Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 09:55

General

  • Target

    CCProxy/web/cn_acclistuser.htm

  • Size

    2KB

  • MD5

    a282b06dcd6d5730869fe44473ecefb4

  • SHA1

    eb291daf6a0c98edea41dad9728df40b9ba6dc0f

  • SHA256

    3f07637d546991d2d07d0900f73051e11a8041f2a8ca5bcf48a51beb02fb354a

  • SHA512

    e4e0e05c3582b2ed1d6a96c2a8b604526edf5700b7f7ca629f85619b3e1eaa2b24517c9fcf9e6fa7363f47b1e9500b4f5f59319776d0d105a234ca0c837d6f81

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CCProxy\web\cn_acclistuser.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2980

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          c1e5ff254b056c23c5728d4f8526c625

          SHA1

          6939bbb8ea9f8dd001706c672bfbb947855da4de

          SHA256

          38eac4f6b0537efe041056fd10cecd23cf6bfde0e0e68599d561ae123c846b0a

          SHA512

          04ae0740f8111fe88d64164db719bba46a11a3d5748ae7ffdb3eb0c3022bc6111978767f0f66d5dd1bd0142f0e93672d2fd150c23f0f38acc7888e386ab718ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          320ceba41c263273e8d14f10a7f904ca

          SHA1

          e805010ea32c8d3de29935f5b5abb76ae5208389

          SHA256

          e2261cda1720bf813d716909df5e727b05bf96dfbe69853769aea66100831976

          SHA512

          77e8d7e94fd4799dcbe63c65019ad5c0dd41db415821f228f03ece57e05f69ffc5b09e6efa4606a4d9326ae5e087d16e482f9db4001da85e74e229a1581bbc4d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dbef6ea848b32e5fe2d4e8766fd1a790

          SHA1

          eb78d9eb8fd20126c5fe5535675697f859136917

          SHA256

          58f7183285cb6b64c3bd44163300108a5a31d18f1035af63413fad0e844e8086

          SHA512

          64b0ed81c4fb19e88508eb4a13944e7be85b3f7f56640612d762414f411952ea9cab82d9cb54b537063464901eb98e25c6ff596fc5cd8b108a6e00190c4b6bd2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bf7799dfc90f8ccc9e9ed20d4e95d918

          SHA1

          d6655c1d94fa04350a745ae5e8dfebfdaf76a2f2

          SHA256

          6dcc0a798892c30243f3485fafe1b216c462d4953117426903c1d6d01cf242ef

          SHA512

          934353f1466fd4844e618ac35f39ce3417ca4015c1fadacf7433b5adfade64955c581db77aeec5849120958ef9da693756e5b10400cfbca230ec00dafbbcb4e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          aba950e9c3f197164c9c45fbe4f36efc

          SHA1

          fe6094930be8b908c0940e20fb5d3fc80e8984ab

          SHA256

          20ad0f5d1d61bef046730a716fc0c7df4cefd26e4f324721455fd4c325e2d7e8

          SHA512

          a0d1096e4f471385eb2b309875850a127d1404346c9a7522d4d30e7db9259c66d90bc78e4891fc3ee7ed1c88e84c991fe6b6373e800fcd50ab9bb64d0fef9b83

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          80ca4058731ea1b43a58d9bbb788cb28

          SHA1

          650381190ff6db3def8fbf6ee8fe3ba2060eda76

          SHA256

          5cad3d7e9a3afdee63778fde596de7921eef84a44c5acdff393513f5c62d63a5

          SHA512

          e8b758f3d6f4c7f7719bd32bef39a4df1d38ff65376aa06fc7c4b8fb25abf6a17e2f2b6c0c78ff8e771eb525136096daf040107969553ffdb28af7d4ff852994

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ee8d874bdcf54ebaae6dd993e7a058d7

          SHA1

          d7e072cbb54076fb32835c881133581386a7ddd6

          SHA256

          7a7f5434fa1736b07ba5e6651c8498acfa5cd08de9c08018186e7639171c44df

          SHA512

          94b0e2dae60c6e7d8110347512529b998ac0824bf81f55bda835a9075e45b81305229b497e44d9f70218d2708a703b37d5d4b9b0e6fdd25eb204c3849913d167

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          775913b5f2aa2d9d42311d0c142e9c0b

          SHA1

          1d735f2e15aa1764af4b47fac031696516335659

          SHA256

          5c68af1de52ecb9d1871f4caf22786b8d81a57add836e9f80f14428785e451d5

          SHA512

          71ad420abcfbffc53badb4e41682e753624a1b6b999cdcdc4d8a957ef6d3b28fd26f3195fc626964ea5a96157e3961a8f8eeb8a15e234bb5a41d8cbc2def6185

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c68b1960293728f1c2130f4795e29858

          SHA1

          cfad7f3a087cd281fa08db38d34079176bf432ce

          SHA256

          e8ec2bd0f7aef0ee0de55ccd9767d05259db244870978e9db21bf53f2f2c3e9b

          SHA512

          48ec0c24232e626f0ec53a87d953d78e90bdf0efed7eae6b2bb7b32616264172c0d56c609dd675e87fbed512d04ea98a31a925b63087e5ec3ebf70ab26ae375b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fabf5be1ba1a17b7a1884a84d6411f3c

          SHA1

          6be52be4141e75716dd128e8fb102a1da00b4ab5

          SHA256

          c948891cd6a3d583a64ad5d8584498955927ce0f437725ac02f84fa63c02ba23

          SHA512

          b241e3b907782f96022fc5d48122272b78e99fe28f77c7202e4482ba029c2208110b61131caf0d932e67230278594060b05e1125da4e7a68845055eee450abec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c61b45cab62700ad1fc356d95cb73716

          SHA1

          5ef559d27d29767e13aac4d57c94c6b98dcb6d7d

          SHA256

          93e4277965045dbdbc18add6c19e7044ccec6902288d40a95e4b43580c76cada

          SHA512

          ff9d91b7a08560c0420ee469d7821ef1b7b1b792596f8f39c3ea07c3497ab258cf0ee9686eb4865c05a53ccfb4d031a060f035892565cfc0fd16ff86a5d0ba1a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          392c8e9090b3c2bdeb65688bab1e742c

          SHA1

          aaa93b86d54fabeff65f1d0efed02bfee0d96f3d

          SHA256

          ce669acb0e543bf60048a0c4b847d323c159e49b7770c27398d7b4d86037d984

          SHA512

          b638aaaafa36de437eaeebb46572a11341bc5ee45f52b5c170eea95dea9f45045eecbc0d6de3de447c79b904b79afd54c09dc67a2d85ae6962a67bfa5365e619

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e34a346ebcf26adb55a3c14305268cbe

          SHA1

          0c1052b1fc9b9d88a22d929a6e8ec38fd9b53656

          SHA256

          2a37895f2bf1f9bb11cfe0634f8cd4d37e3d89617baa061724755aa456262f17

          SHA512

          3de90b8f2e1ef1efc6159dadfbad196a80c33fd9bd5fa2eb312f1b8cefccd8f1bfa7ccd0219cad26b1c5d90fd15abe2c45fc38e51b652efce042cd02b46d1347

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e16554e27d828d1a7a7267aa982506ae

          SHA1

          a331ac6d7b6fdd99978ac37f719de5dc3750b53e

          SHA256

          46d8e242fd7d0937792fb6738f5be042441621dd424b1288ec2c46568b0e6508

          SHA512

          2b53899221fa204e79fbb71b39fbc67dab7d500bb4763bdc974af58f3f5169bfba5192c46ee090f4cdc30658f08f1ac2d180e439b1e42ac075a7a8e2c0fe63b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8dea0690a729ea135adc416778491a0d

          SHA1

          81afa30794124d4aa0f12bffc9729718f3cef3e1

          SHA256

          a3afafec66e2e0324d0d0076858e31d397e5e8acb5389d175632b5bbee9b0a48

          SHA512

          e86d74ca39f6090f4894ebd5c6ac5e31cdfcb395008819782162463c525c27306d01a5a4a1db015eff4477c203c4304e9233fb44bb6ae7e3be131524c0e2af71

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9d464b2394f8e899abddb38b52e83534

          SHA1

          a09c6a514cc3c6cc2fe0646f7948e7b9044b3fa1

          SHA256

          9477d3b2db5e15fc2996109c6b3fc8b15ac474da5a79fa45f4f6756787ca2c75

          SHA512

          5514e9b3be50860ae5b18c0aa510d9f599b08a6669d8decd8ac35263d0553d4aa64efb5152719dbb632bc4d092c51c9873b0cff8987c9db708c46d59cee2253e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6c82cacd3d6c83a8f5f91f646e9ffb3f

          SHA1

          69668ecc6ef0e49acdee29f24b779508a9ea1e3d

          SHA256

          896861dc7380f31d7552980afc6ad66dbdd393db76e9bdaf7a24d136b993a651

          SHA512

          de184472278008680e879a9b85fb020c068e3a4703552d911c012c3e7119e8c71e0b301f251f3d4ac6e811e8bf774044f0c60e991456efa4f468f57d7df7ad22

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f7c2a71f9177a4147efd27ab619aedfd

          SHA1

          a652fd40a68ac49bd96f1f3d7b55060750f614b9

          SHA256

          7681c586d76be043411384cb2b1854fa76456f9ad473bcd62c9606f81a4e7982

          SHA512

          dbc29a536b5b3971050617345a460f2b2e201322b9ff04a31756fccb32c1ab4da144288f136ec7a6c53e5b77d4228df2ebf7c43bdea5453a415a87345be7af51

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4cbd2fd977233ccc27f795bd75dffc8d

          SHA1

          331564b1fa97b1fee617b0ff6f3fa0db8e486cdd

          SHA256

          8fa5345d3ef405a6043d2089f6da876de88800e0d00995298b78141296656d0e

          SHA512

          6962e2fff96e7d6164651e4514cb5f84bef4aa883b8d97f117a2c2833ebbbd8b8a83fa2c12b92375e9b40c2370ba61e020cf6cbde721aee4d2e03fc7313a7864

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0ee19a30da4858a88eaa0b726ee506f7

          SHA1

          ae5ff7462dfca473216b0972caf444e65bb19140

          SHA256

          5a2dfdf14d9be5f43a834007bdf4b4a7321f3865ed0365bd60c38a55bae99c9e

          SHA512

          7eae98445fe8245426ca93db21c142d174ba69e79f62af02835acb00129d6d0dfab6673d96dad4bb3f0e857f55099f9f15e79a2192203775bab37c26b5fccfd6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          d1ece896d5cf0cf8e2d05432ad19bc8c

          SHA1

          ff6dbccacfb70b03cc68bbb968fa385eb22ab261

          SHA256

          401b3f0678aed5d0c01f93386654821ad594d6bbb1553d2a07bc30104ef2862a

          SHA512

          0f6d1be339eef3db65ecec635da51923fba81d3bfc4bfe7f9b40841540815d67b74ce510eb8364935e7ffe9ed5da2ebfc13c81c931fc76df64a50e0e2dd45c7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Tar1AD7.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a