Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 11:40

General

  • Target

    Cirurgias.html

  • Size

    4KB

  • MD5

    71275f17b992747ad1c3c3099ae4b881

  • SHA1

    e9c5967af9615cc065a55b386563a4e43dbf298f

  • SHA256

    b7e0964db276ae4cc8002c0ac4fe36d7d87b83a140606308a24ad445cd787cb8

  • SHA512

    3159c1328e522d2a4c649995a5bbd1039af34af730ae86ec628c789a592084d3de48f1a23a0bbd6ccf2c5e3dbd4fcef032635d92eb89894d5c423e0f5bf1937e

  • SSDEEP

    96:oDTJBHBJDJgJLJpcJhCJz+aCJzkvJd1JzUJcJzLJgYCUnQJlppiL+9r5U/QMCFR1:oDFNVM9OAOUdDs4JXhnQw/Qtnk2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Cirurgias.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fb6cfe0fa3284d3515d17ca4a13d4d17

          SHA1

          36e5e49d2ca8ccede2a1ac12ece37993613d4721

          SHA256

          2a9fdccb40b4aee5c3c4cf7329190459ad7428f78fc2baac74a4944fa27a168f

          SHA512

          90f6c8c70ddbe9de9ae8d1c96c945904f124636772393e5c660e9ec90d76b1dbada5a6b2d4631763eb4ddd2903a0451b5aab55c67d9d16ffb1d09af809615ebe

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c273c0bc840ae160efc1865af92f566c

          SHA1

          575aa3eb85cb30b42553184eab54f5f52be8addb

          SHA256

          3b95c8bcb8a7f06d286bcee41187a18abc7029d99b707d623234f8649763b999

          SHA512

          250ccd8503c26ce705e88f1cb73ca50db3b9dd0e616610c7fed1ae9fe15da03f7e96d884cd79d1792c392f6bec88e06442b664308426514e8639507d0dde3c5f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8d6c7899e616d0933c263a701f802fe7

          SHA1

          83cc864138279dcd705d47c2ec331456e39090bf

          SHA256

          e7d09e7cd5ea4378664fa9792ee051955b501cb6f5a5e749b5f2d35f4891565e

          SHA512

          3f6ad54a664e7c603029575f12e0ad7ce59fddf756c80d839051db342f7fadc997b8cfd657a95c3773bef5a96216784387cb28e95cb062140f1af513035e3836

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d29244e45964688fa581e1032b194fb5

          SHA1

          7e337072f1f03aa7f3d8d04a2700f6a6cde64b49

          SHA256

          4a7820450ec6a15a4433c16904b488c327adf63e29aefabce511e377c637e01f

          SHA512

          cc941409dc83a85ffdbdae48f9d3d47b948ce5b6e6f982eb0831fae3b88899e398f6dca6b7fe31b93ab5afb3870903a1660181413fda010941f4982de95be1f7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a7548942ae075bbaf3dddd15ccfd4d37

          SHA1

          98ae6d324a2296da62c9956205823efda521db45

          SHA256

          48915868463caddf020912d645d2179f630f7b37504633efe4bcdd760e76dcc7

          SHA512

          c73686e92bfb696aa29fe8fd1175f2706c1cf26245b301e99a6683121b75e0ab09a197fc998f29750f564f55a3915fa3ba1b7fe871921ebc4f69415d6d1a1da4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b592a1a18004f83c22c062f2ed35179f

          SHA1

          187e204e9db1a3fe3694bedd724dbb4a588c1c48

          SHA256

          edbb33288d3c6479e160ccf95cf9c3938d67f405a6e8ed37abe2c23b0db36e4f

          SHA512

          e3cc1e39f847702af9bc7d71c200afc77907f648213eb6a3c02d51bc04831fa41a2ab9251ca14a83024919a5bdf62d2a3ce3279977e1dfb0fb46386b3d188780

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          afb3b108861fc69a61d93d492c33266d

          SHA1

          31ff3b65ee90ae2b8f34462fb82208b2cabb6fc7

          SHA256

          191146066d702d998896a68e6067dc30454680be99d58e14ab4685c4a9c4ed6f

          SHA512

          45fab600b48519c97a270450eba29f064fa946c2732aa7d850b27cb864aa2be3f09690bb65cb1794ceda90775e85e1448dcc71d67609ca2bfb66b7c2ddf47929

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          be54a9c046474748d249d46e6a698f37

          SHA1

          bcbd211561ad60a1f96a43c608255b2323bd3170

          SHA256

          b8dcc2082998bc09601bbca7e1bd9bca24215376ed44eeb124270c6b311005a1

          SHA512

          f330a6624496c47222bb0986a8a915061f48071c63d19598f056699dd2b7afaee03197aaa6dd485dece5fd749554315c328eb918abc89a5cfd4bbe486e32d617

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7920218c12afeda680fbc69f781091fd

          SHA1

          11ab2543b0fe7720c484f93021239b45e6f51818

          SHA256

          a61c7f5ac83ea1bb2c10f8da312963aae4c1f7566d0c168580dc1eb53eb12b41

          SHA512

          f133020832a832a9d428392df56c28c3b9511b7fe171c3e98b09a4419e99654b516e3747fbbe02bb512462dd7274078049bd21d29f19fa588bb9f4e6edb8fbbb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e9addba06f6bd25cc092c135a00880fc

          SHA1

          d851d53b591f6b82bddcad03af6d9aaf500e0f4b

          SHA256

          47e3051983aa17eea706a9bae233b58275bab74d5dce4770ecc5fa6383cd61dc

          SHA512

          399119e9a31589dc43e74751f64da9340135f86eb941a771de6ca1eba067a85d916fd8ea5e1aee5ed51460d6f03d4d44f9dd4363b02ed9a9f1f9361edd3170b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e32569177bb0b63a7782ba028c475bcc

          SHA1

          b1ea18176ccb2e64a87eda32f4cc8157b6d5f05c

          SHA256

          4d5c64547d8ca9c211f43d4316f0f9d2b7b5e05b6272d67242297d04cdc8f38c

          SHA512

          3043300945c1966eed1b27a11c10b248c087044e5fcf6b08390bfaee20c7a2eaf57377dc9352657a2d3b34d6801a6414ea7ac0896e46c59c5bfb786a5be575d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3ad52fdaa410699a316a0bcfae717478

          SHA1

          76af4987c1b31ad5c5d19327ffbc3bfcf02f4b58

          SHA256

          f41ebdbc1762614ed08ec42473738962e29ffd67d44d8381b74cd01101f725a7

          SHA512

          41c8688690c75a1816e36af98985185c6594d451168e797c4a87202d922d357d1fbf789af1f9171f541e31cac3ed4b9195c8a16e7853daf7373823375153cbf2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          af4bfbfa843b9af88f47a30239884dfe

          SHA1

          dda20a105d3039d3b8b3c65dc8232f160275c5c4

          SHA256

          9b719d5e1bb58f663269480759c94c00b7e0e0f188f22a49054739dd797447a9

          SHA512

          070eb89c9eedfddc1393a230fbef7d7eb75d33f9cbd9faf5eef7bfd1f0b267d66032dbf165dc1413ae91f986aec58e6c910ffd1b79a772d88e51562d34462b18

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          66ce17f6bb0eb3eb59a5e7f9f0d16586

          SHA1

          112bbea1842f3043bbc841342b7b4424d2bab8ed

          SHA256

          6f1571cc6bc9cc0db4078b1badf27c4d1518b84caaa1c61adfcf3d9508b063bb

          SHA512

          60237e845250a5659d74f9fb0f2faa2b639a7d7bd74e363e8c224caf32d855590783157312065d712a931b91d97bcaa268b2f36473ae8b89781140acbbc25dd9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a6ff9194b50371831b9b67dff177cc33

          SHA1

          f54c53e7b9fc68a379e5743269396c72ad72667d

          SHA256

          9941f219ac5144cfaf36b1811d21f956931c3757e45c8d5ffd6c140ac981c139

          SHA512

          65dab4e2fe292365c5388dc35f64a6bb5ebac0159014f12f3616cc23454bb5a8275cd0b5b9c4e48e2ac0c9f3176bb8d0732b1e43e4899ca053505bb1bc5b107f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b509251044fc65365456c00852f78e96

          SHA1

          51353bbf7ecf29cb6d8879ebfaa4d621db3c2187

          SHA256

          84c9d1a7de8b544a8fd0ba0c39ae27de52ba2b605fea135a775bdfb382b2dd3d

          SHA512

          6db63ae464c5976e82c2f0672fbfbf0fc2c78b4d081080d3906de0ea6dfd55fc9a72825854019f12feaa2867b865e95b6bf709e0cac1d52c86c5327fa3cc1cdd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          82d00be780fd1510cb24ca17dfc54880

          SHA1

          cd0dc806061cacb8f14bb20335ae3b31f6120010

          SHA256

          565a12d417d5b7d182c3ede9a9e0a174afe9c423d9cfd216a488f67cc4554f05

          SHA512

          9855e270d220d65191ce7f1e28f7b735f6261f3540921223b48a29691e3c7ac058405a111bad5e08c96d9d0d9ad8fd68bf47baef3b081b2eda86e576baf60a5e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9f37b5d508218e731d17ee69b907b7e2

          SHA1

          ef6a0421fe992323d79b63f38471bbb8cc3b7bb4

          SHA256

          fcde70c0fae7508c19758996217153626f41c0c8a602ed2ad4705920f651bc9c

          SHA512

          9641ccf5b07365095678ae13d0e2bf10271a7a1acd2c8f73f6afab09b3cf77418f4ee68d7ba6d8690313aa56b9312c208c4039ddda479ee50924d346f8cac300

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          625c99033fa8542ff7fe357816775961

          SHA1

          9c15555073b950e80f075edbff78fa56c6892cbe

          SHA256

          bfa73a57b26f307eb606af0d83e0e27245b16d41f6be48b562136a8c506d1d68

          SHA512

          57375770f22cbb2de3aa9721b857fc9e85daca8f01bf105569dd59fe713b5b66f0d395bb56e02661edfea00a9e5a3ec5fdcd72ab16a3d543e378f612ee67b93d

        • C:\Users\Admin\AppData\Local\Temp\Cab3288.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar32E9.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a