Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    28-04-2024 15:15

General

  • Target

    apps/admin/view/default/content/content.html

  • Size

    48KB

  • MD5

    2594dab7cb1d674197da96500291f85d

  • SHA1

    8c7f126e205a084aa98b398a8258e19300521352

  • SHA256

    1408408fe3a43a3d9f65448ec0752e29967dc2a6fb6bf4484891ca122da17d82

  • SHA512

    de5f48db010a43a04690e21cd601855236289aa97077c76c5cb8b24bb27fc7826c7fd245b6dc4fbe6f139fc879b0d67c73f7662936723099fffc712bdc9dd037

  • SSDEEP

    384:HLC1eSmp/YEUtCV3+lLipfeCalYn/oG/22g8VwbQRfCcXIZM18wwa1G2:rC1eqE/uWe3G/oG/2YWQfIGQUG2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apps\admin\view\default\content\content.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e12690be536d989ec72b17ffb21278e

    SHA1

    3d9f59b127bf8d7723064d94171e9a480f950f0c

    SHA256

    2d76c30b33f5da7bf48f04456aef8bcb585c073b792742ff10a7d981ad1f8daf

    SHA512

    340961af210ace12b9c621ec32009dc544afb3ab77328c4153560149a26af9c9b09f297d5d0be03717d601b66f0340dc353135d90b3262a90a1cd42cd4029b75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02019660af743787adec6edee97f5969

    SHA1

    9949d340d2c48fd744c77708a1a42550a9149382

    SHA256

    644c93aa9f35a632128de24eef8b679a851abb84368f1be333f3a01f4e94d085

    SHA512

    051a285381a5a3de535da5cfd64d5d44848c787a162709a9321cac570e1cae768aa1f7a829f55a108e37b1052d863b4a0028ee311fd014e622fbaf90d2f7eb15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    33935e026247621f2f8ec9820467b75f

    SHA1

    033a3d72fe29d6497a833ee6f6f29ebfa6336eb3

    SHA256

    62505b870b462869685763faf8aa7e9f86596e7fd06ea4b937b8245673a2f674

    SHA512

    0ce2b4a85bdb2894538a1533af41a7f5c50565408aa5f502258b05a30881581aeba83a73bb379e76c112d3b830397b97ee6097aecece917a3f13d1c3e8e031a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3032b2d65c8dd2e86cb935d3bda37fa3

    SHA1

    8790da61dad2b65944abb8ee586ff8913afd27a9

    SHA256

    ac33a1b19d74a99f825c88019e11ff5d21ab8f65c9a620de907450a243182cce

    SHA512

    f51450ab64ecbd5f2b35a1b0640cff2c2872a8d103502f0eb90547206de51c81b89567de4ecd195ef2805a811b4387ded0aec1eb08da529ac0cba06b81a18001

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3863151d8c3805393347e316bbb3f29e

    SHA1

    8b8532a002204c2c234ec448302f7a476f02316d

    SHA256

    48f0a342268caf69de8ce406a57ae4137f569ade048af6fa99f6a4c86b293e67

    SHA512

    78b80e6259f3acf8777d6ad350d3782a4bb3365320ae9d132d322288a6ec163b2f2aabf99d99ceaa6dc2a1cd5f82a2d8eb461749abfa065cd36c4192ec932abd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    779910e05b65caf7834223c8320aba97

    SHA1

    ce6c449586a97bc6c85a41e721fdb369ae422cc7

    SHA256

    765dffb9dad4c1ceeaf60d3b5c51aa318e4689c4548ec20a133407da0727d155

    SHA512

    6226c14a3f2c2f8567666097ac460a05770cd0d6a847c2d92f7f1bc2aeaeceace6941ad7bf85b46891e49f8cf6abb85c92efde3b41fad2e1c39d719accc37687

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    22b73713d83e99d238123d68fb316d6b

    SHA1

    e89e0fbc37a26af9db041b949f036b5715c85b9a

    SHA256

    7bcd58eca60b2a5f15c7b979a230c3c7b348afb8b015a23edbf172a45a3210ec

    SHA512

    7b43c7c2dbe1f772f1c2d98d062e2400fcd1fb5aa3ddaa15d0700a827271171a2e0a2a5208dc0e44da263ee49da2bc8b98884c63235ddba7eee9e1ce59b96050

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    259755a4366175b6d66aa2f1c3232633

    SHA1

    820c7b3cecf0ef8e87f268755bec83baac560a0d

    SHA256

    179681cda366f084a3b34f6ed312feb5a7ef53d1c5b52e7fc762ba6e1610ac0f

    SHA512

    32c7857fbef123c0f680fe5cfd745d8bde6990ead33332df5d6494f6dfe31dbd8a80a00b6b3c0e143dc9b2910f4d8e1056953a1229a2cf8a51139ebfe735e70c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    020812d7b734c41bcdf42b2712ab5b8d

    SHA1

    d9846cbac663a250fea9c4d1c8ae3b5b7fa0c8b1

    SHA256

    4b7c1228236c60521a075eef5e46762c98c8a3cedb14587dc41d026815695749

    SHA512

    66f450587a259bb94c98a940fb9afeea72d721d391c6ada26c5a4a070331a29bcf7a4fc82c91ae99c8dc104ef8b593634f3dddc0ce65db4409d5b43fd17c8ce6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34dcbe548b553a58044b2dd9694890d4

    SHA1

    1c54782cf31ef9f60bd56a5b2e36c11b3b95e70e

    SHA256

    33b5fe1ee0e88145236d14c468c2b538a09dc28e4abc32cd390008a3b4dba28d

    SHA512

    894ece5bb0dbe002cf51373873e774c0f892ed9114e60fc908c436ee36be6f0b6586e50216854e4d1b742846eb10f52980559e94d8bf637bfa9c4de8c037c9b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    980c2f0a706c0ecad6f47b6844ebfd4d

    SHA1

    8218747610192eabd70361954041cefe466d0bdd

    SHA256

    b55defed282b3c52961d1607df4c9c2a8d573acf513a5fc0538bc6f7fab7fd28

    SHA512

    8ff464e76b47d23d08019ff1844a0bb6fb01086f120446ed3f705509564a2970d39092f43ed94188eaecdaf00609b06e78403d151c1c356dfb5f453fbbe54e5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee6a06aec4fcdbcbd3bdc9a97925417b

    SHA1

    c7784c20e852932f87b42002c38fcebd427681a6

    SHA256

    7c7f6398840c007732b9bc354e428f59b8ebeddf9358c6aacdb1db0481167c8f

    SHA512

    0df09cdbcc4c897c695f14ea2dadf458899700d1c798b82baa36b377bafe8c427f1fceb06a50314c3a60f42f8b802f53d90b2cac702cfa1ba979eab3701722aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4ed7f75c406c760b1a9bd42daf15820f

    SHA1

    5d334b6fc4d068fc5518934778e39eaae439069d

    SHA256

    5b7832e9a9f0cb9ac72a991758789eaf9394dfa740fb3bc2637ff2dae26f3295

    SHA512

    4956431e997cf3306cabe37317357ffcecf247f875cb39d27a11af37f1311c3b73d9f91a3dc204a303b46dc93e3eabf592f42525f555b44eaabc173177161d8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a60cbacd7215aeadd4df8d35778e9aba

    SHA1

    14676bf24e762090369218597423ee820cc5148e

    SHA256

    b6300e2d47ef4de695d6cae7ac40f5a1c91cd9219a64cd46373700b55f62c175

    SHA512

    6aad48773b8449fb791e1ec7a32e016c36aec004bbb2e95c2b9c3f0419a82868ce1eae2cb55e80862037d42426ee998e61e798a5d4299c8bda4f399b26662e6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    416c39f0d4a608fb63bfdd67e3318c11

    SHA1

    f4d3b459a6b1677950cc8b62c6418ce113f03ec0

    SHA256

    d68804496efe61b6bbfcdb645c1774fec3930e93dcfd2946185d3b163e848a58

    SHA512

    a1acc4dc864707fedd9bae771b652bcf9b05f1f639980be7ad11db10ca932d85a47da4290e194ad098c30286522bd7aa334a06a266598f514b445f16b060c10b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87cf4010d00ed7c82842c64ee34c803e

    SHA1

    6e2ecef3422edba60733c2f91395cbb531eb22f8

    SHA256

    2d088f26a1f66d83e3c539e048edce256a3516d169cbce30f65328d7df877e76

    SHA512

    789a194ccaac2d95f9f8133da4691569e744482f0559cb2d5832c03171953211ab5b9bc17819c455a15fe18ebd1a9a4cbb468354b6f39d7b35451364db3d2db1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8f4723b22ddb426c6f9de48e17780ffa

    SHA1

    96abf3ec6f3f17cecc33606c2afd96054a6a3ab9

    SHA256

    4c190737abd0bad06dd75f88a8d6d17100b9a6e8fe8c8d92acc5accc84895f94

    SHA512

    7d7b44c4038f74cdf4806a871639f264d8df515f475b525cc9308c1c7f648b5c8b5929c862875d575368728f5835641c9ac6ae6024e04b5093db05a17c35dca7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11e7b42f245b46f46adf32e2bc178637

    SHA1

    6ec99591c94e3b984499a32ec2842807a37bdad4

    SHA256

    d90e425027c70aedd28a07c377379f87a1f17dfecb6b2406c53f27f4e1fcc2ef

    SHA512

    f4baf7cf8fb79603b36f2a54aadba35d9e6cbd58560aed3da2aef39bc4dd961299abf33c7579647f2926fe8c9ff68c3738874b0bacab69786b39b4e4716a5a16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e0d0f82b3d4be86e6ab26e2c4849a244

    SHA1

    551b8ef1b4f22d93a808e4f405915c1774b8629e

    SHA256

    c86152771b449e820af5d7cf8f979d5f7a960e88a374fb9daa6d47afd4ea90e4

    SHA512

    e6e222b8b9ee152385fb0c6eb1d1f0c1cda9d28f504eb6bd4cae447588658fafaedeeab4b5a18ab00be04371706448306da0dadf2b5a57b99dac4488fd987b51

  • C:\Users\Admin\AppData\Local\Temp\Cab3075.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3148.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a