Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-05-2024 16:43

General

  • Target

    rebrand/index2.html

  • Size

    425B

  • MD5

    387d437020137b3d40fd73050066b399

  • SHA1

    305f877787c46a5cbe1cdfde4948cd03c3751a10

  • SHA256

    2e34ddccd70942587d8751818aad6f51fb61ef79214bdef8d930d84ba5302581

  • SHA512

    56df869a842d39624652a43a41c3aa6dcba1d7eb00b5335f7841473e61da73d414e80b8978f86913767d93ba2e6b3afba71a486a5ccdca4b9659d613f020fb06

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\rebrand\index2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1616 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ddd270d65921251d4d5cb893c21eaca9

    SHA1

    ea90c14b044da2279d79169ef23264834305e40a

    SHA256

    b7952faefc76c839ff1c4e256c01dcb78e3f14b677d0628e4bcf31ab8af66866

    SHA512

    32a29d263e6e646db543b7d0a32e9b133d75459f35637fa3f24a7656fb03a990a9910e99ae5d1d90b95234b47fbd25164cb412263f9b573afd89b549b951bbf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8a07d873cb880ee6ce461c19d62b5163

    SHA1

    19890dc92c0fd34618de29ad1ec2c3edf59bd5b1

    SHA256

    ae326c000265039579366b4e57c03fe1c038177a956d278007d0efdb03993fcc

    SHA512

    c933954c106cf86baecb3b72b4f784d8fa94dcfb434222348b2928e33e12a113234734a1a18221542afa6cd5f53d0ff9abb0f608a30e72951dd3cdf22a4ca113

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17fe0d562e767fe9d802b96e18afd623

    SHA1

    77810ee63ea77681b251b16998ae6bb444e3325c

    SHA256

    6b7c3abaa11c8fd70681bb66afd8f61657a882a86ec7fc6e5e3a39a1b02818de

    SHA512

    733c06e250dab5fa9448c1a1c2baa1992ae462f92a748ab8d3a128fc50e639e1446d7111c3f3bb7f561791718ec506fcbcdb5abc7c02e56a3b790ddadb160414

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b75cf16b41070be8686eb745ac66ca2c

    SHA1

    b5cd74024bfde643b7a6b9a333848af5986667ce

    SHA256

    416eff90bb2aa3f7845da04d9996fc71876a579497545d8f3c730601e9e995e6

    SHA512

    fe298dae0d1cd52fa330175f3d7fa9ca15446c0316f34ef12433041344aec8476a87ca6963c99d040f4b8196ae2d354845f465bcc20acf93d16e05f0c9dfe01c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4527608445ff2f9fadd47f0bcc910e56

    SHA1

    3311552491521a18ee2b668eaf7c95724306dac5

    SHA256

    447740051731ba4c5dbb17c3a3da266d402369ab2bc876530bf2a6f38f757e02

    SHA512

    6244ee4e2c147c0f7cfc4b25b7da18675b2ce77907ea35efbd9e2ed6d5ff5c1765594460cc9b27114a2ce7d3e678568053e5636389d762ca641e3a8f91144891

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b1955e35b0c8bf3b32caf94ffe32f73c

    SHA1

    5b8452dcae5667125b7b6414c64dd2b8bd1e0e97

    SHA256

    43d38fb3e8638ab3b3c310c805c4b128cda86a0d4e17be70a6041bde871ada3e

    SHA512

    125ad313a503cc7922913eaae6773c7ca26f5bf02186b008077c62fcf5f121a60a8a62976d8482085486d94c9d0c2f9debe66d069b51ba5fafe20fc3291ecbc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b3df0e3414be704c8d70176955b875a5

    SHA1

    0e716e687933422fcb876b97b3da0055fab7b72f

    SHA256

    e796dad7cc9d26897d44866970fb4e97d955a284407d6e6179fff7cc6bb4eb4b

    SHA512

    f6674b7d260e1aaf1ba9344f1c77679118348046acb388ba44eaac8c7dbacb241ae5f72c2388910fdfb562ba03cea98a14f108a2190c3f4143a4703571a2845c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1b503c3e938af08ceeb5818b8ec68f5a

    SHA1

    7fe30a05d11469b1b41a18b9b49a8dabf4a3945f

    SHA256

    e05202b782b64c5a562645bf87b6f5f631d37a8851ace67f3c1cf9496582b4c1

    SHA512

    25f09e3d4ae064e77bea824a809f48aa25f15192108fcff1efcad9bb23f765e9f759567261865429501e827bed6bb329f7af97f0e0590b0dd44c5d71b3cce255

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    581a27250eecdeef6ae8f125823e4682

    SHA1

    f6ec5512edbe7d0b9f2f8d80218268c141bb4253

    SHA256

    8fe297f95ac4adeaf69f9b27c25896a23a42ebae210f1d95ee9725387420399e

    SHA512

    b0c350bf1fe3f0ef565302d154512959563612bff28f95b59732ef3649b771a0cabb30ecd1085e3b93411d3170b8e4a5b6e7677d32260c7616d9202c6f29d2da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec0413a0773a6dbf495121b2423b567f

    SHA1

    919f9f94ce9a6d61a285517ff318683c2c92788a

    SHA256

    f697726f8b8917779f9cccef8f4c6c7438e191099251205a5d914f0fcc6bf8fb

    SHA512

    d5544add5a92b6e92e7bcb3b695f15cd7c42f4e28caa050481b1f810cdb5da54b6c7bb9caa8566dde34e3f62f4caccf3ace55757bc3abffacc7e9d2d59c6c2ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eca493649d35599a9cebf098c98ac070

    SHA1

    2da833c6ccf425ec5d15c9b77314973891d20ea7

    SHA256

    cbb20f70e4004a23c5d50e8f78d6ede5d7fab96d144a01668f8542122c1646fe

    SHA512

    0d72e713144e99a9919be72ed361f35eceecbfacfb00bd7e13d6ab68697ff27b8659918811c978c2f3955ac65c5e230815000bfe42ea2b9e06b0b63026540d40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96eeae45b78baf47e524dc97ce4eca36

    SHA1

    e85296396a109d979b1e59a3826990d840ada074

    SHA256

    6a463456a04d86bf372c6c55a2fc82b42c5db32dc6fed8d5908c8062aae49924

    SHA512

    8fe949e3baa9529850474833759901bfd852ea9554f94f7391e66a712594fbeed5f31f268b530440313b6384eddf276df277f03b0dbd4294c05636edaeca551e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ac381edc6891b188354355a138a7c77

    SHA1

    3346f86de9da0ca56b92010bf6ab29ee909a575c

    SHA256

    d2fb3fc67c072e66d17de40c865af41e30c99127e9db442995c080d59b711d44

    SHA512

    37831e345573f62f9bbf4430fab7837d999153e322567450e659a819a1c1c244f74b577647dee50d74a439e993ef632940dd3817ff1c438f71061713371f927f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a1afff7754ba96ec579b6605b12cfe34

    SHA1

    4689e1f5074d93dabb0ffd6818fe8ae0c4c31f55

    SHA256

    c93a954cd1615c4e268045a14eaa0a50e3d2a0ed88b7ddac98b5c59f09106ab3

    SHA512

    9834a7b528177b58cdfd862e8e736615fbb33579120deae285a14c9bf9a93f1262f8a785cb83685f485c5f4977f02b2a7baff94ebd0e4d15d12183146d6e2096

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f54a8f56aa08d4185f287965b808f3a6

    SHA1

    49041e027df6392e4d13280d163db24a2902f1ef

    SHA256

    6ce76ba9da02405d79fec3ce143327317949d5f6c44895f8739a1079f2d20afd

    SHA512

    36139215f114b47f9607a0446f953b168590262010e6b8d556eabb6c71427d5d94553a8f752746e868d165af4088690da1213049ed48a943f8438589ccd8f53d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    361e488e6aad59790e3abc47cacfc370

    SHA1

    196edeafcbb470bf19a06fd1f157b04114c9a72f

    SHA256

    f41ec8a3a61ea9013372fc1532568a91714aa1e6d8889001a7cfc05b7f14ee0c

    SHA512

    0fac48a188c1d750e7d3778a6b3e384abf997d95db1b63375c312e8d9f70fe7f7b54e73f55557f2e2bf52c50bfc0615681eab4cb7487a51a6ed76ad72dddfcf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f2d0c0f26bba60606aa0638f261442a5

    SHA1

    2a86015368d587bf7db4950b37af24d3eb25528f

    SHA256

    c07028f7463dd3764b958ac6703b5b1681fd62b78964c3269d8a1f0f0edf0a7f

    SHA512

    0dd96e99857e893004f777178234e6294aadbb8e46dcc0bbe5149d1d9fe24ae327c78f0a2f23edeae09ee3bb3dbc4365597ae067224d820b1386ca0de005d835

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    863da1a6a7a8353f32769afc732d0c86

    SHA1

    7df4eacddbae0cd2c8d9ed19c7d3e46bd363a0c7

    SHA256

    f04d78ea9d05c4fc001947b7d7c0821a2647d84e32db3c73ef220560315d0bf0

    SHA512

    d15c0280ad4bdfca9bd5109d08927aa67b73e2807db0c098bb790572be4ee1b66da2d82e4fac6a7d9dd38fa8c88a0ebfdc917ac62a09f400ff06274d02f1c4a5

  • C:\Users\Admin\AppData\Local\Temp\Cab27EE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar28CF.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a