Analysis

  • max time kernel
    119s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26-05-2024 01:03

General

  • Target

    Sign in to your Microsoft account pass_files/prefetch.html

  • Size

    3KB

  • MD5

    2d5369e7e47f7dbfe6cb7e18f8071c3f

  • SHA1

    cde256882d80caffc3fae88e4abce2001ab5f74a

  • SHA256

    24d59394327312a5cc8327e09be6dae63571e60db9e07fac81a97d577fa38240

  • SHA512

    84d9a2b3c474376c10633fede5e9a3c5e26a623516ef72ac18a55bced7b4581ce71e3aa5c0b5cdf1ad1232e53859919c049bec724897b6e97986a7ac34f8f4c1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Sign in to your Microsoft account pass_files\prefetch.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    26f9adb76309195da2ebfc369705d010

    SHA1

    02e4db488aa3057846b0860a8f378b0b2355da6b

    SHA256

    8b6ac6c93255d530427d5d78ad6d2c3bd6c676e5b27bf0ab6601c0106e51ac11

    SHA512

    be1aafea88e545f1c798d406c24df816a1b2ccce619fab2269f75c299b80befb935c01073978e2b378a08e3a7d940840532e6502c4545e0bcc1dc6c231376ffd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c339d99ad2b97a72c2301928b47c950e

    SHA1

    425d440bbd51095fc64c937b483fed14635c2e55

    SHA256

    5dacf3b656c9e8adee5db88c003632d7f6c1f6e60434713b6a301e6648bfc248

    SHA512

    cf1c4ef12edb08f3307f4c0ead08584145eaba87d1c627cd604d7fd630c787f2353b504aad7133e2634ca2fbcb3a7c00d160f70b2c3850a4601c1cf611fb75ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    68ee460eaa20f9c441f75a98aa825780

    SHA1

    f289e086c7cf6104cfca5296e40229cba6b6313e

    SHA256

    93fc9e36e811ccc1d65342e07e088370e2ba4a4b36ea47732b721d601e88e028

    SHA512

    2c7d7ad9efa6a301b21f63e288dace2e55ad16a72c191c8f0ca75c032c2527718d36acffbce16d2416a0535861f9359096f556448126fec26cf511092070ad50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49574b33cc9739480f4480422a41ee7c

    SHA1

    db60e5eca67a6cc079ac79d37290308162c75814

    SHA256

    9b5d5c2496f661a75a7bb325e07d83f73c97e6814a9bfe094f2778517b6b443d

    SHA512

    f8c69600677560c31d648bfce82d300cbdff9f02d4ff9415d1cc8931f900000d147d581e30db4e0154600b24f09ee948de77fe64c878132e21b33daa293aa4de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    925432915ce8a6ec8d374d1b3999e464

    SHA1

    a77b9825db1f107285e3f53b3fc889ed7521de4f

    SHA256

    35969bd1f007ecc24f73dcb5e301a8017101f6fa9fb2894518f8a4a905d83973

    SHA512

    e909aa69e80ad4f2a2e17d998c85c562a23438bf5cd945a119b1fda5b0f418727f25d9de5b84d73dff3d5cc8eccac456294107e738f9dbebc42b4178a4ea73cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    84c055d4090f8fc93107497dec5e8931

    SHA1

    f0d884542e2ae418f372c472a1e032cf510bb7a7

    SHA256

    a51f0831a9d9dfca0bf6e16204ba78da818baefa3c98e72435682a30e5539102

    SHA512

    0a5d4d5544ee432176ebc923fe5ab45de02a4fe1c165acc2f5e1a260fb472e7652eae1291af201fdde739dd3f5e4151738a39e674b9749fa5620283d69481b4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    264721e61c4537871df1b3e356422b05

    SHA1

    99317dcc1ab8ca62bcc6e2317d36f2d91e951d22

    SHA256

    b4db46ddab53b4e3ebb0e065295f7b709ee4db1c3848e9487a0437acc9493436

    SHA512

    1a07d7453c2d2788e9bf6c608d419d4e02e1237fb56d67005cd2da0254daf4f9203cbefef7b87d3f919807114de55e000ac2433995235bd703db358237158989

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f5b66d988c694aef0cc3f09273897600

    SHA1

    5cfce1f368b19c484cfc7765b3ec81ca7c134641

    SHA256

    3866180a758258bc49fbd14380fde8c9e822d32deb03c9c331cfd5ac5c0322a8

    SHA512

    d3da9931505f80e17f78ecd949a72998ff0855145dee933e6b1eeff0400b443b492bb8db24bd0f43bd03d3af841080335f768e26114a2f801dbc294f34edcc9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a83a3e06b4bfb079f092349085fa96de

    SHA1

    a696e448a897aa9b642546b848dce25afacad4a1

    SHA256

    7399480976ecfdca1f6c997c9e133d7609e64c985af105c918a1523965baed02

    SHA512

    96332713b7a5963bd4e483373b8fb9471769b970ed013e8f9d704a5365c3d05c07b5b54661a41ef31a27b2a6b92304493dd31f510f9edc1f2c5334964df8d0cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51d9e1b4e80bbca338d89bd99bac9fab

    SHA1

    12c99580c93ccccf48c901eb1ef0dd8d08a6db6a

    SHA256

    95434c3eeeef90b46f665bf024bec588b0ae02833d97de32cf9f075d44f6d7ca

    SHA512

    10f7d021558150ce9dea246699fa579f693ebdab3aac0c6cb7aa21df79f4265b7eecfcf7d30f73594d3e1850e8a4cc3454927552b0be05e97ffae8bf27f9c58f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    15d802a871b90be09439f7f333133211

    SHA1

    a4367b464619dcb59b202f41e95359094f621b94

    SHA256

    a4536bdda8489e07e48ae2368ac2cacb8d35816db4aa1201682cec8d619fbd26

    SHA512

    48370e852aeae9b217db99802fcca2b905debd5a7349999abe34d5b8536409d36efbd94a750a260e45ca76482d4ad08d9b43e9a65d9df3bb71869be9cbafdfd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    378e6149dc3b73f2de951a5f60565118

    SHA1

    353e4a207c95f3105f9992ee84a34982ba7c01a5

    SHA256

    b5eca5ab43da042fea046515aa6664b0f43b2f0ce50fa5397f9e01dabf5b2675

    SHA512

    056ee002bfee13e2ea99ab66d89df45d8baec959f5bad8f140977fe3c1b32c72f09f202a03bb5efb4e63a9f0e81725967632013bc22d29a130aec0d1c793d052

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e35dec5b2f830daeb6c816475ebb2b1d

    SHA1

    f8df1d84b2941cfcdd6a4197b31f371901d9d0ea

    SHA256

    d28238103f4c9b3f1ef45d75a4ee45f17b3a22e78f11a686e7d91b776833d21a

    SHA512

    4850ca47150d7c7f50c11b9ab96cb0dbe890342e5aa0d2621da2a63c16465da581b9ed35022a68e629bfaa73e03992f542c0350bfaff925fb4f9e165f059298c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b506051d3bd70809dbbe7e1877a2b275

    SHA1

    d3c9d461df3f945e328c2488f2a8d201c51154ca

    SHA256

    91c7228c81a85379a71e90a4cfe149da628baa8f016dad316e8d5dffaf40ccb2

    SHA512

    7fbf1465a6ba49faa8fbe5714abd9216216a8348b40977bf0eaa9b38d6e6d7b6c975b0bb5e79d015f49391a2d5eafe50bfdd01465880eae8aa60baa113fec24e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f663b8f5270d948bae1d8524f70777c5

    SHA1

    25b98376deb3410ae76e30b6218e33edf9d949f4

    SHA256

    476ef8598aa8ffa6c26238bc65a86e797cc81507c19440db7283f9f17671c730

    SHA512

    560b88ecc1585439d7f1bdb99574375a3c179f9dfbefb51d13011cb60a3787fd0930b4fa94de9fffd0d389866dbf6eba897cf89288371f98b1730d0ab33d2c64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fe75ec7a56647e3628527e0c5c515ab5

    SHA1

    fa631cb00f5be5af1afa449bcca4f1e02766c135

    SHA256

    3f5330b777e5b4641bcff0378b4a92366633e4d1a43cc381404d4181a0ad5b6e

    SHA512

    190d372b43f8069bfb691b3f88d871dc39eaae340eb54e05db266dc69b0e9f4060c3d46aff1e4409ed126fb1d8208103e39cb806e312ab89a28b24c29eb184e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    db83dbdf136158ee9e78465254e73df2

    SHA1

    8d3edee41890a612f300546e6e86f2d91f7c7a6f

    SHA256

    2162d6ee7d763e83affbe8a1bce5f06fb8ae5fe353302ffe0f44b0ecf35b4ef1

    SHA512

    eb733bb7ad630e7f77a2fa7ba0fc48d6c00595145d0b9ae1000268720937d8683e320e550d93ef57ccdde52296dbbf67d1e4d39872a9c19754316c6297e20baa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7314680e75545751c99517e942251e95

    SHA1

    2b9fc2271a9ad47b14316cf854365fcdb957c146

    SHA256

    bf64f0b0df1f3f04f32f6f97d770872d43e1a81c736f92d0ee7afca01efd5f00

    SHA512

    1e817851f85eba53bf7f6affeb2f3ee0513571a691eecbc690d9f68279ffb3f63d9c5323379c7602a6db3f7c44bc60d88ed2f61192f301a22f6ee938c1cf22e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6664b5b42495995604484eba901ff0f4

    SHA1

    61baa7251bd5e9cb79602c1c1c2c5fe45bf13c10

    SHA256

    31e6d6089e39a5c6d8f8b21dbbc6c3fa3f8fae5d672697f47c1a337e62e347a7

    SHA512

    c8d0cf3c35767bbe8931fb5003c9e499e591ca4a01b4547bacc9fe099d49d11ece2771851cf7a36d8bb435566190aadf58c89ee4e6d750ab7f019d07842a994b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c9e7b60e5540aea146d61b799783e93a

    SHA1

    196696ff948ffe405035d0b81ddc2058e1b87cb9

    SHA256

    a3d051deea8b4cbc47586620b1c4986eaff3d8299d1c17db2dcf0dbfa1a7cf1e

    SHA512

    08e2ee15ff920e192e9121c5776aed95da03aa17fb2897242151f32a7f5f26eee7d1f2d4eaee6544bd1ea94c109c7c5d4be34f6448d0aaceda84f808164a8c04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdceafff617d3a742f35ecfcce0846a4

    SHA1

    27799fb18107595afadb1a34aa835ece7f96f7a1

    SHA256

    8a66f171b4fd332aef128ad6ef26721303176e1bf32fa4db527ce3808599524f

    SHA512

    946f8dd48fad2f9137f1906724e26e343ca5e22661954c41c5fc7122fe8cfa759095c221f82d17fb5f5ae7f3c96a3e07d5d9d4af78789de8ef74bf194ddde2fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    fb68ca336110d6fc650dd92738c9160f

    SHA1

    7430b69f55aa6d0e456f572b52665e09ada985f8

    SHA256

    542ff5789dd78c412a7dee1d2546a57db9851ec03acb5fb72fa5f0662988fb18

    SHA512

    c5806f6edfa609be344aa671a97f8dbc869de7dcaf5412264f38876cb39e2d9f990e0c9c49a03ae21e71582939aa020549c635ffcdea746c823cc8a799898aa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1FFF.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2216.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a