Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26-05-2024 01:03

General

  • Target

    Outlook_files/saved_resource.html

  • Size

    149B

  • MD5

    3c2ccda97c47ede0b1c91b11efd575ea

  • SHA1

    0a348c4b61c961aba7618f909beb87f740a81983

  • SHA256

    97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

  • SHA512

    31afbe911abfda33a2948d14578ba290b604920983118ca5a6268a9906120ef365416e5e776ea685d648eef7a2ee2245f424829fdd4c7150d944f4bf673aee28

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Outlook_files\saved_resource.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e01d7c6b17027b68548a2f0e4b04a23

    SHA1

    2462bae8ac4d739d8da3984f129d9fac9eaa443f

    SHA256

    1fe688baf82f85ba3d3f212efc35b896d4eaf26195495e2cbbe23a723cb835b0

    SHA512

    4c3074ede10ca466953d7e5e36a6cc350271cd976c1c50ec5250d661ad1868c647618e7a6f4e210f8cb1c5fa787611eae00efbbd6c60ded73c063b1467bc5dea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5c8b4f61c93893719603bb1b483f8207

    SHA1

    80303dd26f2621fd7adfcdb09cae39f8dc91ead5

    SHA256

    9b7023c0a2a5b627960d51ce5562d9f0e3dee6c8854938c1bc303c871888278b

    SHA512

    1c7d4f36575d027bd031be4e73bc5a24a0068a4b2bf53eed51a40b7b068b03ed1afaedccd6b8783c7ff6e916c3f146780d458068ac47bb4bd450d90787b3986e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7cdf74cd71c28933368a1f4943b0c989

    SHA1

    7a687a6489f1231f2c653ff8aa91fb907d1d26af

    SHA256

    6274d49ff08652687b5aa48c8747136ea4b696f08f8bbb6ae3432afd176599d5

    SHA512

    b48f158bf8e5743652c2358e08d9834999f93b838b42aa90bb6c6407ab4138e34bc85e7d890ec7879e3099fef1195c0390333af50d1b2a2ac216323931c326e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    82fec533778f61f00103e271fe459e63

    SHA1

    8981610e1003ef9bd3dbfdc9c4da528ac6236bd8

    SHA256

    c958cceeab02b855d71e51b984ea3d54750389b721308185021abba34ab743ec

    SHA512

    bd26e213e9ba3478c74810c0827989753588b302c17c9f8ff1984ec6f7702d46ed53e1a84dae2a981f4c4e083af9307a106117ec3cf646cb297d0771d883e208

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ab4015f1807d1daed4afd2baa2149c1

    SHA1

    0b4f4034d0e799ca9c77e8d786afcdcc9bd6247a

    SHA256

    24c26534e155636374ee6895199f0facbcd97f83d5ea1ad54c1944d38f4fa4f0

    SHA512

    57ef6b860cf5b1fa1e1f6b7d1af1ae0c262577527edfea7a43a2fb6d65e0ae8876a84e79cedf849f987813e79ff6fdc665fb59cf9f503956b3ea66e1ecd1f809

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28c6c90df48612e7d6686c170c558005

    SHA1

    401ce48243727fee9429f7fcc1ab47c8f9814966

    SHA256

    2dc2e1c9513a8750048cc2fa13fb2ab3c712b0a35cfcf41785850ea31d61d2fb

    SHA512

    b8b21b1925f17615ce8fbe1d59ecf3173650f240560f3b67567d448116fd32822f62361a296cd868b4048af3b020308631afb28289d92276985ec62c08518a01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2943de6eac7ba4a525ec4001ee679c52

    SHA1

    438f88f10e846c78574b149294bb2651a846c04e

    SHA256

    da88be55efb4529e565cc4d6312ca2c42108c64d46fe89277b69b55e3556a362

    SHA512

    c45d87d8ac46af759197bdbb3b68c3f201cdf030135ba8d02948a29084388d25cce4ee29fc0bed80fa8764f50d52ecb3f7ceff1e5f8de4e9d957d6a5bb8660f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    53cf52ecd554781ef1fda087e0375823

    SHA1

    04701d2c29b3c0f8bbe302fe847d628e98c0b1e3

    SHA256

    d8f8b672880d4a2d575ad301bacae4ccbab38fcbcd40a7cf108f0598df7e8146

    SHA512

    dfcd145c7841d8909b8840edc84bc594ad4ea99db387308fb0fc680b9c346245962a0cbd25377336707aa2b93241c30fd3a8d2d8d802f9f5d9c83c3cc9e5a499

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f00d79d688a9f160697313dfeebe782e

    SHA1

    ae3363af2e6cd9b2d9e896255418760802db2871

    SHA256

    aeaafd555d5c0f0dccd60e9dfe18a545edc0d0c85408a1ceb28bb99e064b3d80

    SHA512

    f0e71ab76244908e82c3e06cb3f495e702fd70dd15708a9652440768eed848bf9132add8a2c12503b264f499aab5c571be729a7e4b96af85b171861c3de75d50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9fc87c4f58b2e8d1f33acc491019985

    SHA1

    cf870f6f520ac73f80cc7684665b1f1fb1c25421

    SHA256

    3b5a18c44f6d6cd7c18615f2eec8831d78c1462a4e919a3fb192a4b897f86897

    SHA512

    bba19131c6ad468a0a3153ebf03a3995cc8d7dabae5adb8bdb2edcde44fa51a92720eadf07e684c64d45dc2d0fefd704b175fcfdc341292081baa3c655d0242e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7203b7f592f5e656ada9b53db9f424e

    SHA1

    7539981e3f9724b9c4b87f18f6783c44aa45bf77

    SHA256

    0eb12d451e720ff0fef343ce85f93b330aee526b8bb54217d447aba0e947ecdb

    SHA512

    7c43bcbc4c21ef2e01960d281dfe876dea25b9b4ca5f1f9464dab58b42a7a473b7677f14921ed634c43e9db56897ebb7d37e060708be1bf808ce3fcd8b9add6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a9a62113b81109140ed091e81d2bcbf

    SHA1

    aae933d93de7bff16c70475c044eeb8dda827869

    SHA256

    ddce45070c3f84e1a91d5eb7d2a549a7c7380f8baff4884211da7d35a3ae5ac2

    SHA512

    d68a9f8db1bdb15ffba60a828cde9b2c4625a59725fddab11031246737d1d2c8995ea667634e39e6ba1118ff70f876e9ed5bd9613ed25bb0584ae3364119ad6d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e6f4ff203e39b99baaf452e35445283

    SHA1

    faa15979ccd89f15a79409857f0a92c1ab880519

    SHA256

    ae89709cb86d44390589dd0882f5e9f82b4d0297f7a0e8a0dda8841d980948fc

    SHA512

    7e9b6dd4e7afcfa3974bface8f40f8240a539b41d7ed4b178ac1d3c28a6f5ca1325a027086c3c306ca06c990a40df2671bcf0d00f1e9530554c9d800cffc18a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1398ad5a14ee6874b9bed267d14fee3a

    SHA1

    51349deefd2cc35b09902a5a3f8817ac05588869

    SHA256

    dbd039bff6d04791f0c8d626164d9d676cb4ade89b70e9ea158dd5a2f3c3f37f

    SHA512

    fabaf564a36a529aa6815142f36c84ccc7558cfddd7236680b862c513281e7b5a94f66b9fd6b4ef90d53a7cc33d33940cf5627d901b58a233ee63c6fe36530d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    278abafaf2d03659e5134c3225a37899

    SHA1

    08466d63a182d3eaaa49d4df80a6d3821c65b680

    SHA256

    287ecdffc4546370a1cef67a8d6e14b6d8a77fb879a33d4a353f1c3dd84b216b

    SHA512

    ccedae61fb5228e508e3a157f233ae5752e6b729ed1bae9a61a5b1b7784cad3a3a174a8e99527c78c2f889db1957ed2e1ba318279861af7dec53d9cfa710b98b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    635ab98f4c84cb39d10d359da5de5cdf

    SHA1

    d5e64e46586aa37f14930b4603d99a628392e933

    SHA256

    43e00cac715602372258289cf8614b714c63c2ee1e8af0e885ec31a6aa7ba00a

    SHA512

    1c8003aaaf55c9b5a3ea17e1e96d54430eb57433d1a93b869fabe2c278b4a49a0eb572e362f8d447223e0d839862bb8d6e8078d966e00f1df38f76c558eb5eb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    43198eecbcd9c5c57bb252ece98834fa

    SHA1

    8bb675ef3a8e59da43396bef79c9a5a688744158

    SHA256

    462b4368cb126e07f66d39dc3ec820853f42c3a264e10890ca71d028e5c9a517

    SHA512

    82435b7a0bb3fe11f9fcccfa204e50251a33ed8147ab004d8519160c59b95c5e6395df554916a05e4ca039e79879c8984c7a3b024730127da080e385576f63c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c5586ff45810e6d8febbab064ca4a03c

    SHA1

    6023306d34fef71aef2b83fa4bc8c8330791b79a

    SHA256

    2e5f8afb3b6bce882b065fa00cfaf03bf9f91b41ce2c46f4f57fc3d121ad2237

    SHA512

    c94fde57351ef44b460715da5286eb857f73e9719b6cb5958792b3d5c0d168a55fada6496accfea151698c750b7ac2e7097fc753a40388684602ed4692359e45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    443882077fd0112d63ca1b48563c148b

    SHA1

    8472ede2ddf4d0529f26280dd580baa52e802a61

    SHA256

    07bb383ee76e8d42d16598c6b87f860a3f1dfad6b5af5ee2524f829c2caa51a0

    SHA512

    04d0c26c65ef2198db02426d158e18e510be0045c249aef453d36e3b41121dd7a7468b929192c185a5c0cfa73def9fef8b5ac58d31583bdeb311037ae36dea20

  • C:\Users\Admin\AppData\Local\Temp\Cab38B0.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar39B0.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a