Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:45

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    2e618a3c10112637b5c4d472a8eb9cfa

  • SHA1

    f5fe028a2127f32ea0a821b8bdb1aa23005e2592

  • SHA256

    fe0d7f383768f9353579e77be6e53ab9e5a7bf39cf221a9d7ec7f1c66ad93c6c

  • SHA512

    1fa7b5c1c391663458adb5278bd2b4078c857eb219736003fd7c832f52d33e5d88a899ae10e7fd3d4136e37417c09ee8f7eadc91dcfb4b101ed52e4a62fd16b4

  • SSDEEP

    3072:Si1ebhow9qB/yfkMY+BES09JXAnyrZalI+YQ:SijbKsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:308 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6cd0465571c9a6b064066877452a5e77

          SHA1

          f820d0a81b3fe096024667e4bec5789ec600df8e

          SHA256

          e2312e4e6dafc1df5d0c8cf816517bddd20488d9a5db63484b1c70984a787279

          SHA512

          30a6f7de5ae23c7ecec886d87500e7a8303e5c19fed519d8878029298f8ea34408a450ebb03f3413039ecaae47c653cf12b1ef694167b7f4386299f1b397d1e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4c2f0bf7201e715052008e88309f4e7f

          SHA1

          ea2b6600d934aec1e6a64bd32cbda502c44c3685

          SHA256

          cdcb52c24e9f0ba3445b969d70c142774a80630d0dd0d0d3b809642c7adc2c1b

          SHA512

          db5fa244b8c7a65c991b5402739869c48a662f6b6e7f0fe8c5835fde73498182b0216ce8274896cb16d0937a4e12e481a74dd487dc45d7b05871d1fa79c637d5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1a64d569f00f5fb803b1696e42800f13

          SHA1

          8cca5b5f293d8e16e8e5c2997f8ec0ba8df54b75

          SHA256

          6db98680c9cde1baf926bdf4829a339ad31ba89ee081ba25263acda4abbc50ba

          SHA512

          802549330c2fd6154bd05c05ae9cc199941b33ebb69616179ba267332e993e15da64414f6b887810415cbce8aa9427e22fc1d199a0b506c8070123b4cf0e1b48

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          27145f606a7945613462deb97706f31a

          SHA1

          804d1706dea22dd2ea27e506e882fbec81367cdb

          SHA256

          ca664bd7a3ac85f347abc7d5891ecf06061048c71340b7a538c3595b44e60033

          SHA512

          2510c8b3d1e669fb1512dcdd4909b6f27ae9963c4c36a5b64e2bfab39a2c4422ab6965a3f28911f8c050fee571466c0be25b10a6dc58b13136896fabd43b399d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          86decd06e52b4f47739852b53700f214

          SHA1

          d519e1ee110c18abf343c678b52d567b2beb9317

          SHA256

          c8de42c583f86c230edae28d70313e7bf8b5232fd27c8dcc1470de1967204223

          SHA512

          d4eb5588677dcce7352cc49dde635ef21a2e7c129a73c98cc0a921d3e07681692b6957f6b22fe77aae07a3e12aae57ae834881e0b9376bd00adf1155a6d21d67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6057b440f4da870cc346736407144baa

          SHA1

          2902da512576aafc870dd433663dd236cda44465

          SHA256

          00b6c219a360bb71f806e671a80503dba2a57c94757d8379e053ce1179a905b9

          SHA512

          99d2ef661f47e7c2fa8e0dd9f245d7fea7f4a0e829062711f64ed0c0a9ad2611b022a6ca7ede61d51b98fbfd482421db8c132de5c7bb72943a06f64bb8628f66

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d3ff668cdcaf722320a83a9cd85f3bcf

          SHA1

          9e55a78da08227cdb1ff339d90c562d0c54b08bb

          SHA256

          fd9fdc381277df8c0104abe2c167115e767505984f87c7edcb0baa921fb8e190

          SHA512

          cad3cb0c9e810ca3ad69ef3f7721448e34b59d9cc6644753510a9c5181b12d0881467a3845950462cbffb7f0c25652e2f7737d5900b16df5e35706b987df3674

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9f505c739321a9c443682d3f98893f5c

          SHA1

          667faee633bbc5e52056b86d99c5023a2a9a8bd4

          SHA256

          1a88c019fea7ea258d449c19a42a32f7de7bc67e6cc68bc831af95e8a570d422

          SHA512

          20a8135f41913d7ef13ff474337eb6681da370bd3759e7128d19e8f2af728d71dac5f56b5573c67ca4db2099b465e272196b7db5e7dac5cdafe6c0306c2ba556

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          21e8ca3ccb1c8c673ba1aedfcc967309

          SHA1

          fb6233da7e687c01ede52f564b6ae73cfb1cb7d6

          SHA256

          b8812d2573a36448c145cc4ede43bb09f4d794c17f57663eddcc7575ec93c348

          SHA512

          2452bb2af8e726840c0004e05759d67bbf018b90b5292f40e6a2b9fcc3c84698fd49bc362d52c874d7451c8aecb9d564eb410d4dc7c2ce9f5d74c3ff34b44f3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          391b34fc37d31b38f5c516f6b808d6e8

          SHA1

          c51c8a8719cc7f7b550afdaf6c17f02428c1deac

          SHA256

          1535cd5ad7633ea8e8eeb8d26a7a1b7ed56a31ff41177bdd590ebf3dc881b350

          SHA512

          f1d351a6c438ee6e5403f6aed6f68d7f58dc05f52039361f47399b90aa1d0619469fff8d8499f898581fc45640df7e8b408152587f704e4b7b6985e560a95cbd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c367d203198b7026383cc67b859ddd0c

          SHA1

          5d18e62f9b5130e1edf7449d9f5ecd9bd2864000

          SHA256

          b63e5ad6d7b3e562d6ebac05d8865ee41b6fc3a9d9fc43f00b47b3b744f2ea22

          SHA512

          3eb09c1d1c723f3ab86e85ec95ef754a8090b0121ad001341ce7b7cf6aa05751c88671bd34f417c99b5754e033b089f04a6ecc8debeb93b1c5a616a99f344ceb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          86c99761e1b3f060a1481d2639dbbc47

          SHA1

          9f9b40a6ec65f64456119a60f10005b11312a58e

          SHA256

          c99aa2dcdda86cd80027c05877991cb69b2bd85d26f89e6a303daadb6c35f31b

          SHA512

          c897593863a996ae3e4cb042af5139db9a2bdb7d82872d722eba76325b2b0ea92402a127b0c9221ed147e6971f90589097a24592f28820a8c5064c0ed612bc39

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          054eb3d49885f4510ef63f236e0f244e

          SHA1

          aa266a01e924b8d7712d83b06268c135f0e05bb5

          SHA256

          80a99162c7299b8c4a0db614bbc620bd44ad19dfbf8d0b5dfac42d12a2f8d6ee

          SHA512

          0663952290482ece645350586d72ba96d41c2fd946db60e8ac5a212d206570db7603966c4e6944625f42671cc1c701290c3b21bbefa58517aa9cb55c352b486e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          69415d8a766eb836c44aad5c3869e0f0

          SHA1

          4ddb9391a73e9ad24e372fb0efa1844a41170c6f

          SHA256

          7d03ac614d29b1840eb21a97703fc289d3e86df0ff5c7c9b59c67dc9ef48239f

          SHA512

          22baae6c921e3e69d1277644325c776a469e0dc4db06f4c1c59752c48e0df1072962995d24d2cc8989083551058e235bc64ab0ef4e5d5c15e4462b715ab1f606

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf13da2ab56f62c323c20b6ffb58ac07

          SHA1

          93d1b5a0903cc92e6dc7dd9955c5179b21db66d0

          SHA256

          ae0667da547b39aef49029b835aa521049f9c9de3778764a6375636e4df6daf3

          SHA512

          e6a94e1bbe2cd3727837f9541917c7bae42d990c67c158945d049e6e7d44a549e93439ba4d00df284836189ad70d533018a5b29635a55f48a7583fd6f06deccd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          659804645cac4d65224ee5788e2eafbc

          SHA1

          a99ed76a1c6fa3db5455b3c8e32a171c52bc931a

          SHA256

          9e8bde0bf69136a1cc0b4d26760e18b5b8e88e990b395b05ef951ac7c17232b5

          SHA512

          f792ea923870820036a7780b75c5c0328ff7249bd0ff139992d07192359695bf31cc5cc3438698aac3d618de4136385670248bd1ddca112694f9a8b3e6270005

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          63b23f20090cdfe3730cb5344a419bd6

          SHA1

          3e7051140db0a827dc61920ac200c46d886c3656

          SHA256

          e8feedbde65b728bb8dd98f7405555dddd6339f4f437bdddcfabadd71d4715cd

          SHA512

          a8a26f656bc93e44fd462bf3e6c73690098fd02ebd7d5ad94cd354e99bb8def183291f8daadaa1ff7da3a067fb4b67438a12eb86e9c341c990c65e3b0302e4a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          89644413da5d38045dc1896833ecd5d2

          SHA1

          1d4f394bc9c3ed9225107f73fd56d23c092f8a10

          SHA256

          35c45afc32090734aa0ce00c03e5137c48e8203a75a465ee273f38ce2c794290

          SHA512

          69069e182dee92f20cec121bbbf2e0788e18076a2f1e0061849cb839c35a95805d87fbd82914285089d1a6abdfa2fc346ec358cfa255c2527526f37602cd6d90

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ebfe062e7f10ff8b819b05cb8f8cab15

          SHA1

          1bfe4c112b39875afe9f7300c42c29c772bc63c9

          SHA256

          e77a96db90dcb0e1792f517bc2fe1bae2e7330b633052513572ba56919272a74

          SHA512

          73532fa5fbc13eb29cdafaffa864d03aa5f32eff0fac884f7fa0ad60bacf5df1980ed2840a078d0e2e02379b9250682b03998600a4058163c97551f4aa74007e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3d1cc62b786e645aa413bc385e914b95

          SHA1

          a1ace63575b9e99280f0f6135d9e6f4442dfef85

          SHA256

          112db386e7e88584db8fa90ebcfebd51d25bff9d79129e480c08f822046c3d63

          SHA512

          160ddcbf342ef45c6bab5520b1deeb8d1c527f461ae2c5fe0308b4ea97913fa4bddfa05a5bd429460a624e56b80c5b3bd00d59658535e8d4a4ad020a21436904

        • C:\Users\Admin\AppData\Local\Temp\Cab1FE2.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar2076.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b