Analysis

  • max time kernel
    142s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08-04-2024 12:04

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    27206d29e7a2d80ee16f7f02ee89fb0f

  • SHA1

    3cf857751158907166f87ed03f74b40621e883ef

  • SHA256

    2282bc8fe1798971d5726d2138eda308244fa713f0061534b8d9fbe9453d59ab

  • SHA512

    390c490f7ff6337ee701bd7fc866354ef1b821d490c54648459c382ba63c1e8c92229e1b089a3bd0b701042b7fa9c6d2431079fd263e2d6754523fce200840e2

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZO:sFEc5FeWSPZza8yUMmfSHCHWJ4pps

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    52c798bb098f190c7e64abf2503832bd

    SHA1

    b8f0e60e007335d7425b221d479c935814845b7d

    SHA256

    a47530b075f194ee35b32dc841f15c75a36f80a23ae8d664d09e14d4648914df

    SHA512

    d30accda637442af72fb88f2325245f2557ead6bf69b3072dc06dc083d1e9920e4369df30898ee38f6767117d9696b20434daff11bbaabc303f7c690443005bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2bc661805de9018e347eba06c022c480

    SHA1

    f61c348739024a20b3dc88c40b5d1af94cfc6aaa

    SHA256

    2503adbface2b7e3cb25cbd3ae11a672786109e01ea933b386cb221f7f120a7b

    SHA512

    69e24e58d63f9cd93e6b17e85f998ed05f86977a1cfa73e6641b0ed3fe5f6a26aa68220e83e7bdd755c0d997cf48068f0bd5a339085725ff82fa7e78034a773c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    298d3dea29dc461dade60ac941bb090f

    SHA1

    ace632e45ca979a388eb0d9ba3cdf62e2114d37d

    SHA256

    be2bbb6f37c27c6a8256eccb9795ea092edbc22af4e9784155e32ca2e5e7579d

    SHA512

    12613c46e40537876c0eaf5ef2257a36da8752221d60d9b0534525c329343c2a52d253bbb07192b2c825157f8349cdcfef7f95401f2e7e6323d9058d481406d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3bb6885447e80eba80cde8e0a9a70adf

    SHA1

    dd055f5ffb88b8195d51d8077169a62d3cbbb41a

    SHA256

    759c545d3efa11e946dcf8d7eb55a6f2dcc31521d142e87076599b9cfed31b85

    SHA512

    57a0821c4d8b73020d41f46113b1263292f610e20c6b0907737ec621b76d32b9c303177a0e2517ce60fef6b02a9471a45fbd29803a4f43e03e8499a9c64ad261

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    1d3bdc7e62cb2cd3e97aca900914e36c

    SHA1

    f5c678fd8b1f39fcc38ba068c057cece5a42bca4

    SHA256

    5f450941728efc270f4a6555d091dd9ff5c6f5566c30669285f55c84db940e55

    SHA512

    2cd9f6c93cf46b64dcfc8f31c959d07c5b1743a0c50767fe4deea89ef5cd5b26bb9298cf06cf50b41ce45d74d20da8c90a163d96bd54a92c39d19f0b7b840b4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    16d276779c532db502bd1e4cf659cee0

    SHA1

    4c5b38c35384b7fe31238fc609caf38ef5341ced

    SHA256

    2348f04e623f1f376e493205de3f3ebebba3a7e51456de973ff9fc14b904ff85

    SHA512

    3c96c9cd9906d35b708c3f165b5b717d2ebe5a5c437f896b1d74e017475d9cc86b33932eedf1dbb1cd05bbd4241ae9f73fa287549ddd0a803997d3c1df58fd72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d9df248d3ead5731f321a2eaaf5682bd

    SHA1

    51bf85d10081f693d35f336bf99af756996e2eac

    SHA256

    c64b993c2e647c1307bf557836735c4cc6090e923a1f4a5e7a76268e1b2db43a

    SHA512

    1fee78c48e78afde194cfdcebb4f66ffd1dbd925c614f181a9ae647c76d4d6422050a7b15148011990a69ad09c53eb5f2a3ed81b3d4d0ef11751d515ba6ad837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    722f6ef0c656feee78869253659a1b05

    SHA1

    4ea43271d7f826d4934183f05c85ae4aa1d6fe15

    SHA256

    96f6ff19969218375739a833ff66013aa43f68ea29c45d4176bb09ed4dc777ae

    SHA512

    36123ba76360370a9a9ae8fa9e9152e4681ad854c6b0f0a236e29011458d35aed6c990567849933189244a873ccfd31d7de7d50d8c08a21b69e9684c8ec5698c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    667113888746866f88cd58380a2932fc

    SHA1

    5eff54498db4ba11eac6eab1a3b6e3a856f6726c

    SHA256

    65379566ecfa35ee5f2e0e12f8999290e59764ad95401a81b9473872e4abdeb6

    SHA512

    a3fc2d3a5ad04a84b1645d49124a6855aa25aa27fd0b32df17e332351d07e3476e3c8cc3cc2ca39888d22ebf37658099e917572c13d60ad9cde0164476ced299

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8263204afd609f5d9cf1d21957ffdbe5

    SHA1

    00d349ae9f7f1c12577d0229abefbb7ebec4cb03

    SHA256

    66cdafeb4f455101e2f500937367b2d59540ddf20ee7a50f1520a5b6203c85c9

    SHA512

    98e833926fb151e42353c7fa75f3a09c9561d154508b6fa2f865e579774fcc9f26563a2e89c6ad955f35f2bdd9397e2e8d6dfc1abedc91799a72bcc9e62d4c69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    536ddf53c3d4a2ad1d3ae7b9910aa308

    SHA1

    cf8e781f65f86f6a2fda2d5c841f215d2a51f576

    SHA256

    c71c4d56a389998477b09683940e8452f2dbc7748cbfe716de797c7ee5ec465c

    SHA512

    dc01f6fb6be74088edd3d02fb836a8bcf55cb105c13aa1bd80be8c75f9c2850db665c2caaf51d10485aee40ba82c10ad54c49e2da0a3372f88f92e9d17bbe958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c90a77a95a61cd1ea0b37f0db47fa81d

    SHA1

    cdf1c30eec6503c4898e67e2c5a02c7437a04cee

    SHA256

    68c0844d20553e89e6f308d56c352c11f3de53f5383ba46f414ede7d0147044e

    SHA512

    d9ea24ab0d046a63557d1e34443ff01677b0728920c3cf267e86af3ecd6927e8b3b9d541aa06613fb87ae49f04a23ec0036730dc3af4e96275a97ec6157708df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a799e0c9a2fd3299771bfbfe5065fbca

    SHA1

    ae2fa948b0bb787e7cb0e9035dfe1b19b28d0415

    SHA256

    b33ed6a5736bbb2f1543583b9ada0425d798acc95aa12bbf86bf645a6a3db548

    SHA512

    dc9c7c4a8dffe46eccac0edccba9f97010a59db5bb1a117a693fea937d47c18c30bad7610344377be517e13330f8be53a59fe9ada6874d9ce3aa1ef1c3f04b1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2b1d0430168a4a7fe3492664f1b5891a

    SHA1

    eb9af0fdb89559da8d9d3a7147829798024fc39f

    SHA256

    fab28e077a5fec4f340a31d468c241d162e4aecb190797fc965d0d7496b02e6c

    SHA512

    9ac044059f6148f3fd0cd18fdc2d1ba38649351127476662a0f0e5f753adb42b409bca88dc95cbd87839a415870cddc792821b5426f967e4fc3c0d0f945158f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    29130adff8f2f0727441ec9bd677a0a0

    SHA1

    5fe8b14ba6c4268118e5a4cd8245777683b54822

    SHA256

    61b9bfcc2b18b93c99518a6c2ded7ebc3ab178e3f506663564a3f496246e2141

    SHA512

    489bf185262010fe61d6bb74c1f16cd3ecd86a5fa073ecdeafb8209d4d73fd28541701d366f68c1e6f7189b5f2f02ea3dcd9bc64967e2713ef587c3c0f6ede0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e2392a7647fb685b803c3907dcaef291

    SHA1

    e30b3451df3e9c23655947ef7d4d0589c72f5d2a

    SHA256

    d9889f57c4acf1247ec6d4998cf255d7d4c488b985413a626780864a8ebed31b

    SHA512

    d97c56eea99cef8e949f6a4336a34c1505ee50929acf9d1b5be9a550693c5d9a010a191719e0033115d2d9f2170ab36189a65afe09748802cd532b53a4669c8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    23ad7801f16a2094fcee8cf741e10cf0

    SHA1

    9052ec7a2f154732ed914db22da6fbcb3632300a

    SHA256

    f3f9362bc92a7c45fa366e9ed14fc72396c255dab453d263c8ec2eb9123772d0

    SHA512

    a33dcc20899a4b30cbd5e19cc92935395c522e347e2e1795d277fa7c4f7c8096a3f02b14f9e60c4be427d312b0590fd48fab462a15adc2d59d794d7bdf50116b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4e1ef417fced7f6dc280a7605ae0c3b5

    SHA1

    c5a1e958ffcc4d05a665b0bb9bb7a3c0205e7f70

    SHA256

    47e44254f70b296e725277772d6d8c5ea408ce84e6e5c60926acffebd898c926

    SHA512

    ff0d333353c89e04449b2b6aea3f9b6317d3353fbf893f677268e30603628927dec00f07a1051e44871525ce67a9caa36e0a8c04255d3ab3fb7ae7758442af0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f23982277fd1e87579cfe2d9e8a3aeab

    SHA1

    247c2139c0f0a11f07ba8ea9aed31123a7ff3391

    SHA256

    bf4abc55c3e1e112c5366c23fbb43e9ff250c1515e3a3c0ad8a0942c9a861bd1

    SHA512

    40dec6d203c06f9f517ea74cd50031f80b7f2555660656b40ccef3411cfd53b13f3fe3748cb85a6c9d0077e2533beef205e4f4c0c1c2d0b2d9588f456414d608

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    58dc807019108532e09f4d98d31b5911

    SHA1

    d5d04af9c563d98ce9f949506bf12c12c8eff900

    SHA256

    2debdc5856801cc0d2ae06f09c3778bfa309efd682db8e187177e6b646960dae

    SHA512

    58395d834e8ac0ea9724f68cbdfda9310473fdba56ef6525df4416b4ff7016b0f9921e5aa80974a64f2ea90afd842089c4ce44ab0fa3c403f5fcc23732426e80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    717580fd296f55e2d59267e97b0178c7

    SHA1

    8a8d64db3e5df16ad004cf893bf2b78db55077d6

    SHA256

    c81292cfe3f9f724eec54c22e5af00df3ecbf50f9a714e0f972c714a739d334f

    SHA512

    a8e3867b81b581549dc12521f26234932a502bfabcb5addc0ba770116689543a673edcc345b9b58a443e84fdbf76901a7edf0b30ba4a714ed33043970b14d0c5

  • C:\Users\Admin\AppData\Local\Temp\CabE716.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\CabE832.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarE866.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a