Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 22:13

General

  • Target

    frame3.html

  • Size

    1KB

  • MD5

    99af8fb9c94ecc5f0f0f171d5cf53f16

  • SHA1

    96a16305e6cdb0ec5276b239c77c6aab9ad03a33

  • SHA256

    c5f5a5dcedcbca9ee49cf724d24ef51e23cf36ae1d50a898102c3cdf833792e1

  • SHA512

    236495a0022ad41e0c2d590be8d519412126e1e3f799feeb9e8830ba0e0dae012b13b0cf6987618586ffe8f65247bc12181ea556a322e3221a0d08fc8d7b4f58

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\frame3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c19884cec5c63c6aa925a952acf7542f

    SHA1

    2ac7fafd9c9f807d8f94560c1b2e4bb62f22dfad

    SHA256

    e8f491b8b8f09511e989819515c61dbf9c64394cec89b1a014d159383a7944ea

    SHA512

    267bb61e072b62402c236ad1b62c3387a6b740295f9653475b00b173efb96fb758e5649e0ca89875f20991197251bc0e51a38348c98641218c2d839f97508bef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcd2d168b8e7e5f85a5318f14a1443b6

    SHA1

    aa79ff31d58a6c7c17e7dd90037f05fc6b493df1

    SHA256

    dd7a70649bfce4a03ab773350f992b966e1a64ff8c64a62fb837fb7b05c40806

    SHA512

    b1a0f3ae947052d98d8d30c3aa6c8d833c8786b380ee7504eb8bc3034fec68a5b3c28692f5187b2065ea1eb1afd6473dad0f3a1fc9258c67a2592968807cd584

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    265c3a2e1af13a1713c6a38bf0509b47

    SHA1

    af3fec8dd04207b9a5ec2bf3689b3b0e834d7c7f

    SHA256

    76aac67344e9644eadb8eba3595c183bf44e5072a51b8ad7bb1ffb66a051168a

    SHA512

    fd2769e80b0d74935e363d7694c8f003d6920ebfc765b6449bd3e95273259b4c8bea49cc8d795e89dd1d14d8e5cb6bca32823174bf005e8bb2577c11cca06437

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    badf24fd540c53c98514723ca4397270

    SHA1

    819766506733bdea0a96aebd6681a816074d8844

    SHA256

    1f4f97d8ec9ab8cab83302f85453132f02b2ffb6f89ea66ec6155bb51504c9be

    SHA512

    df2a6c84da1c1578ecfb4f7e92cba7f3baf6faf6eb5c790769f915bf3df361dce119e9662f0d805c06ea9937773af757c586e8e69320501b2277541318b299fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ae6044f832ac4d5b7a886ec6afc2447

    SHA1

    fb4724452f357e3dd95d5121814babb4882bed4b

    SHA256

    9941ceaa52759463067603bc20e6925769b1c6add346f351dee665224a98bdb1

    SHA512

    1a944ffcfa8917da7215307db5dfae6b6da2d18f14e973cf81f9438a1449cf36fb75e878daca9f5719ba9db3f919f801d5ce83409db5356d76ed878b029da1d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11cb67a4e1c076c4d68ea3f3fc4bf573

    SHA1

    99f5ff9e0b27127834f0ecadf548edbb27e2a451

    SHA256

    abdc5fff44a5214cd99e4394dca6f528f36036a1ebdc6620627379b750363c48

    SHA512

    5e2364f595d5a89cb7bc551e97e26030d5825eaf4bcd14c200f8b9fb7b81d5c09a26b6ceef6d8ffa3a53d8c94b6c5fb47deb35b552212fa02a46fb64358cef42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0652a5eab314c1f9b39f2dd4140173fd

    SHA1

    6e062edd82b151aa449e7f515727adf269707bf7

    SHA256

    0f3d8343aa58472da6c8a6cf9c5b2845a2cfb2bbeb616add288a0b14562a33cb

    SHA512

    433e4d17b28b26709b0111dd45213f7ffa78d8eb9376bf48e188ff43244fddd95b74c03b429e02e4190dc61add8aa360e5db8a056d8e1c91177210e26f76dede

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0b7ac49b0ab1220b77761bcd2042699

    SHA1

    b1ccc421ec6c08bb8262146f2ad1fa9506b3bba9

    SHA256

    f1d4d348b22afc455d28f21295f3bab27c531ab6857916c8931b34326e4e95d4

    SHA512

    650ec25f77642b1a8ea97a9ce6df96f365620bd0eb2b1be68adf8473d000e29f99281c38aad41aebb818b377c17392ab335db992c2267a65de6bb64f90aceef4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    278c8f87bedacf783038f56ab310ac18

    SHA1

    393b387d10964f9cc7fa712b1630dff7ec32b439

    SHA256

    3a9615a13ca097b0acbdfb5466700aa569d546052f41cd5aec2b1bd536393b56

    SHA512

    c97e6c642de8860ac3006e98e5d903c10f31381eb7fa97ce3f1271893c4713fefe9dff68548a0cf72dda646a60026a0653f53feff7017ac60ffada021d32c526

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97a172bacf9f7649e7a9338b320bfd86

    SHA1

    e216eb1fdbf25842b099f65140bde22cd1bbbeb8

    SHA256

    d6d617d5ba79fe1bb8103e8f7ff72d2e4c1e66877822119c5ee3cb4b3fd174eb

    SHA512

    3f55ce28ff289d11f26477ed3634e491235046efa1941aa602ebb1a1e29a3ea9a377360fb4255b72e4a44c6d66353226b261d3187a2538e1d2bff6e01d6852ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8802d867b23ccfb93eafe1340ce38bd0

    SHA1

    72c46756b883085718a1228ca998d182d6f97f00

    SHA256

    4083a71c1654de2f2045211ea135ecca1aa33502aced9fbe48e7a98f52718950

    SHA512

    2cfef7dc8041772619193aa0c4d24eab1b55098cef6803054dc567e4c4b0cfe94fed75b29e058ccc1c56ecc9dee019b1b50920e4a7a75b88f27be7e4200b9ab4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    307868cb15eba883456a839b41fcf237

    SHA1

    06eb075635071745d8d416c27c4b8ceba87b63e8

    SHA256

    86e21ca3d95daec020d80321fcb85edbf612e051c8c014b3442b462d3ed7c552

    SHA512

    117d944839a38aa6c6a74a9733c2a4808ea4a4e8500c90ae3592673621a548a4802b4c650d3b1eeefc311b0f1c8bfd6e7a7d0b0e29a8574e5189d8dead36b119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6afd9dc672d7b38cbbdd8ff020ed2ec0

    SHA1

    8e98d9955bb5b46210e3cb91efc034b8a6c320c6

    SHA256

    ae49eb2fac5371be368ab8589f4cf9e96ea2ffad6eb16da33a4069b1b86d4054

    SHA512

    0e0ac2bf9120ebb7cdda499bfd03c6be83a7e359dee7d1f0c67f1ef39e3bfa861f5f4bdb82e12bcdb5e6483b6a499c86a53b1359d8cf11699e4edd862e4c0d0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11e8679cfee9d32db57508cab22be3f1

    SHA1

    cdf6a7f27322d59732d5a1c1ad27e3d957a401df

    SHA256

    83beeb3fa1a843c7307d2a2b367215af6c748be0fec5d6b6c6e4772a166cf6a2

    SHA512

    0760f41bea5e262dbe69f9f098c512fc7ab1fa4ef7339b7b528d2bc1eafb777269dfe48e1da42008c59ec155ac90d458eb66492e8a72623c2fc7df12b161f29b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b4e822d18d4851f969043953ffd6477

    SHA1

    6bcc549e41ddbd1bb70eefb271de02e4c9c1d17a

    SHA256

    f1f6aa5e19d42f252db86f518dccc6814f142db00ab214beb49dd555a71d5c12

    SHA512

    9cf60e48042e9cfd06f510e55cfcff12b74728eaec185c5a0948efc56889918c4306fb8911a54e30113aaf33c3bd61ffa244f072b82c1fb38c5f428bddece514

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    306d311c6df4f535485a1e7390e16b5b

    SHA1

    9ac0af0ed4b40b7414ab33686b2cc4ef464747be

    SHA256

    c5225decc5b9c8096bea5a87dd9997e82126794ee174c03aae0fcd3f2af4b05d

    SHA512

    29d7ec8578aaab1922ce8c433413242c8201e7a48a160daab919f2252a0884fa6eff6bbe5d67d34c6d1d16bf9d38c7d3f4bf39c9805b19cdd4b9da1433ca8625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2ec34d9bbf2dc2796e146006013f151

    SHA1

    70d698ec01257515c0394d0727d0cb7feed93bd8

    SHA256

    0a94efc9e4305074bfbf8c2ab2db426ef8e1b29119761bb3c55064c519e8d394

    SHA512

    9f1355c9c8daa8362a37334d7cb38033bcd7add1700afa76d247a8c6d6adaf66a352853e2bbfb919f2b1c4aa41bb2b85eeff11a853b30bae64646b57c705af72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbfc8398ec461b792bc45aaf1a1f3394

    SHA1

    b241b1af8739cd2b9aa1762e68de780b0bc1e345

    SHA256

    e9ef29f778e1efcddb45ee0363f60c4c646184316278adffcbb0edf3e9a477ba

    SHA512

    451ada63dc0cb02990180fab70eb9dedb90b7eb1294cbad8408752037c912b240f4122624f8d24f432b2e8d4344164578a13664265a2733c032cba2094c4246f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    509dc0f749a32707e6d458a1690e1388

    SHA1

    f95a7e06c1b7e97c0e8f6bd0e401aa1463516029

    SHA256

    da365b97ded56acd3f370bb4fefbf33f71cb69adf988284d6d7bc6c52fbd8949

    SHA512

    c8d60389936fa30efd12c5fc5f9958d848270a1158aa90f8c049b154900addebca6068fc9cda74598bf547468ee807dc0bf8ff2a5f608c7ad3c07aa21353e5f9

  • C:\Users\Admin\AppData\Local\Temp\Cab203E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2121.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a