Analysis

  • max time kernel
    136s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 14:56

General

  • Target

    sample.html

  • Size

    41KB

  • MD5

    5d248fd7a49970d06c79f898e9aa878a

  • SHA1

    cdbe93a51cbe73803c6d74d4fe9e4583134b1c5c

  • SHA256

    f9454237ab2db48d02814ce634a568d1eb22cf02ee3dbeddc4c8839b52b8fa12

  • SHA512

    6bbc17dafb2cc7957270e2d84903a344b0c7971a237a2f95df31ea9c3643af777988009b9fc3e368d817b4af5f285467896291a87dc31b1e4b9f3bdc01b1713c

  • SSDEEP

    768:Slmh0OdBcM8K+5QjrwatUBc3Z8vf8r+P8cbB2J+QifnNeM+eezpL4j+krRDiTU+d:SlmSyj8t+jrwWUBc3Z8vf8r+P8cbB2JJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    342c77943323206c734992c39527aaa1

    SHA1

    ce929d8dad839f8f75dd0977a92f825281406d58

    SHA256

    a922abfb4da5873bb52a267a5adad38fc3cac64bcfdcdfd6e779dfbacbaa2b10

    SHA512

    56e4620db89f49090ace1b7d5e756536dc6d49f5107656cb6c264e65f8b9e8f1f11a160612ba4b01a4c2dae960da013e75bf25c30c0396bc2b48e80e407aeef6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7e321f259964ce12f86c31d32c3af94

    SHA1

    c54c7159609f956dfa216e2befcdc44ca6743f80

    SHA256

    0674dc1b83f3d9cc30a268555c735a09baa807000fd2a419597868047e9b586f

    SHA512

    579e339b69545b5902b6928902bfd82b52b98a0bd8c14fc080ce3947b97abef8297acb69e273f01d410459a51538628ee0f7def8377ef96672042e6e17e84804

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fd6485a08aec20b911cebe6f47d83259

    SHA1

    93b829edaad4e6a753805655602340e209284621

    SHA256

    486d990cc1cf2734ff7de4c144e45b2133cb1aa4286056cefa580d8da82001eb

    SHA512

    91e90b2fbb59e15d619514560d4f54d78f677024ed27ace74c2a370160acee59600a7e50358c0401cc63ca43f87c36d5cb529a8b66178f4679b3a18d64d91a60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f3527b6f5d4b6840fa6f5b517f4ee83f

    SHA1

    3fad4d5089c6b5c8f64b52b4ce1a2374e4d2263f

    SHA256

    c9ec406e4143f765c34b84a99fe0fe67308ca5b0086776e0a70948947c46a8f4

    SHA512

    23cc20d400e7c04f4f57a29fba01ae7c052dc39e8b820f0525b15086ad362cb10a7795449e168ed3f8b6f128eaa944e5017b380e99de91aa5a2f365a283ecda5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a6d24abfee2d1410f04bb2d529a8da92

    SHA1

    236b713eb74f0d7192f07cd7dcf77b0f5300eef4

    SHA256

    26cc20e7cd4f477663305b8e0a7e395ffa03a0db37d5799589dd7d07437b6c4b

    SHA512

    7a0f2b40d5b2eb87e8a1219bfe273d8a75ec52eb7abc2bd99e5901fb7e286dff14902700799b195e2d8b23774fb50c47b9f71aaa6a0134a1e2bb06a893a2d479

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8cf252b5abc120497cbc9f07762039d1

    SHA1

    26c0fc55642c083c1ee440c014bce1eebba4c5f2

    SHA256

    145c3858ca504a5ca18691ce7af4a436fd391f7186dccc0b3b9413dbdd37ed2e

    SHA512

    6013113584f7097864c7bb9fd9b9501a808c476ad19ecf22a021839d11509ff8e413fb240b590f41be4696e7e73ad3ca565afeaacae1414ddf53b36dec453732

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1ffc17a7070889b28ed539645e14027

    SHA1

    1cce626d783a12619a9ac9820f0b6ba265440825

    SHA256

    cca476d2fb3b6f7c2dc430e5d243b3bd963a83bb4563f232c39f84e392064d65

    SHA512

    69e7ef5ef15f8ae245010d2470ca2326f7fd15d90679f37053c8793978af01fc8fe58087e955b45fb939608eac4397081bce130a04427a73e604a4d1f75ad6f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    01e74e7ca084cbb40a50941c3354399f

    SHA1

    a4a66a8331e97a1bf67fd7dbe35af768c1700c1c

    SHA256

    4097145605efaf538beedf879299d399961b50af1811cb7e8333b381b43ecd0c

    SHA512

    91da31a8d9d8e2e27036ed342b256ea626f562a1cce552a60a2686ad5a43ef5e146d09defe1a95d438e2097b83bf6ea795a0ddfa6f52a5eb92693fb37c43f4e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5cf69683bab957590dc8ccaf2a7ec093

    SHA1

    70ef00557898cdd1d6432c0b58a0289169f6447c

    SHA256

    7ccf2ea3af8b5ae9f7902ad46cbef21cce0f6515b929c359ac4e68256c4a0d41

    SHA512

    af2028b2cd801f818a9239537339a8d28042b073d5e0650013586e180d60f886b5534650618338d71dcb7add0aa91bba69382c6955ea5e5b5edc9cc501e057a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c365bae63fe9a1f5d1d98fb97b839525

    SHA1

    39d69ff585d57703a976adf442984e0ea3f7cc55

    SHA256

    208bfad6a0d543f53966dd4a8a2d25b8809adaefa9ba1521fc70ba3e11f675df

    SHA512

    cfc02c3a89a0a8f9eb5dfeb3c293197e3756f29898dea841519712ba41f1f98a2a1b2eee363dc4db69b80996d7cc0fbcfb99a3d428736952fe1102af854325fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3ac441a2f4111017318215f8663c31b3

    SHA1

    63ee8855800a47ef52b6de8b637377ec89cd3061

    SHA256

    247696afec27631c5f861e559750b8a50cff91b888e19e9361295dd354dac192

    SHA512

    2520ecba09af40483766bfbe38ea0d81016ae98868c48ac22408d2b99410943c8e8a1d6361de8c7138ded87d630678039d9bf322037b4b53a9e6047c350f5cc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6056c2f1fb079687c22b02acb722b30f

    SHA1

    cda03cd3d1e22c3ab1869027c7a51a67f1dc4f25

    SHA256

    5969abcf7cb03d221111b1dbf021c725de8219812b0a528eae7eb472ddf69c1c

    SHA512

    9e3cedbe30798a90861633969bcdab5c4de440312632bc2a96a2c22a59d89ff6ff0b03cff998a9c3f440ade0d33036228f5c3c718952a451b2d04c274bda5309

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    693f4b6730be284408553341b895be66

    SHA1

    563816a23a0c01d84b9ef75619791638ee39e6e3

    SHA256

    c8fec9174ad257e7e81b43b35884e1501d1692ae8a298719277106268f5339ef

    SHA512

    0f4186d59c52b06364387d8b7b8b9857a957c7db1bc5f7fa473125169f891f0f8e11a5bb258bce3452bd76c422cd960bc55d63fc5099f1ddd9cb7b3ff1a503c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fecc55bfacd73f160298f891e47a399c

    SHA1

    d3238a5c011ca31819358e16ae29179afebabca5

    SHA256

    9b2647428f7a1f4676d2e6f9c80f2cf7385ac05c9df9264fa8378ef0d283f11b

    SHA512

    325a105809efa03564e3d3d7fba7d01315ac4610a681662cb4e7a39338ea7d5d5c3246e06a6bb399881887b22890bc3380e995ede5790cdbed94aa4ff6487ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bac72e4ec38fb9105c542be9a52b5b7a

    SHA1

    e7b7f82f5e534c162ec114efda56f6e47024c438

    SHA256

    467e53b0dd703c46d866c53ac4e15cc8985162bce1a14c2cea1dacbc5c63b33f

    SHA512

    9f1a8aa1c39bc91d4f8fb616a11a6010b19ac5d586eb98c6d0aa6219b62295393604ed8ccc667d50935bc66a1279a348d8823bfafb032239adc46e1ce419c46b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    898eac5b6e88fc6512c284a71e9207b5

    SHA1

    8958402a133c96e482aeb76fdfdd184b53ab5239

    SHA256

    9d0c7cabedb1a252a7e9ee8ab08495869cf127b4fe90100d73ffa3da52800f78

    SHA512

    9cab69bc2675a3cecfe68b703193f0f9acfe1618d42a47f1f625f5511ff718ef8f414ba533502b9750559ae13e4ef0cdb10ee209bb7f93bfc78e65a1db6b5556

  • C:\Users\Admin\AppData\Local\Temp\Cab1122.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1193.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a