Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 10:39

General

  • Target

    about.html

  • Size

    18KB

  • MD5

    f5fbd3d88fc67fa0298b94bf84d59656

  • SHA1

    18e7edc38c1001b269c10244c75f2f81a4089b47

  • SHA256

    fd220aea1c6989fb0cdbe593c1a8710de1157e7da58e58958d938f390d86ebc3

  • SHA512

    b3eef24a0890c6bc0809a57342fcc5d5c746a66848833ca908f8a650266fc49b34d1efe844cb647aaeba81067ed22484a82831efdab8ecd8e7348f0d74c751cb

  • SSDEEP

    192:Pnp13pD2CY7gNHsdt9zHjlnvX0P3XPc1zBkxjFJeOCCnd5Vio:lBY7XPzO/KlkzAOCyoo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\about.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2388
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2388 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2920

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aaa6fde07f9772806495a64eef63ff6e

    SHA1

    a5971f8a740d1b5d0d94eca62f281bb2fe8c6b96

    SHA256

    07ac38145f2146b5601291d919ac9965c88250c532e4e9a19d12ebf5cb00a450

    SHA512

    062785de7b09bfbf896455ceda15c5612be78e7b6de1e4de1ab736ef38f4cd9d4b9a034a1999b19ca527e067d14edd2eb7b8c2632ebdf70f793429b06d6e3a8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ef729894b80a38f053b9545f992e1e1

    SHA1

    844987bc5f4a3744d059f7e74e29b2628395ac47

    SHA256

    9f1a7d6f4c30b3b2070a457dcfec51048c6095ade4525aeee5582564990af644

    SHA512

    0f6209c16ad1c1045eeb0b3882bb9a4c7c25a30d617ebe1f02626c69a4669f03b395b34d60eee20946f2fa6eb4987c882af08f4c21f7894722c11cdb8de4f562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b235e972a714f5e13838d08967b64d7

    SHA1

    f61b833b7c796ec39303f4626811385d34b0b109

    SHA256

    5ee64bdd8d34b5bff3ec3236a8135bc819b603a5d24a6ae7a1b4152f07bceaa3

    SHA512

    4479fe596cd2ad85a6d286cb43ad5c9d3a9f605514c377024e8921b64d39781cebfc75ba786207f9809c00829aef7e663efad847bf240f26fb3c454fc94bf0bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f310cfdc87ab250e829e9430a66067e7

    SHA1

    3d4394dcb4ada8da7e2afa110ff28c5875e1b631

    SHA256

    720945a5fc51af995864a6acdc02539fee034a877f28358d11fa20ddd37bc901

    SHA512

    e347ed8d2db391ec2b93107a3bdf8665d0296e4259f1883e14ca18a9ee546b667e6908b7968fda6328ae8f680a8bb9972217f6d9260c1940c3654e9ded78bb15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ff7c930162237e2b1a6b3308b04860f

    SHA1

    c8a0ce852094da0ab6b70d0fb21a09309e49c8dc

    SHA256

    bec48dac64dcc3e074d1a73e9e1fdeb93db7057b7bb898025e5b5f70ddf9fdfc

    SHA512

    1406b9d9482dacf6cee47dfadb5b5e62137d5982ba6ca40d66937eba0b82cc565a9d296d88d92c5898535ca1222ed432632c9bd6bf85437e5721fe79b516f668

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d025ffed5da8389d37cc99d7edab7ff9

    SHA1

    c3a229169a97d37f56004c3bb70d3d883e224d83

    SHA256

    3c656cb30a9c1ce8a9843f97f06d33cdf61d91d79a51d53a3491c921237b7d2c

    SHA512

    264b3cb13d31f5a5829025a58d6c68c79071aedde64919fdf6c8495282a777997ddb83923c8e283cf165f1cde4ae5a16712c77047bf7f42e33ebe380634a4946

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65ac1780e3e14668dcbb22b08115f264

    SHA1

    ce1dc9303d6ff646b2f490e0a877bb083a0ccea6

    SHA256

    8b8e9c0d418ddcde5a40575cc2fe87124d81949b70fff61584e7c2b19e4fe317

    SHA512

    5d09389910acb5c3798b3a21603d0bb67b580222f1f49ae17e847369d01a27c8d66df2dc124bbd6d4832bef8e4e059a4b385c4155f05145206f7e6f7513b04ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a12094a3eb5e8f8ca5268aaa50a691d5

    SHA1

    e05b40258dddf4a8ae776a48988833e0ae993a01

    SHA256

    0beb1798fe20a04c095d974de3da438f25e8ff399df242e2f1048e1e35ce8128

    SHA512

    5bf39d9f7f75d4a7af4036c8e9a29900048e89876cc0eb400d7945412bbe589719c18f70b3007228139e039436ec27acdb1b480805fb95685636ceec0278b796

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9eaa2e77b94fde8884f81cf1eae4fbe

    SHA1

    57714cc3e4bf6b78a07a3697873c39c8c7643c89

    SHA256

    0f1de86c19e05a85024f179083228b41f90f5f6a44f1bc997fa5bf0689ca301d

    SHA512

    f1188d56b9793d362aa8d7a057c2fb0cc94a2b9b46ab7f397d8cf2a481c47132ec0578fb1b1e9427df57028b6d9b4a853af1ec5ba602f6bbce8638779db77b31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e733945dd7f076008425ce831ab00f4c

    SHA1

    7e37099f1f30987ea2de236f0b6085b06987b815

    SHA256

    e2dfbfc9f114de27206bd474561d32d382dc14a5b5ef9ff10a1a715100b3949b

    SHA512

    d078edcb6ac19ffee83332fb95ea2e103cf9699ca381626ffa62360759380f32587fc75247fa7c4709c91d2cadd73c591f0e35dd0135f2ddbe51ea2a22d9a7b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3267944c3b123d66bd25cfc01d98ccc8

    SHA1

    b4487e24f76ed02f958473125d4fc9cc5b43ca65

    SHA256

    8e41039d6270be8c15443bb232f30f1606289f11ab3d1285ab225f6d7f53433c

    SHA512

    b5d176481b84011d8f45bd560b920a24f1aca32ed0ea88cdbe98d2d15d8205c28186c4c5e52e8cdfd17387e56604b914384e7cd8faa5fead682e5f67b1074838

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86d666684e1b367e036a9d75222e3867

    SHA1

    af18e011a6978da4a58f934db78aaa1014fd0c11

    SHA256

    43f12479d3f02e08437bee02c28c8f33e494f63185df5b1a1d92bdf7eeb7bb59

    SHA512

    e3181af44935ed194f2d656c83a79fa6227c33eda22323f155dfb0f7cdf95c3c8fa9e27915092671f8dd8b0f6aedc15e1efc9bc52bcfacb06e6cf3805a1ff13a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7c15c7aaf6a87b1174a4845673b5575

    SHA1

    8285543ba4966f84599f3d76984f9c998edcdd94

    SHA256

    46a258f902b89e70b9d26357f9c60538daf3a29b0e34ab9a31a8f8bee0f9da46

    SHA512

    4a6eeefb9c015d9a6234d5a70e9ee1414db679b3aacae6cff2a519fae1cb24d98a4ce609d5c851f5f9706e02a355826d5f56c30eda79770811ed3b294391e72f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8599b0aa560eb2f00fe65708ae78c20f

    SHA1

    a430a34188ae8c65b7ec8b65fc0e8837840dca61

    SHA256

    f931beb0e264251138e72effe492cce9d519d1de5c0f10919cf22e25ee3cfacf

    SHA512

    a5969f28f150b51ca2835d1a856af4eb24a02266dbe53cdfdb3325fcce466a749dac6b2ab824bc627e4ec012f925529a3e2c7058e6c2c842228d91c11c69ef57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    478a3db364c9a0aabdc7a49bad3cee6e

    SHA1

    181bf3e70ffaf57ddd71222c5f5be288a6e5bd2f

    SHA256

    f073e166edf0be04c8cd5ffc74e08b124e99491f2c1b32df7a93e130154e98cb

    SHA512

    85f3e3553b6f226ac1d19e4de91f61d5641773ebe1f242b9a7da29c7a27f88fd4528c8625a7fbea0857166ca1ceb4f311ae79964cdc2af6672b5b0239778dc87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18ec07412945ca32a56bacd6e39a4ff1

    SHA1

    2dbddbac818e90681d57d4fa7bf62cf70cb803c8

    SHA256

    8c5987076a73d7605f5354afcea5ce81f5863b9490adfe739e4a818dc16cc659

    SHA512

    59cbf689d15062227bacd349286f502022221c5d27656437c8d9586a83d13079a47a2fff3e610c7fb9cb8adca0debfa04437bffdd4b9fa7c99970d9a8747d2bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d216efd0367b97d5720f094ce3d996c

    SHA1

    8523b8dd5b6e5d9053a95c2d49ea4d83258a3587

    SHA256

    0f1956bb6534afd0c38e44743fc8aa7efd8c62b2c18c305533dbd4a6ab96ad08

    SHA512

    2078904908eb107a7f44976e76bdf8a742ded1c82f1c2beae270014a89589769e82ec022fa48bc6e5e3ca86a9e33a11afd18ba9e5c72582a244c05f6563c46e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a36d7e94e34453e86597c363df928422

    SHA1

    4e25f5242e8241993344d5e0833d4a012740c33c

    SHA256

    d0f1ea576e741a986a3c2b33397a3d499ab35d8760ac19dd85a148ece44665ca

    SHA512

    e5c1b337f9be75ba62e694771294cee7f88642bf02d4d0b1b967fa8df5dec6720fef2351f3fc349efd7795b55429ccee896fe0f1e73e86466a1aeaeab17baef3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c3e5f84ef28cd753ea63f608eca46aa

    SHA1

    ee6adbd59a113363028c767c34ea05ed750a3e6b

    SHA256

    a8795ee9e8ff0a443533cbde9e2784d96c64960b0daa1e4ca714469f207aefaf

    SHA512

    7135a28d4af00d53eb9c22d066243ee52314679f0c4ce428c1cd6f8dea6408e23eb94ca430595db696554e616e52b1a7e396a2633238f048e1997a00115917fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9271310ec7d079b28614e061a242390e

    SHA1

    cff71f491f0a8476d9d926a5a9dba629405647c3

    SHA256

    1be41b0564613bbee08aabe7974e87a1ee3fc21dd007160b6abe07ef29764784

    SHA512

    03084709ffb93ac970360ac423fe63e10f0b683631e15a1ad293328a6cf995a0ac576457135b29d37459893afeddbf62c12b1be18eb093a409b048a69d121ca1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfdc43f997ac1df0024a87423ac5bf70

    SHA1

    834bd4d168a814dd1ba3d8ee1f4ca662f24b7733

    SHA256

    c27c9fd5e4a2cccff2662e0dc0ece0ecbd99e593d19c4c7d6688dcf337c98512

    SHA512

    d97d67fed72f210cc90cf1e086701771fe639f53f3a309b83e0d11074d9e7d386b28f0c61076528cf426c536e1cbc63893c1a46d8b939c7b49d9ca893c9543e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e1f5a62f7138d993dd8314e4cd69932

    SHA1

    889c822b24f87291a29c82f9bd11fa5e0ae689e7

    SHA256

    961c7403f8696b8b93a51ee499fdb2d445efd02dde2412993e13f6dda822a90e

    SHA512

    55aa0a1f5551fb22b24b6d44375620fabcb1b168a8f931ca3353c2458442426165eb4232222e14cbd40043bb591340a1f33dd77ca391d16509d004f5d8293320

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNCIS1YI\main.min[1].htm
    Filesize

    6KB

    MD5

    dede4ec30d1972186265657eb1138dc5

    SHA1

    443f187a4646bb1c21c0ca055d2f10b8cbba1c21

    SHA256

    3df3234060054457332eff9e4347c06aec1bddd87bf11e4e5709a1ac78303c1c

    SHA512

    429c0112c00b8278a1de0d2dc4b07f18e314a4e24d4fdba93dddee41eaea8ccdd6efb5987dc0783bd3d93fc94b7fd3b2a62b8a2454d324f98071b77c95fcac99

  • C:\Users\Admin\AppData\Local\Temp\Cab34F7.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar34F9.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a