Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 09:55

General

  • Target

    CCProxy/web/en_acclistadmin.htm

  • Size

    5KB

  • MD5

    b710117d078bfe708c6ccc80d7cfb85a

  • SHA1

    4e228f1052a1ab57c7686c402a7f84b808c3d2d4

  • SHA256

    50cd5cf61b9eb1e5451fd41438f5e80b87e98104251485e2d4de22bb8ee77923

  • SHA512

    5b219ffbfdc3f46d29859565e6fe2d827fd70bec149132c1efaa7a4cf896ac3cd2188b84515eebf4b979e458c7de16c1bc583fef6132cb6e99fc924e9b0ad340

  • SSDEEP

    96:y8XNqO1g6h/lhh3OVJ128ZKYYsst63Jko8I2ZSYHdfEp:LIlc9yPYPLI2rHdA

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CCProxy\web\en_acclistadmin.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2252

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          27e0de984e7ec6fa9aa99f45bb8987ea

          SHA1

          8f816446c0d35c2f94d1d0e50b3c57aa9bd42d5f

          SHA256

          ad0c32ffa034c45767040fe0d23695d61877e3875fb6b4c86b87fd389021e90e

          SHA512

          f6a5e3c882e2cbb048fca627bdce9346b7511e1e91256c3904fb9b3e5e0bb309d6fe0428b7cbe21a31c57bcc9aace4ea430c6b189503e1db301ee75b82e9766c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          333030b55e89709b9baeddcc6ec6ddef

          SHA1

          f03b81f684d7971c75b044be7bc2fd622ed7b4ba

          SHA256

          53593b77dd4b0cdc624a1c142e419bd816d7ee5130f23314e6e5d1636824a19e

          SHA512

          4c9c48b265ec9ad7e210b4e7e22c894dd7ed4750a41de8de42a6646f59bf0c2d50190a906700ee034aee44e3803f676cf7e3342c50cca69918f769e125134c15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ac2aba1fdd0b04e2b16c0d7a01a6af52

          SHA1

          ef9e050469464c9188abdb1a209f942e5c41caa8

          SHA256

          8f52fcd11d4100d6eabe4ae1af279d5a37cf0ea6644b313a47ceb311fea5982a

          SHA512

          72a30831cd69289c2ebfa4109bcce3f60ed0ffab33b1d8b9101a0211fe2e1b3ad99d77b2f2186c4b4167b2e8972302768a23c0b0d2fd00c6e2fb9bb904f44cd0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b2991f6f4c8a1710b5eaff75ea0d81cb

          SHA1

          ac72d2e7fe8c2adf9fc81dc03bc2c58e02eaf449

          SHA256

          73b39f42310ee2911f350199d9ad271e39aa64d2bca1b970e506ac4894cc40b7

          SHA512

          809ef151e8ecf720cb66a29d9457418297938ee9076ef15225a0b97418ba8dd3cfbb125a28f5a3e4244bc872875bc48f2ae4eb2218b76c5c20fd7db9ddca9d0a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e09ccb641e8f07cc1f906ee039c9b0c

          SHA1

          b1df7e7fd528be7488554159766880278231a600

          SHA256

          8ed53c53b3740caff1732abf3d12606b6baae7bf3342127bcd917f0d572ea76c

          SHA512

          cf860ccc021e04772ed4cb89fdc463d6b9aaa6fdb6a788cb7ce81b3ecfb76d3baa6aa4d0761565f088d590367eea049a92eeb53714a4419bf6d29c77d5f91ca3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9afd7bb508638df7fc45bb26ca6e7426

          SHA1

          fb8b28a4104c169525009f604e57962a02d07ee3

          SHA256

          e0077c2795c353cb7fcefa2479c9067e3ba5485a078bb30b0fbaa5e1540647f4

          SHA512

          59e8007076707a8bf0eece1bda9a219216c5a517554c77825dac02fe74951bd39ae71e3e03fd92bac8f13f15938b75a9f04cea4de89aad91eb61e7a489606f62

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e3573a2587c63055bc3a5db6ad2c02dd

          SHA1

          18fdf6fdb05a8505fe6d3fbebc83d1b7f897390d

          SHA256

          e55c8154b1d650e564b443895df2892d3e7cf4c68e4edd1cb543e465d7b9a667

          SHA512

          ecf822d0438be51f50ce65fe9cbda6ce7e707c40bea7292303d1ab715c2368bcb37eca59c6368158feedd6c04d8dce14dc9f824048ad38f1822cc98a6b187496

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b82640deb106c884a7b0a61ef615fddb

          SHA1

          22125c2d6437e18c4daa186e2ccf0e92717cf3a4

          SHA256

          e4745e4eefa08a6d846d44b3b51d745062532c1f6053cc6a32afe97c68a82d78

          SHA512

          c96923b7e608e8380827132beb9fef40de42a88b15687b925edd1e32c88e3119b97d130bfb6ce2be2e8f589f3844c41e5f133356e1aeab13ea4479c00b1bf18c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          35944383ff934b03ab167ebe5a2fc077

          SHA1

          655539dffa55d4751ccdcf118169fff5b13bcfd2

          SHA256

          27c99ea5eabeb5796e2a3f205c791cb25a3acd8db423e3b69548dec1ca59db9b

          SHA512

          7176996f814cbf4e68ce67e26e08ad7e4d324b3918ad8ba3d4e2c78ca7725bb9b918172cc38c7c1062c5953872a8ee08a27cd097b33ea906b4cff82bd6f0284c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          024faab662c60f70e2c4d5c38885a593

          SHA1

          51250480ca4cb26559204f00487d46769431cc17

          SHA256

          2d92c29e315d1017d9389a9e68de8a5fff94a99f6f8ac04097ce8913b4334049

          SHA512

          725dbeab94f240cd78e048c840e5b3438d4e4fd0b8cb805cfaf72a2800068a9c998faf87a48742ccd150facefbbd1f98f17b9dc191ddcb4aa333ef226197935e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          14dd93ec8995bddcf4fec611fef2d177

          SHA1

          6c6e0d9f1486b69582cc219ec624f31d75681790

          SHA256

          a58c789ed5f7de164856fbbe37366f16c481e0e827bbae407cad7c68a52500de

          SHA512

          06aaf5c8bafb068ede841724ff96307144973dbd063acdbcacd0eb7ae7c493c1cf8912752eda2f36379de0e1f6d7401e321e8342a4238cde952f3d024c107575

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7bb834836df15089404876448c1aeb02

          SHA1

          22a6f1025beee194f3b95eb77de793bac2c211a1

          SHA256

          a9912c4994808f43665f1c918b6a01a501cfb1581345aebaedcb8413ba99746a

          SHA512

          0c71a25ed94ffe4a1634ca183acf1131aa9a919af1f8984014fe42617c8c9223e26e7a15e7f5df9095456a62ad4f00746effe378405b41d69a29c0833184f6ed

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          defadad2a34e3c63aa4b3979c77d9048

          SHA1

          ce5c11f908e2311c92e2101cb6146fa69014c74d

          SHA256

          6a841b3376d995f6373eaaea8112085ceb4889ab8dd6afa1b8a35741e173cf1d

          SHA512

          524a8bc040e394287c4f19ea014ba0bbd91eab028dfae5e2aeb373f26bc290c78d02e3105887a7f45397ad546d55c88e9ef626ccd3b7687277925a154a081ed1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e8e8c666e8d6328ce1246cd3a39f505

          SHA1

          c8d962ccd15b1f9667b422e76f38bff8c98fe925

          SHA256

          f41612afae2883b831fec4a016d1e30e567efe6ff32cba7ab6402a939fffcb9b

          SHA512

          9915b057fb71396527b9cce6a6366004606c97a8313bc2c601c162dd31935b5cc077eeb7783df165e3e856c71e9e82e367795cbe7f54288751cf30c470033066

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e6fa8a1a64fc1e0a3bc5d72ad8a50a4d

          SHA1

          73904be1dbe0f24a1623c79ab81103390521b81a

          SHA256

          6cbc2e40f7ca7b3f206c374782031e6acf74d8c39182e8830175f555a0665566

          SHA512

          fbb607b36446253f26e5a90826352ef48d501f7441adb2692983d703acd23dc03656e80bba0665c39d8042a0b2fa976ef1c6ca7d452343c2ee71a2595207cc79

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7b4321c784d5557508491e7148e2afec

          SHA1

          c86154d21e6b24f9b178ccd8da3bdfbf4099b41e

          SHA256

          c43bbccc0e2d49dde92e465f9ac7483e66fca378e5b39a1f6e7636a90373f927

          SHA512

          e4692b66a9ddc3175a9b4c086c18f85e58eff393b03d14460dad253b55888d74047c2fe6bb4b9b94e00196e5973a90893835399f21f7c990bad29b2ebab1da27

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e62a5422145963e85046a9dda398a97e

          SHA1

          18d51189356f0226cc7e9df60f034de186024826

          SHA256

          b860742936a6082cf8e3228135ca162fdf0d7742b32a91fab76cdbc622aa8201

          SHA512

          af9b53a1b014d8afc2f7f6fd7cae4e2121180532422b449eff409b985322593aae2f176021615fe0beb179f780f7f81264afe4702d672fd781f9c495e07347c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8c5f9505f2a7071f2fd40c8d47df8367

          SHA1

          b435e331383f2c556cea12c38d7eb8b6e7aa0c61

          SHA256

          2e0b32deff682344c05dd48ee67ad5f15e02543c5fe16c54f70f27c8c3de543e

          SHA512

          75ba9cc802ad02f09d3e7334f4d22cdc7c74ad78ce8f1e9267fbdff00bb892c56580c8716961ad2314b87eb5572f3853a80f90e4e6fe8a60acc0fe10259e4875

        • C:\Users\Admin\AppData\Local\Temp\Cab9198.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar9306.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a