Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    12-05-2024 02:30

General

  • Target

    403-3.htm

  • Size

    1KB

  • MD5

    c7df00e9e0609d4216bb7404dd9c12ee

  • SHA1

    3aac5a61dc12fcf9fd23280d8fc6361ef734c524

  • SHA256

    9fa88627e300794f3f5f657aed1a58a447d4cd5ce6989d49d62dca9507c3d9de

  • SHA512

    87427aca49cf20aa8d36541f589940b23e42d60eda72965f75ebdbb8342a19198c8625b8d4f9c71b4444d14ca99816d314991ff1e870da3437cbc15453d8e47f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\403-3.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3060

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    132bea691c4f5116d6bce49b8c144b4f

    SHA1

    3ca6da864f5275d5173af9ae8e8ede2feb8822c9

    SHA256

    53d5543fec37e57a5eb3368f4617f33d5601ceb293133701c7c365a59a1ee9fd

    SHA512

    300d07130f66b61493f9ad703fcd2d868ed395505c4984654102c63cbde19209fe2296c8cf4ddcd652f936320390698580bd8c09558402c9b056da2ab8db030d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eca51f50d0f0fb5c38177ab4b18ba7b2

    SHA1

    d9332495e3914132c2c2eda981701e47d7777905

    SHA256

    ba19b139c0652327bf4c20eded64cde53a77a6db825d0b6cc6b2d76aa5654f29

    SHA512

    fa8525c2f67ee502a479907d6e05f688e28f4b3a5b1e2cfe894723494f87e26f8689a679669371cd778b171d88687398849d22672f66980c425999bb5ee5fec1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    564e0507db9e4df7be0bed619277c8d6

    SHA1

    86a85d9ccb63c757b5f7df73d0741bdca980924e

    SHA256

    075443e7d4c8d41ab6393225cc3b049354c31afc20a1a7b5e1e370fe79ec5724

    SHA512

    e53ebd1b0857ef6caa7af769e9173e48c73bb1f5148cbb98a4b8e8d8595424b132282af89b7095adccb7223ead10916ad757ba9026a2a8b7a6ee0320960f824c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fb30b7b33fd0724057548dd3a2b8a87

    SHA1

    f58331150d6a5f5bf4f02e67d018c701b9337cca

    SHA256

    bd9b9e2c07ba3eb225db5d05c160d655318ca68fe37e4423ae60a79684b4150d

    SHA512

    7b53b29d497a0912d4f46c236bb2086db3d8584a69744458016a341472736e42d9c1a4a1fd4300c99848a4ba9fe45685703d814bde470430d54c0da2116dd69c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3aa0ffb2e15c89e5db24a1a6caae36b2

    SHA1

    38fcad687402b2509f84510ca78e578555a25378

    SHA256

    804f800c6f4ea6da4e1f8d3433b27cab77084f7f88ffd121df397c5b4c1779aa

    SHA512

    06984cfeca7c1271a041a0c7b871d97eb92a83659f1ef94becf4ba559719fdd7892a314c0f0060e1fc8c24bfe570854bd3812645350e1ef7211f36a11953feb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d95c04c88ad099eac494a8b3c8db0ccd

    SHA1

    880c306f7cfb1344a4fe92dcf851688973b7630d

    SHA256

    50b3a3353ddde304802bc9983fe2429b2d974b941754d2b9aba1eed047be0fbe

    SHA512

    27e3bff9b0f86e3510f5827bc06d34bb672b0ed26b0a0f2050350669b9b19a632669b7ffbb8f508759f33f8f3c02fe56b0d7ad23720430196969f0357d5ae57f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1f411cb127f8f1e88347a9944eafe07

    SHA1

    9c4b221709d7c5181f5ea236b9047b24dd9e225f

    SHA256

    49c5df988df9bc4cc1479425de94965ffff12a1718dac52e0e7e581b25e822e3

    SHA512

    0036563ea8d64600152d6c4273cd70f2a9e84bc1163ea1372187e3e4d040feec2bd7eaa5fc740bb33b4e9b56aa5c266579c67bcc723324c010de1b1460047fe9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2969df37c6603b113b07d12490eecce1

    SHA1

    cc3188212976203cb3ee0684f69aea1570a53fb9

    SHA256

    e0a15a9670c67a603215f103c038e096735f6365337adf9435ab5b9194cfa5b0

    SHA512

    cc4cbfc96c11bec0801474ff754d1eb00d3ba43eeeb5d48bd3acdc09ad6ea3647fc81fdb50087775877bd226c01c1b2e5599d764ca0c438ad806b0b1d59886a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    afd08e57bbb08864fa55a04ce10857bc

    SHA1

    dee32a7cae0c48d4baafea8cadb751b7461b11f0

    SHA256

    cf4a43304fd6493d5b6437fb9e13b2fc3f866a614bd4f749727ff587731c0710

    SHA512

    31e128ab0813ae17b856e4ad89d8b9f5a70a3fdd1f9782aba7a26a1e12a2d7f6f239c4b07357e8bf35cda2443fd697f21544cb5908724ba64536ec70cfd0f180

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea14ac6c896bf212ab504840ce99fefa

    SHA1

    f1f37561dd0ee1da8f0de8a40ecf43c50ad2fa37

    SHA256

    adb247624a60bff1da94be4e71f3c8acfb53ed3aff82489c33e02052bb064f00

    SHA512

    37bc09f54ff48e5c846da5fe87133751e6e1597a00cd41ebb230a99f997b64d38cab00abb38b5a49eca59e6c287e3b4000ad3ac2c8220e756601cbc72ffc03c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d39e4c400d682e80fd069f51522c3d2c

    SHA1

    1129e28d9697b2dbdf1b0144257e533c893ea292

    SHA256

    de95f24bdb6bd783bbf5137563f916c18025055b8125fa014f0934225a96cd7b

    SHA512

    69657eca4acb097ba7506e8d63e9b64f8ad9dd7ea972012c0e202e60ca0420abbf4cdd63bad3c3c53c04f441f44245cab89bcbcbb45d33dff361671673522462

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ddf43b65b1084bb0d936dd28dca54ad

    SHA1

    ddc5f7c771eee08ad071f3c0b41e248c718d24b3

    SHA256

    3191e4e92dad13d31d84d325bb7a945381218d250c5af71c1cd017bd8076b652

    SHA512

    f0f03128662f9e9e396504dba2a170e9db4f7b21fbcaa611d357ea11e929688bd82fe127fb7084d31fbec48a74cc1ccc3fd34d186050c3cad6e6bcce2231379c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbed1443a730329d34a130ad09e91804

    SHA1

    f0ad5056ce329df63c758e2e54dc617c823649d7

    SHA256

    c56a1e1790e0abcbb07abd53171eb348c7bd66e36f370d8058d415305919cba4

    SHA512

    770f02396dccbdbf0c2a451b43ccf0990a4e073470dbf2b121fd5b59a209ba91a16715f717883c9e5b52ddc7c04930a653ce16f77627863bc37cbf25a96af231

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f758c8cf1141e1e88e4f3c5e2f851f0

    SHA1

    45f1c3fc17d257b8f4ed52f0e13e7ce478196549

    SHA256

    40f81ee3dc28a05e52abd8bbcc28f9f846808f8d984ea774807b3b06c43fc23e

    SHA512

    3c07152d2671a65ec32f3e59803d8d82073b8552e8229ddb37526493a95b29f95cc85a1fcde62290ff4a4d981c1fd22521dc953cc773d6e7fe9534cbcbe6701b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d24cbc4dc890060260026e737c3d46c4

    SHA1

    67718c73a701c7fca098cb9677d5fdb8059841b5

    SHA256

    c2977bfe764b4c401dbface80fd955f6d301592d834a240c1cecec7bbdb38cb1

    SHA512

    a151bfe4dbe7a26eb4076c1121beb95d301e2c32bf4a44c93fcbb559b88805bd3668468f14d005b8eb38e0350c897f1e3e67b3ba498e10d0c77ff82c496646b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c51a5714d9174b2fdcc94673dfd79467

    SHA1

    3965f5112447fe964703c7bd8a441c9af136da94

    SHA256

    12a6ec0b3aae7e42ecd1cb9752fc98bc8f91819cea27615ad307f2d731588172

    SHA512

    a53bb76865538e56254123ffff19131bef2d1e8003a71b3ff4d9b8ebb9ab51eed92e307ff6953d75aaccb1dd83f9572a33bbd4bb58145f61c3ed156d5c1e0114

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e2f07b839e9713f536735db20c5b73b

    SHA1

    e54c2551d0e684e159254fc14fdac2f3b1669c2b

    SHA256

    d7d2bc5b0168318a0d18565763ec66e78cd6ff3165df5e01f0ef3e6985abe5e0

    SHA512

    4f99faffd1712043191762c88ae0fa825fc54adda0a1df78d743d186fc6260c3ef20d2adbc537bb42339bc2000b08bb551e0524eb2753c09c04c87f16405ea20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b73be2a27a88edec5042d7f5a7879aa8

    SHA1

    f13859ca78df895ef6a32db370f837d79aa5f48b

    SHA256

    cca71e14a3187d7cdaa33ce2f2a72fa824d02120f2d5004d0a3c8116a4ec6934

    SHA512

    c4c5c833268fc8a9a7821ac3501cbf3fd9e3dc1b4141d4114cf07147f942dae65307a001f415704adb89f22bcc8a5564f2239966cb71bd2a59671ea7db42b359

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5eaca9deae49fe0ed056ddb02c0514ea

    SHA1

    fb60ccf63b24fe45e1089fd8ef893031c8f9b82e

    SHA256

    9278b9d26b1ea2b08338d2c689c7ad4ca913af4a07e271ad234e344d76e22fb4

    SHA512

    64692f1fa0b76f512d72df95b0783b74430b6a69927417780d677f4b773c6c21cadf9da0156bbbe0d18209be454650986f785638b5877a83672cdd14370693a9

  • C:\Users\Admin\AppData\Local\Temp\Cab2898.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar28FA.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a