Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 00:41

General

  • Target

    $R1/script/index.html

  • Size

    4KB

  • MD5

    6f44e35e505abf551740619a53bd6034

  • SHA1

    97a24684f8672ff92bae90da19473a557873e2bc

  • SHA256

    cd99cbcc87c55ead5a5f6b419fb75c99e20a136f3cb2c4ecfd531c0ceb66810b

  • SHA512

    db991364462289d4ec196e3bb7ab7e9fc717796ea7664b6467b85e1e7d8cea8f94e9fc25809f757330b4909fd4711ed996fca7e814a8206b97741efd7ee82c02

  • SSDEEP

    48:pEJtNzTZcKxpKtoobr3NYWwSLDEa3ol54s:6VcY4oIdnivH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$R1\script\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b49f432df1d1b1457de1f30b8a96b064

          SHA1

          050133e0e3e885226a8d541ed6634e76776af8e7

          SHA256

          b67441964910c451a86b1ff467029c18158e20e2c320a273792d78e1299a3223

          SHA512

          f6d17356beccd4ed676e450ca49b53ba4ffb4fba760912708df57ca90d7f78903ed512463fcb40be46234519726f91ca0814db474a328c7dfea494ec69bd0840

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          70f62341a4574b4891605235cbc6ed64

          SHA1

          e5aecc8fbecc622fa9e9ac98fb64db49a363a1c3

          SHA256

          c8b77fb035b57ef9bebc13c3e0dd70db136b342c8d63122dfed3ef10f720b47d

          SHA512

          4a283ac18cbae3ff3ebcaec73cdba2f80ae701f5906e488d9cd34574b59ea654e53063cdd2d366b10a6507bf151a2a24081d8faba8728c7bf54fd183866f5007

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dcc5ba02ac378d6d1a1464aa3e20b4ca

          SHA1

          245a3165d40c45874d26b25f91ffe9e081cd25e9

          SHA256

          6a7b6269dcb32470b5212089ce1d343ae6a1358f4701c6a2e90443c49954dcc4

          SHA512

          3fa03ab5430decd6963b3e106c82a65821e92b1833361e9bc6643af07945def7c0e5167f81840b9cbfc8b649fce6db1a96b232bf44d56a3aa34a924a82d724a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          48ca35e9322424d3e8350e78cb3bfc48

          SHA1

          ab4af6c43ccd0cd54206e4e350ff4e1badf89392

          SHA256

          379ffb8a65188baeebcabcba8f0857f4cf67736ea2ca607b6617da4b6e6d95ad

          SHA512

          ccb2d8b84613a07011e87b92d244b260e18c9f88fd8133cf1a11808ee1c2aca460fbb01b966482f96b1361ce345d7f8839390e266b3017497bb8ea9be01d468c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b3832fb2683f2225d4d16d803bd743ea

          SHA1

          e20b71d634837a9f6dee7658ae5e290f52cc2498

          SHA256

          553bf1cf0630340552b694a9672a8dd77ceaa258b241fe897b75da5ed659d91d

          SHA512

          db4d0ddb32f335607c27f3d1429a3bda17bf7f0fe93a41b46cd4d8172c3f372ef393099aded51767f5030f24b41c675d77a5a840735921725f040cf2a9ed6e3c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cfd42c1d932f73bb8f51a61eed9467b0

          SHA1

          b3d71cfc366c3555ce934cfd6013ff7a4e85bf10

          SHA256

          3f737420f15fb05004e972c743da3fbb4e6af3cf381f47134da57880f0d3d4f4

          SHA512

          d00a3e92d201ce57eff2e717ab1e6b9fa064df46b112f251053b64b43cfabb4c87de9cad940bf197776513dd7c554904923d9eaad3a273a618a9a4e11747169e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2c791d6df74a23fa729a5614d4771a0e

          SHA1

          ecf4aec83cbec3611b7b63c69a740c2ff42d3501

          SHA256

          335fc26f097e316620141c0a49adc93a314fd7fd693816e2a0b94823f1dda1f0

          SHA512

          4e17b07612d6b6f3bda67830ccc9c6a97ea1069001be9d53a0bf4e96b772c13277f9cf3d652e3819153ea6e099c2af0941ca4c5907617ca9027e4aee14f03f6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a719310ea3c2d4a88afa1d64aafc3330

          SHA1

          a1ca8df12a031c07ed1d6bdea17b35d7551de7dc

          SHA256

          5e53e7725f8846cd068996c553d20e97536dce650c7d106534f4080a8b6d1e5c

          SHA512

          19524bd7ac0f5988900991cc21077c46b6d1182b779b97bcf43f4282ff89cfc587c844c25d14bcde66da203b704c5e0e126c19979ede57761783fc8a95b02178

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          62e3aff65970daa51035f8734abb37ca

          SHA1

          722e71fb28188261dde1bd7d5fcb525fbec4464d

          SHA256

          64593749ada9305bf764940053c10ad29e880bdb334a036be02cbb7651b08968

          SHA512

          a4e403d84c5f6c075c9d6b4a44e85eea66be3a3ba3555233a1b532c7e34968ff41b9c4bcda563a13e8afa4e12bdd1aab05a141e9b909053f7a6666a711b91c3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          24861c92b1e4b9afcf158d4bf46826b9

          SHA1

          4641cd3606b248d4713768b0235b8443738b65d6

          SHA256

          f76d37ce90c83935b9994ace8822cbc9cd633f42fd7773c08ea12498921db892

          SHA512

          94094409742dda4e02b3769d01bde72f0acb2a327a978beae1f6bafacb6014e743393471924e45beeaf82c25d71bb52f6a4b5edf1943bc9bf4ec9c6258db75b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b4a211856178c4c9d3a48e78183fa813

          SHA1

          5f3b88c51bb6040a2cf30259a9420d9cb3a48d35

          SHA256

          0c62fdc3e324450c94bf48a50017069f1a5f8fc0a7269c980b1f005830aaf7ac

          SHA512

          bda9c25faf31b4685c3dab776c33fd6f0e7c3b249e4cf3e88c6c76aecdef0824eee01ff1d8bc87f95ceb95ab3ce3cc3c8fc66817c3f0dace57191bca608b3503

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1166b36a928349c4fd4e8b24cf47a8c5

          SHA1

          c16bc2084e76ac2dd136bb46c466f2c47bad2c6f

          SHA256

          ec3ccb4ecc017a2836fd50d376f069f9d06c90e0e1144df01f71cec30962202b

          SHA512

          62ccb32721f92fe8f68d468dea9560752e6b5028d440067d383fd371260ae9a18066181cdc62547054371be90df5ee03dfca80c9581876ec291a9a47b4a76a43

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4781ac2b0447301c8129b2c7c52ab359

          SHA1

          34803ccd907fc4ad464d6e21ec9b708c6dd3ce7b

          SHA256

          8ef20029430be76b9e781a46e9d8e6d0597f5381a320a1ff92d0f5c89a873da1

          SHA512

          b38e03c09c1fd74c1bb772ab02fcdc0ab612515009e50572053d17286d23e25e5fd95a1f84567aff85bbb65b617f91c87007daa05bd638a63fcc512955121119

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          90e024ed0b1376cd2a6b08ab612e0dc6

          SHA1

          8ac9bb00b0dbaf071e12f13fb94e62317d167dec

          SHA256

          cfc5501abd5d2902588cea1e46d4c37f485905bfd2a93ff726eb06f53cac076c

          SHA512

          8c7a7b8df0a72ad45b05c597952c82ba94503c9d6f97a247c31d5223f138910784b86e075a85f067ec71812dab8ea041d75f864f67974584a3edcffc7baaba58

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e61d2b530ea4b679bb1cf4b620f4c9f0

          SHA1

          d055fcabb64bf95dfa883425d4f90043cebfc1db

          SHA256

          ce18620d23f985d3ef1f1fe53b1c9b8eac51b3cc911136cf66742e0ea36c46cb

          SHA512

          4a5623ce532a62c0dc59d89c30f3d21314a375a82d74e7bd9f2cb6ea247cabebd2cb0bab76655a3f7c2423cd19f7129d815c8ffe2e08a7fe8b089316abc7a28c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          caf1c0bb5b9f4e2eb0fa331638b16912

          SHA1

          07fecac9e5f1c36d94e8073dd46bba457a72f616

          SHA256

          bcd4d3b0c39601e32d1d5b7425f8a9a84f9bbfd332a3abcc030f8bd7839793e5

          SHA512

          5851b58d748c970516faca6b11d49595d507a384065ed0eabc153e73433bc61bf81f62886023c7ddc2ff99520a61d7a76751ab945afe13784607823eb6566032

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7d10a2cc87e227b2c7316ee2a9307a9e

          SHA1

          37d8019e2bffa719a9796c9a3c8f2c95c8d7adb1

          SHA256

          5187939b09accd6b1162bfc6a9618bc8019287dd5e6d58f57be652dba8bc4a27

          SHA512

          e8ee4fd0954d92f1c1c75f039420e5907e9df9176e8f2d9b2f4ce65d145e0fbbf8556d5931cad6565f7ad930abc15aa1a1b7f6724c7368560ae2d73abf0dd23d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          316f97de81dbcf5b3f1aceead76ea6c1

          SHA1

          f8c17ad59b9d569165e4c12b81059efa8efda969

          SHA256

          83ee36666be1a10023a84dfed470e54933e192b88eaf920d8c89fa2d4c598cab

          SHA512

          d1196dae001dca1472253819bdf73f32ed9af57eec97a0c58ed0440e4902964f591c7de88f49f6fdc02407fe2ffd34c90bdd75f85f7eb09b4328b47c8970f538

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fea83f785022e0ff1c5b14e323295cd4

          SHA1

          853bcc47ca99f120012d34be981936344a2f9489

          SHA256

          0fc3086dd5655727ce6374e033c0a70bad516ef5ff886d375a07066942795141

          SHA512

          22f53b0ccf82cc5f2da44c695eac0f554dc08b21f6b6f06716fb3dcf4bea0de2415ecad62b51f25d763c1f1d473291e5d78f7fac9bf7b86dbb4b70bc3c7c5d54

        • C:\Users\Admin\AppData\Local\Temp\Cab2CEB.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar2DFD.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a