Analysis

  • max time kernel
    143s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 03:50

General

  • Target

    sample.html

  • Size

    217KB

  • MD5

    d304fb3f9bfa50dec78cb17608941ae8

  • SHA1

    2fc4c2e3065b04841e8fe095e8ad9e3a77deabe9

  • SHA256

    555176cad237f62b236e691351042d92035cbc9701e09bd974bad5a9a1bcb7c6

  • SHA512

    64e8c593a8cac97df8f067ad1573cf6581a4b815213803781ebb0e1efa280c40af6bbf565fb40dbd679ed6c8b3cc94bfdca92d796424442601f69952cba15789

  • SSDEEP

    3072:SJDpumKuOm/24rUyyfkMY+BES09JXAnyrZalI+YQ:SJDpu5uOm/jU3sMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4d324d75209c9649282e700939361fe2

          SHA1

          22dba4cbfa9763b0e55b48d0ecbe072dfd4bbb0a

          SHA256

          35ef03b348169a452aefe8dfb6efb16d4cad7a2195139c2088b447e1786aef9e

          SHA512

          2b8c02e1064ac03a0ce0a4e92902a7eaeebc1e0d81beaa47495fdbb69c130b0d6a30643cf737c5ff19550d577a343ef802a0ab0a2edd022aec9a4ea6c1a7d074

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          79aecb9fc6579fc465ef33cf49d523e8

          SHA1

          1e32bb29bd4ccbcf5f4159e9c797d076e72d1211

          SHA256

          ff56265f3ceffb9310aabff53d0814d1479e9ebcb6261a38ae9c70ce9284b281

          SHA512

          2fd45579ded84561a357d4187edc2116d0fb12c2bf29a4d68f9d77bb00feb1bf5d8c965abdafa77921465c8d97b8c13014e71ba23bf7a252e0c548fafb9d8a4a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2bc709ff9cdfc098b1b7ab157a10d802

          SHA1

          dc8f24b2fbbcce7b3f69bc0659afab256c4a2418

          SHA256

          4b215321d558d23cf19e7ffa3a501fc2d7968de4182a173c7a8bfdd9ea1037c0

          SHA512

          87d6a9be76ab2919141116e82e2925ff15cc5ebdca7438ac2d3e0c55b3d7c284eca1605703e29e2d7b7e9b42a390b8d1654f92710fa33b76e9b9b3410b307403

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6bf14e586a7a414ac9b204f7dd7696a4

          SHA1

          d1ae093442f9ffcc1dd65440ad25abdd9256ba53

          SHA256

          20c2ee0119c7d4610729b371a27a08d6960c7676a395f8963d80d404d7caff86

          SHA512

          0dd0c266e71161907a47933bd1abcab582a180582dac8fff656e0a010b3de32ac1cf93e22cd571c3e01cd7697dcde01cd90e25585021cc70ea0837100d8d2f67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f934bf7ef73d446f890c0de75e079625

          SHA1

          18e3f3325bb234418774a9ef69d37e65a1a9e135

          SHA256

          a98781b0c076f52f67a30f55c2fa419ae2d164afb50ed2ae3ad7d5de2b1ca15b

          SHA512

          26cfc9b8ee4e354ce64a63b304f5db095427a2e00141f6ce1d5b30f56c564252cbedb206596aea4301099e4667f11e70ccc6aa4fcc4d090c6a53faeb6f5738f0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          830346e627885e8f4dd015b12685a789

          SHA1

          8b609c7abdb743eddb16afd20d2964d57cf49aa3

          SHA256

          605b04d649dcd2eb971f930713fe7ac58ede331e4a68a97e1e2e18422598ea02

          SHA512

          d337e4cebf5b586f1af39416a86d2b347d6641aa74ff5b98bc22b66ebb10c06d334943141ccc6aa496c928ea0e4ed6b021ed1b4bcba0a3730136f8eb81c2c55e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e6c0af6638c7cbe059f7d3b277e9abc4

          SHA1

          bb6bc773b821278d06ff191f16f9b6173b68a30a

          SHA256

          fa425cc629ef5cde65253c8b1c2195667f5e74beec65edd9a86dfb92dabf62fc

          SHA512

          4cb38e6fe0af8559f71c717a51d00a889df90c5986cba5767e2a1fe41ca7e309064a7f7ecbef2528c8e57c208e9c4f81e63f13717bb568e2644a1e45cd4ccd4c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          048a754b2a039c0c7663907c30744ee2

          SHA1

          81cd18dec2a3b797d564acc8f3ad805d906a5dff

          SHA256

          e7294ebb5c39f132dcdc5be7c2d7ba9a2762a360e51be8b1a05476130f0c62ba

          SHA512

          6ac84365946adc5e009f2fe306325aecea9c621640eddd295cfd9fa2d4e706fef13a620ff42f58bacf75cba2b427471973f314d2c7c3317af7c094dd0db23f8f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4cc1063be6c0b2f5fa1d97f8830092d5

          SHA1

          b63de665e5c9f91f977772e350ad9e3902372050

          SHA256

          74e0be1ae86d524f7b291ef236dd1ce8ef2bc44592acf5ac7bf216dd52f6fcb3

          SHA512

          e8cbc90c746a3fde804f5fda0a6bdd7758a9e4b1d6c5b95ee8b63431d5a8d5559f631f4d24bf8d7e0c24253ece6f08b331803b45c4d210a3acaf91f942325d9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3d35de1f9cde54ce7dae9a41228c6569

          SHA1

          966cb4bb320023a446facabfc54b88bf93cd9142

          SHA256

          23824fd7f83399266cc0149a3c350a31b953e2e94f48f7f62829efae5a41198f

          SHA512

          ded563c5925b84cf87bf312760702f00b45dc881164afba84e23f7b212eacbbca0bcb3a29319b4c394a50efe0db97bf62c674101e81efadfdf6b85ba7b727bc0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          81239b3ec445d9da5ff586ae84b7f1ea

          SHA1

          1966e921d1cc2eab55cfd66ef586a4317c9b74ef

          SHA256

          8474f839385b82a6d0bb40c1366260b158cdc15a6efb361ebb6f1805a01e9d78

          SHA512

          06784273e7c59adfc73c26443790cef77f1e4a314349d12bce6c8ce70d1206c6085ce969acf9b82c99b77db89c7fa4f89b8c3fe8bee6d12bc7f2b28cd85095df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3c74f31b9a3a734719ae848c7efd6321

          SHA1

          d236adc9846409844a9fb822f24ca346cf0530b8

          SHA256

          b4495dbb2bf35891508e944cbed19d95553747be1c9629d522a3fb863a6c2753

          SHA512

          371f3492a5591e9ed6c9412c8e3516d283896bbed87abb7e371df3ed4792b39ae8a41ec7eb1dfbd3ddce5114b7758e69bf0c1d522adce2b855722dc37905f82f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fb675d2a595f53afcd95344fc3badf1e

          SHA1

          89e2cbaa62622c7ae418294f7927d56ca3b362ae

          SHA256

          b3c152b1fe07cb2e6c3cbe7d488062ac91c78c5eb9dbcc1a30e4e98d0ebe8919

          SHA512

          86c71ed31fcf779f366de79bbd562d61f442e89a5d8cf4c0053f9f7fb31ebd512cb11961706c435b5a29647c7f93dfc50a2e60be94ed20f8b229b1c8379f6827

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          687d5d65ede1a219c96368a80be39cac

          SHA1

          be403bf8d631e4171e8a10b2b574e29c8ec67afc

          SHA256

          0b24b3ceea9ca34ecf8af25dd19ce78c5fbf4f8202f02fde2bf595e0d6626493

          SHA512

          1dcf33ed82c35e5ff4820029da7dc8b89dd9f8a80f60171383e12aaf18940e6f873d311bae964d709f791c8d8fb4a18ad3f6c4822d0b59e132c0b3f093c443a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2d1db34a97d321e5e9c9d939b1fe88fb

          SHA1

          0ee0390fe61821f79a7210c4a9518e2b60cbb586

          SHA256

          8eb3475faa0178f733959f63ba2cbd2b5066b68a56bb2d970da3ca362d771b41

          SHA512

          ca8e77d29c8d2e81e064da274a7916c8d8dab36ce33f8f4c9d0437c1e3118b01a40a0fdf814726b77e132d1fcf233dce611f398969b30382fb50f857768571ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          158d63579e0c205163e33b646b4cb969

          SHA1

          ec01b035d3bfb4905be846534f886830349a26b8

          SHA256

          0c69fc9bf70d2883f40a70220ea9c477a3266ac3b63debde4458fe703515b2d0

          SHA512

          27237e450289df423f67a307b08e32b8287b933a123838adffe175fbe29755ea2e6edb82105531a8bf788525f1d5d7e615c9f2cf0c4ab27f22a227a9b6b11fb5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          89bc08e30a849de93ed2e7f2f3680457

          SHA1

          982b6a619acb95b31ec7141baf6783cd3f95881c

          SHA256

          c04d535c10ac0622e83022ccc51eafad557bdfa7427e0e727e971dc668ba99b3

          SHA512

          df5c01d056c509415436f288d947b94222f7602bc8ca40be6a60a0c401bab58dd9e522ac0da9522cd2aab096d6a1280d1bb33f5dd33b53717c74d26226079f59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e642709596a115bb7f4b7f0edd98056a

          SHA1

          219f7d5901c6cc7112cba8f935f7ddf378604ee3

          SHA256

          9dd3df26f5c95533c6d9321fb09faa42427a4e6376b952417e10f7772e70ccf8

          SHA512

          b72d4eb8fa4092db315ca44f7c89eb2d65b960daac5c7e037d0bb27eea1da1b037f1cdfa71ca361aa4c58644712d816f7512ee7689c9e3fefdaf30123ea40be7

        • C:\Users\Admin\AppData\Local\Temp\Cab1518.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar1619.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a