fa2e36399a0c3fcb5af6f057d3ebfb04ebaa6fe0de89fc60f3a1

    SHA512

    c87bfcce93f2563e7ed110e24ef445df69ad90c9a5abd8912cc34a1b0938d46787b50957879a7be379883e9e602836a38473f8252b9fc73c94d64b896323dfbe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76de257a46d1a4d847c1e5c242354faa

    SHA1

    0301e37090b6c67be4069476717e586705595154

    SHA256

    5284269d8c913070e455cdad92b0c2f784222ddca80be4a336c37f5e66a35478

    SHA512

    de4c08ecec899d44be2e3046df1efc8b3f10ab5221167416f9db3f1c72c777ac1c7f4a78e0289dbad326092aaf35ef9e5c5ad6ec00a5b5ffdedc73b1024a40e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b633d5cddc89222b9b5750b0fff68a5a

    SHA1

    06115c0bd22b100034f29a80e31c13e0cad3bdd3

    SHA256

    aa9e6fdaad8f7f7914dc8bb5293add6da720a942c95c71b8ae5e33d3e7f68223

    SHA512

    25781e273fc9e3137180eb4d6c30d88ae57b8e0495f136ee5dccf27fb8c3dbb624cffd67ad7c8753e4a174f6012baa9527447bfac755205f3a0858c5dc0811e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f21d6990990ca240df01d9a66b63261d

    SHA1

    d0a5f1ecdc47399a48574aa8c5f443492619867d

    SHA256

    7145e90a4b42e478e9441e1c354fc24e2a2769a6430c8d4ad3699bae8a8370f2

    SHA512

    cea4adbb3a753221f2dbcae6f8692a1b41159b2c356cc685a7e2b3065106b824f8df94df7cbec659425e1ce495a7e4b2a96ac85427651f56db4eb48850570e3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d38b542640e6e4e45e2e92675f27ef6

    SHA1

    0f6274e60553004873ad0c1a0fcd66127bbb26ec

    SHA256

    e779f894dfa48441ddefffdb5e83b40720e5bd320c5fd4111d88709c2bc02680

    SHA512

    ce9bd40e6f77acfc739b93d3f39c90f3085a847ae73876ae9299e4d3391096efe5f779408475c29266869e918fd93eb2b3f05fc60b4275ca039fb0e733536edc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9cf4478dc6e630d96bcae0363cada814

    SHA1

    4a942a850a3c754e0c23b259a8215ead4e38f015

    SHA256

    828c2494af6d351eaf8f85c975a275bb2d8b2ef7f7c32dc1166a537e86487b87

    SHA512

    f58f26bfbe3321f9bd61110a1a371b59eb0711e74bed130f8748c23c75729e89764ec5ed8ae582a4cc07287fdfb74167db48f9ce3e851c80cabcba855434279d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bba15158e5a7aa113a02dffff4b7f688

    SHA1

    c8d4f5b22ba2de6053850fdad40ea506f8bcd59a

    SHA256

    76c99091efdda8dd613497746014efc6b17f91f32e1f864ab163cc4b65fbab27

    SHA512

    647dbdf361d57a919c56c986a482ad0fbd4c50d09cca2488a8eec52feeaf06d7fee3f380ce4a73c3a8345be69b66d2ea8f06ee4249bc190331ed375fe2d2942f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    75ffc0fb3fd7df232300985c8f0935ff

    SHA1

    65bac3afbc1afb2a58b5004e89d6569a603618fd

    SHA256

    551209b52e105124c03bba9a91ad8d14f4cffc00ea6fbb401d99940dd894c8ac

    SHA512

    882a27fdea3ba861987767f3335c224384e46d93daa05a24cc69f95aeaf1502b95335d47b09439a86e936198c556395ec72399f154338cd578dfbc0fb66143be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    00ae396079e14be49c16c05f75d39069

    SHA1

    8af16cc64965b62873a6546ec067c855e33dc9f8

    SHA256

    82a3ef8f768d6b485ddab328ce197f7eb5fb21df8f769803634bfc6d7f97de43

    SHA512

    7ecedae7a456cbb5518c86880b8f1ffac6faf81c66e0395b808688240b40ac8f881e1c6f57a6c349f54c44d281168c062d9fdfe2686598c1a04c665dd298ad13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    859e860f8af95536b3e384ae0df23665

    SHA1

    4bfe99c739e12fe84e68f4e3c3476c9bbd4c4be2

    SHA256

    af28dbf2a8e726b4c6f2b134985e01d10a209756ad66b5ec10509e394f703ba5

    SHA512

    ca566269b121eecbd849ec146eed65a2915a38f11f7d2e65482dfa03e11efe4ab4503c15f8df07b8193cb2a4b0d8039895fd766e1c7244f3fffffc96e83403b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    43165dd330ed4a9203a3258c31686c06

    SHA1

    643f52b01903450b33c2c19e7e6e35e5fd279f42

    SHA256

    6e31bdac7ead8c844200f853c1567aeb4a44e1eca0a8eaa323190c966b13b3c0

    SHA512

    92d379e755be7b6748c48adb66d578e7d70cd67b692840264f03668ccd39bf34fe5e0bb9371ec212f1b25c7840d1250d252312af30a7b4812333c23fc4f63f71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e8c8ebe531ee7525fd683814243a8b2c

    SHA1

    fe5f0ec0a3c04612da2382da5d3178e6fcc2ada8

    SHA256

    718151f1edb945890a5715ec34b0ae5c79c6bc3cd84f9a10c2cb4885502b4b8d

    SHA512

    cfc1250beb93705f74db049aae48b887432f439e5e55bafa0323e3ceda07cb8064821315d10e088daf182da6ec7647241c1a47b680667874fa63cf6aab4eba05

  • C:\Users\Admin\AppData\Local\Temp\Cab7BA8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar7C99.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a