Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-05-2024 01:16

General

  • Target

    xoxo/cloud/main.html

  • Size

    1KB

  • MD5

    42b9b283e2a935bb03608bddfc4438a6

  • SHA1

    6d3021cba6158c587be85347fe00f9095a0af952

  • SHA256

    2abfef3c7df6af64e4c40a3f55027bbd691dae1e0fc508245f28f5287c83dc21

  • SHA512

    ed3f5ad3eda5be94d62f2f36a95eb378eb07551086c7ad0705ac156b0325856737aec4f8adac35c1643e067e2f6990319380415cca9b83bc0a329b6cf7f97dde

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\xoxo\cloud\main.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2760 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2252

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    c7708f0c034c05f4e338928f9062446a

    SHA1

    0aafcab189ee0233c8e1a457af2628629db6be58

    SHA256

    faae49aabfefcb3052b81eee12593346c6dc1f07caeb465705e08b6250007067

    SHA512

    6182828c39ae741f4551c6610f539db0a9a15ef89626315ea82f1dcbabd566dab231da05c0698c57f17e6ac4c85c7b9a929f73667bdd241ccc0c462a23ff117a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2cc783a13ef960ecf2ba343259d37e0f

    SHA1

    9c75f28f1d8c88e6af01b0364ed432d8be8d3ae5

    SHA256

    660d05c62ccf7a559c20306473303fc3401bcfbd7f3ce8abf3ac11a019009250

    SHA512

    91b2b5102694d5c70a08a42225897c34e82c44359a8125822aeb6df2c9a65493fd41594e9744fc7c5d945ba417369847d078a0b88cb3a16978808c556197f16c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5accd1110d0748c9b430f16718fdd2dd

    SHA1

    2aa476bc473756f4e9fcc2cbc77ec3592ff23e41

    SHA256

    29040ec106a17eec50478f5394f041409486133805e3d869e151d499deb63ef1

    SHA512

    fe8484a52ecdaef241b30074886d6ad47cbca09559f5b6c4cb066b2f45d54e769b46a304bbc5833ea2314147b2e22deb95d3751834635acf97e395cbf3726609

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b86e0610976f75b2f484856769978bec

    SHA1

    5d6e61992d7feac6780bb97b12dec6ad8c8a9359

    SHA256

    c5f716ddd80bf50cb9a085bc899fd1b439c9ce4dcfbd9b00e5bfc653a2ff7507

    SHA512

    437ea75dfb90ce63a0dd96d90d885568063e3f57d3651465ac2517d5eb6a2c0f4ca86c16e7ea06d1c8fbf1add4d4f5046d3a2ce00956c1af522b9232aa593349

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    68f8e83d07142d080a7b3bb022b35769

    SHA1

    e9466a0c4b1032c7478aa25052f61a518d0e214d

    SHA256

    927a2d7da9cbdd45f9dc5b328e5e9a04236d19bbf85636b72f7587ceb00e6afa

    SHA512

    fc4ef428db06f344da9dc390903c3bf3c1c5c3f063cd99616d57f8de87f6f8910f6360f45b0302ed0dc835b5c28ef3d811b2d07ba81f0c3dc8efba677b88f69e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fbec1ccd378dfb8542bea454f20f3365

    SHA1

    41d7bc384df6c0c530fbf904f79535db71d03fb4

    SHA256

    6501779ac1ce40d36324592127b1fa69ca4612ab26f6b46b65ef8a87119bbd2d

    SHA512

    575c4bf0d776dbec27bc47fb7f58e2e968de8f1c6d8bc243c39a57adb2cf0b1df181221d7039470bc59801af7fe3436bb7803b25d7e485b6219740322040ca53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4137108c3a59e46603b2d66f107cef58

    SHA1

    516ab23820da8d627f00186a8871602d15411b34

    SHA256

    2afb2e2b991696bc205b5d2b5784a6f0329884b99456819a9ccc7a12eef84c62

    SHA512

    9269f1476e3c3f5c7cc90380cbb0c1083a301479be622b894d35b70a6cf5ce897b194c3198c9b23022c38bc02b164c37f213ec93e0829213b717ac566dd34121

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71756276488267f23d0a4d7a3a6f6efa

    SHA1

    2bc6532cd06550819d1dee5d6c2a62c8c98bd17f

    SHA256

    98fbc5522b0a17371aff76fa168fb61f337a18444186d955e169599ee27909c5

    SHA512

    c6faa216d9f4afc428416ec28344c82ccc11a4454371f7281e88f8af567f6d70dd2cba78a920fa5b230f9e16080b979f219e2ae6739315d97627ccc0c574da6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    616376933de6ccc699938d715db19bb9

    SHA1

    e8e35ad9148c86e58c02ac22a8f205de20625f63

    SHA256

    34275242a776ce4decc7210e1de59385ab000d480803872d5e7059f038511363

    SHA512

    5125506c095c6020f79ec73cccec3944cf8c7817a8fc232d3c3d8fdb976990fb5a1e0519146bd386019beb69dcb432bb6135bd0efb4bca28d9d52d6f7665e7b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    460d0d109b6f58269e0b76ef5ece5d9f

    SHA1

    10040cc34d2f1fcf5d351fd531d432847cb1bb49

    SHA256

    0ef3fa45708ba52740d524a276ddff8fddf7466848f42dde716313f30b3fdef7

    SHA512

    b72602b2243bcd0bb293e23a26d0be6d102c0c3d0206d85e8810e4ff5f1f71463fc79fce033a830367f00ee0faaf2343c86db27730a2f3014bb34189f33f5f41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    607dcb96638397e322c536621903b8af

    SHA1

    1ea8724012d6185e721e18ab1c531b21754a6aed

    SHA256

    e2ae78c37d25723ccfb900a9a95386cbb7a6a13574e7a55f53884bff24021885

    SHA512

    0f23b56ac1d206808d8c5eeebb171e7e261d07721d79c45265130126225d74d3b520b655e404dac058d787d217448b9e44b827b4f28a4559e5685777f41a86f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55a777844c44a41fa768948e988481ff

    SHA1

    4e8f48b5b5716da9b4837e9b157607e36188b7c9

    SHA256

    f7598a486318d6bbf18ef3828da06ae374c9439cda171b82e68754d9ed27acc3

    SHA512

    f8649359529b35084b37c49e3dd744ef20bf744cd3a0e5031165e1d3cab013e9b4c581a55012f18fddfd9cf2af51e2b4c80dc10551bbebf73a6b1f075c3fa88c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c74ded98693b570f849464cba81936b

    SHA1

    bb865f6edbd33653822035b89d1177ec183365a2

    SHA256

    612c8a9502ea75dae22a5b17e132371d022c1d5368b5334e16cfaed250035b64

    SHA512

    1bca50331db980ea4e4248d4bbe1ad7288be9d45d0c1009610c9ca0f55b0f5dbdc7e09aa169e2df911e4559378d0923cb09c4ec56268db8d3fbe7f3e47b9133c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c5b92b42b6a7dc44175700e174d3498f

    SHA1

    45e963244258229980a4b9e546d50c8b7a00b80e

    SHA256

    873293f23ed7bd03ca709a9adac7c615fd1368d44d9d2e61ea127daff012e354

    SHA512

    cf721f2538f658ac80154e5c5c4a65db2db6792daac1f2cebc37db194a9fdaf5c145f1ea0fe71b51d874bdd3da859e01cdd9441b99edb2d78acc36c30e73a108

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1b48d25473c482f0b828c0767fc742fa

    SHA1

    083ba36bfe96d189e98886654ddd98aa90b2dd6f

    SHA256

    d1248785f9c35624db391b0c7b1e0d833f38119644627a5c126763a74a041717

    SHA512

    8f7cb056a8cc1a7df5abf912d6d4521a8b4c9234b051ce6820123b990a7a582da6c6437af655bcd406ecd03ac51d8214c3448f06cc13303bfebc46672a86398f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94178b4abc9f2f5bcc40aff35f8cf56e

    SHA1

    a9ba876a801b480fcbfa564541bbbf2cd2f794c7

    SHA256

    b6a0b86b8d4a9afaf37225f3057836d09c832069ce929ade07e1f10c5f81533c

    SHA512

    9584fbd6fbadc2498b9d0cc50fd0007aabebb8d847f33eb61fce3e5a0ac9906720a7040b8f4a9939e4d21738fcf3410a35331c46e7618be213ccc4bda2ac63af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f4a66d82d4b273ba0be2cc892d86d62

    SHA1

    419179d4a9aa9630db949e2f04ba900b48ef778a

    SHA256

    bd0cd955d6d08e5bb91654557674fdf50e63502b184f85241af3d092c0951c75

    SHA512

    aad43364dd1507958f6855218bba3a18c203c1f40828474c0a4cc7613f1555c5a99faff6fdb6b258e4baa34e47e4ef75f210a7115cd778dab1dde8f60c2b641b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10a23d47c179f4ba98f66fe32356234f

    SHA1

    94e0de40d3c69610fe3024d1cb2c0053e39b1c2c

    SHA256

    e5495c42f3552ead7860b561d0956c01623c14e324749574ec19a39d0ab338c6

    SHA512

    a667e9af2ac8c7284b62e358f25b7c550df9b266b9cd729d438a9e0713a58a2ad1fc7b1890cb6e0e15a7cb725711f7d0400b6ac3b8fdfa6ef599069e4a8238a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bd50c9ced30c569b26278eb8e4b91a5a

    SHA1

    1c5348619b13247d7f7c648f77179aec08e7ef22

    SHA256

    d30f4883712ca7bdb17db0a3809ca50ba96f396853abbaf3821d3590497a112d

    SHA512

    5fa04b0c5da18127d091807142932c5e5c3458a6306e3c62b72340aef55cefa12a62e6784f6ac50daae6c286039b69b5678b67f09c45ee62900f7522b56cbbdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    d68506e891f41e947aeca98ed2de2dbc

    SHA1

    2e466e5e8b5aae584c458978fafe80328b801cb4

    SHA256

    380efcf93bebbcd5cda8fea69497273589197c8cf3f61657a55ab560e60a6f01

    SHA512

    66d592d0ea7c7be4f292303c9b38371db19b97cbbbfbeb286548689eb096dfa98c390816eec540b61b9e45b5f91c303a5620768596ed3ee5a9a2f5e646664ccf

  • C:\Users\Admin\AppData\Local\Temp\Cab2721.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2724.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar27F5.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a