Analysis

  • max time kernel
    143s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:37

General

  • Target

    sample.html

  • Size

    218KB

  • MD5

    02ad19dcd3c6044376f2f4360b72cc3d

  • SHA1

    3421926e3b9f139403e9f19f617618d767460fd6

  • SHA256

    41b661c7e57d9ac99b0f6bd28156e14e6b54e9b6078c46b5c6c4004150cb3a40

  • SHA512

    947b7b08e91d10320ee8b1f41bd94a49bce5b9bdcb4307d901bc6bf06e2d4957acd890255fb4a78f5ccd769fbf58ace790570f4adcdbdf2e6f3b0668353a6fb7

  • SSDEEP

    3072:ShxgzXOzl00yfkMY+BES09JXAnyrZalI+YQ:ShKzeza5sMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0b34612b7f3c50f54b841165f31b017

    SHA1

    4d350bab2b1904d23462963593d1bac77b0bd0fa

    SHA256

    f70cb5ecaff8eef832bc56647febd1b85b09330ba46d4c95f2667700bb474e7f

    SHA512

    285c63aa7a21221c690b228e88dec1ea11e7c4d09b66f173479cc9e91c4e200302a6bd8a221bedfec38c817cc2bbba2fed6a18d9ff38f1dc1fb5d6f3ad06e827

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74ceb332dce825cd2c29b52c0464084d

    SHA1

    6c2557f8bed9df1b93c906bd8eba72c2a106cb4a

    SHA256

    8c5e4ff4513feec406468beb969bbe0d7fbc43bb372b41dcc125fb5cad0593cd

    SHA512

    172f895f4b671fbcfc325bc0f7f786a097ab5be582fc0368a025c72607497051025923f2e52869faea634328a3b71b50d6cf81b30e47ee5b9a4f9918681cb725

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    686591cfdb05ea04a7e0856c9d2880ec

    SHA1

    a047aa629d8fa3cf38cb25fe781ab0c47b2d1037

    SHA256

    e6b469ccb83ed2d81861443d4a53415fd4a4d0cf118ceb72bedb82cca0ab662a

    SHA512

    7bd70055aba3f952d8a321dd6b6acb231b1b9c9b9d11fe044a282626adbbd9a38caa53a398635829b1217b85998a58cfb76d9ece92efe7747b83d84dc806788b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d617687676bd2005f88057635d617f5d

    SHA1

    9c2019cbb2094fd4c65ec55ea33b42ad2ce0ebee

    SHA256

    cce67d95d420d03507811702a9c9fabe67ff645d5d60a7ef06b6d761ff7b5afd

    SHA512

    7da1be8799b08ba2f2c2414693734357396cdbf96abe21f48b5d79e366e16c871a35875e4a4ecfeb0d21bd3700edc1ab2df1ce8ac11226d4333a1494b7b6db15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f38bce81e3a7f3c9ba4c270881a96908

    SHA1

    02ead0d5ea6d1a0a30e46fb695efd944e328e575

    SHA256

    ee4e88088dfb0081d9f15b6cf806aa60f8e09c5e73f63faad5453b9da57d52ff

    SHA512

    eb7ee23b99fc19f3a2f51b0647c153e6d581b57bf6e49bdbc330d10d87aee2deacf18d27aa871babe8e305e79e692d04c2c7affa2f85d8537f6cc29fea79c59d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea7f92a616f1cba8ef44dc14e7b38c61

    SHA1

    f72f3af18a99939734f71a1267e690e7a822e69b

    SHA256

    13389444dac10cb4641252e60c92ccfdca9623493eecf29a6200d1e0a41ade11

    SHA512

    d4777f73836d3d1c8780731f2ddd689ef9418c53dd87787e8c5faeec0118b40f7d0261bace7c3b839c4446da01f36feaed1c9362bd9e4f013e59f79a15603b43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0eb9415ef6059dc647c67b7d96187dd0

    SHA1

    40d520120f307c8bc85bbc5c546e487d6974b250

    SHA256

    53a547c5531793737dbe756413ff266da52a451722ca3a5e31e903f5d2a2ba9d

    SHA512

    e570a24713faa1532fafee88c44a6e1d8f2ff3e379a057fa6e61e30d2ab54c1eab3c6a4711836d58f6488061a18e915dd78e078b3555f549738d265de383dc39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c093b1a3331cfeaba3a7d41290fdd5a

    SHA1

    cdb2f7a233e2698e85305d6ed2994e941c532ef8

    SHA256

    ec926ff32acd6e62481cb0680fad7f6855ad16a6048c0d25bf00b22be182e628

    SHA512

    a1cecd4ec19e0d600547527e5096a52caec0428c3a7e3adb3d5851d3962e4679ccceb9d2260c8d025a3b275461cf0032ae6eddea3cd91abb2c1f0187812adf7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4b0ec595c5c20afe84985d865f1173c

    SHA1

    1221d2c8538f23e85136d47ef8d1c810ef54f571

    SHA256

    8af00b055cd90c6e5cfab4bc055a3eaff0a7d46f0ace098560b68b1851d9d89b

    SHA512

    b8c9658eef2b7f102167384da365681110d42ec4e4bf1dced860e6ca3abf49d1677e9785ebd9d0f9913a658e15683a0164cac80d1f4497d650ac3837f25e82f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ec8641ae995bfa79cfa635efbf2470c

    SHA1

    55a438c3b59416b368559831763e70061bdacb94

    SHA256

    88a0eda88fa6c68c6e5b22d32f9f52d7388f425aed18b423cfb888ffa10661e4

    SHA512

    760facd8ae6f26f23be1fdf8a032eeed350ac2bca17a2126552a41c3cab6721d890a2a0a12fc2cb5076551c2dd4ccb6fbca29ff505d1b27cd3a45066b0dfa424

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3699af09798aa15f2ff7a49ec036b4d

    SHA1

    aa5afa1d32bfbd7f4e3436696bf60ba75f4bdd1a

    SHA256

    27a6fae8aac604172a7aae1ab371e70cba5748878964fafed2abca54f676d4b0

    SHA512

    008648f80544599ce18d1f94d883dce8fe59415589d3d57c51240729730b617d32e44b7cbb61db6e2433048ad1ea1a0d523a288e9a4e6a99de592794cf4d8763

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e16145bf0adca3f025bebdaf8bceaff

    SHA1

    2d27a3fdc0299f39345ecaab98678188b053e326

    SHA256

    3674ddc5291081b1c23bdaed1706d345f7aaffccbf2ee2e69ba45fb520fa422b

    SHA512

    5fed04e6c92bf76dfc1f228f37f909e71c103c39cfee792e10d2ee7450ec9f48c7730156c2e39baf785db51a84f63f4b17d37bddac053c102c1d3d02daf82ddd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9a5df0958113defc4f47103ab6360d3

    SHA1

    547f2258830674689a2446121cd03436f44345be

    SHA256

    4e6ce00bfc5d22ed21688a3374baaa05009b9cae7ee2c5a193c5695ca360cace

    SHA512

    076acd391d8006a5cfef4129cb369a0fe6d053fd651d321d42bd7ef2903665a745ef0df2bba233854e991b6eccdae111f0566d3632211d1a3041a70c98050830

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f47e60d1e5578322a83de864561f5b0a

    SHA1

    a60bfbefb3d63bc4638c38a71ace8e7b2e059b5a

    SHA256

    21bd40f0853669add0509a4468bb462d74368939ca4fbf896dc471ba459330eb

    SHA512

    47448face9eccf00c145f57f6dfdd4c890f198dde9bcf5a87cc9e8c2f8369a3efa7173fecfe3cd571c4f7ee0cfb9a616058ea73f7ca490a5965f386aad226d98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10ac4cc469cda909fdbf4edd5f9f972c

    SHA1

    b0c8b61c7e0a91e8c90308aceca0d38c0fc04759

    SHA256

    23f0f0b2207bd0246b61fc66364054accb095cdab5934a3a59a6cc788aafa5ad

    SHA512

    6def4bb9860d05945ae303460470c330332217f9a086e9fd3211840820ecd3e203c5bbe5518225f5fee1585d318a44d21e3ee7f6a72042a34cab7f6c66bae75c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6882c02d187bb109cd8c78bb8a04893b

    SHA1

    e606bc15ffffe57e261846e36fb79ec19213a7a5

    SHA256

    637ef0ab980554fde77cba9766ffe00758941143e3514fa3e377bd8665411ef9

    SHA512

    ad56f8a1df64de2875e533c178cb7fcbb0d4697ac238e12701cea5d1323952779ab702f066b9dfa4fa34af0536ea70cd197254496977b7e6fedc040754cf8bd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ef989f361ca3b62d832235c9037b17a

    SHA1

    9450910bb2454ecc7ce56530e9eaaaa47f65560c

    SHA256

    7defad63cd33b7b614e6786cd75a0366044304f66edd7f8cbb8f289afac295b6

    SHA512

    7a059e79db4624d0948a19252f7f2aac37378f638f18241e2b0f514f7094d831a4f6d4ad457d196718271381808def3bff92a3de0744cd46547868cd844eb4e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89d677a7eb5a070830dd4665fcd10c40

    SHA1

    631fa76d812a077a05235ab93a688782724641f4

    SHA256

    4992fe2aecbeca5713dcc26919dcb561e4ff56cb73e6619b10d6c2e07cd946b4

    SHA512

    99403504b7c1550ff40534a6c74245e7fb2f4edd923f3f831ece0b0e385c16d579b3ef0b65ee4eb072b561b33019f118c9e862c77c86a7cffdf933474645356a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    112227bfde370afa2b0781e7aaaa3d6f

    SHA1

    33b25371d4d04d98d37c5c04dd94485f7b846a85

    SHA256

    4df202e803e3517cd97c2df00dee945db41bd68bfe281e0e4caf3686c1cea687

    SHA512

    cb7247a07f18fb8ffeefe4f704f60015380197fa18a7ababc920337ba206d9116871ccc856c55904e73924cdbcd66726670e7e9acc5a133d041bc9a260d7e918

  • C:\Users\Admin\AppData\Local\Temp\Cab194D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1A1F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b