Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    26-05-2024 01:18

General

  • Target

    7ed5d0e4b647eb8c6f57dbc28d5d98c8cf884a3bce6fbbc92aa9efb2dda01d39.exe

  • Size

    38.6MB

  • MD5

    696953bb40ca4a7c748d79649031fad4

  • SHA1

    a3d92c00ce941553665a6907826022f3f9a8b74f

  • SHA256

    7ed5d0e4b647eb8c6f57dbc28d5d98c8cf884a3bce6fbbc92aa9efb2dda01d39

  • SHA512

    ff983835d8c90b965f5dfb39c5d8f5510f1f36cf84f7466f3cd2f797f097a4d1daf4c256f1b070631dd67444689301cdd42996a0d0132295e4467e8e40b14713

  • SSDEEP

    786432:XYn6iTfRwFOUPofAl2jtyuuPYcDxvVPyaPZH:8f2VP9l20JwcD1TH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ed5d0e4b647eb8c6f57dbc28d5d98c8cf884a3bce6fbbc92aa9efb2dda01d39.exe
    "C:\Users\Admin\AppData\Local\Temp\7ed5d0e4b647eb8c6f57dbc28d5d98c8cf884a3bce6fbbc92aa9efb2dda01d39.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3004
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x86&rid=win7-x86&apphost_version=7.0.10&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2096
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6f32f29d79e010a5c98fba7b5fe9a73

    SHA1

    2481c061bc4c811af3fb1d723cee13f1af848346

    SHA256

    83dfc9e2e9fcb5a0ce4a6e582d0736b4876e3a24020374229dc6d9fef5060c3b

    SHA512

    589ddd2b0cb5ad2cce3247049339ef2ff79ebf260f7f63d156cf23c44b8009da930f26ffcac0819bea8265b6fa9205efc79a2e704137be8177b21977f8a2380b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a526fb18f2dffcba42de2f080cbaaa56

    SHA1

    aaa1329e82fdbdff7d30b1de513f60db6e43faa6

    SHA256

    74b49911a8e9da67626f7138d6cf89916bcce3210286343c656d010b3808f456

    SHA512

    1d8fdc602a6d7e3ba5889559c7abd8467d30ae5109fd778d75bad9163e10a7f514a59ca2c6c681b8bba8ea9eda88ea8573de2cc5d46a0f486f447fbe58278795

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    abfeacfc5eb0c61a7bfb1a085e2b390d

    SHA1

    846f00807e53d572b56b5d2c8a44083be011ce58

    SHA256

    89a97dca50e18e62866e8f86abac89b15fcdc28cbf551dc38f669d7f533e3160

    SHA512

    9306e5e2514ac45403fe82f78cd9d09537ea4a39973c8c8aa422cc7455850eb4ec57307d9d7aba7703062436c665a2961557fc0baa696e6be2d7e0e0068d321e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f57df5d6121a97ca60eba06bb0350ea2

    SHA1

    8a062dcb65ba00aef9da5e9c5e339ef3bb09f6f5

    SHA256

    fd9152f0db547934629a6e73134a91e5e697e2b5a9fccd6ccfcee11d393e16a8

    SHA512

    9a9a1f3f3e49b034eab6a0a889a7fbf7513df135ee5568ce58cff5ec25b0e2144c81b8d0dd762b295f8e54e35e3ffa1b8da4b3c1750324054be0e27d39bdbf57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a7358c4e2190589ebe3b03f00c08d94

    SHA1

    fb2e73797555d0cd24181ed8e194176e4f70094e

    SHA256

    e9e0008e3babf3e3d5ad41a19326cd4e0fe1de3933501f7826be6d75bd94cf73

    SHA512

    e5253fa25d275f5e6a3717efb51dfbe21269febb403cdf6d71356e5bcfe036fbb4955e23208f9f30635b4b631b8b0305054a30a8c07b362a75c24cc988440494

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b964eb0a7fb1f140aa6bf80b8e618df5

    SHA1

    3792e2e5eae42ecd3ec950a24169495e30d702b4

    SHA256

    70c629791b4aae58f94999a1594a615b33ff3b880ef68bc02b764cb18e61fdb9

    SHA512

    87ef91c0b13907395c1e679466e1a21a061bb1949d6e9b9154fe3bd48350b6e444af46f54923318b8edb6eccb31a9c702931938a5ebec59fc0b050d0ce22d442

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a245d54e83968e548d00b88b8e229d0e

    SHA1

    da2513ce4f821b65c4bd6742b0f69216afa417fb

    SHA256

    e1bbeb1143f005a5ea4cb42b37e331428358ee226002bf1c9b43fdec0f8f591b

    SHA512

    e5d5399806a34177d1d171d7a59580d4159bf7a314aa24c30624c63af3fa6e2cff41133230903df3963a51ddcc8e2e8c683ae13c586533fc651f82e8a23260a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8992a048f0c460293f227aa832f04447

    SHA1

    3efe4e42a6025843057f7b09ca8e73354ad3eafe

    SHA256

    89e9dde364ee26ac391be7cff482692dbe3bf79eebfd9d0a7978b70a7bc1b4b4

    SHA512

    310ea2a3f539d7d679ea54dbec8af11dc7320a13a0df86c50cb2cb9fc489e6109602525a96e7ed0635e3bec25afc6efbaf397c3594d04bc064e7d480908eec62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    01da6b491da1b7d608a5c26b02605ddb

    SHA1

    f1aa2aacf2fb46cce126317fa30d90d1166e4f86

    SHA256

    8f1cc51ab0f75068e2491c15975c5ea8dd891cc938dde2ce17fcc06616775753

    SHA512

    b6e802bbf3fe3411c0708ca27254d72207636f71a8ddc5240e0266c428a07aa93820bf46d1d2ead44ebd7303c54e409e988af65b6279caa37106595b5a1b4e7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1a6cf888357cc7d1442104b269a7be24

    SHA1

    b27fa2510721a814dd08ad7e476052c026ed67c6

    SHA256

    f3108058a65226e1851505bc3f4e8aed4bf6d32293f3dd98f0e0b9ea6ae9313b

    SHA512

    7064c4d5cb9fa089594574938ab1094fe9e28d1d016848f096aad51aa3dab66587920ca7551d4b12fa2a0fcec52e3052428536c14fe3b72c59f780fa6dbfdc35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0cdf48251f564323cbec556e3556cd3a

    SHA1

    c75dfc3f04a4f8e53565898848ff43b3039ea9a0

    SHA256

    0411006f41e58f8735f9120b3ef11bab1b4638432c076d83da3a0943d71dcf90

    SHA512

    fbf2ce41674e1c46094b515fd855765c9e27b15851901707f59700d317e1965cb392e3922062233e42ccb2e685388b236b96b27ddc8d757a47d26057b15c5260

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    97eceadaf15defd955757915f9d07557

    SHA1

    a382ba4369f090183e065f6668316ff4ea12bfab

    SHA256

    d1270ddf36356dc7edb596a8c9996fb83b84b2c5345720fdd599a009db425e05

    SHA512

    f4987ba678519be1c73f8dfc7bc55cb85e9d4f51757e5c6d481ee67ef2abe77075c8c1bf321a542d94b35c1e24c57b0dc290a9066c5bec43746b078de088f0fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b62925083e35c959261f637bfc4a9f45

    SHA1

    f0583c11ad09a941bf6a3e89edf77b49196f1002

    SHA256

    0c0f74c77ca3b6e241218ba86325173efd8f334725df3a57ea1cfe64a5df2fbe

    SHA512

    61118025edb138bdff243eb3dfba816dd93a9af54066c044f78dead02c4a9d5e58e0a7fa4c021d2ce4c1e3cadf415c95db8547e6f4c3e49cb1f255d1ff157762

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9b88e749ec7f5372940f3aaae9a5c2b9

    SHA1

    3bedc15d5eb667851530e8362bc5935ba476642f

    SHA256

    d03db2960be2bab2e58aac81f07204d6676188c8faf875f4f55452132bd875de

    SHA512

    c22f410aa5a417f9ac9d01da4d49d0fb892197d2da6fe4b54970f841984b35fdddfc61dc65129cba321102acb86c50902201956aeab03f39124b4282bdd6e692

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bd2dddadb558f52e0390635c437ab37c

    SHA1

    e48563ef454ebd5c5700a7d4d9453740849efc6d

    SHA256

    af69ee393cdd219a12649ef5e557bd2a463c5683d9ac248a23d0d11497cbcb98

    SHA512

    c34fa1cb08f61b347488c883b1136366efa49ae2a62c7a4285f3cbb7028dc53191ccc861833096222fa474169b110800200ff9fa29a37287037e70227523deb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    545226c45815c46f18f0057b80cafe66

    SHA1

    0262649a63419dd2c4bc77b05a91a678a7e529af

    SHA256

    9c48c0050ca740c9dae9e29c2f7e1a1a31813dc07ebb87bda74c02113857dda8

    SHA512

    2b3238bcb9a9502a8bc720a7a5f4a0c3da99280f83271e69e58820267baf13b6d85195b21cfc2e20e6c1adb42ce2a4dc174d6809180339c062371a1f036f1983

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49c42d99c7030a48a0f234505b36b1e3

    SHA1

    e8e7b897ef9a98cb560ded61b979013789f9e096

    SHA256

    2382485ab8d23a38a63e7f747e4760c371fa748818b4f8ccb5440ae035f86b1f

    SHA512

    1bed0799387aae54145672bbbd9a0cd93cdeba52c97cfb42e5fa5618378725f0fd2cffe730e06a13bd0d7b6935849a39da5eddb04e74bd50ffc81b6dc5721791

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    093c6da6423814046b4cf743c992fe14

    SHA1

    86a0d2532d3b656fb1b85c085878ae49ea642a17

    SHA256

    374ce12a8fc5448b171a36a29b84ef04237a2da18b688642b47c459b323bfabc

    SHA512

    d883183f754f638e37946c9b09a854e7b4936962f6f26738c4d8ffa1cc2f017a2f73d80be653d9603929e8479015345b038ab2177e9c75e86cfc6bf931d16054

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2242a6df0f8ccde7572bc9d9fdca09c2

    SHA1

    b7986f5c28326c776bcd5767dd2fe36f27dfe618

    SHA256

    d0ced3ee4ed4ab72a22a9380b8ac9024d191a4aff8fd13f310e6b150c52a0cb3

    SHA512

    b0baa266112fe46c08c4c31ba40358462356eb87e42248f304c8701dbca526785c0dbf28b2d6b1f64e4833b7b466daca9ba79b8f0c93fa6a24777772e4467d8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    93c8c69df0dc96a8adc1c489304a8848

    SHA1

    60b36561d54dab49c42f76c5a69176317a200b78

    SHA256

    354626695dbd46f1e992947b9e56731d5482de2769edeb1303a119cd1993bdfe

    SHA512

    35e786ec295c1c882c251388078d6b610989e0d257a2ffa0bf3751592bd8a8c40e288f5d7f60ad74d4525aef2f0633864929822536cde9f09fdb7fdcd2a6d1b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f6069849fcab824b83b1b159ca6afb5a

    SHA1

    39f2c45855a99e3f41fa5db8c600104dae4b7449

    SHA256

    f2e07b627ab0dabd4e4dbb76b90e4f734bba10a8e9f9b759bc19a881ad93dce7

    SHA512

    e8ad16c3517fef1cd6382c2ed00fc2dd4cd2587466969a3ea79802bd6ef21d2f83dd0ba45338103e34f6a14eedb710d6bfa879e1593124cd0903253b0199fd8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4da8a8b2681239b49c889f55313ef73b

    SHA1

    5f17814e5bcdd6cdb2b2f036cf432298edab49ba

    SHA256

    decf9e4fa4564b4a8c0f4fed198dc1653a341a0811a052784c64c73a2f9c226e

    SHA512

    9788e7b8d925da2c563beb886c948705cb1575a7ed5e69db8c333c0f94b9ce06cbf400e58c7babf466c1eae75524cf80ae3abec0231421fde91288c1f66bb1f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dda8d868077658e06373ad74aefbdd44

    SHA1

    0e17af94f2907e1bd94c77b8f92de00685d5bd11

    SHA256

    b8bdfbb553eea1ca4cb785037f580c8373bacd539860a712816aab86787d2919

    SHA512

    b235e3a14c4e11b4c23278f7f41623b01ad65cb7661d560447402c9e7fd170ee5648901cee051756a5bb9149c4e3d2e026f5632750b9275a4526a9fa55d2dd5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f908b0fd412f0652317c2380f33f470

    SHA1

    64e9f38f8d1db0a519298e726775531abf5f564b

    SHA256

    fd02e2045c788310a8b28ee51159dea0ebe8199664e9a4b4dd9126a0619f9108

    SHA512

    22d70eaf2c1c1263b6d913bf3598e12180a9a55abfddf0103ae30f9c8a9d94cfc7a1e4e0c231f80391cfa24e8d2c191155174dcec3b78831ebbd653cf9573142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7401373a3b334004433c56c15ea7ce43

    SHA1

    3c13abfee5e0a642dcfe18bc362055ecea809b1f

    SHA256

    3d7fbbeba981928dedd33288b318136bf936842068e8704ce055e79fd4983097

    SHA512

    eefcdb9025d0d0caf3ec6fe6604f96aaa2479ab89f8bfb07f71d5d9ed5a96338a912ae89c0441d4e352c43561df3ac648de4094eb34209da910be86057c9837f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    37316efe4304d86d69770def6a6267b5

    SHA1

    c86b6c3c4c8d78902713e07c85a625ccbf484f19

    SHA256

    b334147350b90a4ee7285b5eb64a51e7699b36fa5b49aba2cb7d1a4aa2580918

    SHA512

    44ff0c69a04192f4088b8b5121ff60a3ee6fe7ecde35f7c7a8166056cb074915cae0fd1cfd2347aec5089d99ac2888440f539e618dc94f9a427b9ac835989c48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1314a9dbf72fcb10182e2159442a85f1

    SHA1

    67c1d5e1c4f5f4bc0bea3ff3f56a660723f63fd5

    SHA256

    987d22582af8b28b6749bf5c8152f5e3d659bc63a22fe7bb4f15575657205fd3

    SHA512

    0011f4e71903d3f560242a17d1d7e52d3f5920b5fe92d219f44d1a0518327e7f084d2a2c826c1a738594476106cd37d7949d77118f9b8c96f1f9a0f0a48658de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    53b5dae0cd676ccc2a60e0c2ca2feb2b

    SHA1

    5c974bd9b621ec66f1f59c168b10099180c85b24

    SHA256

    077fcc23205daa949ed9094a9c9f3931b3310d55a7e08c00313356e39c8bff5d

    SHA512

    8dc925914dd73532d8166e8a0285df4b13a1e47f2a261e0aa7019cd5045cbb7688bf5ee01d824bb2895c63a8839ddca2793abb5da5f3c3e71624403db362b4c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f447f2cb3cc96f517342c89e559311c8

    SHA1

    53c074e47cfdd8fbf2d35bd38fb229c9ccc23fb2

    SHA256

    a92ec20c22a1ea6025f3d549e43c3fec28b7061fd1666e9c0ac183d8484461f5

    SHA512

    e97c252390b1fa0d77756fe228f95bf58602e70a58420c54091fec52047fde3ae4753e71d9c2cefa9b27aeb0ccd81a5fc1dc84d02b70ad748871d776f55aaff1

  • C:\Users\Admin\AppData\Local\Temp\Cab315F.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3250.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a