Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:32

General

  • Target

    settings.html

  • Size

    2KB

  • MD5

    a1097f9d7670f194d5fba02754015848

  • SHA1

    c8055faf23e8b4a3f1bdebc0aaafe92237f4fdb6

  • SHA256

    879190619b5f5ca314e86bb3b6bf9f4b24597236d4435fb71f01840bb35c13e5

  • SHA512

    88b148c08e19607db5a068adbc87ea1f1eebaf011c45c504193fa6a97a47007a10468d044f0fabe7291bb2aa17655337e36a270b8ae27a70d0331d37e3d6615e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\settings.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2244

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          b8edc9e7e465aa8c3a8ffbde215e71f0

          SHA1

          e022e8d74fe721d7f5ccf8b41dea6f01abe36c72

          SHA256

          f049f7f1b5b49cd50b7a50f1024496daefc28117720a00c0d44373d6a34c89a2

          SHA512

          1accd3e8f3eea9d285bca973b247cb04c44bcdb54db3924b520f22eda2f8f2b5a550767b3f81da127d3b98dee94ed1f8946ec675184b65467127fdd21367f605

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\81B9B36F9ABC4DA631A4713EE66FAEC6_D3908331544568DA09791ABAB3322BC1

          Filesize

          520B

          MD5

          ab561256825ddcc9042a6a0e04d70a59

          SHA1

          774bb89cfd7793f48eccc1922db96900ec45eb3c

          SHA256

          9b483816323fe17f67ef70e01af4c0e00a36e9caf6fc4c953c53fc1623d35271

          SHA512

          def6a1b37eb796800c284c9657d8773a03f0a02f26a67387c78a338ec3bf1111e6e3dac5599f75197b659a9f622aec0962871481be6c1c1018b0d45e651bb5bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fd5072056d95d424f8b10d7958368908

          SHA1

          60ea69006e1424d98b3672589a17a1f0c43f1a62

          SHA256

          346f75ec772dfffee229a24f7c4a50ace6ca4722c1d759380f9bb0ac937f07cc

          SHA512

          57739ccb35e49d6166a079444ae1fce37ab642ffde1e6123c7c1f648f18dc993459eb19f0e41e1883b4250fcdbddfc21aa087b8cd506c9d1af520f288b921c8c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8e5240d39e0e6fad087436e21cd67532

          SHA1

          b2cccae0d52c01292c4e031eff4b7df3691bd4ff

          SHA256

          f8b8b4266fe73dbe02f6be662f0c19d0d64534a209e5b31ce5f0cc7d5b2af6f2

          SHA512

          f35f9b513b06e4391cbb24253cb41d2d6c60eeb419899afd2d9f226c60d73f71f10f8ba1352047e25aa98932917524d5ae875973757f4fc3ac020f165786d7d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4f334e7558ec83eaf32640ab1955b15b

          SHA1

          4b020aa1f39e01311b617db62f218863672256f1

          SHA256

          055c0831a5f74a41b22fdfc579571b7cae23e72076c9db883f812b3c8d3de1f6

          SHA512

          77ade5a1112e842da26b94f6b1f8f1aaa60b66c41c3e8b23e34af18627bc4e32703b5efc662e89216f23bea815fd3ff2ee2936f5f7178512be9ded19d941e254

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f11078b98ffd80b6d957298ced7d0064

          SHA1

          04ec630d216cd29569140f27de92f1a09b1513cf

          SHA256

          818f4db0c85d1124433add0415720d2f318bab617273d52300f4b2babf9a640b

          SHA512

          7adc04a94ae1cd884a419371247aa213feca3790b77f6253ea47b4c763229cbe0d3b6bb0b9d5d9b7610726b7b70e4f362e847274dc6c941cdc4aa9debcb7ab51

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          37d6a96dcb566cd5c2a7b63309aa5171

          SHA1

          c6bf1c604dd596e937a4032c96c801636993cc5a

          SHA256

          886b7471671cf926eb35872892913d1c15f63ff412b04322eb4e1a3075c5adfb

          SHA512

          a4e6a62d1b2c167085958dcbd91f68768e09cf0ac48e06992540ddb84422e7dd24f63e3976a924af3ee619104e77addbe3d2587dab5d103286c374f2acb25a81

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d2ed74ef77395205f63cccf6c2abb118

          SHA1

          2c33e513483514c7db0e7179357a814e6f8a1bd1

          SHA256

          27651a0057ebb73155d2730d485b5b19926c11d2f924595f091348685f7e5335

          SHA512

          83c7adfb81c70b068d8d17ec2307d31dcc9fbcc4010a433b0475480a10ea327a5c790d3b0679edc443492d469f418761b158344c98cfd91d11eacd084ff4d30a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e2ed6775af82fea87d448e091d69982d

          SHA1

          64c2050d01c270b4c804c5e7b6c3091eede86037

          SHA256

          2273f51e8fc4eb90c0d4cd6268edaecac5dedc3467723da55ddaa8853fa6dcfa

          SHA512

          0e722f445a4ca8440371d1132f8f3545456115a3d884ebc3923cbcf0c4f959261b58a1d7bebc67bd61c61026ea5fdb90bdbff8139215f8763d9b4391b0e55460

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d6a4e7043871fe54f5dca12ca59d618e

          SHA1

          1a17206d3be617c8670b96bf732790d56fde9096

          SHA256

          06bdecc6e59b11bc7ac9bab04d91551690d081436f2aa2fc7f7cd2d69b8bdfe1

          SHA512

          feaf2fb335b95f770db5180c0a84234ea4cf112c255616864f37742491c8861f12e0585f0b7487dbd38ee5a54f8a5678c492379bb84618a17feb9895e1f2ee84

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d54788b96247b9cefd51ee03ead21ac6

          SHA1

          e4d0356fb0e608c84db21582d59be27ddde57fd0

          SHA256

          2ddec811f8d648515e2f076eedbe5e8df6ee969249f59df3bc523903455a7809

          SHA512

          0f311b8bd9355b8e20c6aaf796b3b070b915ce215102e14aa018946c5304f0150dd540863f8de2d5ab85f0ebb287bf8eb8763d069bf5ca7aab7dd37837269cb0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c008c02db318d34bdd6c946f49be0a22

          SHA1

          abbfdd60806cadecac3762e799d83b817d9802e9

          SHA256

          25993bad4482c3d54e95c4b3dffae5fa3b9930b5a5a00bd259d4f3c120b71679

          SHA512

          014cdc36032c3b436cbf7b328bef02be1e02a199badab9197f33532bda123c9d7137b9b2a888c20afcccaf4461dca54bd4970f1d49619d696957d4aae612adf2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a1573baf7ad65f953822182985c7e5c5

          SHA1

          eb5665ce76924722f00dafab37dcf324cf765736

          SHA256

          f788a1745f3b2f7148946d000a554888cf293550f6117a1a8660aa0d3221624b

          SHA512

          48906d14c31835d6a3ad618e1eb09840819213967a1a14aa36ab440d620c47b7305b65364277634d6a2db498ef08ccbf29ba9faeb7c57c120deb6afd37085013

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          36ef22983c4e8ed9156d7c40ae47ac96

          SHA1

          cbf9c984c508fd664dd833e9b000fefb9ebfefbb

          SHA256

          0e3a5eb6a053c9360fcdb1a40e23b0ff16949e935c7da64fe90be295f6b0b3e2

          SHA512

          093c32514af345bd72eb5d774accf3d86c9c6dfc8b157fe28fa5927890a3c50ce4d6efe0d9feb4cfac8ea71ea80d31b4131558cce6aa7cd329cf02e64fbf8ae3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1a279602479448e4ab27cc9a9c50a5cb

          SHA1

          97d31a5e7d8512d00290766f0d5280460bc5134d

          SHA256

          45906f93d1ebd81c34b8d5e78462919f36228a21a47225747359555d50fbac24

          SHA512

          4699a97c9189444d1ce8d9711db11400f9b98766cb2863a60e9b4e1a8c72aeac3a7a19faf98753d9ef02c21585cabcd546ead0b9955f6ce6210efa87a0474cfc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2afcdb7292163860b893892b0cc97a8a

          SHA1

          4f3d348ad31a386e9c9cc6b0fb08b2bd0f5c2908

          SHA256

          01e94f4056df9f253cffc497529684b31f63a4568f63f2a8e66f00db3efdc32b

          SHA512

          ee3f51ce66f726c37a2d16a289433bdbd57eb350f88945348bfd5ff9d86d47e0d17ce0cb2b03de922a84a18cc2672c6e93107b75bb01907ea50f405673ea9e79

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          19dfa73cb16b5a2ef66cd7ee4775ef8a

          SHA1

          b4fe112c8f21ea6f2fd244a4baa42ae18d23ce27

          SHA256

          2c16d0dbdf0341cff8fdec1c0a480d036a8b296855df5b38fc0ae27f149bf5fe

          SHA512

          db1924fe905787ddde025fdef821a999b12c17083fbac59d00ae1416ae9f838606088aad3393db7700086d0c5d4dfd6e1c9313fc5c99b33a51d58661eab5cb69

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2b66c7b011dfc494ad70cab1e8ed63a1

          SHA1

          e73c7d0e2b6d2c2928552720b5eb1f575a18113c

          SHA256

          c234055fa09b9f5c0ccb0bd9f84438b26b617f02e9bc45e45c1d2d6827f3ea44

          SHA512

          ca5cc4e77f62bcaee521dae955a014dc87f1e57930215065363b69582e1bb87236d63319b53fd15b073b8a414dd8ce52c1fbce9594e84cf942a2d7d8145613a4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          747bd46bd8311d726138210a427549cc

          SHA1

          c7398ab1299f4d98cdec0f327293a96942072777

          SHA256

          b2d95bf87128239402833255472e878625daf866de977235b606a46596d6cd2a

          SHA512

          5a0278f0e8c04c641e93a3380d9a815a97425a1eb8221c1658ebfac838e9a974b186b7f50d4e26ff10bb36afaad35ffcc5fc9c22d5ddca3c092092e0478d2a7c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d153ae9db77d6d894341ed1cfe8997ca

          SHA1

          a9e992585397dfad23243455af9d4d8a6bf70652

          SHA256

          26602d8299168d5f5f9b701e44d07ffe80b6a77ca3d66973ecc7eda6febf6270

          SHA512

          375f7d4523dcbcd1a5297fcdee2e1dd963cd74517a8c732588908b596e63cdb144366c0d00a86608f6b230715cd1565e254f21cbdd6ae747f9c14203639a2f96

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          c24964dc9610583a9aff9fc33a399ea1

          SHA1

          02530899a2db49366951b2d85eb7a50bb26e3b8b

          SHA256

          e7d5ff31c462dad44ef41cb2521e531e10dee9d72946588f2b326b3db193132d

          SHA512

          eafecac331a611cd2ab227bb6f6885c102f705d0fe025a84d26d94edb3b57e86189efa62d8aa26d55ac05ab4ad2c3c1189279b5a78e55f3d8d38e80ef589be21

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\IKK47J8I

          Filesize

          5B

          MD5

          fda44910deb1a460be4ac5d56d61d837

          SHA1

          f6d0c643351580307b2eaa6a7560e76965496bc7

          SHA256

          933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

          SHA512

          57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\showcaptcha[5].htm

          Filesize

          13KB

          MD5

          40c8e204cd6b322cb924af85718ee43d

          SHA1

          1fccd69aa83c2e9705dc7f7f5c8801f20883c8db

          SHA256

          ca3f2d560718bcd74752797671f720f9167fdd96abb3ae9e8b409b44256cfcd2

          SHA512

          34b90f9a410e8a448b53bf7b792b17d9632e31e0a61ff95a7b6d05ed46612a4ce49eb410c99549661f07209a7eb8bd1bcc5b54458a41cb22e413d87b4b26d959

        • C:\Users\Admin\AppData\Local\Temp\CabB480.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\CabB59D.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\TarB9E6.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a