Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 15:41

General

  • Target

    upload/data/editor/plugins/about.html

  • Size

    1KB

  • MD5

    69f6f9e12c1c3f8f42893e320c19fa3a

  • SHA1

    9b5d785f88873e29e915df92ab560fb0d6debfb0

  • SHA256

    32c6bc9f842cde3d5d65cb0f27fb98dd3978a52086335d66c7c8e2d45aa670fc

  • SHA512

    797b4ff4cc972ab64c82d6be485bbc57092ca644106e55381af45f0197ef6fa1c4906b5cc6c8a92a0612d0d86542719ed02bffb4aec637674bd4d8e77ef71db5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\data\editor\plugins\about.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    852bf41c25bf94daddde367e4eb05c5c

    SHA1

    d1b32882b2eacda0008f9f78293da49138ee59ea

    SHA256

    6236bc43fee6cbeacfb0bd56ffe01812a253ba3e88425243898cbcc3bee75574

    SHA512

    115fb03d1cf2310630ae2132eeef1a8905870a8644c91495131d7a8efec2900f995cae7d27aa9abe6de71a5613422f1481696389e124af7e31f5a835472351db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94620e71ba44676cb660f4fdd4db7531

    SHA1

    f91170bbffaaf9d52de1a49d2a009c269f649e01

    SHA256

    3b9c135a42edf7c33b3553980a7e708d86b962ae76606c6233c9b9a94764440a

    SHA512

    eb35fbdf6059b9db21d54f4afebc077f4f9c61f4719f69893faf08350f145de86c4b7026841b6fa5b6dad50c82c816f9c07bbc9692f236240025c4675863d4dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1311c8559835269a20133c950319d534

    SHA1

    7f10ac03034c558b354a3c9d58d59f3acf5cee08

    SHA256

    b4188a47d9df702264505f394a76df783328eec266292c93ba1420b462b99332

    SHA512

    8ff92f5bfe89d815a064fea07070e1ec417d45ce6f72032fd3639549c5b122b2531e585b8ffec9515c3cc36476741ef6f950943b26173cb51d6a7869c5b9a823

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d6f96862f0cf3bd07a48a6a3be39b073

    SHA1

    c5de96da4ad25e0df561ed24262139609c7ef619

    SHA256

    31f27ce55b75f4641f6e160d8c0f850a8fbf83acea57c6fa2408c55e7f1a96cb

    SHA512

    6da2777ea55a414fce7d3fea196e887b4dff7ab88c3373b8c2d6247ba7260358028ab4eeb82b3c26900b244f8ec09b1f67ec4cd1a5a7125fa3af7b4daba8d47a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7a79a19e41fc6457c558b5b8a7388abf

    SHA1

    76dc764780272e6c54b6305112b11c65f4585379

    SHA256

    1d05889c69f979414616ab910e2b716f9f3c94f64418de5dfb769d2726fc19a9

    SHA512

    b813c7a6cedde562a5dfd9dca8aaae4cd6719055faf1d8f9babe2f7bae5bf19dfb6d1ec3c37090eb7c4b2caeced17aa2b3ef104e786c90b5497910d4232cc308

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ebf2b4ab9b05eb702d5727f2ded3912e

    SHA1

    4ebe37374681ec1fd399dc2bda0f8e76b5769697

    SHA256

    569cdaba0e599f0aaf06214e6e013341f18160979b609bd99d8387d26ad9531d

    SHA512

    edbeca6c3c303da05372d0f894fa77eb339a7ab2160161545d930700ae1ace9212c4d0d688a51e54fbe60db4307765212cdaf934803903ac8a6931436eebb62a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41ee81e242cbbe2283d2d9813c40f236

    SHA1

    2fa53ef1247837b90551794f720857162be2c59a

    SHA256

    d10483dabb6cd2712885ee85e3c3aab0a36cd7b51ab125124871d0b74f87da9d

    SHA512

    6812cc4efefa60ec0e7f3e9856f7c5096410255c025f8218d237bb00a32cca600913e1cd3cbf89c8e3e9101a23a23541219f05196aaf2c931022742e2e74fb42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b7275fb466980d49ea2c715d89a1e54d

    SHA1

    7afd647b6ba91a13be4530ab174c0535f7b06ee4

    SHA256

    c858c8c2cb7246e26811e0eefbcd7f3a4fdeeaa35313c322c37320551e571879

    SHA512

    f47abdc192ebd1b7f074ead51f80192566dc567edf34834b7091f0f4c557f107f5d144905caaecf9dbe6268a372b5d8a5451efb3410e68b4cdf38bdd43bd564e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9178ef22e11afb5c9e92713c73bdd136

    SHA1

    d72048f79cf4d95ee2cd22364910e40d9e49314f

    SHA256

    9232c8d717911574d71329fa246c0d278e05e4a9ebdf939b8f422fdaa1eaca6e

    SHA512

    600f042c03f7edc559ce36f4b5032df61c5d9b4c73e51d6074cd083a61916fdc68e88895c561c9d8cdd956611a1b4f4c2e0928890a465a2ee13528338712351b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8b634634707f375b699c2437b387833b

    SHA1

    77d5c297c528530255a69e803bd655be75483ccf

    SHA256

    e91ece0d03bd9908a0d8d5ae455ff7a6f90aab3cc4d04bf2c6a4fa648bacb025

    SHA512

    89902ccfda2a882469ceb7f37a09c8fec51590e31c842ab68f4563f4a207553e96e199a2b8126957be7a3d9e664aed8149dddcbe7dd6fd288e71c1aef6ff3b07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1eee3427651f537c05212c7f0ccb770b

    SHA1

    558729de5165d543550a3863c6f29f295628b6a9

    SHA256

    b35d0be1a3ea0f5ab73d471c45b7220767a8eaef60049cfda098e3abdea2e00b

    SHA512

    6623f20a6b1bb5fb3474385e5c473250bf49e967e614ba80742566f2cbaf43a296a6121d70a08189f63c885ab4c3fefdbc80df0eb18e01ba768097bfaa3247e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80dec2a5ddf9dc1a939b86da40c01a53

    SHA1

    83ed8f0ca392da57c557f69f9650e08eac3b9ece

    SHA256

    f1a7f50679ff59ea8b25ef125d6921ec73c34e9e8db61e4c625e4e5d363d6979

    SHA512

    8c0870792d65bfd5a89223b29efd3b692587c1cea2904eecb70b7f6da8db8ad9ca651ab907a03b9006e8a3d336a48d856bacdd02bc07d3ecefc472b98737de91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cb8bf6dd43818e27aebc05c07ba6174a

    SHA1

    80d1716518aef8b754274ba265a5e19e9389d2b5

    SHA256

    f9ed7d2c5567ce54a9813aac0a0b21c3d94ecc8364b4cd46563fe61c1c7317d9

    SHA512

    4e5beb7bed6d3e05c67b1ee1c01eb5bb828f5a45555db2377881c5257773995d7548753d1e44c904b8998aacbdcbcc46161264e17f9f3f17a0e4273e0d9f87cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1db36fdca03f564c07839c7f7d9b4ba2

    SHA1

    b9f597bec2abafa072027a379939fcdd7bc21158

    SHA256

    b8a11c231649f82dba725d9edd30103d973d4f53058c742a78db9497f65e2060

    SHA512

    6852542e8756887fa9c0e35c130dd7f65ecf52213d0624eb4f405c442361509a7796bd752696bc3d3a10a94ff6e47449897597d038c8d42ba6ff1998baea42b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02f1c23d89ea1ee03b10d526a8f053dd

    SHA1

    1bc5e4fbb0274df050230e784b5a6baaa9d576ef

    SHA256

    3148b5867806512ac9e167d23f94922de9d06f722c6664d62361818e3268838e

    SHA512

    fa812580f8222e75838837e15035627daedb872b09670f6fbe744f7228922c7d653e02e7d39e87fb20c5d16b513adbcbc5a91a716f3b2fb8c5a2d2a5e28a0652

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32c50af8c19338475aae870cafd938f0

    SHA1

    d5a758d794b16057f8b1c2ae7722c2aa1549087d

    SHA256

    77e7b23a11e0a6170d578f7c198f6414bc7d727525e0d625daa106237b06568d

    SHA512

    cd279c4ff6f10c4923fdb8a09a0af37b90feb3fa0e4dbbb54883931bc0d7bbb92c5f4dfe1e4884658bd0a7ecabf1625fb89b7f9dc50329be474e9a5994ad2dc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ca405307fed03158b33e8a54ba9b285b

    SHA1

    e3a2f3eef130db51f8f52cb419f27cd97f450053

    SHA256

    496894f916aea1dffc94a6a934e4a3cb7146ebcdd77370a3d7f5b1192201030b

    SHA512

    63aa9801b682f160910e709e6700f86de4af4cde2dfbd0c19e0899764eecd8a304367b3f91bbb7e35eaf83b449393bd7123d6bc41cb21bae022eb65767fe3aaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f8a222f15d7286fd7bdd6b3059d4420

    SHA1

    46a37caa1de55cda619c6a0fd7ec7bfa5bb59029

    SHA256

    cdb4ad0d326072870443f488dd646fbf350c63a2a06563b36eede03b82964efe

    SHA512

    b788540d1e790c1cb6fd0d564933c79740a6bd749899a48fd19f7efabec0b82d9cdf9fd21560606529fab4462dfc4b2b2578c0f6b6b4b3100e1eba295bb2f689

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e13b2d83a82026ad89290bbce92b8fd5

    SHA1

    373bfda07dfa62c32f357cee199e39a323c5533a

    SHA256

    b310bd56a62e097b3e5a2c7a4c61c48aaf3833df9a371674a733bdc312aa2e09

    SHA512

    04aa17422b5a1c3e93cfacce5e1f4c6352774c9db54ed188ee022e821b15a870c038199eeebcc6c0ca1e60d442eaac0b10ce181263a62b5a55c3b7ebd6152363

  • C:\Users\Admin\AppData\Local\Temp\Cab319D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar329F.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a