Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 11:53

General

  • Target

    libssp-0.html

  • Size

    292B

  • MD5

    391a97c55242436ec33d9e299dffdfe0

  • SHA1

    c8a5be95d8a698cb67b6ed4b2b344205228f68b0

  • SHA256

    b7556765f7bf6825a9d227902ba04e5b5e7b0f4e5891373417f895a6e78910dc

  • SHA512

    0fab06f6c168956e7b8f0a3f71a7b0ae02d9ae3bb7a8554d3dd20462a89dbe61059972e3ec0e2f5032faef796b426e3e6e97af687c8652b62b53ffa275c8ec59

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libssp-0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c41db422314c721fc2de766009ceb136

    SHA1

    74d8d6b44a9db41755f28f2f955e1c3e32022188

    SHA256

    10a454871015953da2b8d40e01f8b963acf58cbf42d48a9e162d835a059099e1

    SHA512

    e29787019a5805f6480eb732dbc4e99a8e014b7e9e48f4500ee717134829116d96f4b8852ec1b527c016597c873c4b1851ff30e33b88a943dca3d8c7ffcfc8a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a226ec4250527161c956f01a7a021d0

    SHA1

    3ead62a03f02b475563b2d17584ceaa64e61f8ee

    SHA256

    52aff70bbc0f87cf8accd36df866ace0ec2c51414167c4553e3fc8b5c631ca37

    SHA512

    4b06cf054084712a7a0b333699539d694ff3157b2422d87988dbcfc05918522b57d67f5097ba6540dc5ab759eb5b680a92a671b3e4a62de64950a4b52907fa85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    01d37bc8550975c876ae021058afee2b

    SHA1

    90c8c8322d4fccaf909ce05ae7744568040b5860

    SHA256

    34999e21fea3f1d57f13bfb7c0e22ea352541912741acecdbc374c195107828a

    SHA512

    e3eed5466da1e60ea7416e247eff04bcf88962bac21670fbc939faed695fb13bee551405a6a68e7dc706dde6246318bb040a803bff48146fe53fdc8d607eba58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e41706db2b3b4e33bcfeba2f0cc88ce6

    SHA1

    0a05fb90e18ace4c342c7b4cbde91a98cc13093e

    SHA256

    97ab456bc750855a3f08e98a944c4c9cd8490dac28184fbabf680818294f3e8f

    SHA512

    cbc5f9f296840a33860e3d33882ca38375b59023be9a0be8bc912849f2f0ff1e8272d6234d13736ad35b887bbb681f011d91e18a0a7627f52e7dcc4523e77427

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d784227592e56f548c87ad08cd4c08e7

    SHA1

    c3e8b5f4cb8fd4c6599a11f65f051c44f419654d

    SHA256

    95b77074531b13605f3cb5a44283e957b2ab2a54e273e64ac4720f324b7956f0

    SHA512

    ca15c68caee2a97521079ea550a1c586e23047b8aa0d80936dc2a4e445ed020895db0f6d0700a71cddb0ce6072a58ba68f78e5fd577a3d34874e2c8632fbf0e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4688f5724ed9d3217ee8e86c66d0d153

    SHA1

    3f4241be03c557d5a395dccb8ded827433b3c277

    SHA256

    203a8d38dbb7178b0b5f435a340f526379cbc45ecd80602990e0278abae0dc6b

    SHA512

    00429219c08458f776fa4ee62646232dcc783e33cee1e887c1d051a0438d9a8274148a6b36cd341ca938631067b1f38ad806245c70a25001e4fd112bfe78479e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9848628976ea69cace279358fe1e9c12

    SHA1

    403f58305673f318431cb3eeaa38f0758510cdd9

    SHA256

    aad67fdc57e907767276bf8bc440987403baf5137c13a6b22bb1b2246d1d4469

    SHA512

    6ea23b7da55df935b1869bc93f1d4d2c3f650a66e4280a04eb6025b4f3e640f6c0eebb63b764c293faf51bcc632096ba6731408d57cdef5bfdac04bb0332b954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b16472fd8174baf05e3a57e886b40a9

    SHA1

    2d9ca301a20df720e2eec2d7fd96f691f6a771e2

    SHA256

    0154c29f58d7c33ad7ea6be6fe02322872f75986db0bf7b1a6727a55e0913db2

    SHA512

    af0bf5d05beabf9dec315da79398e6005d7c22aa16f028a21dc40728a718abfe3f0d1aeeed280555b8845f34f3b31e8b2044079eddcd29b2692e1bde7b64be79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2b9a9109dd0865b7c291ef3bd978f0bd

    SHA1

    25a01ca49139eda3867e84a41eed2ad45f6a713e

    SHA256

    5cc57ee0f4f8df80235efdaf28d34d4a37d75a6a2d3dd06f0c1eaa0fc4c3b9a0

    SHA512

    73577e89ba60a3b4275534d0ac4a9dd06590979faf8f4e67e63c8af43da15ea46f951471c74f854892f5b616cf1c80e33d7912309ae4be231a6fc192801931a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ff3c987d59c006c888ecf770f9be372

    SHA1

    68f8809235f7641c723b63649e9d2c7d4f0348c6

    SHA256

    6e4cb2f8082d9f21031c5f20181e9b58a975ff51d50eba798779c5fde37bf9a7

    SHA512

    facd0edfe4fe9c27a4e4138aeba5ef16736cfff26f4eba47c616e522d27b9bbcfc77dc2e31085beee158aee09832df578a479651349e434a5fcb33522b298a17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    744e8ead069ac410fe7c20f7a3ab26fb

    SHA1

    557c29d980b6fd9bd48ef96b0da15ab863f8e5e1

    SHA256

    daff51baa938ef1c22393df69f887980acb441fccdf28e9bd467500279f4862c

    SHA512

    aa3f959b25dcf38db61f7d69524f1ccef3c3e9f7f46be4c7eadc213dc5cd1052d19c5b43816ec96e7f40eb1b126aae35eef3f7bbaf694bff7cc9d19161cebac0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72c42ff18a4be434e2ac1ed08974b5df

    SHA1

    5281f55f13fe4ef18607fe9733f8b46485308b52

    SHA256

    6077b88833ffd3c0f67f488f56d8fe3884e5f6649b6c259d9f93e8299ecc1d1a

    SHA512

    3773efa7192ea278c47348aff9dd4ce67337c2c41fe1c4c682cea166cfb1dc3ca779957371a1a44d719078449cea7b74ea7cde263166ccde30680ff16d8f709c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    47c777b7fa0f762d732e554df5036900

    SHA1

    a7a2052d6de3f6475be7e4c2085cb918e8c0cb12

    SHA256

    694d9a54d45287718ac49d392aabb2a76e6d782897b82dd92206751a14ac4a9f

    SHA512

    c1bc895af7200f72419b2250d9f6ded78f418af0eda9e3f5067f3166a78227ca4186b70ae3a6f403a563ddfe925cc13696d1f7725b40010cf44ac1b7bfb90f5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ea69913176e147baf3dfde4e990365a9

    SHA1

    8321e4699f321f748ca824314b50782179c67699

    SHA256

    c59e328b2f9394a5bb398edc8325e9b2b4ffe939ccc000364789cf8778c2da94

    SHA512

    37a68dd90df7fed1e599dd46f4382cbe21093be069963251cd40d514b6465fac4c3e797a9cc3f903a903b6b18efb0824a9c22ff4754fa48d37a7ab7e90c9073d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff9daccb6ff500bd8c7a5385310224cc

    SHA1

    1d671747e220eed185e2aa9d1251ff23cd4bbec2

    SHA256

    43c6e2f66afcd5b35273003aad81d4bd1833d625014a87295621f768feb9a9fd

    SHA512

    b71c04c9d32afe0cc169960d7162ba60042cf06bcd3d82fa4148d864f7c2ae333aaa05d9441971010e77a116d13a04d5e1b56420c0955f2b1585b6eecc3a2af1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b23787fb66f400431bf4f817e982341

    SHA1

    72613cdb98b0dc690b389c5c481b43354830f2b2

    SHA256

    7fa69e480647df38f2905b3a55c57ee3d4899e0bc4cdd728c20ef0cd7f9e0834

    SHA512

    26323da8de2d173c54516c11c4c6fa43dec1c445c61c78f7b270cd988c2191307498d040f44a34650d2dbace01e5206a2006258bee1f233e9ab6faddf62b9f2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6bd2394f05cb77ed5992f24124a45e57

    SHA1

    fa97c52facebc069ba7a72e228f56e4532652ca1

    SHA256

    74b74e219b4771518ead7f0483e8adb658d005273955fa683c146df7ddc78bd1

    SHA512

    91a4c2432d602770174e48c825f712e249e4450e198e077443cbeaf8a0ce415b0afe581296ff62ff856da34459a5be0f604e30543283a181cb0d304af2de75f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8b51ac8239079f5e97c885f8f4268da

    SHA1

    74f3f489efb4a8c6da5550415142ad490e12aafd

    SHA256

    50ae003dfd82e62c5df13211d63ab316788d52c70b5ea91852ad585bc8faeeec

    SHA512

    28763641c49fcba10ece65c24d9361bf67f4fed10e1c358d7e21ab6a2411bab8096c56984e02d1f56e966525fbde0ad5ec44fb9766b3498cdbbd03e2bbd07bcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    049ad832ddd8a2fb2dee824a78952527

    SHA1

    3845938fb97265b2497d0381597cd52b47d11403

    SHA256

    38c3f80b989a6355523253828a20494946d110d2c8536e7b0c15fa7cb9352669

    SHA512

    84ab5d0afa99501d6466874cd8ad1426250b4fce562b01eafbcf0ad42c01cb0896df77cbde4b5db9a682da2d49d42d5f6b227af6d884b42158770b4a6ee91970

  • C:\Users\Admin\AppData\Local\Temp\Cab2BE4.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2C48.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a