Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    15-04-2024 19:13

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f2d4a6b00495638289d4296405ac37ad

    SHA1

    6c933f79acaefb855de8653a7f51a5213f658283

    SHA256

    41037af907a45fb1fb2f93844fdf91da61bcaa7453c028139bdf5417470da36d

    SHA512

    236f524c00b0f7fc45db34f70271b66b3c6cfd0f493005ff974c8f3d4d0371b764fe09ab6cf02be482813ea95921157e88965fb73b00a9cb45737d206cd5dfaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8da34e02f6df99a8529319d99abd9ef9

    SHA1

    8ec2c82ee775075b906a49f8a3b70a4154b038dc

    SHA256

    a3be2f4099f15b798995f63a84a789311292e2418214ff69829efd5636a0c18c

    SHA512

    db011a88880bc00783f5f7ee5b9f3e697c7eb3db1fe2ee6a49264e48aec5937f3daf9713fb12f39d7bbf2264fe327a027f5b99ba42a33c0a206951ed47d2928f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eb38069ae3fa32abf13b4fa2ccbca3c7

    SHA1

    14c3f34369518bac3de8c6cb2b7de2f247f76955

    SHA256

    6a9c09f8cdd899c113d6db187412ff5df2f973bf38c4c8366f7f0bb375a07a9f

    SHA512

    9f97bbbca4757f7561ce105bcb4aac670db77ffa0aca3ddecb2cee1311f2814942ee2b7b98d4dc7e9904ce6470f904eca2e5cfbdfc11af7a0f96b159df58a8a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4a6600961d07f66325d22a2341c7d138

    SHA1

    ad86a65a2ba1f9fc5d918b1fd815f258d8e62005

    SHA256

    a6c1e30399fd77905e9ae32d5d04be693707610b55210bcb4eaa70a695e30564

    SHA512

    570765ebf48f5d0fbb749f855a737c733b755efe458c3990d28d8c0e822d4fc9be6296ea3fe60ae94ed4199105455f19926bf9ac4620297e62a34ff3733cd0d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0d14ac790cb305e444776bc817533e95

    SHA1

    2c2da1af1a15d78a435a0b35936536a4a32515cb

    SHA256

    d959d8615c0bd648b6f067b40c09ee33ea0de8b2e95ca04cbc14a4e14fda51d6

    SHA512

    63126dfb43199bc06d0532fff6ada43deccb9d773b8120a838a724387fbccf3f2369a9755d555f6e800fa77cc3b5449708cf7b2cd6659956de27aca2b9368ff5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    592777f44d6f8fcbbd6bbb04ec155590

    SHA1

    4bd87b37be1073ea8da727e8616b77526b215b74

    SHA256

    970340a1d1aa5f09afbb605bc9b30f73b6231d8daa9b2dfbc1e7ad1fb740f8c5

    SHA512

    149ea37b22775e5c362541e1816f2dedcc79078ec6687ed61921bfb63c33f15565e7eed17052d6339542214f3cd57f6b8aad7e4e563506214c2282656dc0b3fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d194cfd9464c6c882c5c6e9c65e61d8

    SHA1

    1b7a99340460970c5a45838d6ab9c0297bfd6895

    SHA256

    1a6225033e2ed23312faf083b7e70018c0adeb4dc4e6579f1f7197d237ca777c

    SHA512

    4546cd8556aa73660ca4eeca22d03115dac85f367057bec500eb38773c495030d21e0ad2d1af824edd1a8627f9c15efc165b0c8636f7471215814f7d7a087935

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d752f481cda8a8436d3f51cd21bdc6c5

    SHA1

    b92f6f16ad4d5e0902de2c43edde4687edcdcdac

    SHA256

    e8e74326be4e70268d999ab746dc6d89ab75001cd456ca0da9a6cc01bd722ece

    SHA512

    052a405c8df5f3b106e5097df4cd90bd7759101dc7992d570746c099cfb06aa9b2a388bae6b99836ee7ec3b1e54e86fdd5bc6cf1a1df4cf73a711c726386de37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff347a323a99a142ba186627405b1747

    SHA1

    ccbc016575fb08528667e611ffaa999cec84adcc

    SHA256

    d0788935acfc0e82879986ecb25227790f8aba37ee9110010113c4f7d0035787

    SHA512

    c40efde0a4b677a38bb302606234ee219ce6037972029c0fafe33c00949360acc486fa1f493945bed55291f28d206d7d8efacbd80fb66d3ee1246738433580dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    967f8b41be17a612592f0d9bfd9e5c87

    SHA1

    87c84e3341444ebcbb76ff86929110852662491f

    SHA256

    0f52f2a36a37382109e5695f9f9936c9b891470ca68febdeb661f953757c952e

    SHA512

    acfce52c1c554827498fe5635623c0753b886b166c691825fffe4a057c63e0adf57e02309c766df3e1c7f90577ba622b49d9eddf35f90dfcb98cebccb54829ce

  • C:\Users\Admin\AppData\Local\Temp\Cab2668.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar26DC.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a