Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-04-2024 15:15

General

  • Target

    apps/admin/view/default/common/head.html

  • Size

    5KB

  • MD5

    cfe9da57720d3da018838b5a76c340a1

  • SHA1

    e3dd1e07d083fc74665b3439880fdf3514ee190b

  • SHA256

    40aa91d72e6a1cf5bd40996450cd4aa2bf7c6cc008d9b34a61f3be9871adc4dd

  • SHA512

    ac98195be5156e467f51208940cc6add000a70f4634801a866cc80ea2a6aa0e08892dd4c9ce037955e731d276d55980adb6813f1c08201e46724fbbcc31aa5c6

  • SSDEEP

    96:/e46QvcCtNSb5rROW58VdKcJHSXuyIkyKqKjy7VC1kOFVmJvQ3V253VE1KH3KqKH:nhFtWzuPBmx04kOFijkGy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apps\admin\view\default\common\head.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d4ada59309a481c1649adef93073270d

    SHA1

    be8896e0228c813ed6206ce8fc896774d2fdd94f

    SHA256

    f49bc46879dda2b1cb3882f72908ab7a545a1568e8522c8d0cf0e3068f350b51

    SHA512

    e2c543e1e11590f13bcd4570cd2a1a1bb9b689f9cb1c7eb83e5da3f1a23baa9f5d8120655ac538f0787d472ee306c108bf4d3ac916f84bfcee4546629a80f997

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c4003d93b3f2112eddf18785e4841a53

    SHA1

    63e48efbddb9b07544e90ae0d6e996c43fe3317e

    SHA256

    ed3c71c5bbec3f3adff1e02ba0564040d9d0e4e7b26b5341cb2417dbd131d665

    SHA512

    6982b3dda280a92409270690e6fdc5ae3e5c4bbc3f6fb8ef0f4ad479fbda126d3016836ca27bc755268cd8313052d32426bdd74258eb0188d51b4afd65a970ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1b98b2d6578235ef24a81b48dc0057de

    SHA1

    bc044c7862e00b5f84c418978ffcdc4574a7dc6a

    SHA256

    05284eec11809a7a134af8f49131a2b9b3259baaf062f4074f7234c7bf272eb3

    SHA512

    5bda725d2c25693edb77073fc76b8f6c8fae0c4c7c5611f46fe2beef7058d830b7ee67a5927e9f939daa018a0b42a9fcc0195180b8715e438f5eba7634ae704e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78ccafc4998f3ecc7a8863a717a70047

    SHA1

    0ebffef03110a2c55c7738d92cb0345ee62d9686

    SHA256

    db66b3504f8b80e2a2dae9dcf6a736ff28811af0b1ae1657a1884a0a2868b4cd

    SHA512

    690c2335a1f7b05c29d54397843a08ff8946e5919fb6e25a02aaa38dee051c7eff14ec6fe8663ed321da39ba8c4bd91b98eb30a551a3397c27678c0cfb91b72d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    43826c828c650afe02bc2ad78273f514

    SHA1

    016d11b14603e7a2bd30f26b03368cc759069cf5

    SHA256

    e2d9ed8538370fec1f4a0504ade753663542ca78e2138ef5f5c07aa2ab5ce2ca

    SHA512

    16c2975989bb4382b2624d5cc5e597ae0ca9e3a04a748dae034faa042364186729944baefb8de7327e502f077776e5d39f40598cd6f743a03026afaa1c1a9137

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2170366039d13b4a99de32318010e3c0

    SHA1

    b23e48eda2458b6e9f43e5646c8f96954049c554

    SHA256

    6e2f7279bdac3bab78a0fdfce7a80e4ae264f36ce5a561a2cec0e05cf17a09b9

    SHA512

    82a5e7d5d7f88f54be982c310b99daded8cec7800e19e3b93d733964778d9404d9d3cfae642ee82fdb17b715ecf0d38f189d52f52e79047ca1c907aa80fe3fac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41e95a89ce3701c7038e639c0b0cd53e

    SHA1

    e35870e075751c195d1a51fc61df442e53771b67

    SHA256

    668c30227d823dfe0d904f563e4b5e87ecc1c114a03b7f638014ff0d3b197fd0

    SHA512

    f86d4da7575082135ea7b550c76a641a7bcf2c67eab606a2d2d2d5816113f576fc7e0fdb42141b11540ceb02a8f32895b3eb0b257a1f84761b76d57925847a58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5f5b7fb556c292cf601dcc652b70fba3

    SHA1

    474f7c451b900652d5fdfb7327089a400439597a

    SHA256

    053af4c48cf8dc8d83a1cf4afcab716b96ecefdd0061c78eca731e2b54632527

    SHA512

    048b6fca595403ff2df4fa4718beed2cccdbfeff1d836e1f1f95a8a0010e1afca80dd29370e0202c9c99fc7a3cb558ca22e8c7623a154c717e0cdc19a99e3914

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a6cdd8078c485ed0c60a6dc4561d5e59

    SHA1

    8394b627f01a4f9a8d77427c414835f9ca325adf

    SHA256

    07abfaf1927a7bb5c7728a6fe9a9a38d6897652a3096f6fc66028a938d01745d

    SHA512

    b613267c07c951e2aa57e7306bf19e7370993d457a9573b725c98259357c4629ef83bff925fea56c91dc0b0c2f5c1d5671a48cb08b4495b1a52a7fceaeb24592

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dd66413ea78604998ad1174b9410c056

    SHA1

    049981d5579f1c941d812791ed35486110aee232

    SHA256

    dfeaaaa73196ce96603ca28ce0e792afcb166444abae2d1800c29c5ce401bfaf

    SHA512

    c91cbb96c0d29aae3e7f0f2c514fc75d31ad0e91d94a92a0518a7bc8f8bb445b015ad8413ecb360fd016db173f34e09fa9f9117567e19295f34df3e5bcee03c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dbc657128c09f4e593907d0f5d1e5bff

    SHA1

    19148ef84d9645f5838eda653aa52d422d5eb561

    SHA256

    6387a4c5582730188cca71fe2ce7197cc92b6397fa9d63e6c80fca622680fe51

    SHA512

    047ffa6bebe4bb824a5d91266eab8bf8166751a8a9a0fa2b8c516907a122d15cce4286511d1fb44df317eda4da8e57ccab8724386238391f24d3361c4d5a78a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c93b19de4539794e8fb1d259c26b8234

    SHA1

    3c66ac8ba2ff7322e592c7299199ad976e57ce73

    SHA256

    3bdeb48dbeb61e198a2f975d86f04289f5bb7496be1f8bed7cc9143f5dbe062c

    SHA512

    45eeb9fc4fc6886b5423d39ace1899b39cad189bcb90202880a8306f1bc154b1044846fefeab2020d5797f54a2d8e01b17436f9ed9c09031d2373920894f8064

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3752e334ddc8abecfb71a9025e045f70

    SHA1

    7d52b073904a8815774def743937ca87bdf0bb4b

    SHA256

    130fbf03414d2aa7d4c811d57c3f9b6928535dd82dc5fc488d18e88d447e6ea1

    SHA512

    fb8d7c95d2fa13b2885474294798ea65e2169ab9bbdd3eb06d03d5578a4c1dbec610f9774a93184e0e21db9c19b84f386e5d278bc0ef4cf190bff7542fda5e62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fc3a3468e4f9d3ad711035011f3cc83d

    SHA1

    ee8e4920f3cd3f04a2b505887748d98237d3c39f

    SHA256

    c271fd80f63c662c338d19c97a0b6db88a694f4fcd77812e35fe886f66304389

    SHA512

    907ddf569e6f0216f55534096f0f0f51a7ff43e7639c2fc1f96f80faab92ab831c08640af3827c892780dfeded035164ff7a3b80673a9c5383138f65e76f6862

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0febe9eb4dbff3fa3097bace408733ec

    SHA1

    de8fae205e5433b8d09edb47c91812a7967d6ba8

    SHA256

    444203bec5d18a14abd043782162bac64909f161929a7ac927594806070e67a9

    SHA512

    7f50f868a0d2ae4eb04203956e41abd21e1994a9d0b39bc9854685c98845267d9357a3da81ed1691a32adcbcaa0dd77719366d07f06da8e32485556d8bafe2a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76669da605d84fee8535639593f0b745

    SHA1

    05be297c647da7094cf8f9a38e75a6a77364bef5

    SHA256

    a21ccd2355658769d5a4ceeb236205ea33a39409a5b32099869032b9c845eab8

    SHA512

    805bdc2bd63d0dbd539facb754e6ec694a700de5b3fb759f917f7de4f2b0e764656a57219469090849f93fd0be8f5a8ae8677f001bed796911a6bfc7ad76b86d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f296d7dd72c2fa2fc43696c2d6ecfa9c

    SHA1

    159d3231d39221ad8c86d0cf798ae75c8ec62aa6

    SHA256

    b3628376cbb7fbccbe99cdbb27dca8099e9e801914753bb1c4a12e790dab9f80

    SHA512

    8538ee1b95a90b5ec909c6886f2427ad007d6c56b1419d5b38e0ccd3457e56324ceab88f403357047d198e5e10394d522917655661fc100e12bdc67dde4c8d81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    563783650c007bed4c2c87709a8c3cb9

    SHA1

    bb93ecd12e09ba0ea6bb0b52b4cb7845e072ae49

    SHA256

    69f95ba135b446218d4c1a31b282a4c03681c71046e8e9908b954f5bf6bdf7e9

    SHA512

    b0e6f644e964a7f1546d1b3646dc5b4274037b07a6c5797327ead4427a12b858fa8bff96193f68be560b6b2c0e9e25be72b94e4477b5ef258cf57780029c48b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51f370ab21e7c9acb52bd3a1c45f8d11

    SHA1

    11b19361a904231aac8034e95b8d9e82cca90293

    SHA256

    c073485787c6a26fe90bf49f94b0ce3ad7d945df2fd9c4f66b1506c70f778109

    SHA512

    61d06a8db816d3d824e210b9c97576d149bf36f9b1f81efce2308a6fe5212538a5cf38b1fab70f9e76448ec7b303af131fb9866868f8e77b0b030708edfc9d74

  • C:\Users\Admin\AppData\Local\Temp\Cab44B1.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4573.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a