Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:32

General

  • Target

    main.html

  • Size

    2KB

  • MD5

    83eb20ed9a049a4270774907d5769b30

  • SHA1

    a6cdd077211b78566dc0b7c63f10dbb3cb320ffc

  • SHA256

    c8cb6d6c9477be521503e22701e68b7b6a8f4073e591ba47e3a07ec2a83c8420

  • SHA512

    12425eb9b3725971c8de62f85055b1af50099cf54f8d2d0b03fe350772398172bef9a59d5757613f23f789a436da359fb282eb178952f84c7e11d13adb908b1a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\main.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          3c9cecdd7c60726dbff677685ad75f1e

          SHA1

          54d652973c04a932049be728ceca91c3577668d1

          SHA256

          60a341d44ae59954b93419d3ad083e04caba212b1aca55c5dfdb71db4cf4f688

          SHA512

          44c1bebe5de0ecff183719a70f3a5914b713622911f5b3e13b5b0ee7b8ef7e42b77f22805ba410f7645fb11f9912067a44d062d197ab94756aec90d2e3f9d34e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046

          Filesize

          502B

          MD5

          787a92179ff01fa58321e280ece992b1

          SHA1

          40f275b9112a022c3ef49633dd820483b4f9cfd5

          SHA256

          8397c7650cddc6703dfba7778a0f86fa45ae2b026022fd45dd28a9f3b87a9ac8

          SHA512

          735cac9f452f8136357e7d0edcb4c7e61b848808dcfb95e4f6ac843fcd5830097f35526e689f0cf1bd6cd5aaab0faba619da84095b14dc00517cd4a735a8f467

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          78b45b644d89fcfceef69330eea55103

          SHA1

          2cdfeff70bf15a06fb161d9a4cd45cae573ffe4d

          SHA256

          707f13fa80f848bc34b3416102064fd80aa2e8b8bc84095fc1a2987c1901564a

          SHA512

          2f95abad508aede5f161a0236e9f964c4f0cf6e86a41b890e6e11740a5f59a8c1d4541aa718828c0a545e7ea95c0be1be6e73263bec5b2ea15419f27ee40282a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fcfc29e5dfab23662c8e43127cf33345

          SHA1

          0c9c0ebd47d0aca57b8ffd778ca481bcdce092da

          SHA256

          50ec6c8354937f514a7e0093a3b35f162f723b3d9dc5af58885e0972953bc5c3

          SHA512

          a5ac00e8afc1c9a60b26c5d0ceb7b14d3deb8dcc66fef32a687a43785f4d76c9d6094d44b7e43f7a8639e00c6a5aebe27e435b0294b0fd33527da60a9946978f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4b481fd261b5cd08681dff2bd275a236

          SHA1

          e951b9c21b858a140a848815ff44d6eef6397d77

          SHA256

          9ab44ea2bd2578100882db1d51287741eeb721e431466d9fefaf24b017bcfe38

          SHA512

          d6a1ba13c3d7cde69e9fb7e24e58ea5b4d99db220839f70e3361ac64dc344d6ad456fda75bd36ade83c9a5c2a90d92e2b664257c11e96dd53c0852095c8f0a0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          81bf034c08a4aad3e128109c560dc8cd

          SHA1

          2e9f81a2fd619a682a777ee6c014de7024113d16

          SHA256

          6612744e4a427bba6ecae90c4c8763d15345c0a51cebbb0b2726d99a03a043e7

          SHA512

          7260e592ac56cabe16818da6dab95800212c853a10162b010f8c871e156f063c244ac3960bfce704fee33ddce6b0477efebb46f2dc51695a63a61610bdb84cc8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0140b3f4cf34df5e575c80fbca97e312

          SHA1

          3611de981bd2f83d1eec7e8fe70db3f3473a7e36

          SHA256

          82634f71d9f7010479dd23c90ff500be9c4ef695504feaf48385316b76cb1fa0

          SHA512

          2fd6e485c1bc4d93728ad6265aebd7cccdbd6dcecc4912dadfce637c82e3083637d31aa628e5c961765e468ddaf7599d0462540de90e719bc5af125b2f686bdf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cca48bf01b30d8726f0c15bab94a9e3d

          SHA1

          f766465833007da8194bba9bafdc92e12f6129bb

          SHA256

          8ae60861641d1316639ecb341023450156b55cd4b5cc9a5a9e1bd438f1405af1

          SHA512

          cd7232f4216c273091248bb593a0dc5c0f881f19767970d9175a221134ac3260ec4db9851207b13e77af57ef373b5e7e6af196baf44a9dd0c19bdd3d7284d29e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0fa5ccd3dcd62861fd0820fe2ca55e05

          SHA1

          6b4b17411586d282795931652c4a13e64915571b

          SHA256

          0d88663f1824519ef25b0ce1c9ca8ec0a5aaa242f201d840c5f307d95a8c2916

          SHA512

          a4eb5eea1d40eca4672de0826c1a00c21a7c3f20efc74dcd11937783909d0b19ee2a99c8790555b891c1172d518b532889be5bd4bd1657c9870d172301c902a4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          29ef9cb57722b62267d8fdec1085cb1d

          SHA1

          4bd0a722b72439b6d495538199168a70750f151e

          SHA256

          c55dc352159498f64be3cb757face9c6d48f8e1dc8d75365226582eb00a7d3a7

          SHA512

          7779c6bc7d4c9f1cadc3573cb480cb2c20bc886a4a924e2ea321bee3123a8163bad319b805d9aaae20669099cd78e5afb6a47c83d665dfb33f2eb301a53ad11e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3d8552eded2f7ff0c2ce534478340eb3

          SHA1

          0a97e1fe1c722e735b47c4393039e71706c4a3ec

          SHA256

          bfdb1f1a2e7029ce70d7a2092b9d4414c8a27d59396e5a0d548e7f98500921ef

          SHA512

          bdfa1956207533f240acdfbb786f647bf4266a213500da1bf44762fd9f4bdf6730b8e35c18af5b377e09b3503717878289337cee10e4495f7349f5292e9d89f6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cec52a0dd065051bb43e9a59e872a4b6

          SHA1

          eb38b34ed88f52bf89420a988ec1b6b5ec7f9f9a

          SHA256

          e0194724c7457563a0520730021b848a9244a9e382ace6631c27914462802b1e

          SHA512

          096d90891776351bc5f41255335d0b4ef6dfeaec53c4ea577701c2fbad779a0d32a703188e03ecbff61913338850554893516f7fbb02a51b57c6eeac0f970630

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          87721c0842e37bed6f89cd124c6d5d1c

          SHA1

          b57d22f9f2738711ca40f5d0d60a8a31037c9283

          SHA256

          049fa11338135909322b45ef37a36207254bd08492b111c9b842a3409610f3b1

          SHA512

          4653dd602c38d14c9b0c31d0003b889c470c064a8e85bff055baeaacdaf4e7a90859da07022d6ad84c352f2c4ad9c92dcb033df2e62c9ff9767af5c688ef586d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b4dbdf274bd6de8d635617cc2c1b1bc9

          SHA1

          633c2d9e394e9f88103b5cd58958fe5b342fbf6a

          SHA256

          f6212cb619fc799c4c2fc9e935c1152f965173c8ad1724ffd5cb05b34d6f5c9d

          SHA512

          1b1295f2d1be3bb4fadc73ec2f42cf0a2ee5b2f93aef4c99c2084aadf675a13de2a6c0d1900cbc183b530ec4a7a2399ca7799f179a3770db85fa48e2587b5fbb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          673a9c5cbd2a0f04edca0cd7c094dd13

          SHA1

          22abbeed7d463cbccbe925725c2fc6030884ea4f

          SHA256

          356c870aaff6ee628c6a553697f212fa2b965282dea716adfcd506cac52bfbfa

          SHA512

          1434b0b8e09bc650f3635cb83fab6ded0613101f1d55d3bb1a9a228e0b860ea0ab65b58f22274f01fd0cdad940ca63f9998fb4a3b2cfedd60dcbe843a83b9c0a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c1dfd13772ba0e9ee88cdad01202c3de

          SHA1

          0cbf26f8951e3a445695f362f5a2fba7d2df0994

          SHA256

          36420e57ba80b2844fd8861d8fe113f465909f2a57e5e89a162321cdeebd79ba

          SHA512

          16913590b0b83b7763f6d641eb0b0d64732fe1a43e84842577c6496ec9e1a6134c703d0accb826ebfe9899a39b9b276e17901a80a8983b13d57989c0e6aed3fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a5dc7dc4f52010542ddeb4083f396a0d

          SHA1

          c25d34e9760f3599facce5211e68d16a675db61b

          SHA256

          ae5788c889ec0845dc7e9c9b224bd201604f9efc8415f25f44d96e6eb5a87c8a

          SHA512

          534ae8609b02d1db0745bcb20ec8000a9080f81585fde6b2792bccc91efb4f43b14d2b39701b85d1eae57f625c77b8b6e8cc5c4635921b00d8ae24b04c1e4521

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          43d989d05a1bb3a528575db7cdbfea6e

          SHA1

          ab1d190d18f30add47796356a3883c2057f1feda

          SHA256

          8e8b2a35d97117dc4f992c06216917acb29c9eb6a73e5a354e918cb2a1de605f

          SHA512

          e2d3f75b6612f1dac5ffa8950b81b2f5ca1c9c25edbbbc1ef2d7d0f2f52d72bdb5c6a5d42b58b03809c03ba7974a12375a95eab149af0929d6434ede8a5eb3cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7f66c19d3e70d0b9ec5607f808199f75

          SHA1

          90d59128bd5a8ff671da5df7df5f11018961335f

          SHA256

          9ab708a464684d5d4fb2540ea1841fea057c365fac78013ab940415f236b3ba4

          SHA512

          704cd54bef84fd3c69f86182bc6f61762e3eb7990e4d75cd1e5acefb3c93b7c2d65d6c7d1c9b5c58465c9fcecb83d694be1511056ba332cf335f0585d0b1a0e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3091fbfa39ab419e29e1ffadec05af57

          SHA1

          a250c59849c6a519e440dc0fed3550c6358d3415

          SHA256

          340d02a8f9feff04aea0c01d52ae8dba557c5251df358009012b0798cab7085b

          SHA512

          9d745e9922f314398c1e29919d53acf525a8b694f7393e5cb4bc644b3e65de0a849792d935692c2d334f75ec1ab197fed7912841a4767cbbd2f235a690a7d01a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5d04e65a81a89e828855f56bb14aee72

          SHA1

          cd0ab75de6a619352bd0428196d7797b1b7d3dad

          SHA256

          614ace329a6fb340c0680ec4172ead619f91385b963e9f5747cb0132a4319840

          SHA512

          6ac88415acb91edc96fc5c4766c955c305ddeca7e1099f5ad269d92f7e51dca21be0899cd7055eddb3b77a7b9e31815c814900501ea35a92a6afb1576c988af7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          338d388f76902eacd2dc65218e902bd9

          SHA1

          6a1b93bd80cb677970d7f706d384e3166cf4ed45

          SHA256

          9168a9ed5a9bd533d7e1af77de1104fae1bd14fce9131c3fb432fa2330f5825d

          SHA512

          55ee4d042fd747bdff88012838b772d0493de4cba506f1b7e04cff89315b63af11ed1d663fed4157d3036ca698761806315463f02e528cb7af2c9e54e53f8175

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\showcaptcha[2].htm

          Filesize

          13KB

          MD5

          a638c03a9a40ba65c834e8b7f0bbf0a1

          SHA1

          8ea491e1e3746f9b92e020e8ddfad37e13087ab8

          SHA256

          f080b74f9323e4b33f530c72837626e918f34ebae97150a4587e32701a809a09

          SHA512

          95bfd28ed8623482e912369c0f9a5a6a61c322955316de6ec1b898616bedf7ad71128c7f9ebac8ee4ade671240ce02a8bb9a30442401e789e9749a63ae0d16f5

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\YN64QZBK

          Filesize

          5B

          MD5

          fda44910deb1a460be4ac5d56d61d837

          SHA1

          f6d0c643351580307b2eaa6a7560e76965496bc7

          SHA256

          933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

          SHA512

          57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1

        • C:\Users\Admin\AppData\Local\Temp\Cab1131.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar1407.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a