Analysis

  • max time kernel
    117s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    27-05-2024 01:19

General

  • Target

    50832b0dc9da55a5058980df89e94b24af34d41d9a0d3cbbd9e6dc7b24693e77.exe

  • Size

    216KB

  • MD5

    5de9c45a89bb940beac3d0db55fa81a5

  • SHA1

    1aed41418c50bc7ba0bc8f4167da7f7954533dfa

  • SHA256

    50832b0dc9da55a5058980df89e94b24af34d41d9a0d3cbbd9e6dc7b24693e77

  • SHA512

    bfaa1c89738d4ff3ca6396f2834bb6a180818ff1a4455f4738fcd1d7d7bc681291cd84e2e7d2e70e9b6503623da3856bc9f01d8bed5aa525e661f946f5a31db1

  • SSDEEP

    3072:2GWrp7zP6PHclnmUAXA6fstBE2fXUidPjN872w/4sFZ/MDI8AOL7kPnjIvm24S12:25N6nsUIC7V4cqDnk79hCU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\50832b0dc9da55a5058980df89e94b24af34d41d9a0d3cbbd9e6dc7b24693e77.exe
    "C:\Users\Admin\AppData\Local\Temp\50832b0dc9da55a5058980df89e94b24af34d41d9a0d3cbbd9e6dc7b24693e77.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=50832b0dc9da55a5058980df89e94b24af34d41d9a0d3cbbd9e6dc7b24693e77.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:320
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:320 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B2043001D270792DFFD725518EAFE2C

    Filesize

    579B

    MD5

    f55da450a5fb287e1e0f0dcc965756ca

    SHA1

    7e04de896a3e666d00e687d33ffad93be83d349e

    SHA256

    31ad6648f8104138c738f39ea4320133393e3a18cc02296ef97c2ac9ef6731d0

    SHA512

    19bd9a319dfdaad7c13a6b085e51c67c0f9cb1eb4babc4c2b5cdf921c13002ca324e62dfa05f344e340d0d100aa4d6fac0683552162ccc7c0321a8d146da0630

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B2043001D270792DFFD725518EAFE2C

    Filesize

    252B

    MD5

    9890099392514a7bf253a7248871a821

    SHA1

    28b28b2c499e9cfc1d720b9f8f5e3a7b46a0f597

    SHA256

    4b86b26a09e715e596ad7301ae678cfb669154a5dcd442ea0b107fb89008265a

    SHA512

    64e6fbe4127562a4840cd1f1a28d084a0882f71d3f106915881c53796b11afd1eb63b13adcf2c4bb763aad6467c76e4326cf4e8fbc6656b061da65a7ed1e7dd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3816149e6228662840aefcf5a1a9083b

    SHA1

    c2a07148523db044fefa5712020ae78d30e348c1

    SHA256

    c42b622b66bc7f7880f630b01664fcb29f51ce5cd25dcf0a49c3704877749c14

    SHA512

    4e2b89aa729e86eccfa6a4e4eb1bdfde1d48d05d30e565c5426234bfaa0f3e515b18ac0ff451d173cad20015ddfb79a11bf044515484ab495121a07f1f358d20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9f29fa7b4010f1f1d872a7bb4a5a648c

    SHA1

    dde73f8c4d89901a9e5f3998b8ab4d4549cbf681

    SHA256

    dc92dd7ce4609b479b3adaaaad3cc826ad1d90424795701d44cb9762d9bacb43

    SHA512

    90b0c807e7c588c1804c7aacec064938d8eb302b6bac4a0ab799b72c9029bc9d7d91ffd8b02b4d5a9599d514ad1ae91b5a14edf146539e17cbfdb1fce7bc7907

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e803789ea634cafc0970942f173bd081

    SHA1

    2edebb4af3a39e639e731b3ed33df96e4ed0a69d

    SHA256

    04ed222aa7752e08f64fb28dc780cd0568a4686ab929442f120f464ac2c82419

    SHA512

    26f4a3d639c3a02a6a0d05df0b41ba18aaa8143b61b384c368b0d6f43b2844935ab26477abfe1c51631aa9c1392c61b88dc97818c7316d52217ed29ca9693265

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b302ce76526a3692ecd6a2e060f2ac3c

    SHA1

    3055d3d6cdbaadfc278f652b9d9f3074fc7442d3

    SHA256

    2f63784ea8ef1239f6a344c30fe6bfcdf7fb5f589f3d9530f9924098de963bda

    SHA512

    820acec19db7d875244e2202fbc72c716cfbc2bd123ea60254f03500d6369f80d0f7947deb9ced2b105f68574822c4d3c422ed267ff8511df86aab984c20c4bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6d2c3bc70e4e3277cde73602dc57f46d

    SHA1

    3a5fca3fa5c90990534ccf74c1d3de68d22301e7

    SHA256

    e41007f2ad27c05ef16e47b894a7b67d5a4f73a30cedc60047edc630a7107934

    SHA512

    447ed5766c6f4a999bdb721e8fe951b568902be6ead256f103db8fb1157df07e0a206051d29d03a0fab8d87e1a87ba4b3f2301a1df20d5f143035a6b9d5c28f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f06c131e41be1cf8b00916c317c7b9ad

    SHA1

    6a9cb266e14af2008e99c11c7f7f7857fa36f4e6

    SHA256

    c09d362c9b4b974d7f339e269328acf6f09283f98911188020515d6aef1222ea

    SHA512

    61cf60aa6af3e55866b108d87877ea01cff9553224975c8ec909d6667b0695e2bee207c60860d88f2b5cfc55f873ff48e606838024cd5ef5aa0b8b7d00fcc5e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    af8cea3a7db7f5c9d798b6e02048bd7d

    SHA1

    cb944bc91f617c7d4565a78f097195a67628dc34

    SHA256

    62a88a9f5191309268e44b02d7f89e06f889eae97c30ae971e00d93320604dd9

    SHA512

    21441e49b84b2a25f656efe08aece8fba94284bf6b15509bbb321144c80d4cdb80af03bd3cc40ea9b3f6d75bf2a613a07e900ac33fc63bad485a90fb38d74cb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c42b006a6896049d101754f9dc3f4d4d

    SHA1

    5a8058f1f700f095361edcdc8dc893b7c3ec4c5c

    SHA256

    277cb0c333aaf4b22356519ed29e89adf21afed5b9a4de54edaa0f7fc22756c6

    SHA512

    979357d3ae0b052bce078d2e768ffcf523cfa0bb632eb30dfc4d7cdf22f260a004b62d90eaeec13cb84f8c1256ddef0e818b4b768500889237622962adbdc445

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    236ead20fd5dfc18c6665bac331e0ff4

    SHA1

    60cf7c80ec532e78eaaa7fa2375562268e197aba

    SHA256

    6ca235c2549ea2989e892cfde54fb5e02d6549b50f1aff7e99712a738c800fef

    SHA512

    9844454f91d94b1f888758f39591f0fac35bd162fb73ccdd81a37c801927b50150fe5f8f1515e264a8fa0c24f4bea799051a989e2714b09f89b4a4920f059734

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    78bee41e5324ab0a4ebf828077d68775

    SHA1

    effda2c0945eac812e1c16e5d8aad324bca8ca3d

    SHA256

    13a55af47904ee3cf905107cb2e9f6efe1628ff6a0f35bbeed82b9e5fc0cb96c

    SHA512

    15d70788b9e4a109b280dd6097fe980a5722470c735d74f99f00b30a151630c5c56584d85cdade71c62b8e74b56f738ac89799c0a36ef3c442b1b04f24348d87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a56a4e8ebbd7dc69c15eb4855fbe4060

    SHA1

    a25799a14e603dbd33536e0d7463c2c41488df64

    SHA256

    37a4f9d1454a545cd92adae3ce924b9acad331c39f19a1cd5571e3681d26f9b8

    SHA512

    4d8ae516b987f1ff646f383a2fd986a9ee9122256491096a0362636141121bfd191209eca8fee720b3957a6162468075c065d55040dddd4c09e95beecb845786

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7bfffd94c69f2cf4f7765b90716fbe34

    SHA1

    853b1e1375cb11d95694f16bb63e9a4aa35b36d2

    SHA256

    c23fc5dd30ee6fa7228a614d10e66a0c8611ec8877a260caaed8a276b23d3b0e

    SHA512

    9fe7813500fb680a6b94e49a43761a0ff92ab85be13c4c56e3bb816296a1ba3918da27807738d16508ce1e84b2193e7613d853d6ec21dd1ec692a14eea37fd7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    75f47b129027efb6ff952a107ff0dc21

    SHA1

    cea6bb7cdecc06be2768a1e92f0ccb676dbbe49e

    SHA256

    cb5e9552b04f9b983717330401f1b694fd1b78afa0b675dae2b708fc651085ea

    SHA512

    a234a6c1fbfd6cfe7ee1615ae788a6c11e2391c3957a02d82d65141ff211a4dd56ef4dab6926d8ef0500176c9249f41933ad92b695908ff54ebba501505d3d73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a1f0c60f0ec225168fc5028e8b38574a

    SHA1

    ce98d1f4e207c7783804d5139fa3ac82b542c675

    SHA256

    1640e7b2aebdf9d0a5d4332dfe709a9dfd02fd8b779ea78abf547fa3d4d9bda0

    SHA512

    ce81a02351de2e27af9a7a7094ead0243a39f33b21e3ee6ce0841390e8780f1dde625c144f414e117c90a994ff7a33dddcdfd1ffc9bd31f1a1d805a75280f8ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    081fb2f8ef035647f1799beaa71fabfc

    SHA1

    6ab9567671909e6526317cc1fd1929c08d25befb

    SHA256

    be8e0e2bdb9afe1f2e2b4ba06d1b252e6f45ce341798d8c76469b21a3ffe661c

    SHA512

    4a6cb494c3bb7e6cca2241ddb6d7c0a5a862e3f0ae1be98e0f0a0d0c05ef64ae1b1354d4f837a42691cceb732d308a3838156e25361226027b4518b873dca48c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d6e9f7f3c6f9a22a1bc4231112326fec

    SHA1

    70349b93c272ec66e43bcaa3c08e7a16c25d3566

    SHA256

    6cab49f79a584c0b025be7e0827e6e02df1c6e15610212b0d3d30ffbdc93ba41

    SHA512

    0b72ad27a0d0a7b0148a82b25534ca91a0cf555768ca106189a027167901ad691927ec1b95450ceaf355486b5b1e3f3e162d8ded7de8bce356ac777c93502e5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    03a6b09d31716b30661e68d0fb597efe

    SHA1

    39a1d261acc5604cca12afb9d235331baa5c5537

    SHA256

    45667e23f35ccc3b526235dfa6f68502b0d14da24f98da3b2c07c7e34c075d75

    SHA512

    c56112eafeb9abdf092f590c829f26289ea87ac794e46485e07367cc187d9e895af1de3b752b5bb4e5d923ea127b81c814f1534f98effe03e8aeeb4117afa787

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4fd26e40fcf06ed09ab58275275dee20

    SHA1

    d6e9acf92c9b8649006a932eacb87a4c95b61eb2

    SHA256

    521fed6769587676bb0b1b68b5a376392b2209c7c130883950f221d07a1e158d

    SHA512

    22bd4db2c12e7f5aaa155914db0de7179a6e8892bb33443a7ef5f603b5d35822c3635537b2cb2facdc2c254dcb4f24fb9e482129ef74a00b1d1a41d927d17953

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e08bac05357cddfdf4c61dad3de0c7b6

    SHA1

    6aa3ea34d812aa8cde1414b45649ac67eaf54eff

    SHA256

    2b2b1be1127aec8929ddb8f5685664c8984d1f66aa4dc841abf1b28cdf9524a8

    SHA512

    ae51299fd54afc49bdee95f72a5185323eba340c2f7d9f7927e7933b198828f5444d1e2f5a1fd193cbdbe197f34487e81c2cfa0f990ae6ebdc8341644ec189c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    895e85773f9d097cedca568ce1e8b6a4

    SHA1

    e6b35abbbeaa3367d239a15ed24d7ef48ca3c405

    SHA256

    d288d75b27cbd1afb9e2576650c130d04aa354232e8deae99dd98d035782f5d3

    SHA512

    7d454367b832ebe5e8024667188258b04ce90e01a9f7b58930a6ba6362280c60f9f3dcca1de710311f0ec85838a60f700bf86502e11e73bb212c8f99f0ab751c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    44b662d577f62e9847cbc9aa6d1fb990

    SHA1

    60be78da13ee51ab102332e06761d05e3e289680

    SHA256

    ae297b4b5e581dc6a35c96a85ff442664b2c64df124d794ed00d6d2ad5f3d05e

    SHA512

    a4b79d284b2243b5499e15aead71b5dbefd63e725c3f9d07dbea4456057cbbf6f8aadbf19783c5fc2db670ba24ef3a0d5c3f491883fa8604254022ee3efcacaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b6c6ba125f2bf931c09bee75e4d036ad

    SHA1

    0589685711f15c7e270bb393610abaa060362513

    SHA256

    1ceeaa462e279162da72a852952a1c927286ba6e5f23ad8f157d54aa138644eb

    SHA512

    183560a9c2349f279f789b32519e96c98efa79368b18e866c15d37ea5d66bea39ecfc56fb16336f3219087eed084f911d0641561081a23c2432849cc1d309b54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e7132c3e33bc21075b57d9e4c442a0ca

    SHA1

    7d6649c78d7212b6092b1dace275c1a2f524cb6a

    SHA256

    28926d8786584163a6417d4e037b3dae51f866df549209c1b3c18653f20bd853

    SHA512

    8e82c10b44ba86d491ae33d9f9b378b17f62587002bb2e17cce270342926f5c0c41f1fd415c95fe9f4235d52ef52ea9127859575b0915e6fe6898817c6fa8306

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0db22be1cf7481463a3a82e33b7b10b6

    SHA1

    63195860a31e2061642874b64fd652e0e2c468d2

    SHA256

    21de8998dd46693b355dfc860f980fa23d07b7fd467fd1d69aa2ec2cd74c424e

    SHA512

    6e408077b4613a2d2d62d9d0d192d117a696898b12e438cebcb1bc28175a2e9566c87ed059aa7842e437c943662a7f5a830aed156d4496a1993cd1293658a6b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9b3701455467a4a938ad0bcfbee8df73

    SHA1

    c321efaf402b228ae54888380c8dd87581e9a73b

    SHA256

    f474d82bfb87f435b7c4c0492a367bd66136532d5049001a958ebfb5bd545cfb

    SHA512

    f25a4295d35411c71b938538ee7be113e1108ccf28d820537ea5f5ab5c11382352457d672640ab3a1e91d033624e4d8a715c04e99ab66c5c6f27e6ff24da983a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    92d750b7709dbe3e4c2c995d676d5be9

    SHA1

    1810dd5a0cf12af81daa8328238aab005761a7be

    SHA256

    22de6d55a1d19f0fad451bb9b2385ad97ee39aa17d08b574d93d1df78886a683

    SHA512

    acff360424a82a3b7535e77b2e92757acf3c7c18c75540ff1da09f617ba04c27c6040d1892fc92a73cb1e01d200f63618562167fe8b5e55e07820890bec2fcdb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    832b93e9796753f7d847270d72fa11ae

    SHA1

    16bef95f87e75b4d58f27ebfe009216340f92542

    SHA256

    a2cca514e571110ec267994e5d52a45903e4eeaa8decaeed97d66e4bef0e7604

    SHA512

    dd5666479f9ea861443678638b6804a30610c7722c782af241be72bd509fe0f218534c65cbeb5828a8e106b2d0a8faeb038cab9206b12779f6204e5dc5f34662

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6b14ffd68c86a46829b612c2bb737931

    SHA1

    becc5dbf881b9df4d43952df9bc1f17b4af65bf7

    SHA256

    ef6202e5835505942bbd6e2f412b66b33ceea3d063cba0a07f5191568d59b458

    SHA512

    f32020f6191587a1937ac24fee5aa0f9f49f2316d34a20eacbdd71d207340f4f01bc08027c0aa2fa7e2d8c156a9b5366dd6a7162c04009f4513f78b5af43d9a8

  • C:\Users\Admin\AppData\Local\Temp\Tar3412.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a