Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 23:20

General

  • Target

    sample.html

  • Size

    220KB

  • MD5

    9c03bcddad092efc98303006220867b4

  • SHA1

    88d640b3b78492bbe5b1c7bf98b5b48bd0d15815

  • SHA256

    05a92ed22a6581046781c210c35ebe6d07eaf493a4bd9acf83d743dbbef7845e

  • SHA512

    e329ca44625c6831b372803daf1ee235b094f42115e9a44fd519f0b7cfe5d4264ecf03ca5068ddfbae6ee97863b064de232834f2331f6db2674d3a109a3dcf43

  • SSDEEP

    3072:SvwaDW78Hs1+9JQDDyfkMY+BES09JXAnyrZalI+YQ:Svwgk8s1VKsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          897141c1821724d2cdb655c00933f9a4

          SHA1

          d628fbdae4662ff1f2ca623302384cf02382b74f

          SHA256

          de2190bbd5aa30ca10388437796875bc879610d2a986fa475465117b90ebd50b

          SHA512

          9a81841803fe9e1e4d1bea6a9601897a1db7343799f4b69f2d55ccabd6f0dfc9a67e1fadecc963c940f24a5255130b4efb0a681e903ed495443cb7675b5ad988

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8813bacc33a8dcf24286fa43b35a0450

          SHA1

          d6b249bd020902dcbea5e1acf4ddc1e6e8b6f8c0

          SHA256

          b8a710743af581fddfc10a0d09eed31fd739cdaa4d00295592183dac4922cc26

          SHA512

          9b91ad2ee6afe8cdab025cbdaf4705bb6aaa799d4ea8accf231cd71d30ed03a0afe339da8755d3446ae4d5641e857e749d1f6fb45a2cdaaf62f9ad312fca093c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0bddbb0d732c6a6d29843228dc5b0248

          SHA1

          3663cf245e6db5a260139d01a522d78f4869ab19

          SHA256

          7e5e0686eebfe03bab2188498a4e7f73d89c4ad266fb69360af95176751543ca

          SHA512

          5f547b114f8a40d9081995b034905520e5509718a767233eb06651f784ba7b69510a7313a8e38a64a418678d06ec1daa458a434b9b7b0602184a5a5a79b5510f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          62523fac1a9f07deaab81a09a11a72f8

          SHA1

          396a67b8ed8c531e566f178f93b6bff15ce171ab

          SHA256

          e145a419a17e9fb0e0d986c6a0760323b99f300aaebf2c35b00450f5e866d51c

          SHA512

          7adc947edefcfc06cbc64bb7b6862062ce8d774264771fdd1cd4acc088c161ea310415e7920049971a65a437bef24d0129b8cb5f566372545d6db4c39fb99eb9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb981d426ac0256f4feae9490baa452d

          SHA1

          3832b34953e2bd992f928a7450ea77c98f5a8f7a

          SHA256

          1520b3c38529c82a0cea57ccaec4e97ed11a94bce7b8d90ee2730926141ba4a2

          SHA512

          7d1d8ec0824be8cd948446937f580968bde1491970ddeff5454efd5a70ffff60732f8d375f350e839182ea0654dcc861ff15ddab05a7037e56713088159b8b88

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e46b0ab6f11cb17b2b4f0d75776eb2fc

          SHA1

          9c9b0227198080d5585dd900cae863d59cefdde9

          SHA256

          efb1885713f05f99c8e99a8115cc1f0dcad18c5b4d444dd1265255b70551b40e

          SHA512

          929fbcdbd80e231673e913e83d8c2bd1cba56b439dfdf8a4f97a69c3c858d2d6cc7b2af5979742426d5ba7695d10520933ed90d786dca34abcc9256ec177ffb7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ac21cb8b27a7c7b244255f4237d50be

          SHA1

          59fe2ad7b529fc8ffbf9fea0a95ba8a0170a0172

          SHA256

          11849b799a70a907e22ac22f2d1296f34ac9fd059b133301734194363727bb2e

          SHA512

          2d95897b5cc978a6a0511f83c6c7f48b005ef0f1aaf9bcfae7c6761f6dc695d9c3969b38ca98e74d7b100185d4516cd5cef73c4f67f0fa9d4c2829c9410c91fc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ea3a90be6b2c99afd847bb13e20a7fa1

          SHA1

          034843877467c3963c239f6dd50a1c16d1fc4112

          SHA256

          956b74b1dda2a0a04be817a937fe683aa5e792ba382312425d8809bfe463ed44

          SHA512

          ac8852295297b4e07ccbcffaaf68681dbf16bcbd80d31c870b1cbeca648fbff2e4b6d950d2c2a5238370152c1c80bb956036b73ccedfcdae9378ba282483ea2d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          670acdba82d0a2bf5b22d12e4488a288

          SHA1

          6c488e89d21f0004f96d7646fcccf9e45a281e0e

          SHA256

          97e6faed2624707f9e31a554918f007da7562db4ac4cdf0e9ccb06a9ff93a86e

          SHA512

          a7bfae2ac78cc3ed149b48fb1b181a81ef3bcd9ed94f8132283ab2570f9c746d985a8d1d47c5327fbd70718590ae8fb6c26bc9da48d9da20a1e7180b4a777d17

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9447b05b95f4b1988d3d3d8c68f27678

          SHA1

          6dbfc59166fe842146fc0fa1c171b9953d4b3ab5

          SHA256

          a3a13cbfda64e5c0fe7e7aec91c1ea3bb69cb4ee1ff4d77344bf01a125c7a5a9

          SHA512

          33e5e36d37db40209a8f08bcdb243a9e17fc5630aba5db1e806d844d4288a561611fefec499abbc6cf53bfa9bea2eb543e02c4354e074a4b879c1a8f16ae0f17

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          52336123bd4d9e6478b1fbcd9c6877cd

          SHA1

          cd6dcf0932e641b83a2150afc02bcecc3d3b5e64

          SHA256

          887249e3178751ea400d52acf79aca3ca49bfaef63cc683c00e933076d9f1f3c

          SHA512

          df88ac3bef68b0faf9b66b38de24592c221e0663d297fc20a4facb015285f098defc5737f49b38b24723ad32df791e46404bed083bee9aa49c34357d8f32ea0a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          327abae6847385eb50164e86e9c9d90f

          SHA1

          7099b6b1211c311bec091f8a6c5b249b0b40eb63

          SHA256

          3bbf768871a68ec08528bc0b2dca79772355f2415eb71763b099105ee63b3159

          SHA512

          8b7a5556bcb9c6e6186ef5a1eb03532a6b8e000a771bef2b28dae9026997ee93ed96ff908878e4eee3400103fddf940d443f007cee72bf382004af05462c904f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9c416a01ef262cb1f2516a5465cf7b5e

          SHA1

          c5c2ffafc172b8f5e6dd9322dd7fabeacbc45356

          SHA256

          92774c33738633d398319e6c813cc84c389838c58905193858ad9fd668c543dc

          SHA512

          a01fff49397eeda4a4d0564e311ce6205a811705af5cd84da59be00beccb05af1c4ac49c8e5dd8fbc8e0b058841a025d6410aa7c1322d48b10db7755a13709c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b8567b61795faaad9d65a0de6d0af7d3

          SHA1

          6aab6a0bb286d3c0f71089100ba0594d03482018

          SHA256

          1a59fbd95c872f07c7d911050cf39962b473225c5391ea2d5177fb2e2c9d70f5

          SHA512

          2b5c567e343c24449b3872e45897f215476968039e6efe4b153921ad1a86bad694f80d407788b9cc7b4f824f46c9a7158e748e751d622d6d3776247caab5676b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df55ce9aeceb5506ff48daeba6358f36

          SHA1

          7f944566b4feaf9e10cad73e5068d2cf3468fe38

          SHA256

          4899e7dad928c1a088c1f5b7f238d68916796c4443f68ef48b061502e780c6cf

          SHA512

          977f7648e5157b821179455592a6a50110e536c04bc56df3217cd341b10803f4573fd8fd13415eb67ecd29bad3d730634e61811b0ac7c3f6730da65e4eee6b3a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          790ba545efc2ce421d7ec732baf96b40

          SHA1

          e4717f240a2a8442256551dec93fcb6d097ff657

          SHA256

          1e819117aa6ece0700a4f01a9eee52a78c1284cb90d80ed961c75d3fab6a78ce

          SHA512

          ab0e712051ca0d08747a89cadf54c38dc323ab3c4a976c09a58489561f4fbc74b86122edd69124593710269d1773841d15fc89b8b1fb7d7a75d545a985b7bbd7

        • C:\Users\Admin\AppData\Local\Temp\Cab24A2.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar25E1.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b