Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-04-2024 19:13

General

  • Target

    tbu03852/static_img.html

  • Size

    503B

  • MD5

    2caff3519f5be538757c467d4fec4756

  • SHA1

    7e77344f049d9ee4d216b6f412c01ba28596773c

  • SHA256

    e94503ad0ea2a4f7002ba70f57e12da9daabb5037b6bedc7725d1fc43a487415

  • SHA512

    029814dd117053d03acc6c0cb1af2802256149c6a3588cd41334deeffad6095dc16386887e2053f288b13a5ebd3599cbf9c55c194fde81f3df77045d2609a467

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_img.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1692 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1d188887d5c088d60f78c926b7bed93

    SHA1

    ed766540ebae017373837251d5df8333922163ec

    SHA256

    7b6b54e9e0e9626b1909721662e086f4b33a6c9421bf5f35c26bb178c3d2938d

    SHA512

    f43d3fab81614c2c5a03604253a5ec36ff5db7f3cf620216517f0c901c98bd090ae851d57c6db805b4627ff396826b3872da937a36ce595d2522933f9ee24c2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4279f8dfdb0b2e2fbdcd91d1df9b99e8

    SHA1

    c726b49305a661ffae19e491b3db76b9e3602298

    SHA256

    1e114463d080b07a049348a99b257aece11ee50d76eedc5a9364f42151e667c3

    SHA512

    31a34504457eb2947d0cda55a76b33bd7af759e097d7ebb8eb6e7a06301d067666437de05bffd368b1122fe3c77680287b2095adc013d6d4f98963c5682590bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5af96deb99785802dff3c0fcfeb828e7

    SHA1

    ab8e6479799c5c6bf28689fdea5194a2307cd4da

    SHA256

    0289d3ba2b5fef939253c4e3cafe29a64974e634776325300af32e530b540f4d

    SHA512

    2653fc0f6918ae706bf05be3116752b39b1d8a53fa0aa6c90f93e32cbbcade72ef7e4d37a901759409ed19eb67e2098aee6d59b086dc76315e3ddd87767070fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ea4cb040e7c767a1d5dade561122558

    SHA1

    97343c77ef55df2437455333a70babc6d048961c

    SHA256

    43747efcc1c47a618ba596f9f6194598426f97f364f2657f3f08bb1e9afa7030

    SHA512

    7c0ed99c8857c0a35ba91df90803f98a4f8ea6e85b3c116177dd05c6b6194988d3babd24b0baa082b40c7b6b110b52be3645adeef06aaf1492779be418558c38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fd73b5b06615d5414e71e92e0ececba2

    SHA1

    1b2cebc0709be8d0a1ae9f6574f9d8f189bc1fda

    SHA256

    19e174da16e6e6202160176960cdef0e826d3020688998ec5f7b7a270e592034

    SHA512

    7ad208879450900d95aac863a0becc3c54095245cd1bfe6aa5a5285112931cf16eccd8e06f57e11241af6c478e90ef6080ff23bbeca768c7522a5cf999454d8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3c63656ad2a46cbd437e908325c51c53

    SHA1

    6c9281d42ff4ff48cc0f79494331366a15d198bf

    SHA256

    1049909ff89b223f8f93df882463ffe95b96970084d2c5445f71480fac8c6da6

    SHA512

    f13a66dfd679f9978da828277d998fb4c7d16d7e5d52fe657ea1be01c67f17e84f1794153bd83df1ea54295c1bc71fcd8d75c919e6f83c1a045ec6344edbba85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79e375cfa927cd277dc70ec145e2c271

    SHA1

    cd135d8c1e1a2ef764daaa3ca5de64cf2cad7ce6

    SHA256

    37070257b2b1831359494c2738695b56d17475b059de6de86bffc77bbb355d41

    SHA512

    47b3e89c3aaf7248a8ebc150cf68b99132bd292931b4c1a41e9c16fe72f9ce426f2477d46d6414fdd5acb257026f01b3e68dd937da3dd23c876075e3ff1f7e1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88cb433bfec85b54acca3e0ddcc5f38e

    SHA1

    a3839582ff256ba0fb23925616726aa4275603b9

    SHA256

    cf6d98e90848d56362e9f61b54c602153fd297d816cf8b724987fbe0565164f5

    SHA512

    3af9f31855f1e02a3232eb54ef790d513c8f1bbbf5b3c9b7e0f6d0a4fdc3d2e370c649023445a17690e4af54f197b88b247c16be0e1ee3ac05a6941f54af07c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b618ed58c4ffee0866f9431507901075

    SHA1

    9a7d240823f33f778d3b406e34ffba686297dd96

    SHA256

    9588f2429a36187adef1aa4c026276c306c56d35a29c46b0de368967e92001d8

    SHA512

    e48312454fb496e93e169b76f857b0c8596efd49a6c31bab48dc6c0f72a48d80d081691793cab15c44f2bcf32d60a87e7206a7fac46e80802411d8ce65442a9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a62c3c75a611fb8ceee6b0b867d5fde

    SHA1

    4f248145e7b48c0e0378e5df002d693dbfe1feba

    SHA256

    42ce2dacdb0d98a48115947142c56167ea5c9064bca367851439e3756df92059

    SHA512

    683a9f75c9cc4fce20852caf8b876e9be8f34466eec4522bc4955534494bf519b4c80a133e68f3e0fba8d489beae5cf5452a2708931bc48510f5b6679a11c821

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    070b18a6f7ce4b1210d02188f35cd072

    SHA1

    47d4bb770962250925c2fbb1c867d932e90168ae

    SHA256

    929374451fc5ba73d29d8dde4ab87788f40092c520eb2a0c17554d63414d5b79

    SHA512

    d96cf8123a5d7353d3e055cda17c5d66c81f19f7013494f1056ac11b2061d59e1ea820407c21bd0c885afa47d48d0bf1c46c4d569bfdd8498f8c3c454f6a0df4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e54ec2eb5c059992ca06dbdf1132115

    SHA1

    5a572f30c1c49218f9eade9129d2e14f8d1b4726

    SHA256

    40faae9275c9fc358dafaf16a70d7f882cb4fc8a17c017e45714adec998487e1

    SHA512

    a279b45ae3217f37656ca138a8dc3bd20657fd181e47ff77788e60b4756adf4c5652d20e38a62398cef812d0b621308d2e05b90c81deacdfdb94a2560790d742

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9f01e281fd66bb6cf22917bc33767970

    SHA1

    939704ff9ba04b9b2c80552e8af49beab7bd496a

    SHA256

    1db912d310077fecd6aeb96caf5a4f916026b781a41fceb7e30637850834a6db

    SHA512

    1c40ff06ed8134ab098998716ca52c631bb29b6b4a282745b7ad2a62e6a2efa9877f3ffe190a47efffe0a250cbab195ac81900fa4c209ab6ef7fcf25314b378e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    57f99fdda32635d3f7f9f28f67521c95

    SHA1

    c8f0eccf428772d40f206e619a6d2154a9388381

    SHA256

    7d1d9cb40de88fbb394caa7c0dee0f157207cdd51715c64249d485b2fba4f75d

    SHA512

    8aa4520e1c8500c0dc04bc6d6d6dbda061212a7016ad0a5c7f280ac0caac01fcc9f44ccf3e576f1e80da8728d45de69aa327722cda00d65675326839b42c615a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    05353e2d90b29da6d25e174f52fcc2d0

    SHA1

    344a0c963fb2727fd5ef423e7cc91585abd66d98

    SHA256

    2ffd06b83f86d338f960c1c0424492d9bd6f099b87f09eae728cdcbf1ccbc3dc

    SHA512

    5b65bfb84f3401ca75806704edf68739104fa0ad2385a019b999652938efb587dc6a49e58083bf392ea6d5361ace771a7667cb8a336a4c124931dd1ee0f15590

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0aad488ba0f93e9c99052994c37eca86

    SHA1

    b0ffb9c9b487cbd749316ff4619225e6144d2511

    SHA256

    c199294b5a60e9e209e101ba81ff1a81506dc5b61fdd6f24cdea1fbd94c04edb

    SHA512

    61335f2f7405106611821f6192acc6179dfbe62ac5dbc383c76fdb1dcc9ce8d603a145e27e4f8261d94d59ff1342716f8b2ea53c882604eaef2cde82a96caac2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6d3635584043b2136456902f833032a

    SHA1

    36744952cae065654560a8ae4f1a67929842a32a

    SHA256

    ca321efab075e9e690a16f9b77f5400253e6b232480e05c5333de5485a20f624

    SHA512

    90fa0c193f667f7e90c17e7b97bf560203cb162ad5c9bb64036b97e9f747eb259061d1f22eb24dfc9b7bc3ddf6ad2a576bf06ae0f05f1407301658615dcc5d99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5e527a01f3366873561ac889ac0f03ad

    SHA1

    2b7d57a81cf283c1ee0071cb169933d3459fbd30

    SHA256

    0578419dc1b28cbe24517bd2aa04e93353a610f85fd0ec99f55db979971e662a

    SHA512

    6353044fc574a4a9bbdadabf421d7225c05f767d31e7876a2c4929cf0bf31dbeca51adc771e7200c37b8493e2589a4c0b533208fe904b21bdaf4f910c8177fdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    19368d5fdde31143a184e68b19abffb7

    SHA1

    2e7f17e62214b993e83657429f68997a8a47da9e

    SHA256

    fbc9db61b1553e05ac21f25d229137b94b912d514c0081bd350aee06441ca212

    SHA512

    b9682108e32a7e1519695e0f1ffef83d86ccb7ac3bd99af36dd2e58dcd04bcb707c249d042bd93b6b1915771385385b2f57548b60a454cac1c0bb3748d41c5ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71ee7f8de0aa35aaf9158c92f1bceaef

    SHA1

    c520e9c30f8db14ae45cf1383af18d954beb6631

    SHA256

    0447353ea9ecfe53ad7f71e804807cc04d65514b694e440f3f2347b8ae02aca1

    SHA512

    94e2872898fb3325821d9c99634e15302c376c8930d45016eca21f8a98b1664d415b07522b98597d2cf5a7e46546537b81bca38cd2d3bfd7cbbd078726c6c295

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    04b6a1fc200d4a269497802ef3240213

    SHA1

    fb1523a7083b4325572088333ead06775e84062a

    SHA256

    748b0f88815a543ec8621a706de48fd1f2d47b85c3430c201551dd9cbed14ccd

    SHA512

    a36ac480c1085a7b51d69a7391edf683058726bc5afb170e3dfa2218d9842e94f323ac6877dbe50ac8251f757bec7954886ba8dd618b8c3de72f11b14d67c0b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de7d0230b42d84d37582f53e7defc5d5

    SHA1

    b33ce9061a9b127187095d0058d695335ed6687f

    SHA256

    e7562ec5a7b6278626db6545bb2e0fbba59d5e6b9cbcc4e6ededa1f912dacc63

    SHA512

    202331c0ef395a1460ae58d4e790b2f00013f1c4fdc63a4431ca6fb19479c5c6d5a1f27f76acc7740e42f59f2d9c583df74aa70f1de63bdd006d135f5ec1603e

  • C:\Users\Admin\AppData\Local\Temp\Cab64CE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar661D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a