Analysis

  • max time kernel
    144s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:44

General

  • Target

    sample.html

  • Size

    218KB

  • MD5

    7b93da7955926cd3bb4faba154d65452

  • SHA1

    5d72efea3746e9e6dae366d0f2d9d72d44d5ca77

  • SHA256

    17d571309c22a406b649cebbe8c901123f86d14bc291e73a5ec954afe0099e2a

  • SHA512

    ebc351de4fddeb976e270431cd4eefdef150b4e94e804e8e3089ffcd11e0b9ce27bea06fc1bfda7593b0ea08b11ecc373255f95067001a896a261205f6a9ea5f

  • SSDEEP

    3072:SnZFInES3inFoiwZBBCWDyfkMY+BES09JXAnyrZalI+YQ:SgiOiMCsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1548
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1548 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fd4e9574db31371172ffba16e2879340

          SHA1

          57d71495f0fe5f6a7235ea93781c5dc7f07fc319

          SHA256

          f26828eb3ac28b075e1ce5916b5adb01282c01582453a0c3b04eaca8c6a8abc9

          SHA512

          68a70e8cb231c0a8cf70620853f1a578043d98065bf5de333122accb8555cb342fbfd6ff9c6509f5d1231695d6a6879723aaa150769aae41cbacaaed3792adca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a7613ebf9551dace4d70ce168e6aea20

          SHA1

          a2b5ad5198062aadf3dacd067930fee71e4fec92

          SHA256

          13f4460653b5bc65a0aaba48c171125ab0f2a42e431324aa911f0779d9c8a1f8

          SHA512

          4bd1cbd395916416cb81a7ad56e90fa86b2f791de40694f80c108da36f323eeec2111aebab9d26d029caf86970d047c18af3db25779a571c9713e197f1bd9285

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8d7678c183d266cf536c3f9fae051684

          SHA1

          7302585a71ef5931a4d7cbd03ee0526b65d1c3d4

          SHA256

          51d449f897e777fc54604cc02a093201ef727ca79ca9a6f30775912ef006d2b9

          SHA512

          a78d614f66fc0128d0cc8c16e8d07d542a8339667713b10d07c033f5b0768e990e897afaeedd045f7290649514a45c1d6fac9cd7eb0af127d9814983ca030124

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a151c07e43604a31777e5c8f8a2bb740

          SHA1

          5e3a046edccb9a07678f2d043ef2de6e58b4a1d4

          SHA256

          f31b5ebd341226c6292768163f9a94155c26d187ed155afc9abfe387593a5451

          SHA512

          7032adca87bad47bc9e4007c5fcbca72de1f27c1237e43edeef8def67986bb2bb9ed71616de95c362b72c76d9b8469a9c67e2895aece6cfbbc90dbcf24c3038f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8bb99faf20cdac7b3b9c0f0e589cd7ae

          SHA1

          44b62785efb35596b4e3a0b2808035f4e3acc949

          SHA256

          bb320f0742442d991453b7f744a897d4c4353206f1c080e8638e7b33dd5c833d

          SHA512

          9d22fc2e1c151cfedcf12f4dd33ab2f0b9e6369442fadcee31489d18045aea2e60cae5864b02cf797d02fbd450cef1cfb033495d69ad1bf46dfc1ecf444c3c47

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          110487a389661a4fca8c976d8398ce8c

          SHA1

          0609e405cccb24510fa4ac987ae815fb015e4931

          SHA256

          23a1711d5cda4ba4a67404c75bd8ebd52cf255c9c562ba99ff7550e0a67f4c4f

          SHA512

          71837c543e075bcf34d75c754e1925fa3da964c02b87c687933662600f5536e837a34455935307b68a25188e0362e91716f1e3f9571c0d45795855b302f3e527

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3bbe678fae4c932d5bf0bea6a3f1bdeb

          SHA1

          2b3d754b86a18913822226d53bdce5e33ddab294

          SHA256

          a8cfbaea41fa92feb617491d05bc6583cc2249e1a617dfc2d368c740c4fc27ed

          SHA512

          9d3a44b46f4d952dde999b316e050339702ed657edf0dc2e125e1940862cec4bbc307b602f1522e930da4a5b96bb624c6b2cdfdc9175559d2df2833c227c3d1d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9bca0ec57b6df3559227aa5670d30a8d

          SHA1

          3b22fc22bf23ca40937f9467b969927e9b7300a8

          SHA256

          5278e3307d626ddefec9b76072a26be7b615f442ab1c376ff0f4456d549e8079

          SHA512

          a4785dc86402abacb8ead06b7f256f7d134cf70b63bf657fe3d18acb3a8392c3883603b9995ee22ee4fa6438e64bb134e6212aa1b019fb16b37b337159023fd0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a1625ee1dc1d0711928cb479a6c8c3fe

          SHA1

          a290e53528860e60661e79821cdb2fa8b62ede17

          SHA256

          3e7a3d4144e4b31019b032aaa32a9264a245ba57645bbe810f7c5fae5cdaba6f

          SHA512

          b5fa8cb4f2b15ee8e65c002a288f78138ffd1726d32a371ee9211c61699bc5cd4005ff724ab4d9c41014797fbf4f584cde1a8e4e0d64d0d0b2f517058e3fc8e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7025dac55698304ff72c2cf0e30a5efd

          SHA1

          ebfbc47f35942d44e8cfe3d8dc8dae7a7e73c786

          SHA256

          c3a8e17e0b2027343c5e9bd319af424ffa97721550ffd3242b941b6b2da009bf

          SHA512

          1bc62088090f9f8503c99ea3fa1bf0d409caf9abbd626c0e632479379a645cbd5156215bcc8649e9af69c78e65d589e4df5b2f40a5b22a7ab11bba08c145817a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a42a92c6c97fef6c36d4b6f237a4cb7e

          SHA1

          421db0d6fab4119ad27194636bc3f065195a38df

          SHA256

          bc809e61abb29805f9bdd26d88b47e63a966703a688900c8cc2645ce0e514a1a

          SHA512

          a6921fc0243a92cae9ce8a86a83a3a1e5d347d5f44fe4d3780fbf8c9b06ea1429d6e75c35a11200a0aa287457f3c5721b11a5f88c4c18d924388d7d7bcebf770

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5c737e955374206c68a162278ab43d21

          SHA1

          7c84ef4033d551fe764197fa91defc0a2f9a44da

          SHA256

          379524f95b8bd3ba399972059da3de9bcf608441f188f7dfaff896db2868e845

          SHA512

          b3cf4c201787c512c0020aa18d985deaaaadda66505622aeeece819ec1e51cd158d6dc17c3c4926f8212b2eaf9bb2772a3f532e6ae0948da08132d8fb7fc64af

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5b6aadce902eeeae422bf4bb284e8cdf

          SHA1

          6aaa38d18bb125c98bbcd9dd8ce59bc44bb7ae18

          SHA256

          2e9c6070ed6e135bde77285f42d18220e3b1a267ab01f37b6d29bc5c58e3c2d9

          SHA512

          83dc8ddd3fa75b92aa6bcabee202e0fc557aac1b60fbd610d79ea0e1801e994a267d85c2344ca9e18e78f722687777185af7be9cf5f4b991df09fc1482a5730c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          026a69296dd948157d246c16f0847516

          SHA1

          239d0342f166550dcdbd8b135e1f4a6972e8ffa1

          SHA256

          c85ca4031ecefbbfb7b6559341d0a7789b7fc22d14c4c3868c0e90fedbd892bf

          SHA512

          22aadd1afbfa1035b58d0702cb9dedfad40848edbc0aff7e32c68e6eb1ff97cc542c3a55722b617764b5ae7f7a15960579a87219dc48c28b1266a71b1f08c711

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          895a79973f57f0e3aae6422a4a14d81c

          SHA1

          41ff69e5e47101057b332e03fc6bc490739abcc7

          SHA256

          d3e5e3c562f86e8f13866f25bb16d49bae041be79c521d3ec98cf3b7e5d36a9b

          SHA512

          f889a6fa19de7a8074429eb29aaf3194ad21c73ec98f03c9e2a977c190dfad82078131411de92d2e5a3e97c9d5180982809e3e15c57245b11e79e144f58902be

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          24d615030082c56be2ca2a6e88027fcc

          SHA1

          065e61194bdce37b2164886c3add6a29eb9191d1

          SHA256

          796d181533f3f5a3a2c10769adf1132138bdd76b73c3ad5e2640947c2d6df1ab

          SHA512

          206c2ad20c20b4c99ec8b21e2402a1da430deda9555865f5ff373f865ecbfde4dc443f134177d96a3eddf50864cee2819492fefb9a576cf3d490b40a1ab1b60f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          99da99f81c8e25b4ecdc07465b714e33

          SHA1

          c4c76baffe585b1fe1a747a272509ed04a78e962

          SHA256

          3ebcca954b4fa8fcac925d276f0b6eea60309c59f4858ef4756bf10a362ca3ea

          SHA512

          a281041097ddeb4dc2fb250587c953353d7ee44337e1cd3b5bea716054fc03d9566d48d9a7f031b0be4378836cb036a754ed73e3676f24f1890786eb194f89de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e5e89db722615070e7282d1794ef8b43

          SHA1

          a1376bc233f13b5e922bc82576f1ed43de68e25e

          SHA256

          b257ed5b265cb9e9438d27ef7ea69430d39bdbc4cae10a84765fc1ce5ddaf34f

          SHA512

          4e85c7fd1f6b4f9c9a7a266139afb07d5b355e960c2900dcd1ec2accc27e739ec800d60807ba03ee2fe9f63074c7504e50319621e06956d5f013ee0376b816d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b1316435035c64fa7571f6258d2f6af7

          SHA1

          03636e8d811e2e358cc08e5109de28214ab86275

          SHA256

          22d2cc20aecef0f75b7db90aa8fee65445f15d71f555b5f6a7c2e0460defddb0

          SHA512

          f3be6f869e425965136a5c9e7e1e1451e138606767267d452405e25539350ef352bc0b268c75ec38296a61fef033db3d543637dfc1d300416277bf8e02caca32

        • C:\Users\Admin\AppData\Local\Temp\Cab7C91.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar7D73.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b