Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    28-04-2024 15:15

General

  • Target

    apps/admin/view/default/content/company.html

  • Size

    5KB

  • MD5

    7bc13d1d7b5225de3126487d97550c06

  • SHA1

    c98cfa4c9dc573be1b0f220c261a80019dfa9001

  • SHA256

    c12e1e8667d5dbe2c8a2ca96d5a79ef887ebb471c36bfb41b11d86cda7e0f62a

  • SHA512

    28ae8ed7bed502fd163748e9630d721090d7414b016c62001a64060dfff556d0b11496eb46268cfe31666d93eb4ac6b6555204b7d929114f93b41546d3efa87b

  • SSDEEP

    48:HvLGSiKJ4LIyo/d5uGo/iK6o/6Po6o/7K6o/4bK6o/AKJ6o/Ke6o/GLi6o/5qVEd:HXLvsRkGYcslxtuoLJj6TlpKX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apps\admin\view\default\content\company.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1780 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c2cd9712c79ea22c619893db20e23642

    SHA1

    85c889a23db5071867bdccc33169b4f20e4c3bed

    SHA256

    90b21d82aff48d702c71a635c5c494bea73d5502319efe2a1d07bb2002180aaf

    SHA512

    347b826407bf4b1df5885f2a965ecd295370e8ea0864ce8a55ad2a353ca5322040c62616ea12dd72dbe37ab310cebbd1a1ec29cb64b09c53fc21282706352765

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11435dca963daab9ab2e4b597c59724f

    SHA1

    08642c508ce311282b760248c7897f6c87675388

    SHA256

    3e710cb3f36eba29fe273ea0efeee6337593e2e6cbfe9fa24c43a6bdb31eb23a

    SHA512

    17a42d34fce03a18ec18b2df75910e8f8dce904cd47c823e1e193a0f7b43d74753d9abd29548390f3d91ae05312086e8f4cbcac6501bec68875e5c6746af999b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8e1e5228e5343130377ea375ad8a741c

    SHA1

    ae370b2edee0799c1f8398b5eb2686d4f11d18d7

    SHA256

    ab32fc6e4511afcdec8a6948e916be03bf99194e12a3699ac16590eee2eaea3e

    SHA512

    6c294f079ba5499470ce26619e64aec8315265d39d87ce6baa2afefb68a6e171117ead32d2b85ea70305bdd882b05cf2ca847736fdce0444e30b906cf35e219c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c99a0bde257841f9de7bcdd026a0f9b2

    SHA1

    1874778f5947db03b5276b8f5daa5c4d14af3b99

    SHA256

    70aaac68cc311c0eb4758d9c2148089d7273962a3f9d0386634fdb1b41aa4e5d

    SHA512

    b8ae5f938f9761c31d412dece92b5203ac8a0d1d2b42bf867f9e9e4f2c44dbeeb75094b7e242e2536463278db9580f3d812a904e9881796ef7adb18064260805

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1fb869a3831ec485c0b9879ad584ad2

    SHA1

    271d5343bd45ab09eae23a551416dddd61c381f7

    SHA256

    fa9eddb60da291da07bf0a63c09249619ec8f89c05660e217e1c2b2739d090b2

    SHA512

    887ffdeebea9e61ff0dcc530a129c4f42217374874f4d4c5637aee66a3f8ac159af49dd67c751aa670072280998e0dfa51ea47ff6f79144e09e09fe68cf27c66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    834010da87b987028af3201eff545369

    SHA1

    b2fc366490ec61f5f9cc141d9640038a6a69ec15

    SHA256

    4cbfe66e0a08f4c49218de83b4e4dae2332eb420dc1b739a374c6df17e928640

    SHA512

    2ae80a996b525a8a0353cdf0feb9383b172f6609624045516c1c27185dc02a31d3dc21056cdef07abec0e726d5c2fd0ab8e2e0d6351d46df77aa206413c59804

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    525c4005ff8161ab0cab8a7e0a99a687

    SHA1

    54f96c905cb9d8b1440885a8226f45400ec14090

    SHA256

    23759a9da2a9f325c0129b62420b7e8b4549fa38c6ab3354d0036d5da5bd7ac6

    SHA512

    62da5817c1a8c40a1b685a93451d8bd227dd39157e27d3babc6e812b231f3ddc19aa87c8eee132c881535d812b1b26d8ed77e9e90365ff661e16ec9589064455

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    044e80fa0d2117eede6f9806ae15ad55

    SHA1

    d71b09abeb9d67558d0b7db2941462da471902f8

    SHA256

    5eb36a0d69af57de4bfcd2a304a5d15f364739ec173442702f1c34322a773d47

    SHA512

    aa92fcaac0c96354c6ee035cd8f869ad7d23a32dd167fcaf6e84b28cf8da44073a4ff00b88875846e3574712467fc6ad2ab3be0d27c326a9338c9544e3820197

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    885f12fd7582af68d4bc376c988b6dce

    SHA1

    3331b4144275838429d17a254b5f29da340c7751

    SHA256

    4472a7b801929ccefeae186306b1ac50cfeb8bc325dd004212be25678ea4aa8e

    SHA512

    c22c750de384c60b96c965e5845c5fd39f83ed5ecdf412960b272fa376fd173ee7bb0856d9ae0166ad6b5d624de5d03bc59e5e9f1ee6a44263d54d2b5d3cb485

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6aa13e5fc199b7664a425229dbf3ea4c

    SHA1

    7ed53ffe62769c9d0c8440cc3289fca6435e1c63

    SHA256

    d27b79255c3c1b13be22cc1ee9a369794731fa50efc4866c1228e41096eb7588

    SHA512

    ba296d4ed3e82e40d617f1fdedf5e1218a17572dae3375f9e338b7c23cd90307a8623f290aa11ee11c83219d79a63f1914231b35b8d8b69c0ba699e73bf4908a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8b609e5c143f5452aee8482e78cf2a8

    SHA1

    9678ef8a3b38aeb5447cba6f8828fb2def162480

    SHA256

    9a5c43e0d01e1169c1dc024cd091fa3f296c36fedd295af145fee5726d1a6b12

    SHA512

    d16c68bdb1983b1ec83ed9285ab7f3fd8d6e24877ba3c1084b19a4d9c79a554231b76fbc68e17e02215a7698ad2cef6625a5a77f5cad3215d23e64d4369623c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1df82fd378044a5e5de73be04b5ff79a

    SHA1

    f4ef99fb62f3c30a2abcb4b7dba721d5497b249e

    SHA256

    3bfaa4247d8370c2d199ae7a4f37414e80f448032966d9b6a2a54870c6790993

    SHA512

    4dc21d8f4b1c2ce9dbf3a45a2f4a88e4f6b7732cca1a43c56cf77181251730b6b071d422406d49a264ac845004f631751c884b3106c3d9affb18f264b805952d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    190acdd9be2a4898f520d8ca528f12ad

    SHA1

    af54afd164223a1f8a84a0f1c9cd9e54f79d11d3

    SHA256

    f7bb8a6c6bfda008fd7eff34f3c2e11da20aa595d9b5fb0062fa9154002cc1de

    SHA512

    4fd16334d8f20be09e1f755d67650c5a3fcb0adb0e9f43dbc05d0cc3d6fb7f24354528a608cecb789521b1a3180604e5cc5cd91c6bd983db7283130ae4dbc933

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b159a861062cd0558ed4efa339abad3f

    SHA1

    93209602141b4a0e707287994f739ef03c969a19

    SHA256

    ab67633f82fbf8956a149765aa8b406a81e7a21758a59359edf9373afdb3a084

    SHA512

    f10adb98417064167a96df905964ba478bb6af607a322003685d0e32b0cfe43b0e6bd3c22e4045aea14a5b8d1cac95abe31cbac4128f3d1878dc17f061b27602

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2a8291f6fc8305d43a019d9c979d2a4e

    SHA1

    2183ea5a0a148aa010ceb4137e821a0e312039c4

    SHA256

    c1d2e0240c7faf4745e47b5867918ca1676f0dfee0a264dc52d0aa4d0b2e9e50

    SHA512

    a206cedbca5a8c86a7906410c13329f9ddf21df79388066beb7fc9aba44bf98fdfcc3c58b6478d2dc24dfaf22b9006590c39979ad76a107ef9c46195b275431e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d90e9216d84f3d6f050a2fbcb43cb3b3

    SHA1

    1caa75a89365c98db75466637350645d6f58b326

    SHA256

    90ed11e08af201612dec914268037758ce96430a9ab6a5c84a9e26cb7a317e7f

    SHA512

    2a19b36357dd2b3959bc331a8b3cae4a80b6b15139713f263b11068b4bbbcca8461cd72d06d8d15b481833aba5856e28a09b0ec4e73af895899aacc87bb3eb8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0d435f0ebbe3f5285a0352ac1712eaad

    SHA1

    d80875dfd28822bdb81207df1308fa4035322c16

    SHA256

    37c4b543fb756bb8b3b52ada18da8081e3ac9d18a2b596cda3646e50a2f2b9d5

    SHA512

    ee14e1e259465eb84a53df1524c9c9534b0da441e1ed6c68c794ba3654b6efb901861cfaaaae43aa33cd8716158b517125eff46007ff090e1982cb7901dcacfe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bd7125ab99c45dad1e897497aa1e711d

    SHA1

    ea0aa5c4a56a5803b20dd50c2c9bbf92adfe8baa

    SHA256

    2d73059d9e1bfef8f63e48a5fa0f22cfe6fa1c907771108cfb532fe63b34cb76

    SHA512

    2f3130b95622886aa299e1f8fa4fe7a8a10f079a69ce2a923b3a5740a5c34c59e82623b3a99676f5ac791ab4aeb7046d087197ab11ae90c99276ec133a2d60f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0bced6cf3333e1e53b4f34fe729c0360

    SHA1

    f7643299fb188662c3b18dc5b76652c83e6abaad

    SHA256

    cd30a8e4c2da4181b2a69a92b9b15446a24bd5385a37b6b08bf807b9639c36e2

    SHA512

    fd48a574f0449af551545f05572cb5fc72d4efe72a0b78f3435f3d40480d630ddc4206c4a158405eba9dc3424ad23ff1090efbbe7817f1106002c8aa885dcf5e

  • C:\Users\Admin\AppData\Local\Temp\Cab30F2.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar31C4.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a