Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 22:13

General

  • Target

    begin_password_reset727114948.html

  • Size

    10KB

  • MD5

    098cb18bf918dd68d7e121c6bcb4e6fb

  • SHA1

    2af7d81226a1ef3e60143428a112b37640e87436

  • SHA256

    bd274e2a722a9ba2d86a00932d4039e3e110de551e3b6230cfc11a07542bcdd2

  • SHA512

    eace8002bdb1274b6516d994463a8110f9e37c581447e0554b9e116ab186dc29f74a878642d65912bffac6571a280ae8421d09a69480512d5c8f37f6feb5f6c0

  • SSDEEP

    192:ltJUWt9PyiovLOZHAzdhmXOvGl1SEnqHN:ltv3iQYweK1p0N

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\begin_password_reset727114948.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1948 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1064

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d683965ce8879871d161e792bad75363

    SHA1

    73e578e00373c85a2290eb11981d03e6af9ef208

    SHA256

    410ba0e3a8d3e5892849315b06ff2576f7704f5c4b5e187a5b95167e69d2f2cc

    SHA512

    b90df4aaa1503981405f8a8dc4d836b73561580021e37a34f20ce1f5e56175175a4c719afe65f18f657d6a6f4228ae2ed19a6affc4a7482c050939a2bd2bc5d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b060c84cfc1e0b35997dc045f707cb00

    SHA1

    bf16b8ed07c805b5da59b0d842362d8c714c5cd6

    SHA256

    dd0004aa885fdeda342f9fe998b27618ab36ac0897eedd687cce86800121b8e9

    SHA512

    c87b3b70dff51ff70045381b999d3b81bf9e088a84526e637b790a11c1bc784c94df6d34ed17069b041b388507d59e67da23d69b69bb4cf2ae3cde15eed790b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    180d1365b228123fbfc2c1e7f822d11c

    SHA1

    49a90750b40876c03c6d39a3c1ab3b53242ae60b

    SHA256

    a4709526dc375e5c3ce0c2599932da0013201ad7b2daa12e28cd93bb81975dd5

    SHA512

    c038e7224b8cee852d1fb4744e948419b70c71115fa2a51730aa837a7a5beeb5f0a0f5efa511c2481ddef06d459d08f6ad08daaf4f1f9e4269a7474992bf9789

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b8903b556d72320023a1abf990a5cae

    SHA1

    bc06de9be7151b0aeabde5571ff044adcdde1e81

    SHA256

    0fa1725bb0953423bd4b570c519de7c5d41a752d5145196093c6085bcbb18ce5

    SHA512

    164092c241844dc86e418a683f43811180941c1c8ad22c67834120d00aa851f980f01a7cd642634458cbd3a2448fbd7b1c188290ca925f469ebaa36729a9181f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f1072cfd6aa15ea521f9e37ed2c907e

    SHA1

    a158d2e4c04253698283ac9d4728106e8845aade

    SHA256

    bbc51be98c6cbc5831ac4282761666d55c64bb762d0f0dd0444e72a85878b8dd

    SHA512

    1370e61c3486ceda5536abad0bff0c978e8ae8889cfeffd9791d11f76e5034be904709eb41bdc3ab0621619ec6c4a8b37717e7d7ad066d0c395b3fb300e48f46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c7b9c0602988e225a3b8418aee3a1a6

    SHA1

    909e220769a7350674d3fdb9f3aeaae7e124e04c

    SHA256

    80a042918d286e84de29e1a2c74317cca92c7079f4cb818ed92460abadf3cde7

    SHA512

    b43c4f294cbc66860e9066a6d86d25fc998c41328df17970af8beaf67ea11881bab2de7a752a70b440ed25e3bc80166d97cc40ed94adcd8c979c51dae6a6795f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebc36d7a442278a23d16ad280234795d

    SHA1

    0ce04c755c0712383afd8ceb726b1cb79de2fcd0

    SHA256

    a0288c8667edcff56b7aa2b42d39ca94a30b920da7ce3b153dba7644bb0d6f9f

    SHA512

    65ee0632bb7a51f932121521c515ffa80e0f691573437e01475042b2f96b19cebadd85401b7a6bbb8f2b632ab86f461a842e8584a73d75fc1c2322d8350ff7b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73de88a12761b9c533011021d30d770a

    SHA1

    c07227cb52ab66c3b7e4e93b122d7c35bc9c84b3

    SHA256

    29060a2af9ba4ea8ccec879503706abd54c708fd7b6f0267a8f899712c753045

    SHA512

    e16721cefb94a3803b8b92f277d34f5aa821269c291c16e512bf4be7015170dc2624eef496944ed09696fd393e9851aadd6218aa4ad5106196afa303bb128e3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b805417730d59412a1a1dbd1c7ffc0f

    SHA1

    22a09aa14523b0d79014e72c10d26a05d48f85cb

    SHA256

    1e4814f06ea966d0c8f6a176eca134609a82665a30492974fe9bafd52dd6d338

    SHA512

    350bf50ea1b4d1737bae83c32f7863636712111df3a0264d0d73cfaec268a582b263cf0fea6df47bad7e41464c76b158353fe74ff9fbf65efa742a1fc9b59923

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d77e080c55c18f3631007dc2ffed0c32

    SHA1

    170956156d5da5ddacb6ad812a1545611c4c2b39

    SHA256

    babcdeb760cf2a843268e472cc9d7935ad2f8cd1c4a816785f0f8ba4dac410d4

    SHA512

    373356bb56e0810bda84b02ddf742fd0f65981c6cfa9223749da1e02b7500d22bf86e49aa90b159d3f2b57e20848d2795020d31c811178964a16a7141635cc54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    120204be6ae421f96c09cc47cf82af1e

    SHA1

    67bba052b33c5948af902637f16cc0e3b912f719

    SHA256

    eb6fb7740ee6cb36c6be99cc47ca18bc1549cdfda13470188e6ca99a8524aea3

    SHA512

    44a6e4b036b8180beb0012d135ba741569beb6a1ba5fc877169bbb4f865e412a6c976d467e2fc758ea5ac6013ded0aa9c5937f435d65006ca63ffc8e6204ed48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87f039822f2f40d72b36fce78b93deff

    SHA1

    94114ca68261c9c5ae546b79c9facdab29875a8e

    SHA256

    17fd3ca3332d345a0ac487bc37954183280fcabf69e512b3bb67d35a07484072

    SHA512

    129c3fec87445c26e426743b7f1c827b473db8b6a12eb876b477e0eab2628653b8aa109d1ab5fafea2ca84bc206ea17413bcaa3503e43f2a0ae819bb42103e35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70bf5b2f8d7818c94d8da3c4a1502846

    SHA1

    0959aefe00e0a907b531a061c173c6bf4bcf105f

    SHA256

    1e05449414cc9c17da87961e960df6101894885b51a59393523de6f840e9c596

    SHA512

    220f59cb9d4a1c83ed4291393077810cdbb93c06efe1df71e56b8e9eb571f4d4d9f9c1a88858a85612e69f30efcdbe2fdfd8bf42db87a44437d61c0687eca27c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dccfe2f0d0db45bef66422027801744f

    SHA1

    935ee12d82a803ba23f46b5d2514affb5c2f3172

    SHA256

    b6863c86d6309f8f7861f8e7a45cdbf05ff54635ed118138d8ba5a80200137d2

    SHA512

    59f0baadf0b0218c04b4e936186eb42b9ffe9b5fc34b529f9cf2e4ddbbac1f48739ba3cbf33828b75abd79eaa77dfbe0217f89b388ce4ab0d2fd666493880147

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6d63f2d71f118de08e9d7df9369eba6

    SHA1

    23a6f96d4a2bfc940824a21a4b7d2386a3f66aaa

    SHA256

    3ccee4a511b7304ecda29f58e35889842d6f611235dda625f6a6fc0b173938bf

    SHA512

    a855ac92211b82c8634462fc8677b9be60a5091c9c0b390b469b2e86bd2503e5dd50b290bf026aef67e75919dc9f69dbf8bdafa580715bab283e5cdcc3b0d0d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b62ff43a6613f02b5dbee3e62516dda

    SHA1

    7ffc590126d4c006bee1527e0758c1f5e4901ace

    SHA256

    fe4422ca5555d3cfec8233f87a64187057b48850f1a10e8e46d6396105f47dfd

    SHA512

    2ad7e7c15edca4fb8bb558e631d77667da7ccc1bb2ccff2c65b3c96c8ff98a31d3c81aaba91e0ba0eebd75ebd5cb85fa8654a28cd8875cc5f40ff78e9085f5d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffb137348a2fa3080d113dd7539af42b

    SHA1

    909e763562a33bab2abb42717885672bb81e3ca3

    SHA256

    8ef66a4bd7765cdfe72a9ee912c12c9772de0799ecd8b6ee31bf4ec03ebcbd12

    SHA512

    a60f336e7b00ae8129c4f21177b4520bace05f36fe6b374a269a4edae52e1e67da359a5100ff781f2d6aba9a73b096676bec9a35b8ff65e80c77d22b7166694a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e80e522fef8e6205e901869f823a3a53

    SHA1

    86a4281a9ebeedf836853e31d4be2881c7493dfe

    SHA256

    88726354c833ec3af64aa3d28c56fd85aa29ba6efbec9994c58e4584b74485bf

    SHA512

    8eee0b0a0cdc92a7c1127559b7982c0736a1b7110151fb885e9c5fbfbff164b8e03e14dc677ee6a8d1ac097c64b8b9ecad9413f5019f32f128533ef34113c17a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d85d2de6a7e1e1076ff3476e02c6ff8

    SHA1

    9b6b08da4773cfa02879cd9d7e1c2cf548b6264d

    SHA256

    a0618f27e6d1d682bc26cc1c74b28e0ff784acc834bdd13b4523044b108f834d

    SHA512

    5286275f125c3b3e2b5b153292e49055b2e31da6301fad9112e9056dcba849ac8209011d7f9841249d1e7284b05e25dd24afd7b2cd8c0df702d5c51f5ddea38e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a22b997d8e710d07f3ed860634392706

    SHA1

    0504f7d4b0bc8ba00f6bf96f91a8ad1739c805c2

    SHA256

    c13f58e90b72792ac5ea6aa5318f1cf65c8632cd30932083ad223fa09711811d

    SHA512

    8bf54c69dd6cf7271ad373c14de4db3c4f76f106d6ea8151c4d002030d51831c771c296c0f1355d688d4cf3db545356888b34036c87e36c237e3a058b18b51da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    623e8f421db19d2bd0993698f61fff80

    SHA1

    856216fe9903d92abadee6226d25247fefd557ee

    SHA256

    94adfd5cc9c735475cb1b6b795f0a4abd00c5620decc5eed07aab0bc8a0efd2b

    SHA512

    c80ffddb5d8cd74954d3f430a3c5624b65828dae513390e7bded12a2d6cedc19f966cf807a0656cfdeda1630caada160436e1dea389f0e7b66026a28e17e5651

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0fdecace01cacba96b9545d43eaac3d

    SHA1

    66d936c41dfc965d5b12f5687f8054ce08544131

    SHA256

    ec42d86abd3643a16ad416cfe0e971e5b933345e7922dbfc1a7c8b8a89312a3c

    SHA512

    a9c5b1fc4bf093cbf2e7075a9641f24ba5d4aaf72047a250519c0015c982a57a23ef008a88d2df53f36c2e74b8256b22816138ce7afa96a891df9bc94e09a386

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    624049c53928a80daf37201879404d6c

    SHA1

    4b7b19634eadd17efd2f5abb74beef60fa62ba66

    SHA256

    63b1837443c047b27caec7f89e4d986019fbcd105e9bcdc34b9f766acc404a3a

    SHA512

    ebe0662c50eefadadb0bcfb293deaec4c5ae6a5baa02d1f4dbe11d87b26c6b31bfa50efd08734aebe23f234c2c2c4babbb3eca9269dd148d1433a2a698464adb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    276e652ea006c659e73b221bd76f6587

    SHA1

    1ef003404183e1f99155b32434a0c4d1280496ca

    SHA256

    50c62d5bac8c8a095fa3d7bc52e759e2a981cf1ef4b29be50ad3012da86581c1

    SHA512

    e96df48db10760bae6fd2c168a6f74a9bf15b01aad31cdecc2a683b5ac3b6aacbb26a36b3f48af024a47c41ed473af5e9815ff3f89cca29bdd3fec8824018710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d414a0da4136a5ed1ab2e5e5d5f98d5

    SHA1

    d9633d3c8a8eef3711c28fb31268c4c2ac1f8387

    SHA256

    1aefe35c1846b61635bde1f111bb122c51344ada8a50e9d8c5b16695fb9d2bdb

    SHA512

    024729cb3bc811bef3cf01c873374d0866339b215d744699a51d608926dcb9f17bba8a4cd016fd1d852a44e47b3400d7a87b376a534bf1dc217279feb0a5dc8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ec2fe1a71df758e010390430d5dc9bf

    SHA1

    3bdac7d0382dc5812d9cb2c920ef0f0363933c0b

    SHA256

    41e4a6a85f36a8d503b4426810bc82d6d26e5f864bfd454eb8873130ed0059c6

    SHA512

    ae6f6a5e9a9a70a98aa65e99a6a73c11aca13423f1b12d7e9871b3f0f87b15fa5930fd3f7fca480e5c088782cde3f30ef09e787ed714018526f51309a48a64a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c8ceae2bff4b0329ce72619d6472baa

    SHA1

    d0a5bde57ae6b0684a4ea814aebf21c2e0692285

    SHA256

    834498aa66ccd0efc7ce3320a8062069eb5e0ee67b58501e845d638895d428af

    SHA512

    de716850908db4fb1e9eb9d80b9647ad73e1e5676f273b80e2e00ab88098499b87651ff26b8ba7236d54a0c352595ab7db8da36d5d1d23bbbfd507c1ce5d46c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54c896cbba014410a28c97184e0a8edf

    SHA1

    f5c6100909a2b4ae2a1e1dc813163fbc4cf00b82

    SHA256

    73dd4651d19e1c9cbdfd66575b574f0e6ed70c63743405d01344216c850c5395

    SHA512

    300fd8e327c8ec43e3a38534d35aaeef60d6adc6143a3b2cfc41d7b07a7979ea31ab74ab4c179c921563bbc663d2b53ec7ddcdcd3c8430e181a0acef96e7e6df

  • C:\Users\Admin\AppData\Local\Temp\Cab2A8A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2BDA.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a