Analysis

  • max time kernel
    138s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:29

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    07f2a61e7113bc64adeabe8f1e593c56

  • SHA1

    824697278ea59371aee4bc285768efef093504e7

  • SHA256

    673435b7c6d785989a1c385007da14e9fa9d9625088ad55f879c656c7a078adc

  • SHA512

    341d3be1571ad28692637caeeab352412d626a338dec87409b7720f2066fab1c5ea56ab9ffaa04c4d2f3e22b3b4e960d1ee2b82ca47be5af8a0d3f88ce4c2b77

  • SSDEEP

    3072:Sl8eqlDDeyS7OyfkMY+BES09JXAnyrZalI+YQ:SlG6rsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    caedc8f7cc234695c8e0500f6c57c88c

    SHA1

    b598fa862f462915a40dbaa635db87228a45fbd0

    SHA256

    92669ed5d5eb773ab14388bd873c5ad83ee5b16d792a288be052f1d6155557ea

    SHA512

    27d1811f23323695525ce11a473366a06d7cf79980ee69a401b7d493e959bbd3eea396ff95acf6e76d5ee3d6e121e292e503039fbd3492a3ba55a9e64a1d3239

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    85d34b751ef3f84a29d7aa46c9784809

    SHA1

    3480c533d2e8ba38a497a393c0b93d3544cac6ff

    SHA256

    96fcc2260c39a3de85ead780972022bbfe8b2da0e723c0534e71fdd0568ebafc

    SHA512

    1d99889bc1920822975480386c1c042c8590d82f8b4caa816d06eba54de9285b4805e8f4f142348b1bf36c04a138d7fdb3c9f6841c12f2036685d982f8fe9b81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8518d7c291955a70891554ae098c31e0

    SHA1

    eb30232c64af963916f1484410542132e4cecbb1

    SHA256

    6c7e8b5fd769c0955bfcd6d91581a6a304eacda4eadb2b8fca8a5a37848b4017

    SHA512

    0abbbec9ebeab08d2b4cc0bd25776cc009078474cadd9a0bcf4540cc3731b1e3456e10d8159935c5259b5227e81f37e5987c404f69e0cc12821f1b46103ac8f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f88da1a130e09cbe2625e057302629df

    SHA1

    26dc8a2108eff9156d1f43dfda67bc4a898e6037

    SHA256

    e8ae5c147e2703af00946e39482a85734b1761081003bd039e4628bce419a801

    SHA512

    3bfae6e670605cb272f54ffdd9a4e3c7d7a9632c00c2359aa8c61b6d7b03badb209c0b92508f30f9ea8fd4f2cd16db5689207fbc857d34c0aac8c70c3861d25b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a655ffcaf0beef98d9c87e6cacdf6ac0

    SHA1

    3412fc206e214b089c22a27f174bc8e080eb6cf2

    SHA256

    14dbcd74a5d072696aa374428a8c936643957e6934ca336814936aedcfd2d87b

    SHA512

    10ba5628c82540b082383bdb922b163d5f528c849a4218b61fccacbb2262cf1e13f3c70e03135a2ed31de88c28900eb643463a3d0ac8e57fa80d4aa0a416813c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f8c57869b4a14d23babb308c3058b926

    SHA1

    01cdf2691eb849b4d64a8df3330caa7f5949b676

    SHA256

    5f99c7a722d704b03523aefc6b3c348f95c9ca245a1ed75b6259fb26144f2618

    SHA512

    8359077ee9238b3a46a635eed1995992f3d823bab1b970a73685d7505d3e743e5bfa07a0991af69173fc10790611429dc2da877e9f5d3e6f5765f65d549e8acd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    072f0dc24b07c6072945d726fc85e6cf

    SHA1

    3af30e42bd54b6538ba2cb6e11a3da8f5a3186cf

    SHA256

    e70a7ee10a5923b699f604cc80a9374722b6740db858e10a6a11a64ff4f7f0ca

    SHA512

    06765f89a905f4c0b4d98ece094ded2b72f5e11a69d0ac0b09bc5b172a426c82acfb1b1ff75a43605600ea324e157c2a84a2774ea4a20be1e89e76989a5947db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    bbe89d2340145414a42d4bcdeb451735

    SHA1

    a2363e7b0d71e39db06e88d66160a49b88cd617f

    SHA256

    fe0d2a82db6312805e829cfca163cb41df0039457b6d8fefe87f6a463a84c503

    SHA512

    496b997a9334fd90acc5748b99c1419fa90945ea0a9f50e12cde86c579bbaf26b03db20f8c0edeec73d27be356d35950398b750872ad06eb6254b9f8af1a6715

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8edef3dfc681f3e7ca91241c82098219

    SHA1

    c75e2a2c80549a844201b4c0970460e4e2682b56

    SHA256

    be6218bd3cfc06a6a52058d255124cbb56e7f38380b69e5e171a07f00324df34

    SHA512

    55ab378edaa6f7c7b98affed0f201553ec1dc38a1a3f56af03f41b3d6ef56566f185f327aac5e1a00ac7d44b35cf1748b2647bd7cfe24e8617f9080048096027

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    5f9f28040e5e109172be0e33fa8f3f5c

    SHA1

    41af9cec6e844d7087c1bced19666cd0e1e80db9

    SHA256

    c5b590e18cbf966a0d305ffd62b9f28b890f620b3e4216ca8b98937f6fc05519

    SHA512

    8e06be09be611bf3418ae72d6cac240d70cb4c0ae66bc25376a81f03c00720fa33f18697ef4e8e3e09e7ae89b2822765da7eb29d90340c5c20239bbc9df66447

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ab815d24206de38604272f9cb5af6165

    SHA1

    b1af1e93e50c7b375ea366bc9fbbee40c5765826

    SHA256

    d93110c30a7950ebce3530c911274bf85ec73379aa1a89286e67f366f4dbccb9

    SHA512

    41d3131ec2c7325ed07b8933ee41b7a2423260a1cb029e1adbcdf0eb58f8b8ff07ffecb5b81acb2288d038c053886642fd32ebcbb8c4babb6724915ac42b1679

  • C:\Users\Admin\AppData\Local\Temp\Cab24C2.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2842.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b