Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 09:55

General

  • Target

    CCProxy/web/cn_acclistadmin.htm

  • Size

    5KB

  • MD5

    f545f3cc47efc5e0dbdba0da928d19f5

  • SHA1

    53c2f9d719d489f1c93bc2fe14a5c60cb1f4b9f8

  • SHA256

    ebb0a243476be3628993ced019203ac2b9c77e2d3d33a69ee57805ef1af73db1

  • SHA512

    aed461c3891d890708deae0605d472cfb69e1765863beb1243ddd45e9067c0e91c1a85179f3dfa2bd645eb3ea16775bef90682c943f180c8eacbacf78195e488

  • SSDEEP

    96:kXNqO1o6PZGvtOVJ128ZKYYssz63Jko8I2ZSYHM2Ho:2IJpyPYFLI2rH1I

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CCProxy\web\cn_acclistadmin.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2836

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c5188e4f7bb5eb615169f062e43b4ce0

          SHA1

          b006c1a5f84a88d1c7a297c553017ce7a4b7f21e

          SHA256

          81b761d9fb6e79bcc462fd1b011820ef7016921dd633ffe9a1e5fbcceef3fee8

          SHA512

          848465e82a47b4b1c576d88149943023fd2dbd6025534f5816976d92d77fff3a6e7d586c7e125be2f9fa0049ad96720b64ea4e050ed2876c6e0bdceadaa3561a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dda81f035486d7eead5dec03cc85becd

          SHA1

          1e33c2ba5401bdb60b019726e0e284063111d3b0

          SHA256

          c701c7a9c18bcff331f48dee255cdf0da569e0659e54fa4d01171c86031b4532

          SHA512

          0cc7a9845b09b319cded85ed2a12ca1fb5fff2ec23e2c89a6cbb5c86b2508df1803f57e690565bd2b3b4ab754c782b053989ab1cd10a9badf49d38b679a5fd5e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1613549be26c6e3065ba53d5af7bb4f7

          SHA1

          447688fb180d763d5bd030e2b5409ea0cf50f0ea

          SHA256

          ba47a4ce856b4eff933fe01512527c4704744ffea89f9410c559477d30b0b0ff

          SHA512

          76ec5e8ab7c777c9a78151d2ee944dda56b07d8b459473c0accc533951cdc1a94ac916d142cc0a9a1845801d4d6454d52cf0e7d498272da6e33f16453ff8eee7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          84d05800b89ce0a3b7781dd4ce1e0eff

          SHA1

          5372e0c0d97b37d0d1763cbbadccee783720a509

          SHA256

          a87c888045f52cc4b95730f33c6c8190231a11e760f56f6bac4e8e48d4c88d20

          SHA512

          64e8435c06bd70a9f62044f8dc46b1c2d928ef320ab44bb5fca8c8cab61624e07e2f338445828389aabdeacc605c58e7b78fdd768e7df7dc4a8ceaf2874b4f2f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2d8c0719f97a65d5c706dccd69756001

          SHA1

          a0c85872bd58d40e01dec65c7adab74aa296e94a

          SHA256

          42931e56b7f2f8b5638b5ae33e1b66061fb38a03e8afcafef3eec0d3f84c5495

          SHA512

          361a801d8fb695f498e399c3f93ba324afe7e77e6c5833829c1caecfd86dfd3b2200b75e52be00fdd9ba3137129f16960740dd6535655c613af3240a3e0ded81

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3acc94c59f22a5aacfd226b2a1f49737

          SHA1

          6f5a4c947dcd70897167214075118b2087877c02

          SHA256

          50599542ef4adce767002f60559fbc8640908b5c51ce8503d12893a98658302f

          SHA512

          f5d791d85e58ecece9adeb52fae47c8cd5d618f4808b64d1074f2184174dca60ed3b0a5fed56a79d29a5bdb9094718a72228289de1d798a1ed77da41616176af

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d1310b8ef8f1e0c8071f1cefb6622bf4

          SHA1

          094699f002a533f56be82131b12c8136dad1a783

          SHA256

          6c68028fbddc55b550e24719b31d4301bb0eb36b8578f7ff4a0a07274daa0e21

          SHA512

          7b994fb62f19a36666c830244d4c91cbde280392a1061f79dd26031a3c99ee00774dcd59302249f6b7238f00a606ab9f5d0c9176f4a90dbcc0aebb70c7f8fb36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b35d38f8a1ce056bd14df1160b506d68

          SHA1

          a0816afea380c99f0ab699e93842f0edf6d8f253

          SHA256

          6c14c4d9fde334f1d78596c81963d348c97e75fa6272c9da6d637176e8255fe4

          SHA512

          edf5577c83c3fd673e250abe31f010e03e451b7ce26cc7c551016b784422320934323ae8c6bb507847fb9f2f36540612319dd1b88ff99e31fc266cea87fa7d7c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1c776d2d08c75575438845513fc5a9b6

          SHA1

          2ca3be30eff4f51d3853d1b938e1ab22aa0cb75f

          SHA256

          78cd179e9c806596ae9e12b474cce8cd6def8d2d3faafa1adba4c16984bd6b33

          SHA512

          7aa2e25cee76b6bcf617bfde397279b56f103001774a858e3d5a3c3062b8daf0a8b42bf56234b0cf2e84b49f35e431c4748941911be9fda1dc90c5a1bd2ae059

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f952ddec65bba211cfce0eaf2c0d8935

          SHA1

          95824f3024a7783a00851b05e8554ce371d1de33

          SHA256

          b94268dfe84190d7a29d49cec055207e43a930abe55faab72bcb9b9b6287eb98

          SHA512

          be3e1a5ac643a34e7c0d534567d99a30e6512e9abf37b45348dfa5ce089e4eeef0049a92aa35768d03e5d08627ed5268f8d6d9102f34ef131c6dab868ad8baee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e1f3da0dc82893c3a88fa42ebc70bbe4

          SHA1

          7897e4f51e2f58f6e51c0473323518363af65d01

          SHA256

          0af6700df4bf24dbfc71d5b2548cc57fb93fa444ec25c185652be047134a5c25

          SHA512

          3b41163e9737383720531929894aaca274f1f3761a2a1650fc625979073fc823762e2d38155a3780c3e4c7836ce93338e052f6a3ff3077358781bf68d1d9decc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4fbcec88df276e5686197b743851c774

          SHA1

          824ee149ecbcfb396f473580c581dc50dd2f7c2d

          SHA256

          1ed835ba415bb5afdbaa3cf95bff5cbd8471dfbd939de6c149a10e4ceea9f722

          SHA512

          022fb55be4a9dd73696ab9b32b454e2ae7e7bb70b2e63e2bb64b39314a0280e5c257cb965ee6eae22b5a063a64ce48513b4c3a4f68028b15da5728eb5c0a464b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          68b7dcddec231d119c1070585b63aa08

          SHA1

          9aa22fa63c7f232aa654e3d3f282a1dedaab2cf4

          SHA256

          2a6fb4013550f9273f9c96fb401d967d7ffd0655e41ee599fbf9f45dddf8df14

          SHA512

          1106dde0361d8f1e3b724dd65be4b2f8415947b750740c3fd6d1db70a55b88171db23779591676b78bac15fa58ad9ea0e72f9ad427ace4b36959d60e363956c3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          900b9d5ec5a4901011fe731a4b3f0800

          SHA1

          1bab398cd2609ac5775f015314f06acaeac90654

          SHA256

          e2f07a81e9eafb90ae875ff9ce5b179157e7834dcaac97433f62cb7e7f59f42c

          SHA512

          7f356826638dad96f27dee51165cd67dc56ee21e33cd2faf7ae4592daa6af35e9e2c5d5caf76d4a4aa6d28dddba637b26697cc50f71717b6c210005a21601b71

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8fa9e298117ae718c514964f589b93cc

          SHA1

          c205c0aae9f4738a5c7bd90baa46aaf95cb8c40a

          SHA256

          678388a9f47e249f27e6650669cfa47a9e0d27315298dde35f16fabd64c06620

          SHA512

          2269a1e2fc281b2939cdb9b9fb1941fd303e955e1be750d396150ee68ad204822cc689379e60e8c055aa242a92f8f32960d58598e4d2bf75e977da4348f5744b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0b146a8e54c89965ce2d83360d784840

          SHA1

          986a70841198978f04c34ca7ebc458bb2073871d

          SHA256

          9b5ecb8d0169b3e91b78a7e8fc1ffcf4670e1bf573b1f660e781885c401dcc82

          SHA512

          7cae99f3e3d833e723ea976dd34a974484f17fc72cd6efab1268fb70b99aef80f33a3bf228457e58e288497f2a08da2ee78b6c54f3abaf5a8b4b81171d9c92c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          10780782de00fb72aa53a845bbd3f85d

          SHA1

          fb3db07ce1833f398698a0cfc27365b155a9154c

          SHA256

          3277b9e4a5635c8e345d9219386384a274281dd87f5125645b785518d0562f31

          SHA512

          925abec2d52eaf9478594834b9ef3cf11682205f863265aa22d391c3142aceb77375673e3f4125c52bfb4321aef9c1fc8313822aab1cc9ffa2ba0f3f79102d59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          172b26775f4ea21decf670d090ba5f71

          SHA1

          d4ce8a524a05cd7618963516d6237198a7fecb2b

          SHA256

          a9df6a49f99988a3387db5aeafe5c4f78aeb882ca860cd2da387c34e91eaa630

          SHA512

          084d2d5ecd6eae02a85f5ce59e1877a836e060b8a512e31337d4e01312f958c97958844f3fda893b5219030cd139f4b13fa2320729e96b36f0832ceaafa35938

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6d917a8c04fecd3bfced4dde5b1a1e22

          SHA1

          e4cae964f0a63958bb8bc40144ffac7a0c3f2c15

          SHA256

          22731aa16da74a961b0eb8cf70dd567fbb4989e8b253f6aa83406350b68c250e

          SHA512

          70e73fc6e717fb8f51bfb17a96ce2c29dd73b1fac9efe3b54762dc55a7f76e7bbebf969e754748f77cbdbcda565ec2295e64ad54ff44391a0da23ea0105348d1

        • C:\Users\Admin\AppData\Local\Temp\Cab3A74.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar3AC5.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a