Analysis

  • max time kernel
    141s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25-05-2024 02:50

General

  • Target

    456310291328a616743e0a769f4a237b07c7bb7871d00880d37489e70e146a00.exe

  • Size

    38.6MB

  • MD5

    8b8898168ab1fae4ed5d261492bcd378

  • SHA1

    b0a90fa0babacfd928982ad6c10d20a6eda28d50

  • SHA256

    456310291328a616743e0a769f4a237b07c7bb7871d00880d37489e70e146a00

  • SHA512

    28e7a51162e91ae4810aa908f712cd1935d9dacefc5a0bff02f81f3f96c225f6762f64780e7d028813245706c6112877f622e8c5f482a65b477452586d325f12

  • SSDEEP

    786432:7n6iTfRwFOUPofAl2jtyfhcDxvVzyaPZr:df2VP9l20fhcD1rr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\456310291328a616743e0a769f4a237b07c7bb7871d00880d37489e70e146a00.exe
    "C:\Users\Admin\AppData\Local\Temp\456310291328a616743e0a769f4a237b07c7bb7871d00880d37489e70e146a00.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x86&rid=win7-x86&apphost_version=7.0.10&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2608
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2608 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e396901c22b4124f36d6bc834511518a

    SHA1

    c69878c157ef00461a8993e4843424f87d50a0d3

    SHA256

    741b1eab5a3e84989f0eff928e5e37f19a7f96f982e640522fd6cee333a04f3b

    SHA512

    57598f78e8c6b141d3a864895b2788476b668d895d585baa0b7c1549db7d70c160b2c84a8c713c1632c0e3264494501bc47d78f707cb43cacf174cdca9ab18d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bac8839bc8b222b75da3c91029a1d7db

    SHA1

    ab14c0afeacadbbda1b4105ff0e4b7391ad8253c

    SHA256

    ef7b122af5760445ef3e95ce15f86e0d9937761796713b441c45cbf286b37e29

    SHA512

    abcf4b3c3bedae3b8c60dc3f5b13891ca58654d88481ba23194a126c589b5e3c2148cffb40de3cf1ecae77f8d4b3b209f5c34b521fe291b6f22daa6ce0f5cfee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dc906c2285d8f7b1873c9bb7212dd5b5

    SHA1

    62096a9b7726bbbef26180c2a3de8e0bd258edc0

    SHA256

    e9216e02dc09439953d597cd056334027e8cbdd6468e75e93533a41fe7524099

    SHA512

    bb94ff40bb709eacea2b8d368d8eb499cd58ada56d59329bdd14770ae07ab34ea615a4e47b544fd64becafc878667c41f46c0819ee7b248f8fed70c3453619cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a235ad33ee7bf155138e23aad933b29

    SHA1

    6d9237537108530b01626e13802680be7a154ec3

    SHA256

    5569529f71d64ff3f18e6b2adb6300b3268a41b93c43bc71885927d1380e5ff6

    SHA512

    c42449af98cfef214dc2838285e30cefa434a1c20aeebba5bc235ac7481533693ab906d0cf09205d3abfd76bf1887a91168a413b8855f36fe5bc69829e37b958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fca00ac1a0c706d78234052917ad9a8a

    SHA1

    e14d8ce47d09c3b5c4daba0261c4af17ed279ccb

    SHA256

    d60eed90055572327640112fafd99d5722d24c04f817e78f75c85be0d5d81812

    SHA512

    4558be390dab0d7b271136539c6c37f85ec0459d95fa8c2e1ef3cc5628cb12218b6b72da7678149b3b8356a142a1ec8f0717b90da2250ca8742692aaa3175cff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae917ab2961430b14e63e1958fc397c6

    SHA1

    2abdc9939fca4599aaefdcf86c53f35854128078

    SHA256

    2e8ab00913d3551386db838c390754c4ecd30857911688b5a0b8642943ea29b3

    SHA512

    9245008e6bd755d5059e25c6ade65106b46c6e76d09479388feca9e4acb5cd89ce8c58921d7bf2d0d6ce4f9b29523443930aae965769f198888ce00a6aff02a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0518dcfd036790c3cf5ac709d1e36f64

    SHA1

    8b3df24c63de417df2d9b2c2ee7754d635e62d98

    SHA256

    0a3ba69b14067fa90f4a99e9e881edf1af83f4d6a3cb9480883eb80a6aaf1666

    SHA512

    8307b2a7f8f2ee56f99d16fe759495ed7617cd339ad0f8acbc2e5f2e2048eb9b9ca14b4b12e72f67a39ddfcaaf21d1744e22bbe014865dd74f5b798c777b6ab0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    adcc1d15f56f09215944a63cb1ef71e4

    SHA1

    c1d9013a502833aa0e5249f67c7bcf269740fbd5

    SHA256

    fcb808ab003ed894c37fd9ecd281c048b63ee239560e97f7f46d9f387952cc24

    SHA512

    e5d3187cdd3446b6edf7ff28da9d47ad72f35d76c60e2be83d25a5595bd8613bff3203a9eadadbd2f9a5375a1ddf43b7e3ecd7a5baf4f34b38c03ac1e30623f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b70357b30f92c2a8ac97181ea10c0ac2

    SHA1

    009dd926946a8c1bb332c9524b76033c7daae186

    SHA256

    0e6bbb484eb6178ce2e4ed4f434d3d8e0fee5a5ca1386e48fad17add316ffb28

    SHA512

    8d79183b288405ff3eb96ac81441c6e5687ff8cb5c390f8f5407f9c58c422541265a46997fed2d65d248b736028ed121245e773d4609349507b20d081d5782a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d2179113b9a28eec1c9a3c7c07724eb

    SHA1

    a1c4996fe14fb82d676dd3d43c37695b7ec1f78a

    SHA256

    c7f43f3e9719bd019fb8e8ef6b5205a9c02903355c5f785db91dd80cc69c94cb

    SHA512

    51c144a346f9f6042c4ea07a8e416e4876cc2cf8b91fda1cd4511ceaed2744facacc49109dce7695ae79525f91f252b7bd250c616c13936e8d2b30de20732a1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f7a24a89775129a7637dd90fa9b0671a

    SHA1

    4122803d567b383388653126804efee56fa81504

    SHA256

    639a2f9947f9c4ad14af9471b763358fd5e6f9ff0bccfe04ab1f9f356dc56e6a

    SHA512

    198ccc4de58ffb96d3d8864caf17527841e44babe16689e10cabf1096a99944e24c04c5f0993dcf5569d87729f83494c6fd3fa8e711bc88660dc8a5ce9470391

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6d2ce1316e2c7343f0c0278de2e23de1

    SHA1

    ee5ea7dcffabb4e704a7a002ca921504b02faade

    SHA256

    05a6197831355dc12f1aab93232078d4072541c4f35e13a70db61374d583a699

    SHA512

    0b58c63b3580d1c379ae58d7c013559142224e1cf901ea7dd89377df6114d5e2f3e0d16a876876c8fcc5e260c2ce0ca1a3dd934aa51255ee50e71b11f2a85a1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23760feeb6fc5a4a360124208bad36d8

    SHA1

    8baa55ee777ebfd0da8e4f20fd96b68eec79051e

    SHA256

    753728acd377832cb1de6aa4dd44e2c4bafbba3f3facf897045bebb1c3ed255a

    SHA512

    b5307a02eec6288ceb1613cdaad61bb1084f960112402fd9ebc97d75c940d4a308a24f067dc4cb7705e1f3f3f9bcb27b19ed82d665b6fb185a3c90c1479cfda4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7279710cd46b913bcee6b140c57eb19a

    SHA1

    b7bf5a50562cd1e1c8cb33ec797e7a4d0dc704b4

    SHA256

    d9eb2dbc21dc501edb5148915c8e6ca1b380dbe17d31b18d8281526656447006

    SHA512

    6735d4150d927b262707beee7f15f66560205d274e2f16fa4f7b117986a6c1ae73ca03bda887e70d9417633c85b37073bcff514a2dd8d81c2a7fb776432fd5b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a949f5c1947e58553d6c4e847d3eaf4d

    SHA1

    26c0db1e516e87b312da48e89cc17a7e255582f1

    SHA256

    dda3af071b91215ab05fd51f713b902fd5705a9e768a60386e51d63a92cba165

    SHA512

    93aeb04778844a5fc0c60c6178b5c238fbf3b002711ba37c66adf471f1c081f27634aa00a9aae642969ac476d66fe1de18130e285934d08d1438842252ba212c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f88ae608e569074e0eee5d5d14dcbab8

    SHA1

    5bb03922a8720707926fcec68f8233d5dcd0aa7e

    SHA256

    6b030d86a42db0fe73eac110ae625d7faf3524d917071928ea074145394f9ba7

    SHA512

    a62fa63c56914014cf4723c37dd3cd0123544ec24619616c1c702888562246e777d58d8cb668f985a32ac5e35cd6514d358e23e68dd246b6f1f91945d5bc0cde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    930fb07b7e14ed46748bd427e1ddfb0b

    SHA1

    9b7acd3ab64ccf9137feba6a88710800fe0ddf3f

    SHA256

    b9d3ff904f8b0b54fd7769189ecaf95f62249fecd7ac825a6d838829a5c7620d

    SHA512

    7d2d17d1f0d5ff580f59b87f5a3dd9bb96283d5e13131e54430885ad5c6c527bcf522ca04807795a273863c14bbaa51498e060ff3d234e59e4bd6865566de1e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4ff106912118cd6675843fb812161748

    SHA1

    4238fb01f65a1f482061f187ca0f0c591ca841cd

    SHA256

    a67e3fe3e6ee27817c018f52732a5eea03a19bb6414c21f6acb91d46ab0164d0

    SHA512

    33a2c53a4be0bc184be13f750e8a24645d1b2e35c3953016d23cf3348037d886188b72953ade9452666c6e8d835c4396e9a3ea40d36e717cac9d0cf092703d37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    25d5e6c33f2c235bd601afe506f10149

    SHA1

    a420e03ab85fef6c48093155e576cfc4cfc516d7

    SHA256

    b002a178236aa180d8c441ff48c6f7c7aef669e8197467bea8961c2e3affa5d9

    SHA512

    b652f05c0db5222e56cbb4648b90fde35823f3267fb214de6928092e09f2b5e2bdcd49e4ae39e643b912495679d8f43747b02c5f954ec8ad059bc505bf5c2b74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79eb0c10bce7083267ec6d5be8f5a31f

    SHA1

    d5cecef7a6bdb646afa6a0c47e21897fea27d0bb

    SHA256

    749ecb0d4576f79b7a4a2326ea486985072229abe116b111951e75a424155907

    SHA512

    7656ab6de56bd3bb08e0bf1702b1379c1a746bdf0229d445f912fc89168c57777e23459d4358ece198bba812057bde586df4a5614485b3c2b37c36f394a35632

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c2f6ae14ef231894ca9e76358218b3e8

    SHA1

    f0336afe39d9d8de4d48f9f0d85461285e6f80bd

    SHA256

    2519c4ecf39aa460e0f376560ca7460cd1c951dbedbf0cb3ca74dbc0074c21a6

    SHA512

    d561a43bcfcbe747cb12a8cdc242bdc518b178fe282f62ba448061a7a4b10ef97e4049d097de5c72f9b11a3e9249f98c77c41656f931bad3f82e0fd62b42ee2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b6534bc5f89d670a91cd96b7eb1a5a6

    SHA1

    790f719f0697ac147d85c4a3726fa0e9c610537d

    SHA256

    aca7a62928c52d83a89810d68ec688c86d356c1f7782aa30a0cce7894a3aea71

    SHA512

    f26fbafbfee1c4654a57085e955d959c6ba26c7fbc632cd0810e08ab97dcd2acdbff1c2a738473485a68210c1206f3a1c42d9ab33d6d420e93c792ff74d68a89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    880e8810125447dea56f7116a8b3b014

    SHA1

    8ddb05682f64184817d2c6819c63463720beaf6e

    SHA256

    be066810f54713c01b06ec41992dfa086bf7b5e6b1850fd1fc56c1f88f466326

    SHA512

    fba00730f90e22501a0e832fab04fd1c9714aba8edfef97f572f78f52a5dad2a777b762163288a055336cd1e75419ffbf2788c858f84a8438d8adcee794f600e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fcc61090b385dc669f5f0672b9b073f4

    SHA1

    c1fb9c353052ad65c9b45591e76a3596e1b67895

    SHA256

    354cb29307157170591dd8864e8cccfba45e6d37b8faeb0de489c45de21000b3

    SHA512

    f1fdb9f66dbfa694e971ea0eeeb0cf39d7700029f360b7377f97cf9cba302f778487fb993809471ea2bc8199a7cb8a382be81e772c008e9f97c008741bd05cee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    64b654c4b99af45349bf37fb2215e9ba

    SHA1

    76a1191af0cdf8ebed47b5659006f8d1da74cfda

    SHA256

    214f1f1c22935196808af41be5262e94c4a46224bab55a8b2620dcfe6ff17d41

    SHA512

    2b6be5cb114bf6a4944f2ae95e3020bbcaa559eec353aa9be3ffdbca2bb2600088d141d0048e41d912a2a07852b09ac724b4bf545f39e6eca932c14181f69493

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0c1b5e1073ee5a93287abc5cef2f569f

    SHA1

    8f70a8552e6a1f76805c50df83083f933ab322fb

    SHA256

    65f7112f6507e78cfca29dc745bde2757e4f016da9fb756405580e39ccc41889

    SHA512

    5b3d19712748db8a7b00fab1da8b9ac8b4fabc60846b76ce8a4fcc86c57e3a0422618e077aa0dd063bfd5962c5f70abf0739cd07191487ac5a5ec5bfd20c4ef6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    35eccc152a8f8ed584ac5747a01d01e0

    SHA1

    6699809726a5cc8a8f375a2f9a1861419f8abb45

    SHA256

    f93da6a176a4ed69c9dc54d2612717ac389824ab7b3b54eddaa8376e79213347

    SHA512

    bd5cbb2aa9bc5b8d5f130f78324fc4577f28224f0d88e186cdd00dcde11a478c2a88df5733abedeb9ff89c12a1ea2752d77257644afa5b1e45a9328e90ebfb23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a58b0f5b17efc731d49151f36a868a14

    SHA1

    4d02451c241e1e59a09673a51713b352a098f19a

    SHA256

    0395ec71b110e9461a62ec15f5099f36b036ee1704f24876ce4654df998a9ad7

    SHA512

    7f475c7352d7026ec24b48aa9dd74cef57240c972f4817282f1b3a7ab014d38f251f320c6df09db4bd91bf77d7d317a2361e1a13d44081e6c8b9047436f0c9fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0bcc70f565d151affe4705a410ac398b

    SHA1

    3e7d0ae5dee3a45ca838039a6abc8d07310cc0d2

    SHA256

    836fbf1e96a25eed5b4e385bf8053e34be711a37698f2c6d661eb32a445dedec

    SHA512

    8b940bdbc799ff108161f7e601ad1bf266ab2b7459031ae27da705ba7f5524baa5ba84a4a82377375a1346bdb507e1facef8a4e65df520f428aa335c75db0b17

  • C:\Users\Admin\AppData\Local\Temp\Cab344A.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar34BC.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a