Analysis

  • max time kernel
    133s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2024 19:44

General

  • Target

    LICENSES.chromium.html

  • Size

    6.5MB

  • MD5

    180f8acc70405077badc751453d13625

  • SHA1

    35dc54acad60a98aeec47c7ade3e6a8c81f06883

  • SHA256

    0bfa9a636e722107b6192ff35c365d963a54e1de8a09c8157680e8d0fbbfba1c

  • SHA512

    40d3358b35eb0445127c70deb0cb87ec1313eca285307cda168605a4fd3d558b4be9eb24a59568eca9ee1f761e578c39b2def63ad48e40d31958db82f128e0ec

  • SSDEEP

    24576:d7rs5kjWSnB3lWNeUmf0f6W6M6q6A6r/HXpErpem:rovj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    63129205c35d8b192bac7ebee7822039

    SHA1

    b19323d42874942045e9ea78cf0ee51d4c7a13a3

    SHA256

    0a22c0c3c83c541e8e5954aba9e347efe9eb6512d94c0c24724ac6ad5e75c239

    SHA512

    ed4b48478bbb77329df64832446825c6454a472dbc335931fe560b5afb34d44994705b35e11eb225246be6e872444e3d28bc76f8a8f39361b3ac6008ee0325e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d793ba422a9f2c7fd908ecdecc54ba4c

    SHA1

    a4252cd37dae5d77a2d6e318dfe3b961ec6e0101

    SHA256

    b1b608d5cd7bd0015f7316cc41a49b099999781b788100488f4f65035a76b34e

    SHA512

    40c8902f65bd057c99f871688092e1ae46a90dd04156336d33d8add616e384b71700d780153b0456f9e7b85d02664086499d6ce56f0a033dbec0644cfb735107

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6098c2873290bdc7f9e30f2d159b9332

    SHA1

    ae96d85add994abc2fad6ff61417f6be3e137a24

    SHA256

    13529b7c65deb9339ea19bd94cfac3ddebac80f74e19664d9c369edf1d872f63

    SHA512

    e82ddd1c8661a6c3860fe11afbd9a44c5ff2995eb07947535c78c2a24c004400921f266ecd288268b291dec3ed95c6683714f985ca9a83c0d671fd81528a7b09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9f9d5ffdd3b321ad25b7526e1589d8b4

    SHA1

    c9925092b3b32de05ae7a1e50ff5b7b19830a9da

    SHA256

    f6c06596c66bd62c155b89972a5bb23a10a19a3ffda0c1d4315d40dc12dee880

    SHA512

    792e6c812d727151c5376fcc99da57472cdbd112c0fdecfe9f5464f2b75bc23bd108ef50298af5c4b124124564db0c4d4e1c448f78f4673ef1d7ee1bac03f3d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    43e8d28e7e5b1b9d39e8221b9c618539

    SHA1

    9a1f62b260c240e3215b5cf73775317d37649488

    SHA256

    45cd97ca40ad7b060f96a32d0ce4afc4c5f83e52ae2ceba689bfd57e3dc2daa2

    SHA512

    20fcb25f1d2d11a984dd3debefc716d220bb35384d85ee636258558f66c3308fe4a59b1ba0812f388bb5d227c4862cc3d0201d0c719795d5f811ab1f91ef9688

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d58741ee5ebb181829a21a20ba992e0

    SHA1

    abe03bc8383454aae64975b4d90262053f71657b

    SHA256

    50681e2c5bdc2a6d7fd38446ee685789f99e4bebb0dfec2154e90924a8c18f07

    SHA512

    baba9f7cb422621362c68df4219e5c94be9794ad6729635c8a48bef4718cf8f7004110c32a213034f5d33f14de4e1e6484a3695458a36ecd42dc2aa5d740f6b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    61472283794855d51a462c5d088859a8

    SHA1

    b63d1096cf5f5befd202fe4218f4bde1bd28d332

    SHA256

    1728823e971b7e9864ab605a6dd7e8a68d38f179b9efae2615aec97a80dd4f46

    SHA512

    3bd280181f4ca49ce9369143e0c8da9acd41c2223700505ed98dc686be18016d8f2ec780ac4b807433d0e8c9790b4a00b4d84c906e7e32fec8cc6bc25a346ecc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    552e94e48c553d6cb5ab03f1cd5990b8

    SHA1

    4bd2dfbf2ed607b9fbcc2db9b5029b00b214a702

    SHA256

    d39aa1db56f8dd28b48387cb6cd994d709d88a766784cfd710c085e019ad73c2

    SHA512

    64808719ceb2b4b253c45704afe22315efd80337a661498fb1d8ba9af69a0b0064563916b7d71a7507338a718d4c76d1aa2d5bd72359aabaa4a64d98e344561e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    459ec364701e92961dfc1cecbb5f1c14

    SHA1

    ce39fe5bc5e5cf70f99cc75ed24570a1d2151d5a

    SHA256

    82f0a45b4d406f77b1e4e587a5be20488fdac84bc5d7585b550a277e7c55b0c5

    SHA512

    0faac15b33975143069568c118d92fa53212d4d3887035fe7cd6045c6c1d1e7bef92603d4548dac386b0b4ace13b72c8cd9051cde8be210a673a1bd5bf7edfe6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    63d09d761f0d8121b988971123d68ac5

    SHA1

    edbc33400378afc6f48d216b0a76b8140f4ed91e

    SHA256

    88e718985084b9885e898082eda1e9c7373dcc1fed77136798052576a8173059

    SHA512

    8329f40cb2c1f18242468677c1481fb05728bd710f717b8deb38bf1dafd76b8a498f2b22378c7ec3d54b7d3828b5c483e28849c0e35382b3f1fa1dd002561f62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    df71614044f885919e55d8c434a04ed6

    SHA1

    55cc531801de69576785e703c6522e14d0c673f9

    SHA256

    b060bc83c4bb358abfb3fcdb4f9dcce590ff37f94ddfd782a519bb715d1e919e

    SHA512

    ae645567ebfa3fdaa6a2e50394f01485660e049186260ef531bc58a9fe61d1e5bc6ddff0a771dd9caaa500b905dc200959affa818b21ff6da4bdc3751ffd31e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ce9447d86521fbfa7542fc4b18d8afea

    SHA1

    cca6b6f39bb6042ffb552609ed7e5c389a4dd896

    SHA256

    b9dd33f69f88d1e9f08f5b797289dc11b1b24dc4812e774697ee64913dfff750

    SHA512

    d0fe9464b4e80282cbb8e4b9e378588a69ab4105031d02ebf0d8695a9e9e6d389218f8261510ba9fdaef3185e0d1fc9779614c5725eb766ef2ff8cf393f6e602

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    65797a00b46294c560130a6e5d285603

    SHA1

    c563e89159e70a3d043b23e53baedd0eb44bea8b

    SHA256

    405a97ba361844a3b2bb2a4b2cf1e3abfa46a22f7af0a982c7bb8058845355c6

    SHA512

    21da2f2074ebc52abf199a270233b3830d0768ee377d86a97e00c9fe656967e6c90bd14fb450c4989dda1b0df8a9262be62ee68dbb3655b577bed5f7a1dd7f5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c48cca894d50ec199b5953539b899a70

    SHA1

    b0e85649d8b501cec9cfdec1fdefb48aec5dfb0f

    SHA256

    138464f536e34243073ce41945cf896b4b94910f94acc9243dacb4bd38937e66

    SHA512

    4121483806d1679045fc3cabc507214ef0a0850bb80023c272ef276bfbc1c86b60457987750bb37dc82a139d435d749f1de544f5825f904d8e29c29058c240af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    63a1b969c36506aa931ad21fb932ea5b

    SHA1

    92f208308a0140a92e45edbd6fee4fd3e9d811a3

    SHA256

    03dfefab8754ddf34a1f62c22e9e99a730fc115fe907d719df912a09d1ca4aee

    SHA512

    7260c473d8345107e9f1e78e31ddb7b91a70f3c13dd1338619cd32b8eedfb912f389de36404cc5b33438764a97d9eda64a78633a14c77b3c01bea17945747549

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ea1c76e4f9b0d5c4ed6cc6025eef3a1

    SHA1

    bcda3400b12a16cc6907b57a82b3c84ce45d0dba

    SHA256

    14cf5df515ee659924f6ca943c501bf062de60fc3d02065724f8864424af34a1

    SHA512

    1586388542466beadd0b1e42b47aa44a587388a0bec26d94a80f3f119496d6d1e1536f7a20257bcd440f68a370d53d97229e5f7c382d25861155b0f18a8d51a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d755d80220337acb06819c01399a1c0c

    SHA1

    e681edfdd413044a6b0984b82d74936390ffbc8e

    SHA256

    86795d8735830bdf2a78d48878c56ac01eb93392323da264bc5b3ef711c7c1bc

    SHA512

    adedeca53d7c2ac1b578386e8ed6458318d907d090b8c00f2af15b0532c958150c4a8dcdd2348a35662b4667329c4ce2c170277a07e1a787f2e1ec0617d260b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cf5a8c0e0d51d9da328617cec65fb54f

    SHA1

    acc32ea1e36f744f94c971fe1a77b0101b653d81

    SHA256

    a6a7537efaf4b1947aebe9854bfff8ac07b52cd3ab5eab1e4294b6c14304c2d8

    SHA512

    b274e1a5728a67394af028d975a1f22435cc7383eaac7983dba6876c2e1e04ff205ccf185393775d85d59b7a2f0461718615dde7979af14277114008987d4a54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    201c094bfd93e9289d8bae6489a443e5

    SHA1

    529361cc6a1dc6789e9fa420f469f74e573d6db0

    SHA256

    eeb5365ab1dc498667198d5e73bd0a52a0c15a863cd67be8c5f2ea9a8b3dd826

    SHA512

    3a1b8ca27e9f56fba506952e71742701f768b14651e9b3c1c59ee5a266fbf68f808b863b02b0ed3ec99cf88184bf55a6694a58397f965826ed16e46ded2dc062

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87da05c5c27894a051f45e9bbb97534b

    SHA1

    ac21a06e826e73e35c3f5194b1e5f087910bd58a

    SHA256

    15252c1497d025d01da0d5f2f7edf63194bcf4a085c7fb89fdf7767eb3268e51

    SHA512

    6338f2eb42bd2467dc71251f81c92de10b719805a917ddd21bf4bd0ac7b1aaee5e4b3d62c244c9f61a6a9fb68097307644f506402225540af774e9be0883ce98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9c5fa2c5aa49ee5aa41627f4f0b5ca3b

    SHA1

    cb610339e46f5187d6b84c2d8093211c1d0f860d

    SHA256

    e491ce7be131ae18b71fa620940b95e7f2dd721f87c825572a0e0636ac93992c

    SHA512

    a1526755acb76fa855241984186a155ec4ca3f4d67b498d82fb5577ecff01cbf7fac5535b1501c73bde540b2ef99462fc79eb7137ab4caa0b09b037d5a47c837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    d64a93dc9444851a0e02a50187b4937f

    SHA1

    26ac26fd6136ca27cebe1fc6332d9e80d459cee9

    SHA256

    b2bc4a8856e60aad803c1e0c77fe240c15e9b612246dcaa01789dd48d85fbadf

    SHA512

    cb55013492e6cb21111e179cc0e7e796c3afa02d597c56e96d20040a0e7e3fdf4b17e10c9832785c70bbc57830b2015f2b8ffe08957efeff29c78728ac67de3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab3E0B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3F67.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a