Analysis

  • max time kernel
    143s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 00:36

General

  • Target

    sample.html

  • Size

    218KB

  • MD5

    71e366fa0e3c0cbde1ba505605df9a17

  • SHA1

    967b8a47f7e02831eee22297f8044275f09e9f4c

  • SHA256

    99783615afdce4f324ae6ed3d2d042b3699126397145bbad06d8bf8eaf8574a3

  • SHA512

    39be9510c1bb93ea4724f654e4a3292eb260c969334d9fea1257e01b677713fd3f92702bfd218a2bce29ca2ba7b9c65313cd2365c648c1ba7c00f7186f26562b

  • SSDEEP

    3072:SDRl3Eq81v4q+XtnyfkMY+BES09JXAnyrZalI+YQ:SDRJEIUsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1196

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          1c73e7f35dd13ff0d6a870c2e5bbc872

          SHA1

          0e4142ecdc75942889ed9d24bf9eb2814be640c1

          SHA256

          d1207380949aad86b4c3401353432b124545f216aa4ac99ba87a2f6c56467466

          SHA512

          e686f1533d8c2b913620309899054b6ca4fb24c88ba009fd84e358ca79040a80a2c55c3eebd3519c2c568a909787ee3512fea298c89a104ff6e8c22ceb14b68b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4e906f30dc5fc0be53b3a3834fed9e4e

          SHA1

          3e2257f4709b085f52fe35f064767c738e32a87d

          SHA256

          bff2b0f443e65b3d9ed01ca06312d532311575a491b986b3763901f7ced090e4

          SHA512

          285432859a6cd5d24b30a1cc9519888aaa6153c75760eb6a35e308da759bc12531695bc41f9b0aeb8f55dd70033c2978c909a1fe79c0695ae9fc7f109f3c9422

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dbbac31b10ab5d739ee76b1513f91fb2

          SHA1

          95146f939107a724a48ca091b1f1a668ead7fb23

          SHA256

          7a33e2aae2e3ab5015933736b0a5248f2c607a2e353a03b6079a35a10881795b

          SHA512

          8e60dfbb5aea1e42295517376819ec95222e7bd1f8ef3ee16eeedae2240c290b8ebb9430dddfb9651b7ba8bf252d0ce05579c010bb331c39a66304b67ba3709a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f19cd4d029604625504e27dfa9145bca

          SHA1

          e71088a36f9aa4844f4555ce09628cb98a98aa30

          SHA256

          7ee3392f008b96cfa8fde51c482bdad3d4e9b649398d74e215fa77b7d269ac10

          SHA512

          ead16b3d4bbac0fc654a7c3a5a4714ee375f53cf362150ec85431f65b6f3f356c252d73ad505b6454c0731d007be70b703828029991c6874b297d8df4ab56757

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7b9dfbeb9bfafdddeb49474303e15f5f

          SHA1

          a553cb461c74c526752a6d7fd7f155acac223570

          SHA256

          35c3e808b7988cfdeaa285c7977f800b5816473a355f263b1f3cc6dc2cb113cc

          SHA512

          575785cf3cecaf50582a7d4e9e9ad11c2c0a60c5b304f381e047615f683e0ce3c767841d7a4e08a953cb8c2c000881aaab44de8b986976c9c8c043551c31e003

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0fd5019df2f864cc9ca2b6b98f3aacff

          SHA1

          9a71eb1c77d947bc13db508c8fdfcb39b9b30717

          SHA256

          883c0be2b4067e01db9ca208f3c9e17243ce154ad5680f30cf1972e3eeb947de

          SHA512

          cb7166bd6828df361fb631b230414ba066253621060eec2d6ce9c37bfe239fa805e2b6e5c135a6c51a8c271f5b3d5090e5c6c162365620cede4919835a940311

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f095611a106e68722641cc586d1e7bbd

          SHA1

          b7cccd546dd5cb0f1f4c37e322cf6f9a3b627584

          SHA256

          734fe95edd40a79af8641c49362d78f1925c8014668efac4eaf0ecbdd23a66cf

          SHA512

          01114f6edda805c4d8f19e127af46b2b63e52ef1267d93bdb95bc45ff99d74072f4945ca578b30f5386a94a2a254faaea6c4303532743dc88a09c6241838fef2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6ed6e89f6b9fe607e018ce011d82e3e2

          SHA1

          0243710097251697b22d24760511cba7e54828d5

          SHA256

          95da09386f8533c85b1ff294bf97751b408219388ca87fa2f74797d5b91005ce

          SHA512

          b1084cae6136348040b3f6660768c3b15c838fa100c2ae173b8ec9268c3d8f99f37eddc57331a3faec5583e945db15f66215cdbcd3d863c5cdd96119b5b27bc1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          063a7006781d4b949e417af19d7cdedf

          SHA1

          c749eb72346ecfa4cb1569a67e9a3ae348bf4c6e

          SHA256

          1ddcfaf2b9167ae7773270f6025800e47d6053bb3e1897909fdd0b853db50c2b

          SHA512

          020b1e77cd205455b61f1e008f92d724e00030812c93725d1a8ac1ea541a650ed1fac31cf446b4bc9ad00fb389c88abd300bb6ca313bbeb2ab9d5c2e30596b94

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9444b2a37267d158c3caf4acf1d75b4f

          SHA1

          177fc2aa6abc9b3aa6fd1260de605b9134b6e77a

          SHA256

          f21086a9138a23209d1da12071f86252201a0cade821fbeafcc683a5bfabbb40

          SHA512

          dfd6cdf5d637031c1d6a92857fb932640ee01baa56e70945176ace10dbf7b5526d17588359f756e67b62abb3461ef3117a6d871df653dc2662d5015514ccd272

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9f04ebecbcedc370f40a8580cbda2b53

          SHA1

          c42e2c4f35720a3726e0a3abc161e89a0c7e04ac

          SHA256

          f1168199f08d2fbfe3939a2bd355c2f91c9c492067791b9f96054d47507810e8

          SHA512

          367f70f5fd446ee2aff086d2104f037ef647d0f86958c4273b5edf41dab0e4b71c4518ef1b58cd3860d40354d0f3f6016442382ddf5f8cd529c855234dfb1629

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          843dbd9526e53d29bd00f5d114161c3c

          SHA1

          97ca15bff349576bf3634de698b6e89f1e4b9947

          SHA256

          53b814fdb6717bac76f6db7ceeafa3c1de3bf511f232b2a3a9435b544d1f52b6

          SHA512

          3a4cffa8ca8344a269a50a16840f7adb1f36565ac6e4fe430fe29bb8085ad6eeed4d75ff944ced30a573223e955de63570b29ca52d58b6fb40751717d314e8fb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a7d71159a47ef2cd54d746fc7182bc58

          SHA1

          08ac7ce7e10f8320980d4fed7e36c58584cd8219

          SHA256

          262b574d040801e1fa85b45480dee0fcb72d1f3ecb5212b4c30e0286c81bf424

          SHA512

          2a87fd0a1952d6da7d688cb9f3307879ae1d4a1408eef2ea74712a474c3bd468a4becd1eaa47b9da583a3dd56b8dca74d6574f097df72561bf97ce65880b4bec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          711d675107a1dac72ec994fa4ca761b5

          SHA1

          17f572fbecd921991fe3c8d64e25d899956660cc

          SHA256

          8be34061ebdac6a67e0a187f89ecbec6d0d8f70741b14732c248445288f67b2a

          SHA512

          27dd254242ae41d7fb48999c414b56e66af906b3e1aebcd7dfd95f6c59e27d6eb15de87bd510c41a1796eb812a77cd4356fe74141a08411ea91d6828b06296e9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          99d9f233101d4753ac861b1842b23324

          SHA1

          07ec0217e04b7ab45d1e5d1617c422339cadc921

          SHA256

          f651d1ca7e3de70c1285cfdf4d0363b29ba844f3ed2b6230dbfefbaf7add3fb3

          SHA512

          5e4b8dadec2db525d8706eb2d7e03718ce9c81fc8488074ce64879928306eeccacff767f0bb405b41ef16f638bfd7c1cb6d89d76fc2cdf027ea6081e266d2a15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          209c3fb67bb6f96de97ebd3e88fd0b19

          SHA1

          66629875b45e0f5cd4dfcac35b901fdd8c98ea8e

          SHA256

          63a178033bc6ea0e6d6ea88897d29635323347ea822fe5ed653a5706ef1a9c38

          SHA512

          c2d9d1fa95072a42974b2e1a7d678b07518c15bf2fba4c21ed3623e48f78eabe8058a1e87f6661b1c3dbb92345afe4c10324512eeb815d8c4843699c48fae80d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Cab1F26.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar2071.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a