Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2024 16:22

General

  • Target

    email-html-2.html

  • Size

    13KB

  • MD5

    ef51acb1fed722c95d7b10c1233a7cdd

  • SHA1

    4c6a56b70ab75486872b08863e250a222443ceac

  • SHA256

    7d217ec3e9d80f05fa60e276eece23a2f639bbcf2d771cea340fc4b572800649

  • SHA512

    313028dd0931dfa56abf57dc8f4dbf4d4c57621920dbbf167a632580f51ac0d02303fbe2fe82d8b637ae11d4c24bc6f7db8caf502987bbc8896906901998ac10

  • SSDEEP

    192:HANeM7HKWkZeTMk2/e9lv6MzA58grwf9DZwIG27mpYlACFiwpYZZy2zHUd1iqdkA:kHKW2MlDEcb3l0y

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    ff04c2098335fc1acf704b9d636be1ac

    SHA1

    938e1ef759caa7a6b9de596cb613fe592aa286e7

    SHA256

    736098fde90627babf1fd156a92bf9a9bb1ffccecf6a8866693cc34e8cda3629

    SHA512

    50eb3ef9903eababfa330977bcedc422fce33ea72da08ceb7ec5ce2066ed6e7310b3aa705191a0e5a96e3708d7f3c76f486522c41eba56919451cf269b230a2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55b2eb940c9c596fd6a6f9ed470b5d36

    SHA1

    a92637a243556d7d13e4016b97ccaf784aa88c86

    SHA256

    4f1c53a8d8cea04f5165311812ab5bff4a33e83c320f0f6284557dd05223a476

    SHA512

    c5285cf3f35b09ba0f5c21982c53594e6cf906bf42270aab5bee634b4b7fdc4d6ea98eb53b54f58a0db25a98498d32477c7cea0e8a2f6aa4890186a539a33c01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6926c6373e54d6e8222ad3f086a81714

    SHA1

    367bcd2d54d55c772c9b94d60f2846938f2b9b29

    SHA256

    06f44a5c7ec579b2c00962231c3324826897e045f0683690953a61b6354052e6

    SHA512

    0b4fc81d2a1904731d3092b52e95507da2e52c7b204223b03bf837d16c84b555a5c46edfe14fa71858fe1d1b228e85826dbe581de4b3589be5cbade74f04262a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c03569c44365dc121725c85367f94f4

    SHA1

    54de51000508ceb603be9560ee5a2b0e49d65e36

    SHA256

    50aa1c0aab0241f7d84881c1af6156ae69c02a9d0115949d47151922720eb2c6

    SHA512

    28485ba216c8ba7518cbaddbf7118a45f2c38527a78c578f46f1f5b57e4523cb6c282a52211e44bc9ab48e21016b8653dbed721253b8b5d9c2e8aae09fecf770

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bb55ba3bf2c6458ef991902735d53190

    SHA1

    f34707653e746d654ded2aa18748c85368e21600

    SHA256

    b1f5501528b04037d2f391c2a4ac6825f1c1ebdc2df961a82948cf09f7284ff2

    SHA512

    8a9601e9ad1d74c23692fb0d11c91dd7d3a005dfd4a8256725f6832b6fb0656e5acea9aac0ce0321fd437a7c42e39edd148d913367d7149d7c4b329e93b62142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ed2c0d1f1fc73b63f54af407d0f4bf1

    SHA1

    d17e96ac566948e2191104cca3a54f4b1ae692c9

    SHA256

    cc67a2dc997e26f5f2a1cf3263cb0e59a082c23c9897d7098c3ece9d162188d8

    SHA512

    d2c8d89d68ba03501eb9fb49b1b5c4c371e7a263828f1cbabce7945a59451034a1bd9a32eccba76ae8dc2a6a931c1014b493ffdbc5bd0a652e2fa5ace7e9fe6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0a452bdff58634d5c32bbe4ecc8cd6c

    SHA1

    2e6b9011eacb0c8838b8dd63b33a139d4d073a26

    SHA256

    47b9f9d6f8b791aafb516324b04ff26b4c08f486215771caea78062597ec6c84

    SHA512

    a31c41b5f03a62bada7e68890b82973f0873a58d3db7a7679d3364dfbca7b97bf428389fba80e2ffc3265ca61c4af2c38feaf70a1cdefa839a7c71211296aa3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a2e8536b15a81fc6edebf04946ce2323

    SHA1

    1e8ab5ac969a5ba5bc8a9fd2d6be06d7f00549a1

    SHA256

    0cb05e22218fc4f774b67bdc111150988138563c792e5f98cbce4cfe4260974a

    SHA512

    899e685f490473de7ba598a3d6e056a5425db90f20963be46a14f54a1a88afe77ab5bdb8b03178d40769dd2bc996c74cf8589cd813031639a243336d9a1e3291

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ba14c5f4b04b49c9c909910720b874c7

    SHA1

    cf1a4fd44126c79614b94dab8917ebbe48c416bd

    SHA256

    70a9cc75617076d0190baa1746fe5e7b1f8cf537f4251324a07e725b9738948a

    SHA512

    5794e8c1821afece4239f784c92100a5a079bd69de9df3effd8b70092999c924fc88f8b0ce2f87402d67eab2266bf2ea2c3509599233add0b1bea5e8f09f9f76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1dcfae5cc0cba73f2d7913cd6d81d2cb

    SHA1

    5ba08c839f3d10223e633661c0bb216a9e1a9605

    SHA256

    0b7026bf23950baee314761600731ee5ef98ec772388deea0af62f3f5d649e5e

    SHA512

    c51d17bd772ea2d8dc1cc2df791ac95f4e10531e9c6371451a961bebd779a61ebb89f4242f3cf15815cfe901c205d6ff10f82e225925ff4fd911a17ec2194def

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eca4662dbaf03c34bb18bae4021e6a67

    SHA1

    1de5945564f3eadb78d94514558dda4f20588ba6

    SHA256

    79bb84ad4d85cd85ff1c0d5ee1b17997d739f7d323408abc9f80011179010212

    SHA512

    4b8c177af7226141f48450465ef95a7a7a0298f2f79df12a8e8755b996d7413ec781cb245e9702ae0fb0d5bd38c78e60e0993f319fb2667db513ebee35f7681b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c205fac13ea89748f7685615a062183f

    SHA1

    1c289687bf80e8d491406792ed4b75ae1636eb0b

    SHA256

    fc5b0351b9cb191c5bb36ceb0a2b4a151fcbab9fc37c90a781fdf3e0d047c762

    SHA512

    cab10814dd61edc297e5131afbd3f28bf404a74e60fc926ba48536fd917d922b573751e18394c70f563f41dffaa3fca923fdc77e60e1ea812b907b2b0bf26a52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e81291d40d60216dcaa69fa0b956580

    SHA1

    415a8007672407a1d08e8354fd44269e4942b22f

    SHA256

    b76fbb7cc2e3f181c2e1644fcd08a45310fbcb970c4964cfe5d3b8f39c4338da

    SHA512

    30f0df08f5497628b578aab889227bcd7e0d211bdb9a862c686c89ec2e0a272edf4f89f16df40c0c4b8160140c0129443deb4964ea5ae81c73a21c7201bac142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9c3582f2c06e954041ceb734ac28e284

    SHA1

    bdc5060f75b1beb4d71d1d460659060462200394

    SHA256

    8c734d8cce8632ed75819cce90c6fcba0cf74a3b23607602c6ec2a48ba4770bb

    SHA512

    28924e6b50a270a2434c0e8f03a0a85173b532f592a618cc6c54d89945e2e3e2a5ea40d451b076476fa34567324fb8b6e2186a51ab4bcbf54b3e9a77a6cfc832

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    691960f94605be2ca6a0c2b4f5005a93

    SHA1

    a0aff63c457f91721f49c306a9868cc43feae232

    SHA256

    c759608dce37746efa0abce80f37d553f0cb5b962d9d4c68a855c54302a8de40

    SHA512

    a01f45e1a09c11b50c18acd464c00f8cd3f0483555d013d938a129b7d7ee642eea34e716fe8f202791ae14ae78e0b7885e9bdd5bc77cff72efa5b29375c82bb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6178279ab3795e8c9357e503d3f277f0

    SHA1

    c6861c039c160dc149245cf0aa83cbd1cd33eaa7

    SHA256

    59968bf4070eac765da269fc99b37ec9e33d58ee84ea2f2a035e770723f32554

    SHA512

    c7e5f7200ea54ef326f6a4cc5fc9efcba278e26de748f8cb1969b63d08cab1b2edf4b102e63c622f4c2c3b3b757634aadbc3fdd14f3eb96d2e7435acdf5fe409

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c8191a6d1eb8424662a4cbe42e77ac7a

    SHA1

    e14c492e35c23c5596be77b2eb0774ee2b2fc59a

    SHA256

    561a6acf09a41cfb08adb71258960f3af54eb85db0f4ba2bb62950d2e7329ded

    SHA512

    66fc6ff90035dfa0c0e847a2affcd9234a3df488e2e03022fc7096810e87ddaf430d2ca073b2055efb05bb7172a64f42678ef7208947fdefe700c240a54e01c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3775c4404b03ecf3f5472d056aabcf97

    SHA1

    c838ae848f49dd317ddb29834e83becddfb408f3

    SHA256

    c1a5fc83afcafd30f6772e93a642ff62746533e819a8a2b773d0ebd8b000f73d

    SHA512

    3b73dd0bb273c573058602468ae6072c25ba9c530ace6627888239fb11523508191594f6b6c774dd7bbead786ca2148a84862093caba65bf2acd43a59a92ea92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    65c873a6348183328e417d7a0674102f

    SHA1

    df1d61d325ab52f6444cd6e6a5bfbd4942d13e91

    SHA256

    4f8de667c60c6f1744483462e2de1814be4feed587d211bb16308ae453b63428

    SHA512

    d6069751e10d77f727885d1658a358ca809590c80bb20296e707af8b8a34bd39e74c4eee3b3d56fd82369d8fe11c536bb9f081b0dd2948de8eb4bf00dd7aec7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f505cd1ea4247b86e65f8d3fc31d88e

    SHA1

    fe658384f1b14a3200745e23a410ead26f69feb0

    SHA256

    89e4c6fe190e4aa679fb05fae8ffb4356dc0de4cc89d29303433c228c22d1344

    SHA512

    dfa21ee0e4b75c4b6b9fb49faa839e2dcde3e397f334629586cd352e0f0d8621f3d13c5ca35ec47f6a78c72417144bbaa2551f457019fe70d7b6b6af26eacddd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71383bfb99a86a4f31256ee82f6e95a2

    SHA1

    7ff58157db4beb7381b49d87501ebe2c08d738e4

    SHA256

    946f3978fcc5f2d53db4ec4b9bc2f9c87d0839628ef575fc202e5bff1b4cb67b

    SHA512

    02eaf8c070dcc8d2f80f6d722b428aac22a683ae69bf097b9021da98101396edc13ce1d7a8ce036721c740c3f9947e2ddd350df00e87daf9c420e8682e685ae7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3bfddf462d05bc5e55beb2feb32651a7

    SHA1

    97ee6557451026e7334b4b9f2a78a8ee90aebda5

    SHA256

    00a1abb1c412451b9c86c31b5f0295ba0b9c39d4fdeb205de11f0c0460888fd0

    SHA512

    b1ff70e8ecbfd1daa080869e25c95a78fc95e4bbde8d9302794c100121a666c84cda33e9a1aec6a97bc969c3673829daafead18750ffcf94a12c3c1711254062

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55505cb46f4f16864b1cdf4489ee4045

    SHA1

    29561b7258461b2301747aa4d6b47469e0d15c76

    SHA256

    c7c3d8980bdfb92e5c1fb0fe589d8f83dbff0eab8428a2fa77519f6f6867842e

    SHA512

    af5b14bed7a2e5482dd2acc136afc5483f0327c79f88a6be23393fdabfdb6760dc8f539f7263c59e617cf62eb533563d45a29ffdc9ec79b2bd73244257ffd8a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    83023c467bbb950de7ea08227da8c88a

    SHA1

    2025d1377473f1b81d9cc39a5c3efce0aa0f3853

    SHA256

    3d1f095585431f443ed0501f45f7a099493402fb9ed08871a710bf40ed5d75aa

    SHA512

    68e82d2a0c45f6ecd67e40ef7dbed21d08d9c8ad3fae446452f346b0642b19a2a0e9d6505009175d90433fe9994845c18091fcec674049e25b90f828d31836b8

  • C:\Users\Admin\AppData\Local\Temp\Cab5523.tmp

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\Local\Temp\Tar5524.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

  • C:\Users\Admin\AppData\Local\Temp\Tar5664.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a