Analysis

  • max time kernel
    117s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-04-2024 08:34

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    4247afa6679602da138e41886bcf27da

  • SHA1

    3bb8c83dc9d5592119675e67595b294211ddbf6e

  • SHA256

    bf59a74b4404aa0c893ca8bbe636498629b6a3acdff4acb84de692462fd626e4

  • SHA512

    ad3103f7fd32f0ec652bc7fcb8c303796367292a366037acad8e1312775cdd92c2f36ed8c34a809251ad044508e1e7579b79847de61025baf8bda5ad578a0330

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZG:sPMM5FaWStHvmUKItmfDTeHiVQZp4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8b3462c78dea31728aa99b2777b8356

    SHA1

    33258a3143e1dd52b44890f4d93d63d6dbe0dba1

    SHA256

    2ae6e5acd5f18c1046e54143cb1da6000a7c3d2a6eec0d2a94a443d35e58e88e

    SHA512

    8c5a84df2fe9e076e6f80dc46e437fc81aa844b51f086d26d53c2b87a74784211c8e52b705370d26c7a5fdaf26850dad01e1eb9fd28d2ed3300bae806cc557c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c250d5cd045cd61e0c4009d29fc8ddd5

    SHA1

    8af06bd2d281c2d317091efd693581238da49f1c

    SHA256

    ace7dff666c3248d44c1d6b3492ce12dd01170cc0463161358604a24726ce001

    SHA512

    9d81813c8cbea3f8df59811161e6ee24f1eae183982490b8d13a7bb2d1f03d335232deb0e71a9e9b66803221cf4de1614309bd99532a552096fc0256734f6983

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    003febb56e7939dd3ccbacb27691e905

    SHA1

    dcbb3985ee56ce0a149d859492e5cc16bcad7d36

    SHA256

    20186cb7a921a984003303d6819189e9558ea13fcb04786befe6c61df643ba44

    SHA512

    13782890c2b0490049ea7d823fc8de7450d221d09e995ad81ad5f6853391bf5b581be52acfcfab9520c010512d0c68e8d4851079a532ff067a2190cdf756dade

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2995b9105b99e3223e6ed6a1d6962319

    SHA1

    f4b5974bb2b50548e40a03c393fa26c04be6f747

    SHA256

    568dbde6c0a2c3bc7fa4b89d65f3396c1c49b555431da026831b7e54141571bb

    SHA512

    5555e79e14752c1eb6242c55e5aa0dff8b7df3553d70a62782327d6410a6f1e4c2a34b848218e5fd1c541987df76d2d65a4ab727b3796103ff7f5e02c7aa8872

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3ef4708002925de8323a82b9de772a45

    SHA1

    afbc4ebe0f8a0fef0b20ca29293a03b5ff5526d7

    SHA256

    fda94521be264bc37fb4b5d14b73d199032d8cdec0f6764ace5ddea7b62e85bf

    SHA512

    a72fd6492e7f0df16b73eb8b3f92ed093977ca9f6bf482676dadc0d06bdf767fbe8f71953e0738aef0afadd1ec91ba63ce8c76b80fbad05c003a4a089d5c0f96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    50938453e361c3d6ea81bd3ec112b6d2

    SHA1

    9a1c0488d409df8108ff67bf1e2a4bbb5b5e3e01

    SHA256

    6a424e9991335e29adfca783a8f814ac2df89d3116376c66a989fb11c5b15791

    SHA512

    7005128dcbb5d6ffd45ecddd6abe6dc7ca380e5a189cc820d9fc0d85041f5f0c382d11e3e9e1869edc9093896f91cd0b829a7119915b17b8e5df75613781d439

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7d99b890738266ddcd7bbaee79aa8d64

    SHA1

    81781cb642fcb28b06411d1b140e49bb4f34982d

    SHA256

    7d81ed8e83631d87a4950f29d45bbabf2c20e49c526ac8cc9394f5cf91afa322

    SHA512

    1032d977b35b578f6da7a6b888c68747910cfd2b59eac6e68f4b8cb184610eacec3606fadde6f13e10ac6273ad16227c493bb797826fe22e3d213dfa27deddea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b614e9fac5eda3b7fb2db1c93771014

    SHA1

    aed142e933f2f3c44a0d506e0bc06232df1cc172

    SHA256

    b577d1adf7a7eb64ab74bc9585a3d48ff4908fc9278aad11040d364ed40bd3e7

    SHA512

    a4378c8beb3783de82695626e320bae46b0dfed1bf486df9d17cfd907575c97fe15a1639af3d5300bdf97cc62142d7868172b5832fc878097c6bf9600c7da756

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e2b93ee3b7078aa66873d9361757ebee

    SHA1

    ad58efa5cc0a7a89501a306d3de781dac15bd0ba

    SHA256

    886e12c9e1f096a726cf4bfa807e6daf74b2b8740313be5d6de77d80ddacc3bc

    SHA512

    b5d5c0ebcdab812b3154bf25b907a94ee944ca842186c09e7ed657caa745ceb294cd931bd52fd1243c0541ed1c7f68eb36ad90132883d39d5b60bb5d8b733a51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6f77b50929b4c186899a876518cf8310

    SHA1

    1c766f62b44de66324732b30300c3eb8837599a3

    SHA256

    ee45a13e1ab94c0532f89c8c6399ec78de318d694dd658a948d784cde67ece7b

    SHA512

    74e52d67e02fbec18f56854fb88c5170273578258d21a850c35601b2ad59301af70d36c9f5baf2624596bbe64e67c167e8eff81192015a5712d4ad50ae1585fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    22de842b0849282467746fecfe583b44

    SHA1

    59321fd5da580e3732de24ac246a73a2c7db999c

    SHA256

    f444f1fb14a2c61c89ef1f88e35454142c8d20d6f9fe811387f37d6327a9c5cb

    SHA512

    268b2e15af1856051225fa7dc927e6649d304adf170b661f65b08e5c65c59ccfac3cb5c9c1d4be326fe4d362e062e78798a10a1b304628e481daae4cbb4c024f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ef4bf7dd6ea9c22b38083aa21289f4fd

    SHA1

    29d1cb60b11bd0b092d51291f98140bf0a3c6083

    SHA256

    e40fd0324c5c4be4e2b46fc1c71812a2dc816c9c464e93a28708b59e806e02ca

    SHA512

    ff0ad9ae70e0940b2cc7d0e89280f4c63421c57d7ab4a63782e3a4adf0e1af7d767fbc043f9b5d75c23789d3855961a59e2a9daf6b776dbdb7e41c5c62aeee3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    600e2c19e11fc58276117b1261158d54

    SHA1

    fb1fe79a322bc06af110daac52667b127fba73ae

    SHA256

    4f409bc4eb73a05ed6490da5cef848d71f4f0dcd42bf113d9d4958c933f41e38

    SHA512

    2a95e97a04e931834bd0c7512ffccf24b32eb511223e04c1a2013570d3bd560647a58410200f9ef9c3d251f385de25980673d7e40436d64869b107058ee4ae93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0024e98739accfaa54fd18b484f76a65

    SHA1

    e099798d63e703125855da159c8e4eb854e72528

    SHA256

    556e0645149444eb70453166e46e62770228c98415988eb0fec639f88447bfa7

    SHA512

    640536515792c610717ed92e79b879a09db75f7f5346ced9ad62dd267154a9740e568cc7405567b7988f42fd3e19bd3eaf82a080b9afd4a3638191a733193b01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    98bb8ed7c41763dbfaafb7037d7f172f

    SHA1

    afdd07320a98e705d479635af32629b525ada46c

    SHA256

    97b4d7fd5a785b36e76abe9535ff679164a466b67484e44af5d79e4629a470c0

    SHA512

    e5fde2dc852739dbb113f11416f052621e3fcf750aec6132960def3a3f9fa962c5a26ce0e70b39c7c746245785e2f86b2465bc4fb2ade1ee898a265934306bd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9124d72600c56fb793bb6378c334b4a4

    SHA1

    6cd8513ef7e6d6fd9ef02cf99bdb4b0ff3225485

    SHA256

    6504a750af870692ba085786c34267c2916914f790cbc970de3535a666844040

    SHA512

    f5ecf1b9f16dcbbbeb5fe00c9be2f331e77fc6b228c0838a3ed870d823198cd98b5c4e89a5a935d5c599cd23df7a057f4c044ed5ba4d5ede9b78e64c2592fa0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    680642976dfa1315d8078264e61aff6b

    SHA1

    6ded8b6fbc650892e1afed0ecdef2e34afb9e92c

    SHA256

    bad1c6b07f104a7fab72f34e5d305a0ccb89d36f40ce8ab0174d77216cb552fd

    SHA512

    42a91b4fa4133e103c71e079c8660308fb85376dcda1f2c8aefd9a02ac321298c62520c5a29aa78512098b70602edc8c026b09a57c73b2e56dc36b1d3d0398e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    002fb6296b7592d16f042a22ea6dfe03

    SHA1

    b6ed8969755bda49548baa5708293fc1ae7ef2e4

    SHA256

    80dc6f86572a893a39e9b95b648d43bb3ecaed446663d5f2a24fb6c271646b23

    SHA512

    df215c83d6ea23b57cddd757642287a5fe960bfa1709ae32e210af0c62e454878b6bac18aa52dfc6367a1fef10e59871c92477ee4f563d3717e7460af0d7c51e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a3e84ae7bdfcc0fe2f3827c71a577c78

    SHA1

    413b1c98fdf5f94de5ecf3ead644a0463e8a7f71

    SHA256

    1524304ed184cbf92c44fb87a1be19ed1a9e80079a22aa0907c87e441b97beef

    SHA512

    13d572eb3a0269c9e817c6354fc5b6718174dda1111bb5deed451669b71f5fe7161fdaa1a44f9f5610e93e3db962a0fbb2b28e1e43a8f5503281e1c386217c1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49ef872c1c67afafdc61569fd617e925

    SHA1

    b89c7c9410d0aa8e25204380ce182f2c4a8b3a26

    SHA256

    c65c9787b1a45256fa9544816f76146199605452430c71e84b3139c6bf446262

    SHA512

    8bf415e168eee01c2d55c56114da0fc3eddfb25f08a5db59b5498572009f378ad497120fd1afc7b174639b6437d900f091d83daf381e527b9cd00edac6c845ce

  • C:\Users\Admin\AppData\Local\Temp\CabD606.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\CabEDCD.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarEDE2.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a