Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02-05-2024 01:19

General

  • Target

    9b4e7438b6ed1c8c0dc8d0d70f1e4eafa77b108d6460aa414c6789f94ea33bac.exe

  • Size

    36.0MB

  • MD5

    20f859040b58c4a5142a297f5cd1ca52

  • SHA1

    318afba73e5a615544ca775258e1550506f94f7b

  • SHA256

    9b4e7438b6ed1c8c0dc8d0d70f1e4eafa77b108d6460aa414c6789f94ea33bac

  • SHA512

    23a8256968d48a925600b4b8890983a03ae6d773dbc01b8a916828e1302cb79bf1c0542bcbc7472c23a60a2cb2512a0d835c694082c6eb0c822f3279ae0f9ff4

  • SSDEEP

    393216:b9nAqMInoJITfRwF6+YPlC6PIwt4jNQTXh7yP4bTcDxvVRFWdtMPD9F:b9n6iTfRwFOxostyP4fcDxvVjyaPZF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9b4e7438b6ed1c8c0dc8d0d70f1e4eafa77b108d6460aa414c6789f94ea33bac.exe
    "C:\Users\Admin\AppData\Local\Temp\9b4e7438b6ed1c8c0dc8d0d70f1e4eafa77b108d6460aa414c6789f94ea33bac.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x86&rid=win7-x86&apphost_version=7.0.10&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1032
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1032 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de307c33b2c5befb0531e29bff79a3de

    SHA1

    523a262825a5b1f31c58f79f7c55b7de3535065c

    SHA256

    fa5e48b0f38552150ff3745119f3b75ac2f31bedc368e5251124bf3f5c071fd4

    SHA512

    79ea258851299fbd31022273834294b307c157d8a08ec0075743eb1d5156197988279b1d2caa6e5aa6ba58132ecf986c2a29f7f1490ecf261130733d47775d6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a03dda8ab9c24748326b1b5d9540060

    SHA1

    f8006ff20bfce65249a070f78be91af025fbb28e

    SHA256

    eed51cb8f6cde3774aec58e820f51dd6bbc17f641bd20da047960804221dfbda

    SHA512

    2953da3807fe053aa35e0067ddc25d0b3c282c8b752e46e87f2cd41793b31b27e1d66a32e6a250dc7175c538e70ab356500bc6e6949eb4d52ecce0d61b8fbcf5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11aecd1558bf01568250bf540a40d8c2

    SHA1

    30e36ab844982fe6abe0248421d45bc441c597d7

    SHA256

    3e52a73b1c4c671715a400371913be1c7ac42da6e6880006e13c10b34e0bd61a

    SHA512

    e294a968bb57d9b98b826d4802127442d40b72b6ba6dfe4790cdd143e3bb6ea6f972a720068fbc9c27995e7756c805c90b14117e5ae7a80059aff069d186eab0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dcec809236b424280d17e5c70655e6dc

    SHA1

    b77871de4a3c89326bbf0b560a7fa175a7999a58

    SHA256

    cd3bcfff9c6e5912fb4cf2a87223ae9016b23faccd6bceab501a6a2c5673a1c6

    SHA512

    cbffc0be2caf3e23b6f00aad643a531cce0e27e6898d934b777bb7e4bc9db1a650a86083cb6b1c2f64219fb7635e3983fe94d4cce3097064f08a62dc35117bb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a0dd6db488410bd1a600ee97b03d6519

    SHA1

    881478818b33dba21ea01bec70f5209fb9ec0af3

    SHA256

    41ec318df00599ed54c285b2862883bf2af72ac52cc6add8c21f97072590bdc3

    SHA512

    585d5113188d9037c7741917764550252de529e3a7dfd2970738e7864da925928b7c22ecfe1669dc943d0b515426c2b74e82ec22e2ad3e372efab833c8570ec8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0211b3fd0a2afd808ede6fd2a1c449c5

    SHA1

    2c96632f57857666d0723fe478f92c26b7a88c41

    SHA256

    835855a97de7c7e84b0f983908169277ae893cbef4e4f697461f0798452e10da

    SHA512

    0a8e4b1ff2a7c74b07a79d1cb2b99b6e8b1c126996fb7d71986013b8f3d8972f65e3acbc6bac34ad797629993dc7f4635dd1f1eb8115504b05d2847fa30db358

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e7d8755a1712b49476d16711e11f6cdb

    SHA1

    8d81c4ee05797398cc1fbaaf0bb63902ca00e034

    SHA256

    b10dfc05862ae8ce937094c7911f8f5efdf6bae1fc26d5be3e49f193f3e7ed7f

    SHA512

    631a4e36e41222d9c0251abb2a9615e4bb79b0d681a89e92eba1dbcc82b7da2a07610813f018378bf15ab41035a389c10ea77843ee9f852870c752d988cf6bfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    56645e2d28a1879ddcb45e4152136a15

    SHA1

    20ca696aaafc228cb4dbd07bcb14d255f77f7e8b

    SHA256

    fc5d8e796b0844c8fda605e7f0727ae75d9a923508774916e70c90b99f6f4b9c

    SHA512

    17fc83f7627835cb5252cb0ff60b4b8b8ca90426fab48b99ea606a2815610ee502644b18d903d5bad457927389cf187163b218ed7e5eab5d3956119be2c12beb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e56fce296eb9c68272767ff4f22aee54

    SHA1

    bdf478276e7a48b8cc0177c3710acec51b2430c3

    SHA256

    675801b82d20ee5e6be2c9f49d06003ce37bf7f10fd3c459644f0ed62faf694d

    SHA512

    1a2e97d77e306ad8609f7ff54f266ee59329026fb650270f6c2a3d9c38f695733b1dcd69fe50c65c4e8fec153a0f61af75c290c26df3e6752ea0f84955b3c22b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72ad72b6ac5740842f8a1124f588b9b0

    SHA1

    585cbde806eb9c77bc594adc20bc478a72a0407f

    SHA256

    7c60fc78fef7a4476583fe32418e0ced2096f45d226a80de1a230e458d5136a4

    SHA512

    193ab6c61c8ab6357103d144d16ce5b8be90311b0bc8e71f691bd978d403e7b9bd39998d02ad69df941784dcd4e8da40aae6b521361446c13eb4fb3b8fa36e1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    982f4c22453c4103cff4ddcdedeba454

    SHA1

    18f487d761eafdd97168392eb004eae7ad0aba7a

    SHA256

    716fbff8ca149d81d32fb030c3c46824493d24d5af195af5e6ab6444fd425ba1

    SHA512

    21aeed9a45809731f70fc802c4d85706208bc8adff5ef83d145efc67249e5352481223a6a0008fe4ad27162a33d074c3c8efa273d9dc86e8c42b056fc8b7644f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    77394602a9ea1b239649dc3bbba0d574

    SHA1

    ac31786ecc1a2791bd4af8a7fbed6c05ec27f247

    SHA256

    3af1f165e72258e024dcd850386c2a02de60274915a6b401fafac1c3bc1d7d19

    SHA512

    8076cdae0b0f67daa42eb62538184264e93bee46955c152c86972041d65f85c6cba3c0db33de7b0214a9a70f65fe4ea79bf54b965cba16e244f2a5e342571895

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1f80e0d47c1d65052bc82a6197e78d1

    SHA1

    eb38ecca9b371ea1d6522233f12a3a65ebcb5fde

    SHA256

    88bf53fb49d1812a7ddade90d345867a487e582ad7d306411847f3f325c1b5e6

    SHA512

    35a755b2f103382f397cb37da126b7bc97bb73e10ac09eb91a055a1e48a46c5802c73ab578ceb21554f5d962bbf294a809fdd15f721350125d8f9fbc007f57cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72939097ec17bce87f0526cf67a7d7bc

    SHA1

    da307df9a344d579490a3d668d79038e44a769f0

    SHA256

    869d05066ad41a61432081f83cec2cca5b0c28ba3e16a8c9b359abe9772f94b0

    SHA512

    59429d721b695328f1d34e65987a9e1d79b6b8677fbb2aaa23ead535dfee5f6556060456618082ad65dec87a54b11cc6f69cbcc364f63a5a71c933bc8a040dde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2a76fdb70935df35a395d6d2e061c0f6

    SHA1

    a0d662ce6d4e8dd3cac79fa3ddb8d20ee98c2253

    SHA256

    e534fae5268bf2d3ef367ee45dc4c644b2c3cffb43d62fdcf2c389781d79a208

    SHA512

    7e5196913b7093893cbd73ee9b4a8da58c1724520ae9d8d78f5cb0ea6f8d30441c6803d0a93cd00d5c5c3182d229e9031b21cc8f7373aa897f1fd2515d726413

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    563db35fc4667bf98e8da07befb3b196

    SHA1

    e89d090585b2251dc4492eba167199d7b8b7d63e

    SHA256

    c1a3a42c76eae67d99f2e491fa955b5c5e647eac38d32b45a1a26a626ac2afc7

    SHA512

    cde37878218ba8ba535824b51123a9c1864b76d316d76eda841f36a3ba666a1f14ab6c5d5f3b1cf1d1d5641d98f31376d9a3ad43e5b9d3edef83fae85def8d3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ea1cd9fc31b3c3709e8ae96535f9a1fa

    SHA1

    985b173a2179ac6fef6343d63e07dd55ad37174e

    SHA256

    100546dd0d95ccdfcdabc6a94079546588741904d7a074eb353b1b25c09ea9fa

    SHA512

    6b83bb7ce768cdf96a1c92631a0b88364dceb1d053892fa143bb38828ed91450b33030563295034a975c608b960fd8dfa6ba8f0fe560f3e6550698fe856844df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d3470c3386ade2d2898a289784e8f43a

    SHA1

    169ad888dac0b071adc8e11f1eaec52eeacd6309

    SHA256

    114d6db44834504079492b0f341a2268fa851a6322fe8a42b597c8d67b03d21e

    SHA512

    5da6a2458afc7ddd296065f6d01c4b55ef93deaaf519460bde4577b170f773c0dd38ac6f9c109286dc77327dfc21ff990b56606228fcaa4fc5f199bd292fa381

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8baba079a676231f7a0dae9b2c18b532

    SHA1

    3b1c5a1f991251a668c5b70c0b6db79215c3f7df

    SHA256

    f35c7feb2c68ace86a92362825e8c57de3ef72d8bffb79bebb6118067b80ea4d

    SHA512

    a7f85403212bfc7542c5217f8f4310f1825975b992d9c6a4de9e9a453ed8f1e7c3d4c1280316f01ccfe2a6b3dc59691afa7e1a2954257a05d29bc0fccd9a2bda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e97a0abc1608fcf61576fd6bb285a4a6

    SHA1

    e37059d9acbf7a08f9d093282d89b2d288714aa7

    SHA256

    f73d739bc3da832de7c151fb7673180863d54a5f9c6f0208c7460b2091074391

    SHA512

    927b1a297411bdaf547269c8c18652a4f93d41044fc748eb3d348a4a60f93535a0fcc5181e3a3f98501484c82ea3f3e665d60c9b4055ba884c3b37dc4c3ec4de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1cfb3884805be97e7514931531b1ac95

    SHA1

    25b71348ad2b6eae804f02e6afabab1d7472419c

    SHA256

    c0fc2a0ac5247f4fd3ae3e01349b846f6bc8ea794bb38b7434fb5b552225702a

    SHA512

    1e479a4cc255dd04ff93aeb7afb711540930a33c11f5f5c60a179b277f1cf5a912bfb820c9eef4c6a8c0ab4cdaf343e9ed91da66df8b7fe48c5d41b1bb7110c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f35d1e8c10c00efe57f2728f5fb181ee

    SHA1

    e965e6b624e50c54f5988aab2e80498a46ab4b35

    SHA256

    4ba63ba8ea42c38a23dec69548a253ccbbd7cce870a2fe03ce8d904895d31486

    SHA512

    612566a716993035e80cbbff09b1d8dd04abed657092443900ea0bdb0c5e404b21eb1ba769c2c9a11fcd8b5fa3420a382c1637624acfd99e6d7ca3c054803d44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f69dae3478ba6389017ea58670d5fac

    SHA1

    0ebf8530957fab921dfb1454013e16d0a7965cc9

    SHA256

    35be5ff492085712c96bdcbab53b75a0859e2b7a954ba951e8f39e864a0c275a

    SHA512

    7d1f3a5a10ad3db78ae6493d9d60af68470059c9592b2b93d9d5b32ce4df2c5a628646d95ace747f07a2c534f1cfedbd595d114180bcd919ebb49d164b8c1543

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2d6ea7467025af254ad32822b9bca9d3

    SHA1

    803ee0ca6acc6fd3a96aacdcf72b13ef3154783e

    SHA256

    3fae8acbad517d028b1eb60bcab2fd65f188138bfc65853b85de6cb35533d825

    SHA512

    8e874cc1c7c5d446f330c2af0a23f3e36d5a4e7d17281b8ea563ac814cb5f84afc7210e0b165be4851c1c5613ae06f3105d05a5438e8ca61da23f5a862c29d5b

  • C:\Users\Admin\AppData\Local\Temp\Cab365E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar37DB.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a