Analysis

  • max time kernel
    133s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:37

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    03d23b76bb150e6450b3df777e54e725

  • SHA1

    6101cc6d2bedb6ea8f0211fd2680381bcc2cb554

  • SHA256

    7623ea1fbdcbb71eb4c62fc083335a417b935e9b9a786ac2d4ffcac0f92ef15c

  • SHA512

    a3b63ffde6a1f7644dc2210ca628a00e72c519c67e74b39efd4b8bcc4468c814b4a296eb059b2f241d361cad8493dc8cfb4e8ccf022f871254fa23056c4bd58e

  • SSDEEP

    3072:ShwZp9zyvyRyfkMY+BES09JXAnyrZalI+YQ:ShYfUsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c978298be127e999894c2b9ae7b80136

    SHA1

    25bbfdec16d2e287a467a3f8cfb64f4fb2bccc1b

    SHA256

    e742d1959b5584615364f30d674a8d2e7e1c8c35d3475dc6a3372083a953fbec

    SHA512

    0dc082d15b00d22efbca18da0b5c2e7c79f4221e15e3f18a8f68faa80360435156763f047962445149dee5f1161e55696d503f4a1079091c34dfe4b68bb5b5a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbe530a0f02b4f08ac966e8615a6bebc

    SHA1

    e6df13e51115ec8615e6cebcc94ba4173dce8865

    SHA256

    d5f624f5e317852e7ffe32b1af3e53a20d85aab5b788a068f11255dd1cada0bb

    SHA512

    82b6fb5f041f8a3b9595055504d477598e72c3191ac11af6f7871fd6920e1ef843717f6312775c674d155501050b9d762835352a0f9f352fa319bdd6995a7a88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57f10b01f82a9f8603bf6d0e0d0cead7

    SHA1

    d571dcc6d2e667a124ee200fa98f9158753f2185

    SHA256

    5cc1d4355609e06d373c7ea876dce4fa5a366feba05aaee7e9cd376bcd1d8bfd

    SHA512

    8f6481c341df9d6e850ca7d070db1ff7277c7d488f23e9bd8e552c550cac3ef4f7cff6db01c176da76960fb1100e69ba0191ddec74c953c3a1440ca6ac80282f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8c5cdc308cfd054c2a18bc9d61c84c7

    SHA1

    2b58487fa3d47b39783d5cbbafcc84489c9b7025

    SHA256

    7b7283e16fe9960a194e0af571c5a32cf9468b37e9eeca41b4d5f1b38bcd3a16

    SHA512

    aa59fc58971046375d7991b2c457b4e4d298f797be40128a3d2c637dab656e8bdf5b8ae1dcdbde61b1a7ca02de4f466914677161ee9749fd90bcd127d6d5c335

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    895532ef68abc1fbbab86b08bf66a084

    SHA1

    b79e5ba9408343f8be66f60a2191ffec35eebb4a

    SHA256

    4c2c2a27b5134d5521ada6f6aff4c3ed4a9db560a9b6de6216dc90f1bb71b9d9

    SHA512

    29b753fc88dd009df5676529df10c5593f46a4f51f2faafe5638c8ca9665a33599a111f4e840046f8ffe9f0d0c5ea0fcdd1d9501552b0d74136a9841bb90c541

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b938aa7cd29615d393e4f12c077375b

    SHA1

    a939c0de711d0797a2805062772a2be758962631

    SHA256

    5310b34fbdc3d943e0b4f3134db07e8e58dd07459cb62e97ab707c7bb8da1af1

    SHA512

    ce9eb13e11ddc4f2e309b805fbada8cf7bf98e425d00e302d5abf13d79a55d7c9594403d543d8dae86d938fdef9f94a6643c8e66669eaddff062093f4cc72f3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d32dae0633f85d5c33d0c14aa62cdbac

    SHA1

    08b36da616447fb6ae67cd614256220c40903e09

    SHA256

    13fa4874962d4b6b4feab179752e54c075380e4a7d0b9a8e6d7bb2f1ddc6e960

    SHA512

    db1c30273dad3d27b00ed0369c90aee6eafb4b10e1a33142fb90d867e41e2ba523c195b28a372ff4c433f9d22a3017dc1dc4a3dc9dbf88d99350d31ad9bdf0ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    686cfcb064a44d6f6a82f5e2899bc789

    SHA1

    fac6cf3220bdd07eff3e45facfff24a544adf570

    SHA256

    031fc3a98421ca72d98ce90853b147f8d7c8dbdff4e86cdc288175537abd1a20

    SHA512

    14c02cf76c996f6ebb620ae469f6dcbc5482f45adb2f49cd870225ea2515f3a5518b830fe10a4375d0d2a8fb4bb967b1326076cf05758c08f97615c7c761ca60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2e07a95f57ac9818a13996be68a3f59

    SHA1

    299f047916b4020ad7612f671c5cbde10d8d7766

    SHA256

    2eb2e85d8ff8a69f2017bb9866db82a39c297a5dfb81633aefa0581a765f614e

    SHA512

    450d9d9d17086c33e92d35d82de841b0560892e1f33c8a0b7c7f5cadbdd88f83cc163c3393a769bb1de81732b84d553bd71e6319b730a7c96555887a52e1fb53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d384daac4c929fe242efac3dac968d9

    SHA1

    f5cd7dc90989990b66bb024b29275e67ef2ee912

    SHA256

    41ab6faaeba9627adbc58946813f50d637ac53dd38c4ee4f8a7de3b8b1f6d41e

    SHA512

    ce3e32caaf90ee20b2a7a4fd722ec73f34040ece678f266ce442f9420c5d90440d1b00e1d3cc67a3bdb48bd35de8c0aea7160e732bb99465d91d2e5042781869

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba8cd0a063a53a6f6afda74d7aaf6ed4

    SHA1

    1d2418813a67722e7d70e4e7e5c7eed843d46c79

    SHA256

    b73fc65fef7bff4eae392113d120fcb35f063f8b37938839d06a33015a80b6d7

    SHA512

    e17236adce75fd96cc0e7ac0584dba852e71277f583a4385b602a0925c21d182570d45ac831dc75b2cf2a11945ce5ffeefafa621d91cbe447fe601dd2f65776e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be19516d727e2f13a16d966c7ed685fb

    SHA1

    cc315dd3bdb116367752a426556b08158884389c

    SHA256

    84cbd00385bbd4f20fa7b647a6d0774768a961de15903cf6c6ea298c362bffdc

    SHA512

    dc13d1a82d3a1e29e9d97f151a5b80f722b6735db72ae80ccb5f053f7eb8a460e00c57a6bf658e4f08f6e6b750a9e747f8100d5e1498755b8ce1a84cc53b64e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a438eea8c05f5e568053ed316139a1d4

    SHA1

    0b67fa806870ef0866f4bbc61a0f386ce57b8177

    SHA256

    5fee1e393eaf0f0ba23537bf9e224c226cb3fb787c25e644d41ba55a5a239609

    SHA512

    a5c9ef9a6224e744aea4ef12d6d9e7ec4cf96f93c1c5009961f72e6db53903698552e063293703bae187aa2eb7dd4ff2ba4f8b3863896d73156ba0efabe4131c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    294d1bcbafb5cfa25a3b7be300f48bab

    SHA1

    2fe00d8fb0a8c21d99316bd6d3586bc5137a3ea2

    SHA256

    ea7ecbb92fb76b02b8360973be24ce98576b5ecabf16c9c87d2b63bf8949e84d

    SHA512

    a5ee5390d445518848c9573c79fb67a06e7345af981aab0bd1c79db3c63a37aa078ce8c9836973afaa493b2eb4701f8f2682956783b921e5a575a25e3902121f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cce64d3548eb23ad9ab933e395d000a

    SHA1

    8daa393ec77a41837c563cd84043b95e8dbd3c4c

    SHA256

    da085de2a02635329d6b8d77ab425b9771b8c35de5fff259639504eef61e09bd

    SHA512

    c01fd6c8487a0583e7b1d251c877e5464ab5d06387709b50291c67ba3ea45cca37e2df8e2fb25d77a0540080d3bad52f3c0604c5235965aebcbfb472fb6adb83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b460c726e548f43b02baacebb5f38ae1

    SHA1

    27b760016f963ba9d1ab9f882825bea08a1c7898

    SHA256

    7099e45b6404895033b6681fe6b933320e2b66cc7faf4eb65891e94ae5fa3ce1

    SHA512

    92a8b1bfe58286cb9451334789a80faf51a998cfd3d5f89021ab678f7808bdec4ffab0e1da8c5d07e98455a028e11e69307bd7140727f166bb028b65bd422812

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63dfee0c06ab925ab3a19f302b33f506

    SHA1

    58990c1a3878a771cc6cbf0e3930f71f48c01bfa

    SHA256

    d50e200b4c8ad934b7ce50b92fc8bce85f48353aee95379d237b5377d1ae0d3b

    SHA512

    eb0b026f5fc095c3bf8301488b03e376cbee6bc767fe69b7cf7eb747d3449ec1d0a2522510a77ae774398a048a829af6d108ca52b10a93c1039292ce40e6c85c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76eb83b091727d22432328472476fea5

    SHA1

    0dbfc81face454af75a4b5146324d87e884d3ac2

    SHA256

    8a9c671a9cc8afdcea0084a33200f1b89be480c3391ef60c0b8164eb3a345b6e

    SHA512

    d6a917edb1dfcba8a5adcf54fd5c3ea0921bac2730938d0dba52b512e9446df2d7dabba98089879d72f544c2cfaae6cc28ef218ea9ada32b441f23351825dacd

  • C:\Users\Admin\AppData\Local\Temp\Cab283B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar28BF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b