Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 22:13

General

  • Target

    login390722190.html

  • Size

    11KB

  • MD5

    138aadf8ed24044dbc2beed9b7fe56de

  • SHA1

    2894ee6036f9078747b373acf4c518bcdd58b6c9

  • SHA256

    cf9cb0061c02232b62a943f56d847148cbbd5d9d1555e23e9c5ca815b741d141

  • SHA512

    f84196143f7be6e48b52c7d5f661e79b22bd39ac75ca9d6200b175fd6a9a9cf0a95322a361b8a9786b5909d506c87936f025e56261fb68f0b2f2804f3749b5c6

  • SSDEEP

    192:aBd8SBFt+0kZyH6hHDFgwtf4DkAlBwSsKK9N1vb7zr:asSHc/Lhjq0lArwS/Kvpb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\login390722190.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2264

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98bc59c9eaa25b0f2c3d3db27d08a021

    SHA1

    c0713417e703f021b7edbb82c5c884d2fb57bb94

    SHA256

    f7e6959d451de4cacd8da4187ae1876f765a5b9de9b0347b7ba18cb9a7fcd026

    SHA512

    25a1674b02c77b9049d9541f3b9a21079bcef76b4fb97eb0fd980b4b6ffe1d9230cefccc9c6d9c6fe84018e9756ffd31754e52990f5ab415fa69eff136536d82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8c95152cdebedc404e0ecda54f3223b

    SHA1

    20f323d12aa29b8cf000e3977bd12545483d9d7d

    SHA256

    38e5c6c3cfc844971e1c3603c8dfe05968441b73c67eccb33f8a7dfec20a213c

    SHA512

    425fc31d320ca7e53497d45b3e27cc64c213df2eb6d5b51d96acba715500ae98364fdb1f55b95a5e41c6e149261f7802d434f5722e743eb86bf80c41878024cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d29abf64c64796f7004224e542bb7a8

    SHA1

    5baf53ec7366a336b2479bdad351345b3dac4f5c

    SHA256

    c2ac4e1d2ac7858a010e3ab721441d139291c0442ec3f8580cc61da9923d94c3

    SHA512

    f5e5069f98865b10b3b64e956278f9ec23f6339c10b7d258830abe92a225fc3fda1e38c6748ec220975a5bc55d8b5fa55dbb3f771c4fb91f51b899fd1fd91ce0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    887c0b2869f53defd95be46115620b1c

    SHA1

    9c0258de628beef7a81b954409f3ed9c5eebb5dd

    SHA256

    e54e895c3b82dc8d4ca2f81358b74e27fc82cc03ce384e41899e9b9455d32b23

    SHA512

    06f9ec0670d417ee6f7ab887b6a04269e43c901806c7d12067e3ec89ae4ad3195c765f0db47f74a4619258393653e555bc02ab075d82c576378e91d4e1d3612d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3637b2482f327786926150d10f10aaf

    SHA1

    45be52853df2f93710764322460f5c73fd3337f1

    SHA256

    0eff34acb6362ea646cc0dbb1de642068bb799dff02b9b6f8af2363027dedd2a

    SHA512

    e26a2dc1d2a173f32494fdeebe4f982bf68756b49d877659dbeb092f28ee7897c7e57eebfb709a77577ea762d7ef268ade6695c0fa69b057e2718d0907336451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45d50b89d7ac3043ac78e6e6f8b3de7b

    SHA1

    d49c01e78a250e1e2500e5a9468de2d79cb6fa0f

    SHA256

    0de38320293c73b03f2619fbff6979ccde9b413412501f50ff1352c51c1b2b54

    SHA512

    516c38d5fc9da8ddc44daf9b0a4a9559a3c3db72a1c257d4bb612b2ebacffedcb2af573cd21238b70a0ab763dd08acaed36d30031b76228284e458aa5538d7d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fff50328cf57685faf1410221f831c8c

    SHA1

    6a6aad4e80723a0a6c2b1e4abe2607dc76a38fe1

    SHA256

    7e23f84b5ce5ad3b9cd19aace66badf6922e2422785471898fc83ad6f60057fb

    SHA512

    c4e00d2b9ba1dda6bef24b02678907cac54294a268570643164d24b48c1293c15e59080eb2529b0177686ae944ef2446049e5f89e67b4e8dadd22167b4585c71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    013e62c04f9d59a34cc16614d6ca4acb

    SHA1

    a8a3fe1f6753c5c703b3275aeb470a87eaae3aee

    SHA256

    ab989a7d258c382475502e68ca7ddaf4e7eb2de0dc1372acce28e0ccdd4c61f5

    SHA512

    f1481d7c501495bb735c8ef2f549341f7c72a752595737512cb89986a2be0f1175f8c0bca766c8bd0d74e7970b1b40e6773281a6638647e1d83b84f2e0e6c323

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99cfbb038514124d887dcedbedb3e3b6

    SHA1

    be945eb45cd0b4ed205f24ac7dc346ca93a24b38

    SHA256

    f96b2cccb76fe9757a27508ed1d153b3438026d07d0e24d7a90587b82d96b23a

    SHA512

    0b9c04c83c3265ca32da7562946d18c078fdee59bada8fd49087b51a98b4bacbc5e0bfe332dcf0a79bee325911ef11edeb0219ed2a1307caafbffc2c774a88ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06364499983a33cef99339071014319b

    SHA1

    552de8e58e8773e2bff46000cc4aecbd969f378f

    SHA256

    cc0dd88288e796610f5a6076f9be969a868d5bcaa7ffef69f3d2a972e4f58456

    SHA512

    902a9e8f58b8093aac420eef376b4201a87c526b4772290e89903ab1c5eb4a15de7533140fb7182c055c312417b6c3dc5958622d0fef9d4c14ca1e4cb04ed86e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29f6b0923a90d82d2567121c4200ab7a

    SHA1

    8eeb20d80f9fb450106402851e3aaa014ea270c4

    SHA256

    d78f53e1bc140f2531448fc7a8f8c275917b7fe46b54879c2a555e9f7f5ff5e4

    SHA512

    abd69f00a3867f0112b510d45ee53632b141f3217b22286a5332700bb4e38fbbd980b058db499116386e5e84a4933d5c7c41b97d182f11d749e2be512bab79fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f22e74cefec18a859c9f62ac22c5890a

    SHA1

    f4a647f7415898860d6c6f20e36323c08f07ed8f

    SHA256

    b9de8356039cb8f3fb0289e30e605cf6562c84847e4f660ccd3686ba95f0c297

    SHA512

    fb24f7f4e4f810ee40c5ee7d18d556ec56b7b37325fa85c7f7f9e93d4428aa8231a2637801649ef36f2e483d648882d0eea26b55452b8ca325871a52b916d4a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e91ad75ab4dba40c348982ed04632af

    SHA1

    0acaf9e83f6e4f572634c81232e9319b28925c12

    SHA256

    3f2538074d25a96ddf85f1dae1c148d0022395b14572c71f61908f4142ceacf3

    SHA512

    fa4823ab03adda6fb55690b0c1e6856fe8f32161bc15f00566d5eecf1850e9432cb3e1e79ed5f5bf118ffbf884941828ddba501cfcb5ae48c90676e3b01d6c56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    139ec882b7a21373d9c9245231973ef7

    SHA1

    97270d70403b0e8d445968690057653c146ff3ad

    SHA256

    471b2091264d7b2b5489248ce047700339ca268231b0480fa6633eb6fc287f2e

    SHA512

    48830fc4c9e7b0f24d3a678ed01e9d222cac07999239855905edb5c36fadddcb8010df4451251538d69b2aa897a499446f30a878dd36f0e24b15c085e6e678d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3023b68f0bbb38fa5ca2423155cf3891

    SHA1

    aa553ccae91ec376c2800adf323f5528b2172c37

    SHA256

    856629a471b3f7d76518455046b3644b6de9f6aa4afc5e0bade8364a36788860

    SHA512

    78faf87196b2fd2fd85c7d6051a05e2f455f3f446f218e2fbe349692b27bcdf3efa53a92b310f08f56bdb6abf24be8105fa0b68d228f9587700b3674522da341

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62b2251080374bbcb0eda838e7774a7e

    SHA1

    61c441d549d8185d793ca9e53cbbc28dd9eeaeec

    SHA256

    9047337b79eecc1301e78dd991b02a1bbc69e724b606b463aa0b4c90c4b3d721

    SHA512

    dbdbccb25fb5766d2fae3f052cc4de4e8fddcb7640382d9c4bc6979ea98040b1d19174af3558822b08b6405504637d46c9b81f6810d66c844bd9290e78c816ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4635bfe7ce5618750c3e432c2248f56

    SHA1

    c6f227d67ea1868c34fb055dc3f02790e9275ca6

    SHA256

    848ad6bb1bfc54b5a38dd344c89e951f73b7cf9ab58a88639e7ee5c91388594f

    SHA512

    3aa500db687c5ffab99a2f969bbf6eba4fffd3050300d4c1082904ea2bba28852c62f976c161f0eec9c7ce9477a442581f5bcc044d6537c8a711d57a150c4f86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d652a36e0cf3b11d79308a86dd12b7a

    SHA1

    9ae9b9c9120cbf811e4eefd4c9f61b5c4f61dca2

    SHA256

    d6673c60a20f5f7bcda8996c36b83b91dfe4303e92eb1be043b348c0bfb811fd

    SHA512

    b7a1e64aab72d1182cabad39343c1befbcc15ebc12b69cb0523161d0e4daf5be13bbb0fbd5793302054551c1a6eee3e18769f48b34525c75f9d39db87e455aa5

  • C:\Users\Admin\AppData\Local\Temp\Cab3767.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar383A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a