Analysis

  • max time kernel
    133s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 21:48

General

  • Target

    403-3.htm

  • Size

    1KB

  • MD5

    c7df00e9e0609d4216bb7404dd9c12ee

  • SHA1

    3aac5a61dc12fcf9fd23280d8fc6361ef734c524

  • SHA256

    9fa88627e300794f3f5f657aed1a58a447d4cd5ce6989d49d62dca9507c3d9de

  • SHA512

    87427aca49cf20aa8d36541f589940b23e42d60eda72965f75ebdbb8342a19198c8625b8d4f9c71b4444d14ca99816d314991ff1e870da3437cbc15453d8e47f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\403-3.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2004 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:852

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    30663bbc0db2660fdd1c5ce462b4d4a7

    SHA1

    8e16bbbd5478a9d4a59cb878103dace830bcabb1

    SHA256

    269d1339bbf488ad9fde776df630c955aace60f3e42f95bd94d215145251d573

    SHA512

    2c8c18ef0fadb4a01e765b46d5e41e8e913f2c3176375e55119fff4aaab5f143342d97fcbfc61bcefff1fd8db94a9f1048ad222de1e34418f5463093cc3f5ded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8b4d7b7f03ec5782b13647e97fc383e

    SHA1

    27a01413135db28d04f40d5ed21173e670d40cf6

    SHA256

    f429344bba55988c9640b1fe0503a7614910fc145f5bae989be0758c93406fc9

    SHA512

    b6bcca6dd94e0e61e5acd29b6048c3d397448187a516f1f37c6a077aa14841e526f06b4f0fba00615a8f272c2287a7ff2f102c9e557f94a0fa48af54e8ba970d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cff7aca76f6f67dfb564c22753becb2

    SHA1

    26e3b01ffe76fcb7801e4d28b517555abc28b8fe

    SHA256

    d85ba5632bac1a00f2e14ee2ae71ffbca6d48a295035970cf53f0199847f451b

    SHA512

    9831de83e171aef095f4253221a702c8d805774be1d04fe623d1765e66f2c97f60dc5809bc362bb922a5e5b861ec19ca2447f29a0e1739e2713b8b501359299e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3520dc6b69342ebf1542896e969a8b9

    SHA1

    d8a689a6864b87d4d3219c2b3c646111e4b830e1

    SHA256

    7198194010227fc5bfa8b587fb3486ef9fd9626a51014de3a04000661291f13b

    SHA512

    8c479f6924e322acfca5116dcd0b8c238938394aa0f10edb47c920928f26ff40f55cc721457c6633cde10a3d5edbc7045699474621839a9f693d64036633210c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5acc1fba4121ffb8bb80212eef53f112

    SHA1

    3acbdd8cae4fa2c740fc72faa3c1822a419a3c5f

    SHA256

    b5524c6deb6aa172c77db63277babc39530d04d548d6aaae1dd5bf4802081b48

    SHA512

    dd204ff06df9c0ba2b30502f4a0b1d6f16ec0deea10a737d034cf8c8a317b733a537ad0946cc5c9e003aa0d03f12b4a6307f53d992085b04d5c48e539dd8898a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46fdf44f246e989349d4597dbedc2b98

    SHA1

    a569f53ab9f01aa149c4734c7dfa5d24b93ca632

    SHA256

    4cda26675eb171e60eaca290a4b7d0ff9751dafabafb873e4f13a0df2bc1062a

    SHA512

    931caa9c359a4bcf44fcfff2373113d0a464667d7f23f6e8896a97b3f5185708f1d5e87543feddf5e621a83e0bfdd2f5874aa4aa5611219a6bba27468953311e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fedeab3afcb6cde0bb9bf085c57aa0a4

    SHA1

    c3792cc9d04d70329abade7594c552c12269ee5f

    SHA256

    776bfb7851a76a420a6aa518b071f8be1e8c9901b46028c9fdc0dbf19713900e

    SHA512

    77d31d294a1a6487673c8c49d4261b55882e86a0c74db8044ed818fc80f06ef96be885ab31d9c137c56a94b955fa18f5bbb9bf229f8fe405fcbeb23a4311b68d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34596b1d09d41fbeac1d8fa2f902e799

    SHA1

    e90c63bb8394b96440dc3efafeae5ab0b3a5a91c

    SHA256

    6f3396c8a8da4adcfc3254c1082d0b86bbc53412d0c838d1996d3d367bb56e0d

    SHA512

    16df6858e2e4b04d3e57f84da74a5c45f0e7d48d238e67763db2f0a8ae94de1e98d1468c2eaa4b2ab0388570d43edf84b33598030cc4b685942d28b0fd929a53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4680377d82a1ae79908d58d5127b4cba

    SHA1

    4592f3ab7fe40a5de52440833e895145247fb932

    SHA256

    4ebdecb1c82d41cff0b2d1708e4b5ff421a20926cb3817e0127232b8bdcae9c7

    SHA512

    b5a36e1dbfdd877eac8f75168430e47981b251dd70e23a72f4522b1fdda0e5c8b29abd696efd4b82dd201e2ad5b51cddf795beffa263397cfe39b584b9093609

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    979079ea8723495c9ad71ad10bf14e48

    SHA1

    da5d6960de7c4520796c1e168fa6eeef48edb926

    SHA256

    d7cbf7476fdeb40890ed8965a816ec2d5d539c7c33cc1a99e5608fa0cbc7afe9

    SHA512

    3aeb3bc3bc86d8d8e2a63f9e5e0751efa38573b7b21ecd46ecdbb2ed77f1b41f4aaf1d7deaa59bb62ea4bfc11abb17b3745721fa473ed07124d8b844e04993c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7b6dc6b5b7bdc6536fec70103958bb0

    SHA1

    5be9aa8a29df4f115f247852808d45ff98e4b5c3

    SHA256

    0b509e5b03d9cb1b100c3124b015856af3bfeda7353f334f0ddf835f5af38e0a

    SHA512

    84d3e2a512fb62cba6c59ea50dcb5014d5bdb1891d73e9753068287e64652622486e27d10680b8c3bca673bbf9da6c8ab777fb2505d72c074da2a659a7f2df5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e9f859c19ee8bfc9b6d687fbabf46cc

    SHA1

    497e7c0b3d74b160cffc88adfbd415a5f7f0225a

    SHA256

    99b60dd3f46878cf476e907e6c8800a250bfb42ebb51819ce144e8d4f0aba765

    SHA512

    de45032634977a8a1be6c2adb24617bf5f12770329c61cf29fb5b72d70a503414d647b997f207c42bed4d71c2b0b193fc8b675c224142818dcbee608b5b87898

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b75647522756bd0babc20c7ae333d11

    SHA1

    6b77cdc32a57da4b7f385214c10aeee464d4c37b

    SHA256

    026339c8e3b4ecba36a997d329fbb27c151bb328e829323bb41596f432a2c9f9

    SHA512

    8aa8ee71e524d671c64202357c4c67fa456d8a657a5e28aeb254801256666c6e8cd668312229eb392920b9c0d4a9f758275ee1636a6a2aca1c728fd39ee74983

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bca22ada96d087baf331dcc14cde173

    SHA1

    bcd6fbe0e59477ccefc74316e1c001f6df58bce5

    SHA256

    fcdd3ca97f302105d8ff942c688670aa6b6b18cdfdf269ff17687f8becc207d3

    SHA512

    6c483e7dfe7432ccc583ac945709c6006cd598c35c8bf38748aacbcb7289d6e5769f186e7a49d74d499cbcf16c3cd25651a7ef64349149661d57bce73778349d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f2fd543fb5a3af955d647aed71aca68

    SHA1

    d7949e28ff42a4c2a61bc38c7821cd371eacbd08

    SHA256

    71447c428309419ee667622445af43354b0b1b37d8e2a648f9a1bc425fac75c3

    SHA512

    4be94382ca14aee22d5bff56544e146adb00f50a25b44a9f59446f2a739b1f8af5db3f4d037773410ccdb14ea1b88f1adeb02043c916560da8fa87fc3720e066

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e37be873cab38c4a090d80cc1a23efb0

    SHA1

    7499347fa199785a127e7cfed90ebabf91df00e2

    SHA256

    ba99317037f62daa814a24ddc4ff48fd8d51e4a88a62f11dc2e5b00c131eca6b

    SHA512

    3f48e61d1633ea5b4ddcb7bda3eb40f9e3974a74bd59ae7b1ebd74b814cdf6632994e5df2daac795beb658a5d6edba039424f597bd1bb95507eeb16cb5d4ebb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8e6dce770f76546327b62b91f366e8d

    SHA1

    bed01ca2c9ea5ff8addffc04f03b59bbed266c45

    SHA256

    4ff3829efeb8093a586efd3b67015d45b107fee38918314808753a4c3fb47d4e

    SHA512

    eb2c1e8b5e3e5be8c21fd5dc9ea5821e112f38c47134f16a37655750c34357fd5a030e5c81eb52f07b4185853096d8b97ad2ee04b276271421d892db44a436e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    794b4f554498f2027916e5bc7ead6825

    SHA1

    ef5d3d579fe12a37f0b24cfbc01c996bff619242

    SHA256

    43db7e7b7a5d93e09da8efbd0189b2b29959082e6f9f9b436c7dd336574056ed

    SHA512

    421934e4aca8ac806c89653ee76104d69ed279077c0488886aeb3ac78c35bb671d781c7b2ff94d578329f43d2ea597b1ecc5224c9c7a472949c2341d7cc8a715

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc8d4ed4b74ad6731533a84ba1d6cd71

    SHA1

    2549a37bacedfa655a92f83a2af23802cf347bd8

    SHA256

    e580795a94fdfa8396d9ebc2f882f95e3c45594a4534e87ffec915eb710b04b3

    SHA512

    0426b5eed5b1bf682e73f931f054232eaf5b2b9a1a333723c178b14e9e129655e66f881817ee0dfa891dd46ed514d59f552d13299c143f8adea72cedb39ce38e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34d6b68025448b33abba1c9bede392f6

    SHA1

    a0bf974429a62e6203ae2f7d9115a174eb5373a4

    SHA256

    707ac4904c38c0aed6cd9d9acaff512f5848ded3dfa137c232efede78ead53c4

    SHA512

    67fbda1333b175c6d892025409c5d054723b759f0f4041d3c0bcdc45cb02a01877a012480ff56a96a5a76387fc6a85ffc308a60ddc4e837456cbb0c8a2ff61bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    f92115a8f105967efc0d4e73ecf671e2

    SHA1

    4a3282edf5954939d831aa8ef597ad87f33eaf09

    SHA256

    0cf643f5466d42b4b08bdd482ae3965b801c06b2bbb3f596b872a42cf93466c6

    SHA512

    6d45b96b91040f1102e637b6c0d16f517eaa308b33a32a3ceff080f5b13acc2b5ad72a8f6be0798815c48725cc8ec9ca74b430628a9caf241e3e86774d800aa4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab314E.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar329B.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a