Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 09:55

General

  • Target

    CCProxy/web/en_acclistuser.htm

  • Size

    3KB

  • MD5

    45dbea1b835fb12a14c61150d239a3a1

  • SHA1

    c38a644cb8c34ed11b1abfd48731074ce2f9e61f

  • SHA256

    10136f948ae6ab2f349d7fac4b0079a318e798f958194cbe4dd285609bfb7bd5

  • SHA512

    897dc2173b78619302ed589ee3267b233321a2f552d9ebab8c0fef6b186bcf535930f23b217c11b1df0f68f1f72e3e35273ad3648ff1817546c562d3e48e8515

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CCProxy\web\en_acclistuser.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5898b437d5413e51973471a90a248ee9

          SHA1

          6f5bc6d2e9181cb0a84c130f55a4dca1a20634bd

          SHA256

          47be5f79db4c72f51ee6a09dafb7c918ff0e2955fab3399d0bc1d93e22d6b976

          SHA512

          c6e7a9c61658f6c6e81b2e654498347c79d3c00b31aa92839ad2df13ab03942ae2d0968ff083cc6341a3fbbf1dc5a8d7e7e99ccb04b23777d27832cdb202b9cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          c50d1f7fef6e2a81a2f08bba134109c2

          SHA1

          0d39e88f55ef5c605f4ea53b6a4d466982137a4e

          SHA256

          8c11068fe563f491945ce7500b31e2ec112729ec99ade5bf2efe1abf0e4875cb

          SHA512

          62b92cc106ed95aa861762f6a00222333448da2f0e987724531606b8d6484a493d22cd21748e6cbef5811e5f464dcc2eb3e5d00c6d08be3011d2d8d4f500db0e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          1b4061f5868e7a1f634dbe82f1eb6b7d

          SHA1

          0d7ad940d6434164a647fc2973e45e9e3781fdb5

          SHA256

          3ca79843e208fa1821f77ae176a60ae28b79a7498a07150a60f3b62df9bc47d1

          SHA512

          843fb15f84161d3ca025c91ff5d16b293a54eeb87ba823730e0df5c16f432420fde55c54ecbc8b3e3be4a75006e9ad415c10aebd34056b3a995b30d529643e53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a8d793d8c138ff806cddd0cdd80ef090

          SHA1

          86433f2840fad42ebca86e6dbff684357e717d7b

          SHA256

          89dcf10d2c6fcc56621544fa1ad998ba4ba8df9770c5a4054a56155d64ec7655

          SHA512

          4af28a8c6a307ec39a583b70e03222fed70d6fbd51ff30bad36dfb94e43f939480b75d74e21afc11d03234a0fc344bc0c3858c4d3c96816c20e471fff7bd3b6f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          cddfd3c570259d2ca131f5c03d661711

          SHA1

          844c548f344b69d988cdc1f2b1887ff12d7553fa

          SHA256

          281c26ab45f697a1c8f9d004781f4609ee3eae34014bc39d9e44c338d110e254

          SHA512

          f9577e2fd5f367eb0abdb6c6724f91d9e68b2416d73d74e434df9881e03b237ea5d293a8555d1b315f9d828d0f21de1f8e0b6ae3fb5fe331c4fb8eccbb112b59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          72f787863f17732e051ff0883c210663

          SHA1

          9ef6c3104f4c0e7e20c5a79052c46e09aa72cb45

          SHA256

          209459d97f55e667c70855240d16063f4859c791a78182aa127ea4d1786574ab

          SHA512

          e5e7fb593ef484f07769ede210aa06b425fb85b4c9d708aa376b96448d1d51325b345e34414d8ee67743e68764d33841be85fba8feb999467327b5ab11b70d90

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          136b988fa3ca893f01726789c70a0c96

          SHA1

          cf9c4773e7c6f50e5dc14378276145ec75730710

          SHA256

          0f6d8437f2875ccc90bd268abeb19e7be40d844604a721b39c5bc94cc7e48370

          SHA512

          49a0c1002a4c32fb84937fc30ec928d10adc811de80cd79920d9c43068813d595b551c3cdb76898399bebb11dba8c412928637ba04ee4c56c598340ae4cf6f22

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5a4f690b644b8e9d45ae37e511dd8fc9

          SHA1

          d8e0aa4d32ad9fba2814836e4b068dec5993d560

          SHA256

          8b2fee2c1d722b42f97f81687e3666af9a1f8e56155922f9f8fa5cfd8f4c0784

          SHA512

          d477a7e1f202fe6098012ad28a2d84ef6bbf78378eff7851ec38820d7072a8885dd0efd90c97cc184f90aefb42d617c4a952d3fe21796d140c2f17405c6d5de9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          654dff5b4eaaec096378dc51f63dd2a1

          SHA1

          03cc499070c630f643842931076fd20da754d6af

          SHA256

          0f33f9a13d3e02346e0ab44e83e623598092cc46d3a3c71e9b613d87c481b015

          SHA512

          9f132f7780af84f3e9d8b379873fa775ca4af21ad0fff34f7b2841880ae0d2c0d228a91471f06a97f290ae2d4d303be9bebc97ffa40a79384ba7aecc5f18d718

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          ab7bf968bcc0fb1ccf8fbbb80814d572

          SHA1

          54a9d4de28c8d0d8a5bf676414ed5cf927819a3a

          SHA256

          df4c68cb9bc1bdbfc6a848bde876277a6500071901277cf5ae281fc5590bd117

          SHA512

          9e256f3db272e5cdd2c1e92bc3f22cf4c939dfe74caed90b619e70836dc3c0e762468fd696d3d9a6820a9f0341f0903ab84c02402ff754fb2a14214e29adece3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          b9022ca4345ba7544c7ee400b4eb3b80

          SHA1

          c1a3a8bfd8f54395c8d0ea2a7dc1073ce2b30d22

          SHA256

          1816173fe04f49b444395eb6a89eae0222b7c3a711d0e918d843663b9ec95ba3

          SHA512

          062fa76b4c75c480e04fbb884bbcaac0f2e46b84521e256ff33b8910d1c430e8e79c08a07fd94844288e63a18554946c9d8b5c45c667aaa3506cd21801e62e26

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          17268d06994015e0f5adbf52ed709229

          SHA1

          2d7152908dc5ca806cdb3f4dbacc894865c5cab7

          SHA256

          88a4f4d6593aafbc33ab0fd137a7acb17e3bea4e846c6ad12f53f81283d27e42

          SHA512

          ed9f91e99d455e27e15cbc0b48242f7a2054a34b7a1bb2ea929f0e1a05bdccee6ee2211df70015984cbd6188763daae7e4b58bda24ed659fe985723f3817832b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          c0800f7617d659e39b8e9d8f02e444b3

          SHA1

          a42f672dd7065279271edf6d53c2b04717c34c30

          SHA256

          e72427e9749d5d902723898e35a50ea2433de77773078568f3098f25addcbe24

          SHA512

          20a99863f8a03e8ad05c0b3056721fc74e63381d3515f2d9315c9018a48dea10f9a35610eeb0b0e70577513f9a8418aabc7efc33d42ee55f932ccf446efa28b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          38b6fed6ccdd99e01ce0a027c79d68b4

          SHA1

          76654f0f4c04a33498f8edcc4822eaad8b91e458

          SHA256

          263b7db7cdc90b50c9c7362db352a5ff1966af161690e0d3a062caea6bb5cc66

          SHA512

          8105d6c121f7eca2800bb1305970df8f3660252520c2880a80260e4069bb4b21995f0c1ab4be41933cdac431972ebc2092921612662784148fb50b4f69ffacbb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          fcecf8c59d46857302f8539fa3d31bb8

          SHA1

          ad99b195017fad8c6f841abd1c6b5dc042836821

          SHA256

          ead339b4075bbd23f40d78ee0293297ec8a34d94a68464c1c5cbd68a7b5bedcd

          SHA512

          79843af1bbcef346107759ecbda0d02ad6a43ec36d8fa39f65993fff684a55de6838271f426028cd4031af533b006457705ec8de571a37a2a09783004e9a41c4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          f7e37ec661f6b6429e6aa6571655d93f

          SHA1

          2f8ef01b33da0f6c56b8edcaa10cd8727c9193ac

          SHA256

          3ea455c804e7eb0be70644c0d210112c04846a474be16c2f21ff7924529b2d25

          SHA512

          26357a0a986a684fea10bbe41c8883edb02b7c87b405b229c24a1fff5674ee34e10e4ca78e04bcb32d246b867e1ca64be85c47505f8eac394864812c6c889cb5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          458e236f77f8e67bf3153560f03c32bd

          SHA1

          e4d1a2a681f1b338c52b6dc1f292409cd99e8d5c

          SHA256

          85392bd505de7c1ee47fb9a80ca72b17abd3b1fd49946500e86d7e23de6086d3

          SHA512

          89004a1f3d1a4b18d6e12b856e4679682a181473a940b97c07bf3707f196f14ec7e6a4502d4783debd150bc0e134452ba632a27d4ce261623ad588131c765965

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a61f4c81e2b92f60377aa86a2def8b7d

          SHA1

          9aec9400dd216f1d59f81b743233dcea3edd1433

          SHA256

          f9ab54d4b7971a649a5248321c0003c554216a938bcb46b57ef59042a1e458b1

          SHA512

          31fec13673d95e5335448aaca28f882f0b6080fbc9fc8d3c72ce4229b3f5882b8afefcee3cd98a67962dead97e03710ad7957831e6a4ea6486bbc6049a5ef567

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          85f69b392ff7889fb5ffaf7b6215b874

          SHA1

          c191eb1467c18363ca332ea8872477ad541df49c

          SHA256

          e1985179cf4648c5e5e66638f2492a12c1240f756546230421c4349b4a5d8040

          SHA512

          3d37027d6fe3ab6e7b521c351fedc5d5aebf0ac33efc90ca33c87c17c91f9a6ebc7f40ee5062826f46e90c297736767c60e368a8a6f908cb1a3225abad9ec6a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a2821bb6e84f00afd56ae5a132730406

          SHA1

          715e9b8ce10dfaf2752b7ca5e4147b5e0630629d

          SHA256

          0d525c3ac4f3563d70207ee091b5ad174f466544d2211e3fd8056d02e95524ee

          SHA512

          4e77269587986a55320a9247003fd5907fc681cb8e21bcdec69a671a2ff4030948f490b90f02968c8edd5d6a64d8f67ee6a6340059324e83dd2a0dfff40a87b9

        • C:\Users\Admin\AppData\Local\Temp\Cab2963.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar2A36.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a