Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 10:39

General

  • Target

    de.html

  • Size

    24KB

  • MD5

    abce3b4a9941d130bb03ac8887d67b3b

  • SHA1

    d620b463362c34056684999db12b2e6909cc68ee

  • SHA256

    b78e03382bf79dbcda1a14c3af14a70973fab9dd39e1f60bcba45d01f6819e83

  • SHA512

    035fbf096e11497b9a749361d0d0394cd2ac19234c78298ce54b51ebcc9ad18a991030a49144973e5e987923ff20fa3b16131c5cda9d147c43dd04530ca555cb

  • SSDEEP

    384:Uyl3pt9zhen4kwXCpy7WycDMyfokoF7uYESuz0N+Ll3D+:UGt9zE4kGyyaycD3fovFddBNCT+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2612
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2612 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2344

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    fa24d6b6865e14188c5a8a94cac603d8

    SHA1

    2da020ec488fa35c6ba132ae6afb52ce63c48831

    SHA256

    54e1675347cd0e0a532b921ca526ff4678df0b49e547c610e285f0ad07320239

    SHA512

    2eccfbc78575dab842afa060752a72ff1efa6843bc1eec9cab6d8a42f533d8312a6e11cf133141f000ca9f5de7abbb0ca45ab5d2b56d6af1fc8cc701953004e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4a69f408b79642e5f9e47cfda5158dd

    SHA1

    d67e4c508da102b5764daca4cfd1c419c6924d1c

    SHA256

    d253dce48d262b3528a98286379a34af5b7565c419546ae37690bc530c9537e1

    SHA512

    91b63995b6b40415028e930147cb5e76f5f1f14a41d0720b27c4c92a45d04e29bb421a83fb78c638a3f44139dfb69a118232ecf2184d9018a340f7c245432832

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f27a2ddde7ab6c5fad788f851b191b2f

    SHA1

    4ef0c9730b493b3662080bae0f7a6ffa3fdee61a

    SHA256

    0a6af9c697431c42b4e1c98f274a15943a2a86fd09d9320a955cb4d1e7f7122a

    SHA512

    46b9c48d7e2a83c60cfc669009bf5b70caeac72cd316527a525d74711c1a1719c353a0ab08c6489311e0881923f1e392f6cf862403980571e9923d966ea0857e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    85a34b6bbf83b0a6afba9a1484fd4746

    SHA1

    e3289e57efdb05a12b91902c1a4781aa164c673d

    SHA256

    106ab2d39f7c94be4d850dceb182e46d67a79d533fc8e7ba0889ea6248ebdd13

    SHA512

    197eb1c61e6f756582294964a477f675da6692c33d1ab18442cc40e8a6b1deecd868a7dce3d15d7608757400ee426b647fd0d2dbd59f72f331dde4cf0988803c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55bbfe19ac729f315802bdf4c0ff3f2d

    SHA1

    315d47d44cc2ca485d70fccd9b502d72bfded546

    SHA256

    91c39b39c87560a5d01e6239710154876ca0a2840c73afe3ca09959bd0a49a3a

    SHA512

    b426f56a7df8b19ffc274d9e20bce47f99932644511bf72fa4e3a348ed47560a9addf0c46ba20e604011dff467a001bde589463d1e65cf3281c83dd75f79e239

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f82cbc2aa62161c0c523a926a38ef04

    SHA1

    14c774c9f7b337bc17da963afc4cbd4376f65d7c

    SHA256

    218548213782d01ad3379f435b0a15a5bc82b9a81f1bf6d7527040ac33e50d31

    SHA512

    f287fd9a769f86d1cbb49f5b8f54a1bf7b622b2d8236a7b5e757a4763b7c5342adc593e037562913307b9d0a3912cbcd0180af57673b566371834df0afaff053

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15509e6c383dcd5cb88ee015cc269d9a

    SHA1

    b879a2de6c37e5b08862437c9573b80dff8f0ac4

    SHA256

    060a319e04a7e11749b352250678f244fc27af21ae186ccb1601bd51b08de1a0

    SHA512

    3beae64debf319951a46f0abc178873ec38bb7ded61768445de31128bb951ea727e52e66f7e68bbcab1cf379a518b973e3d5c4ea8ff1f620cfed1f5aa8bb539d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bbda675e6b536190401f7dde8d06fb0d

    SHA1

    2b48c722caef53bcad29e5b1019aea5b54b5b958

    SHA256

    3c522bec4e1815907db54c16ae3401e1ce03680110ec293b6a2b9750ba02ca51

    SHA512

    37f8885ff730d20e7de3d1662f3d685a6bfe6ee1f6312c37e4a5b690a78edf6b07ce6a315daf15e5c54bd3985d5a8e8b3366130122111a488a2616d20d95c77d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5e34567445e7637aa30a507fce0ec10

    SHA1

    8ed0fb3514c59b2eec3dd0a71b399ceefad004f8

    SHA256

    2ba821279db86c87b564976c60302df4853fee81554e0e535e2375cd6c56437c

    SHA512

    cb1c8fb3ccbb0fc3eb578d12a2f947a75f190da999c918ab5f767dfd1721360840f456d9165f96bad3adb81fceec4f18f0dce1400f3106cdba6185d726de7e3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8758166e65bc438d81a45e05334a1f3

    SHA1

    e1c02087eadf5cb18271fbe4e0be89b731875026

    SHA256

    6e75aa584a3c2d5356738f75a222580f5e6da35bd2445d46656345ff866e8326

    SHA512

    4ee4a47b88518c5ce6edab47b811977fbfe46ee01311730ffc77c2af62b6155011488aaba1084941bb97ab98deec4a73560ef7fb7962a7766264539140633be5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b72ccc81be64c541269b857cfd365974

    SHA1

    c19568ffcd5e5b9f1e2e8f4f44b61db019de8ce8

    SHA256

    3c25e133fd6c423edeedd316fd9e12bc39ad08b63c60a6475e27713b8efcde0b

    SHA512

    87b2fb4d4091f156cb32ff495e7c8da3105559b253bbe290f32d28b06ec20a69ce3bd1ee2e5b8bbb3e24a1da0d26b2391082f5e9bce9917cb01510d3d4366eed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0556a4748be1a725b682685af68ef1c5

    SHA1

    d04a1ee4833416e3ad699402f7c3f3b1919883e6

    SHA256

    0ae95ab190522b45f301a74c6f5237181a23176a682874fc1be83be7e6a055fe

    SHA512

    cbce44674efe880a62778da0d26389d8eddfcabba72fb1f13d726638f787596f1c83744b667adbad1a9018680ce07cba25297d68da6b6858868203a31e700ce8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c756545daae1856e5f699bb575620eae

    SHA1

    684bbebe33f1056830ab0326c35a9e7d4c417600

    SHA256

    5ea0a9eb04572af192321e7b81beadd4c752d68e8f23d2a65572b711de1445b3

    SHA512

    8ec67e94ca2fcc3c75b2e53a8eb1e83bb21196ca1d5ad079248ba6495163f673cfe48cc0bb8489386e9afe320db9510912e6385280071e8eac99aa139926abdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecf69919a90e0e37c6e4e05fff482b8c

    SHA1

    80fb814a5db6fc743b048b042e9b54aa91997e1e

    SHA256

    1e072c850d0d0949086142cf78dfeef73c0c3959d0db8b8a7a693fa36d8ac4ff

    SHA512

    afe6e4370b5879de0af9de8662c14418b87160d7d5a6fc7a9ae1ca52b1dd76311b73929916570dd3e6f90570476a329272b9bce1d29ac1ee87fed63682a0b26a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5c4b32e536feacbf02ba96fccb86e4c

    SHA1

    759889c9d1043d23d94ccee057f106d7687a3e3b

    SHA256

    c076498d7c8d0b057d0b5cf2e1a72abca64b9a77656637ae398f646dbf7bb24f

    SHA512

    93a10c412e0bbd6d2f7fc36b969e0795f439c5aa4d5e6d772a13f494d1121fc2f502761db7f61942d798e56a121ca93bcc594c043b740fc9a61844955578c73f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dda623fa232627074ee051027750c981

    SHA1

    f91350855337f1215776ba1cf3b283d6cb3909fd

    SHA256

    8e5aad8d4396bbe80823c53f267a1540a7b431bbe763a52318c3c41f01bb8e0b

    SHA512

    fdd81b2d02bd1baad5c10d6d16f9e5cbc5cc2788169358f7938a72bf29fc6c4448795945775ecd7a2a02690adad24d449c6526d75ff9220b503fee50cb8337d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3887cc34cad71acdb960c7f5b8b18a16

    SHA1

    61ba7d9c57971910ce854b1e19c06d3776c32456

    SHA256

    558e317250f1684566fff28a76d84e5abee11c9d2fe7155539a5449076c2ba7e

    SHA512

    09726e5a0177194a317923edb14eb074be04389bbab7122dc1f23af873b8d19082bf492e1eb5d15e43f10a4b23370e3206fe71aeb4468c94d468bdb9a79b2d21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11b8a068bf86ae29bdf6cb7200685c3a

    SHA1

    dad0c50523170b35ff354919422edbd1d071c021

    SHA256

    6704186411603e1ae90600fbe30ebe24684f62d46514b987ba3a4ede6f2e9107

    SHA512

    1955db185910a0e1e249502c63cb9204ccb7ad980790b6921ff3fdff2a60b143d4168e5579228aa3676ba67f74a0bd2cab746c89a9de4716766a8cfc65cb9062

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    345f672a2fd874672cecf7c168046e4a

    SHA1

    c67963822ba40f7e36a55db0f44312ee4868fe1b

    SHA256

    f468fed646938da3c3efc73f1740872b168ed1fa690f0310c36dfbbfd22d216c

    SHA512

    f530adb9e6c91e297b61c96727a0163bd4cca1a52675a30b10bb484c50a090c79262a1bd6e599255990108545d91faff414267f19d79e0cfd91be904507c2560

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca9b6a8e897d109fedb589e629ae7589

    SHA1

    cae6a27166353afb42c7d1a107c4f07424e3539e

    SHA256

    b1eea5141f338dc9160e4013349eaa3ac6f4111b74f1776b5480c0ad8ed1d5fe

    SHA512

    10fcbaab5451522b5aacf5f19cac6c5bafd5ee648102e40d4dc0945ccfa17b37faac0174377e6b99a3e81315fced2fc9c39ab96582805769063d27e7d76b796f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25cf0de49cf5503c59fad91c32a48670

    SHA1

    0d97da3ce6d3b700edc06765ce75e5bf3913f753

    SHA256

    0099d30f0b920dca6190e5f304982f48cfad83113f4ee4991cb32502614cd025

    SHA512

    9413436c8acd12ea4bdcb66abebfe0e8216f7127ad8a67707702d17e30772a21076c7d93d73006ecb826b002e25c05e4385e5fad7f28ab9dbc719a33bd1d758f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    4879add08a09de453d77463da1794884

    SHA1

    2a50d8ddfd48e93967fab1c5a8c5e7292160fab1

    SHA256

    d54ca87bd0cd5c8c10eacac42188bca8b87e79b6484ef2665f1a6e3593cc02c1

    SHA512

    2a1c8fc898c037bed550b8d52910ac4adfad9da163d250e8e0741ab4b6b9ebb22402d166b4b3a1af96d1b50cc8f1f97df3c36ce64afcc8703060f915a46114fa

  • C:\Users\Admin\AppData\Local\Temp\Cab2ED1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2F7E.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2ED2.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar2F94.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a