Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 22:13

General

  • Target

    index1259653512.html

  • Size

    16KB

  • MD5

    b9ce0e3d68e41c1158c12a1caa0388eb

  • SHA1

    ad1a53b95b6c37093b653926b152cbe015738c17

  • SHA256

    132d52105ddb52956f5bf1852cf45fb684f43848977cb2993ad6c0c9a882abc9

  • SHA512

    0e123e7ed06ca28d776e184dc40fe244351a2e1d767488d5b26641f90140360e4d31d6febeaf8976aca3b99517cceb3228f9646086ed7a9065065d931e0c1e84

  • SSDEEP

    192:KWcr3pxBmpo82jd3T/nhzBmKBUDBEmotzBWBE6syxtkUGgYyRjz1JDC708:KPDgo8253zZxCDlotk5syHpYyDJOj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index1259653512.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    772fa9579686b1709f5def289c5d2521

    SHA1

    951ecbf4c1a2ea4cb27b23d6fd65dc0dbd715b94

    SHA256

    4c21dea956debcea9b2677f5fd754a316723688e2c2de886c8e105fa5f1aeedb

    SHA512

    05a4adc98e8c9f2ae9be6682b1b90e0e2ae4d741b83c70e3eda732411b522c5620f819813ec10afa7f861919df1f136350eabae149ca95f5cd151e37bd7d5ee5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5b7dbab6f95c3a427b8715a63a4264e

    SHA1

    8add4a8208bd9dd6a662f664299abf9e6cafd495

    SHA256

    9e94a34cde70ff28ba53ead9ebd67192a777251a9335f194695c8c40cbc023d3

    SHA512

    185774fb51f0de56a296487576cb47f72f09fb9110953964585a72476eb782dc31e944a02b7866e0b947391499a3023b8a7dc94455731fb9e6d30758066f9051

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e31205bdd037aaadac58c17e91b374df

    SHA1

    5bf2754412dc308e3a60f75fcf2f08a42a678992

    SHA256

    bab7eb79510968c8ea17d912d8ecc890d6bc11ba132071d70916f8ee90e03b2a

    SHA512

    25bb963c84b8cd5cc2ba0bbf996bb1ee5179f57dfee26f474d972bd8a7c0cc70c4cf636f2986561f97fd7c1ae1312c942cc3ed4a5c724b3c791577f24651f88e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee310f8d7bd2919beac55598fd2ac5b2

    SHA1

    53c281f282d01891900b8410022d653200455a27

    SHA256

    cde0f93b8080cf9ef228605115649cfb5f70a295780bd86d6a097875fae1c319

    SHA512

    e96ba9970c8823bf3890278c38f92c1a0df721f09d7ba0ed201a20844eee115cb0f2b7bab9c89bdda8ecc3185caf6ef03def7fce3c7c0ffef9ba5c62abed81b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    197d2eea743ac25720aa15dde8be4f56

    SHA1

    7c66ee0253f6746a2d94abc40996851092170839

    SHA256

    bcc78c47afefe0476b7fd21cfeca79739623e7e266abeedd634552a4c829b9af

    SHA512

    05bc809c702137b690f8da21b660b7faeb9df84965e664eaa9f68a0fa06abc51132f45db4909ecf3f7d8a50f9e973ba307e68082b7a35c317de0a5da990ef244

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64ae8083a3c0a7d001e97d3c2de80608

    SHA1

    0408e76169c02658a2c124ddc49c2d4c673d13b5

    SHA256

    d46d04d69fd89a343c8457e9e420ccec5454a4d61515414a127d879adca1b5d5

    SHA512

    0001b298c43363e68031ac8e15fa7bd8f9dc9c39afa9e13deb4a006155c40ce0b476b3989d0a93a1ae3a8fe98a6376e4cafe4281c0a2359ea34cb43ebc4587b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d4ffe69abe313f7c492ec1e1973b7a1

    SHA1

    50312e510a428c09a21fb8569bd690e62be7372d

    SHA256

    bfd8939a1e6ef68f937ed7147bb2cb7c5ac05ce08b20840b6f479502e471d1f1

    SHA512

    50c1ec47f2d5e9883aceecac30b36585566b0e14e006a34fc3661913566b6f2152a3b9a3ee7efdf62e222e6fbad96ce00c0b9b408a2bf1e977830a88e9dc0380

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c256dcd9c946e9dd8abb06f3ef8489f

    SHA1

    79ee92e253b1301d902a3d930eed1dab85d402dd

    SHA256

    7f330b9798db310163e047ea8e6900d2322d99c48b3920370972269ae44c5b7f

    SHA512

    28e609f598ba3d1f9db3f02ab359b342ce0f4c625c401312e75aad7cadd61ef6067a1dffe802cb5f7da52c996fd0356f628a138701bd8347f890db1044b2c12a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    471eacf96407afd5c9dba1d9b79f74b2

    SHA1

    a8e74f0ca2aeb624af474f5e32a09a3a7dee63ec

    SHA256

    284f76237f66e210920898553f4dff836ded44c76095b43fb2a3184bee046ec8

    SHA512

    3183e176be0f03dfb23fd80aeae9b87efd56f5dd3be635b3f5742fb11ba630aea210157be478b42c4c0b26b3fa5e6798a844c2190a8fcacaf79126e9db4d3384

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    569e705ddb6a4b96988460e858629b54

    SHA1

    3ad50b4105382f47cb0f2b58f392ff983e2ce843

    SHA256

    603a6b7334381782f64bf23e5dbb26c5d7289e2ec2e46ed4e96aa3aa24b9fe46

    SHA512

    883e67a39c84f18c12cf768527ad86a0273b8ecb87a9eda7bc0c81bff9f42644f8fd156e0aac7ee6d18ded9c1abb9802f08be61bfdb265b9c475845f983b10c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b55593d3f72a5a87beff8758dee625ff

    SHA1

    0ad11ffa23d6ece2559b17c89b78a4fcde30364d

    SHA256

    856e66aecd5f3d7881e2f5dbe6ead70e129a8ca21000d3cdfe3677ba87701531

    SHA512

    93a2d88837cacb8df30d7fc42a8964611c8ee5608f3e378a95ec157c6a4683a8207a6f3f91c68cf66042b8e8b2e4a7e51b219ddf7d1f90b7fdd98aaaf682b350

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce71ecb14489e01de0dbdc59ecd96a28

    SHA1

    dd32058d43c3924379cb497b097c681e86c33516

    SHA256

    395f37eaccda5c16b5a18c56d3f2f9c6aacc1b5919e909b226b1e9ad5f425cd6

    SHA512

    9a93bd63f83cbff843746a7964404886a085cd498164a1b6b3356b1c5962e397c8d1c30ba6d2cc707136f38193e29fa3c32a30f6c1a9a0c2fdc511d1a43b5630

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9689f90cf2d03a5fba3475f971ba27a8

    SHA1

    3207239ebfce3e01a0778ba42cc995c914afacf9

    SHA256

    4a0adbede0731751e9c80ac1d3422d47e8fdd3de8dadc6dbf462723c1adde11b

    SHA512

    69d0a1306d28118f92b1aa8cc0af3443cde9b4602ebdec0042bfbf42913b5a6ff91645ccd0650f818f40cb264db8c25e2f511afd66d15e8da9b4e5dbe7d1e148

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c81aa7e88a979e8ff10b280c3d644ba

    SHA1

    a9162555574701db4ca26b6a33858398b24bbf4d

    SHA256

    f30a92832586e7c96fd51068670baa23f132a99f880aecd38fad266c6a0b572e

    SHA512

    9865293f5a7b9bbf3287feb4f4f3b194756ebd1594c17db33888d902fb1645bdb2fdc184b48b167d27179769f236de3ed84e92e00cf2734f0b8320f17d53162e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e7ddc2abcb62256727f9d2a1180c8ac

    SHA1

    8f5bc4c517ba17c834f0382d2f110b14d5e7c05e

    SHA256

    95a30df02438d7ee7846e8c9eb2b3e54b4ab3001bef9ff79d396341f9d4d1ac1

    SHA512

    51503740c9ec0e7f221de6bc80241b417b020acde15831329c3dbce3e19bfce4205e25fc6dac4fc31c51ad3e4cb10f9a8c80c2b4540f5338774139fb355538f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8b4f9c9e7495b311ab24955800f9cc5

    SHA1

    dc30d9c26d98bc3f4de7ec3f24fb6e53295e5e91

    SHA256

    97fbb1adbfe08dd1bc0e913f43fa791547c1847d00311a18cada9659efa3d5cf

    SHA512

    d6733cd0376dbca22561f712d4616c37588bebbefcef867698520aeb88b6b1a7ad30d240278fc365db9d7595422cdd35f00a014dd9d10b3c23847ef221f07204

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cde6e3ca1eb0fd1166c95842026c1c3d

    SHA1

    261f20afd9d21ba5c59fc5121f53681a4dd75545

    SHA256

    55b85b7a38d5f8df6ef5881a4824492e10ba55ce8d3d1748edecd4f0d30e4880

    SHA512

    17f19a12808a7957f345d16e3da5af3de9653d86d3c9eadd974f793175a0b88f4e99d22ba2f56d3842cd20adedf79362ed922b9a36e1739c4dc735df24785f0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    85145e3b7bdde0952ebb0bfdfb5d4e72

    SHA1

    52e2dcd3d8ac1fa9928e7663c6a9ba055643bf1f

    SHA256

    3b99fb21040f6d50fa8e021280bcd39db46321635af11023fab1cbb0c1e44965

    SHA512

    3a2d097be28a9ab4bedfa42f708f2258ca51091421230ed3b5ccff5cf18a859ed019972bb1392fc7b5e23b9e9ca28c2e447d90f63e5fb2f4d9c24cdc2044083a

  • C:\Users\Admin\AppData\Local\Temp\Cab2F2C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar305E.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a