Analysis

  • max time kernel
    133s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:36

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    48d3d1ff4bbd691f9889cdf77fc36238

  • SHA1

    61228bfad3cfd10e8371a7a3039a86c32933622e

  • SHA256

    ba005c8135d50b1aa78422404c838fefa17e917aa78f102b970a3356b8c63e52

  • SHA512

    efe5f74379ed7d24de9d6c22b456d6206c43455f4b2f122cbfbb82dd22af94b61a5af20cc738d2f65e0e6d1a17ee57dfa9207c748c739cb424694c209ed2c226

  • SSDEEP

    3072:S3mkuSlUCNDyfkMY+BES09JXAnyrZalI+YQ:S3xNmsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0be89041dc97e684768711af8606ec10

    SHA1

    d374946083176b762558d5375ac3a44c91f169bd

    SHA256

    d298dbfe076507b2517f6425483aa5d6b28571cccd13bf09576af9558dddef75

    SHA512

    7d9ab05d0e89bbbe090d9bda328baa9b84f1d7150d45933877aa162f0c2333e3c3219a10d8cdaf9d1d7ab759776449a86e98467a4805f720f4dfdeeb59b4c508

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15c12e9409dfc5c9d9eebde8a3c9bf1e

    SHA1

    333b3d5efb674c0ee505602f1751f15d628303bc

    SHA256

    d05048a1e8bbf4357e81ecf043eddd8d3fbac2d2ec3bf8ece8f0b5f1423ca461

    SHA512

    f7cd62012f96a36f02e1e384dd686bc4368068cffec75946e95918cb78b6717f7cd069fb97f57c00de3e2dbb6c9a92a1fb1fe4cb4b7803f8be68406f0b23470a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a481eee0272e122779473b573f26a0cb

    SHA1

    8043e6ebf556bc8e310b3ae2727edfe051e99669

    SHA256

    426eb552414195ef01277c19d2b6e6461be0c82315b0db1e99fe0c82c85c2ce1

    SHA512

    0e3994de63bc974d69b6455bac7b1225be77d8e8855fbb8a46a312c54b8283182f55655779d881ef6c356ea83663338aa2d1a4f1157452ad86cef15bd59176dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd4dae371eecb012d0a2299acf2a2665

    SHA1

    54989f5fbb9800f0d5424e7df9768f1596cc2835

    SHA256

    f3554f3758d5bda06643a825c09b5bca3ce37e8513b57a90ac0b4b8b2977a946

    SHA512

    479a2233fdfcfba1fd6a7f3813443b03e875fae2be36144fec7039e60fccc6cf24c6ad5a48870ae5d617aed51cd33c67c3df76de6e1221041f2eaebb95881958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73cc618fd45b8b82b02290dd274ea7ea

    SHA1

    2a756e219c3ca15eca4a3f63a918abd3a83c3e5a

    SHA256

    7bbe1df73f1135cb18a988ebfee6f5a816915603d7a4726e7a7a848d39d40a84

    SHA512

    75432cf33176d9067ab84de568f33051d0205d68a3ef12c144b6f7ca2c832ee3be149366032d0ba898f2364bd531a00cabf66fc1b76aa397750a7d347926c23a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74c1dbace65da7a740cf46cb9d20c5ee

    SHA1

    a9ca1d73ce6aaf728573e2edf501cfa8e08c09f8

    SHA256

    2b209b5e261f8f86f9b03cdca7b48be93a780c35840bfba1a75774a4e01edec8

    SHA512

    b80683b79f46d59527af100669eebafbace6dee225784436656c16935a3882670b6c52f38a1f9ef51cd93a2dbcefaaec2cd267b798b4b0525b43c590520785d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ae6db63724f2b7737ca2087b7f441b9

    SHA1

    0fd70ed59c54b2dcd122bc0cd1249ab41e051c15

    SHA256

    410c8200ea61b5d166a99f563967bea1cc264c7bc4f118bf76e333b0e03a3204

    SHA512

    3b18d5660f446372dc3a02244364cddc2a504d2ca85d424c89b28dd51c32ed5fd919d820e89a5940444a805c2fb5910a1a1737626eb830231c48f7adeb7c66c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9680a05496fae71a1c0f74715fe0679

    SHA1

    c2d5743670f570aabf6d18adcd8846e240cec991

    SHA256

    b56c42cbed07b5bfdf034b1f5c2fb081f4216262bf1fe3397cca3eede38b7e88

    SHA512

    18b21b59843d106495cc89197a83e7f3e594525fe08708a9270d31e7d825c2d018d6302737aaf70d8cd7712fc7ea412b69930ae789034cff00f1fd7a4a9a8116

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef613e1ac86ced2c8e6c141c6a316880

    SHA1

    f44cbdd313fc7028a4944fb2ce68285e00581b72

    SHA256

    6202f83ee93b98a8f552bf4c35a91a352b35f5820a1b80f37e8b84d407504419

    SHA512

    e0300ea13ed1d33bb4194d732f567eee35d18b8d8ac756153fbe20910b00355e29aafe58eb7e0b4da0de9203efdcb4209207fad01c3d7e05a78816362736be7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5a9b10416d9ce3a5e9b41809cd4420d

    SHA1

    ff060afb7653be84814809471f943da449c15627

    SHA256

    3cd4fc4a418f78433972c291c8b34aa9c585e41f97e12107d210f9bc79c161b3

    SHA512

    a4f53405122d055401133b1e7a0958925d9921109c07dc8728d5ff3f09266753178766c13f6662d81e73fd1c86cf12941fab011e9d55011ef130753578796201

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    479a3d35282f2c46cd5115b051e6c20d

    SHA1

    f905c6836cd42c237974d0ce725b0f263f8202d8

    SHA256

    467fb0d43f6d66011b1296af793a2d15a4167f50b33c7d392db238dc69caf80b

    SHA512

    8650061cbe1b0a394557942a83c3018279cf78e4d8b33bcafc2fd76f7f93ea5cde9e16fb7597f041bf92d07bc4bd92992449cd05f2a340feb02bbc3af3764e29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24ebb42ff55acb0a12b364fad4df9ef0

    SHA1

    97da33ab2dd4ca96991e589cbf33d2de4f8db32a

    SHA256

    338b634b1bf078e4d62392e9a45860f783937fd84f936f3c17889fb4a3522b27

    SHA512

    8ad779c4cae851f5b4df3bfea7b1c3bbb019fa0f8a4dd4ce738b601172107b43d20c42bb99ee1449b7c5cf4a53b54a2aeb7acb2d2b7d63e6e2229e11f0a2cc96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d34b22f4a8f352346911b77be06f109

    SHA1

    44d50d28789bf726bcbf4061e537971d179023fd

    SHA256

    46d877000009f3f1f36474a331ee18781fac36e1abcd67b576ee7235af8c31d3

    SHA512

    716ca8054cfcb913170813dc8ac324c7128421bee54fc884dec510ce23754fbc0d0c209ad3f8d6d892eb2892c7aa61f270e57ea7118d7644350dc90c0eea7e80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd83466a43e346ba80eb7776fa4c35c5

    SHA1

    01951f4966872f83e8217ecf9f7933bc5f0328a8

    SHA256

    c128cd732861b83afaee16752fff2b7b08a05e46737ed837f9479ca791f8ebea

    SHA512

    293cfc3d42039cce7d556209219cce35d0ad3e6e91d34949c3bdee18fd5e1087471840d56dafea47070c0fa44e3e21b025979387abd40901b2e078a1ce7bc01d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57f3f9d9c8fe256523d2d4508ec7644f

    SHA1

    42d7cf97709c3d4eee84375a24b248869719f69d

    SHA256

    15769f34ba084d101c4be4110b7f173008040017a181c31a45014b07ca33cc90

    SHA512

    8de9bcb7eb3037808ee22ed6ba378fb1bdf181a5f8555ec50739f9c4ecf5875bd914d672ab7e4d7166396df68ac8b82af3e8a2ec1b9cd512dbe5c18143d1ccee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    209cf64b5156050471e544cf0292c48f

    SHA1

    c1fb1a3b23025800fd6b62c4689191cbbd509474

    SHA256

    c15790aa8552933af6cf126e53d6fc450cbdd00f6b549f93eee2a385b573fb22

    SHA512

    cf661447855be8dd7a0f614fcd549e021a227bcb75d153f4076f36f4abc06c4c2f65d1cac009a070dc24c56073d09168cec156eb11ef96df63ec487668315dce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a62a680f15ce1f78d7f25dcbd161a06

    SHA1

    37259bbd9350f7a94fb794fed926e83ab0bda36e

    SHA256

    530314a11dd6944056c07cfa1098e0c5f55adb4e27f1f9ffc9ec7b50e41a3a29

    SHA512

    c089b0511d69169f6a453ea3f07d080b4154329660b787689276e2b3048450ad8c313ff8d5630f582f983943666580862cfaea2ceb83c20513049cd641b6946a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    730483b39f9e31d7f77fe1d77cebd8fc

    SHA1

    a140951615024f945470792806e2c38e992c7e66

    SHA256

    c61dbf50221af46506de47710c311eb49fdb10eb043339e80b1a0cea5505eea2

    SHA512

    4dd4b2bedb40d5674507546084fd89c21863ebab3ab65f8794a08e8ca13f00982540ce72bfa349c0ba4c8e4161c4d41b3265796baded1dec0c502111949a7ffd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c86b91ff916fbe5b6e7f581d019f6534

    SHA1

    266e94f23d612fde95a7fbeab077cd681b348ed3

    SHA256

    f794cb866173bec0f4ca0fcbbb26b15250779266c1f4c4fc5095c7b488e2f0b9

    SHA512

    c870af26008abbeb4d8a9a766c6bc374cdf7740451a2756cac390c77383129c5f6b8ccffc379efe18586a483ffe486235776ed80e7fa9383ffb52c943096437d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2887d6d104702b970f9c0d61e4e240bd

    SHA1

    2dc3484256fbf5028acf0b58fe6f3139c48f658f

    SHA256

    68af791c914121ab5d2a245bcf2a751a708f2f2769cd87540b2d7bd970e60f6d

    SHA512

    ca7e1ef83bc68ca0b132ed36a065f5a57569e863c6b1a6141f79a6c835871475a2d3962dddef17170ae4b4276b50b4b06420b7fd0a962219bb26fd90c9c4a41b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    602f08e181b55238e41c7f33ed2537d3

    SHA1

    489bec010cd5b81b6a81edc204be6a5e7bceaefa

    SHA256

    73fe867a524e5b83f0cf0abc7a749daf6c0be02fdbb858af2859644171d92e75

    SHA512

    10fe02f4d94249b44d8873e68e3010549f98a41c4f90d6f82fc9358016cc7b514411ba8bd0d998ab98509931343046fc4d293923671e1207f6b73aa2be1981ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43fb5df2730e4c947c1a5f3f1e42c8f8

    SHA1

    3a77e26db06032845e5492f6768b113b6a958601

    SHA256

    46d44cc39dbfb5852d857ff92b8ee6d79dfa00b02917b72a90da674d2b9ca286

    SHA512

    3ef813fb22e2af4a3eb7e07a07fe2f15ad851334b40b220d2c689174fe5fb5b0f9660d5f68cf75ace64e5c46aaf63fa1908140e0e6aaf4cadc7971e428ea285f

  • C:\Users\Admin\AppData\Local\Temp\Cab1660.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar16F3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b