Analysis

  • max time kernel
    121s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 10:21

General

  • Target

    $_24_/PersonalCenter/$_25_/index.html

  • Size

    9KB

  • MD5

    3ae3cc4b0ae61cb1f76d7c5be021c9ca

  • SHA1

    ed0c9bf634226dd7ea197c223f8a42767a0ba965

  • SHA256

    47b3d9f77c16d3087806a31a07cd4503827adb71297269861dc5e67f74207659

  • SHA512

    5fea3f8a26ecb97bed4c9db32969e6d78e86c6da7b7d98475861a26217df9a32d5c2fff335b2456893ffdf036d85b80daf6295cc277e046177dfb9737bc16058

  • SSDEEP

    48:0WpzaQhMnrHKPiwM5xkQMOFThKBdIzQhbwvbaJtVvVi0wLF0YlALNM+5mhYUV17j:fUrHZD/FTKxbaOSbLFP4zNJ7CEm8T/C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_24_\PersonalCenter\$_25_\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          77673cc71bbae6e0b942f363dcaa3e7f

          SHA1

          5b143ac6a4b51ab9822a4346703d73e8fef1f37c

          SHA256

          a087781c7b9d7e7c826fbae6a6159cc8c19e0ce79ba643f16252f9e146c09e12

          SHA512

          703740f4b4a4a60bfea12d61c6b65bd6039b57323041e7f6404543be6419238bc5e0aeec0dba21ea47ad22d99b20b2e83e22371d3f9f29edf09a0aaf6ae0e212

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          959d6e882446ba8dc4a6afee3ba3f0a7

          SHA1

          a45d4700877e0cf6ac1c0be8d6bd0ee69caa76ba

          SHA256

          9c85f262b3fcfd9e72644aa25a1d2bc8110aaa0948f3dba3c5f816eb6f979deb

          SHA512

          6b2a3fea45514ac247bde9f1a695a50899f71e31616ee5f6f7455f536763d1809a40688b95bb1d8c936b39577ba69d35aaffd3c1d59b8fae2779a37ff7db1f32

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6351e4e58a0388b1599b23ccebc86277

          SHA1

          9f83dff8b4befecc5c1fbce7f3720db5735e00c9

          SHA256

          7260be357f5bd957c38a37fcee823cb5aee895c814fe0d445917c5d3e8418462

          SHA512

          2cb696140446280354eae5e57966716f2359c08cc796023698e550d8d97e7eaccfa36837f788f60deddb1e59c6cc3734822632fe9e12de75d85914684597c4a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f80a154120aa95119b696a82cbeee1ff

          SHA1

          4de61ac4625aec625d2f927682c064af703b7165

          SHA256

          5fb2c94e7fa67e82c2be9499f1bf0b23852a705daff63c700573642f082bb932

          SHA512

          b0b419099776e972d94694716f2863e98c13816d4de27225870b6003518780b671f8341dc875ba93a119cac92a0b5df28d654e0b0a1920a20145100dc3391f21

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0763b865e691b6fb105093cbb848c715

          SHA1

          dc0f56d96306fc3510d645623f62d94820f48a5f

          SHA256

          d34aa2af2904018c10718059338f1e078de9622716e7f1690b946968db9589c3

          SHA512

          ceca95a5ba033a2f5001469d25c08fbb20052e086ab35d9fa28b9b138465a8ba0dd7913bc83ceea173bdc08d4ad652d692dd708637cdac1f32784425d4c47d57

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3b558faf48269f082154b96cec6a74f4

          SHA1

          bc2a4f73e791175a7e43ad0258076c6efb3464a2

          SHA256

          994579d9a2f80fc1aad3e97592dda8ef87066589f19211a84ca9d8571853298e

          SHA512

          04fbf1c08f4ac728366e1a5fc4aa732949ee2633614bc4899f7836c11b8a10088226a96b10df479479d5961c80a8730804058570f081f11bac04e25b679787d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ddda27b48c23ce6d56c0f0182df75f41

          SHA1

          517a7fa49d4be7bcd1fa8fba7d96ad98ee40e8c8

          SHA256

          e8a481db8f2446402b0fa1c71eb391961e16d91f27939214ca72e6414cbd8666

          SHA512

          5fb14a2f46621808d707057e770be012d71501993d84b4ca46e6cb2698a1c9276070ed237b80e5b0a7eb63b07d792744ca9b1c481a18a2d5ad6e4adf25c24912

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1040911b85b452aa6305405e5ce0f994

          SHA1

          b9f271611db09cbf743a263ecaedb5e49a2aabe6

          SHA256

          609cb8e0ae346d042308597e1cf0a35ecf44fc5957cce8c91f6b23e44f5f1d2c

          SHA512

          d08c280a4417acd72d15c4a5fa14e6e374e613f82af3fcc387c3c3e24440d9beae1ff057eff9a67cb4134e3af53c9787d12b8be3718679a3442f819d28cc0d7b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8fe7bf377c36c86671a0e1cc0b687c01

          SHA1

          46ac58bca2f4c4a7747b859800c9afecad2c485c

          SHA256

          1195ccb466d794ce3bb92473627ab307461d211107a445fe646770064f95d04a

          SHA512

          2aea44ecd49c0c88a81ec01fea5ac9f0f0f175884449945b5d0fc6f1673293ef9e589fb8684e0dfe7c1ad87fa0dbc95aa1f78797174bd9d1aa86476c2e21233b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          481cbd260feebde769fe1c26c14d7c7a

          SHA1

          8749860b58db16e609787f66bbff773eb5bd8082

          SHA256

          95f35d071da41b6015d077f8b5df5c51f4bc3d0fd62793d8566ebf011cc6d698

          SHA512

          cf44bfbe7981991c8c6a331051e6698404c2782835ff298d04e07afaf5b4a4ea810badef98faa2076ebfb983f236c7992689236839be3d1042135a4260b1b28f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b868c18c33c4202c796a2a2b4cadb748

          SHA1

          5651d18acf495605b82d69beb7be05381c83a491

          SHA256

          13ede31e99d2d97ba04ce9241d9ad6880e6463e7db929e53ca79059f960de547

          SHA512

          56e0ea47c96825b04a6d5771e4d5dc65b4e8c2c7ec9644431dd8b31a99fccdd64e491edbb6dc34938037584a288088329d466715c0133f7bf2de3caf8a26662c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          60a1d0ff9b43162b2bedfb6ea3fa88dc

          SHA1

          0188bffe2639ea2576f28e77416c463f0fcda808

          SHA256

          38bb93df05f7a852fc90f22f326838e764d246dd9fa2ad75218f7c042991c2c3

          SHA512

          168291189fe4653de314d64e45290b14bd764f7f8ab44ef0de7a92fddc50b6f41c7dc9293c7ba82f8ef861585766592bba180fa5e6e32c2e7a34a7931bcb3f3d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2fd7b3e7727556e4895e606ef5aa10ac

          SHA1

          58cd054978e072685ae4aad89122feecc4d57187

          SHA256

          b5c04a4a77c971847698ab6a0b7e0c18b8607d34f27ec8184e6915633e3db8b9

          SHA512

          4ced68a58b7380261f7dd367188fa96cf8fb8d9a00eabb9baeaaff9f39c546c14afdb1e327fc43e3c3cf2378f2ca701d46b61eac8fc44b811adb670487d8ab37

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2904d5fa3474ab9234b5d745dbea211b

          SHA1

          2edb6e1ee490552a5a525a3880b2dce44a8afb16

          SHA256

          7292fd35695c3aacaaf6e5eeb701a618d593adf4f84112048b092f583e8d8d7c

          SHA512

          9ab4eb77072cecb3c8b16f8d983066928875b0bace0aaf55cba9cddc9ff7bbf08f4ac09713467ce2b29e8c8ce405caa236e1c72e007972ca8161400d3a8152c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7a9fb73f64309f931f33c7c8519d1b4e

          SHA1

          f9e77e28f3b02eff0201f474f79991b62bfd938e

          SHA256

          1e0e177ecec483eed76fdcda8a82bb3b1aabba44604e9570027192890c0ea3b6

          SHA512

          bf6f091c18a765a8b55f53e69a1352dc69514b6132697e2ceca04087c140aeabf6594a01df3a27a2bfabf4ce9f816d9ec9a069087d4e4bac3b612bc5375920e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          785ea53793af9887c15fa4cff17c5cce

          SHA1

          475cb234cf27c4cb42c786611ebe01098be84b8d

          SHA256

          aafcd7331de2aafbcfe0e86a16f43527c1f1af5328547189f89a9dff1f7c6a58

          SHA512

          3130d9f4de51b24516936179ad14cc2e14df38ab59a416c6f5a02dea6caa9ecab8d9776059d96106bf3624911651b86e018ede5968302434ff81d1fc1b5a3ada

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6f5e49376083f658caee4f5071feb566

          SHA1

          e5becf94069071ab191dc26d0fb135ac7ba8252c

          SHA256

          ecfaa2a625389647e166d5fc10ea32be3a7fba0cd05648465f7fcd74503a4a50

          SHA512

          b3e9a505efd3db05972eaca7dc1520c71271e62def6553105274e100928d508dc76ad22934b3249725cc1819a128dfce1ca9585825d0c882b91f83c361eceecc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d1f97cd35ccf5d0ec877559ffd28e3f4

          SHA1

          d9023795af191a8a9fc0571e5f7c902f7cc363f9

          SHA256

          533dd457315083cf1cd66ca3622fb4d9a66f97c124daea082ed64f44ce243f0a

          SHA512

          1232f9b2d10345f6ebabd8ce73447d17cca90792dc19dd216a9af697ea3c8934b9271034d1e02f999304473ce5ccaef65d4bff4cb7ff31c8753395444ecc4855

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a7d7b05fbce5178ee7348d950f403cf4

          SHA1

          9cc882e71dcee0b6161b07ba5e256e9258d54ab8

          SHA256

          2b908b7da994f2dfa28b23c21eaa65ee451ad6b63e72865d81fdd1623aa692e1

          SHA512

          1ea8e7111bd1b6c8f331a2ab9603b17110773f13d4e7ae8c630aa63238494e3885903e129dbfd37625ef5269d06aca4f10b14d90698257131b71af160518d2d4

        • C:\Users\Admin\AppData\Local\Temp\Cab5D21.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar5DB0.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a