Analysis

  • max time kernel
    122s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:02

General

  • Target

    download.html

  • Size

    124B

  • MD5

    b2777f10576ddeb62ef84085496d4140

  • SHA1

    9a3abd7550f982d18f2783c0cdde4a8f76c2de87

  • SHA256

    79bb0b6f17bb14e1bae777a99832cc6423b23b1c9d7c969cb3fc11a775bf779a

  • SHA512

    bf78520555c34be4aa9e5dc9cf42c67082e24d14f89e6515d87f939c20f369145609cdd5082f4bc9fe2044c9e428d03d2fb7711e5c7864ba2324b281b1086339

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2344

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          07c87fea425b78906a5e76d728393d71

          SHA1

          d9f2df01e859661821adcdbe913555dcce261e11

          SHA256

          1953a6b5d5dd7521d85ed9ef0de315a72e5d6df96734bd15854245936e99167f

          SHA512

          e495fa2849e1e28313aecd5bffbff0b93f5256e76d849f19eaba0f90625f43a66ed5fdea8f18b9207554ddea97c91b5fe91cc1514ef84b3bfd1dd0509ba5ed90

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7c26dfb4292f227670321cfc2344bbea

          SHA1

          1263b4de8950c7d72a3e14f2c05a25a30be5521a

          SHA256

          fb55b76eaf92eec77d7bf1a109ec7638956a3ab293be0185172636068778b2af

          SHA512

          75c4df0d66da792dc7c881ddef3bc61fe90d2db9a7d9af3ca89e14a8a966332ca65f1d420b424f7dfbb55fb613562523fd61a43d4433284b7021f72ce1fef894

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9e1b5c6f3908a3b46aadc31fb3335801

          SHA1

          8298857436f49e3537dd94d050572f2788a672f4

          SHA256

          f219e30987a63a7d492ce72ac91595a5a11ce4603254d87c29ec4721b1dc324d

          SHA512

          c1dd0aeb3f9595e1d4042ee64e3cdb876e9d93de8ce7f13220cad35ca2daf335ce34b7dbf3c87b5acfa1add6e435b855ae94e4765ef9deb3f68d45c5416913a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0c3606f1fce5cbf6543eb0e51bc1a6db

          SHA1

          7f7dc472d321fe56e9867a0b080bffe2cb8b4787

          SHA256

          7c200326516018083c4227d2689e2c30867ac8006a28c30a7a145706f2d5d237

          SHA512

          36ac6eaf90cc53a613ab9143bde0891c8d9910831ba29ad88c7462afe21c080cac71c618115ea027bdb02333c075b0a5643ab5d16d5111df66cdf7029bebc2d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          74a70079879cf309af5211a1ccae6d4d

          SHA1

          99034ca8fdbd836a6105eeaa0c0742823f859c54

          SHA256

          2e603ab2dc3eb087a1708e2bc4e96e0f7511aa412e0bcd18fd64156df2951115

          SHA512

          9e6db3dae561220b789fced62ab83d1e5934090e361892cf280ab1c287394aa57933d1ed8e016831d52bd14418c559a7290a49a6ee6abab988cc42a365d5e3ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8daa00172cb265a8a68abf8c25749b5d

          SHA1

          41fab9d13010d07c3e61dd68691a1ffbf42970df

          SHA256

          19cd78c015e0650df616b769162d4e261a73f743f1aae94b7d8332aec4a77848

          SHA512

          3ab5901b80ed560bff22e4448f55971d8c08a81103bf0d39a415cb2347a6144fa09679ed84ebb2fe6c727416f84b5282891e7fdf9fa45433bf7ef145573f3fcf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4f6ad91fa148f9cd25e58c6d401b4aa8

          SHA1

          2baf648de8d6a3d62c62d28b24799620e0c0178f

          SHA256

          0ad28eecdc33e93a518ded5d9a0585350c6b08a7ba9a6bbb4645b447e06804e8

          SHA512

          b8fd322fcbead6923b3a6eba7161ff2d537a8776fb34eaa4197499f91a56704628f36d194c5b5ad8999f99129b1aed68869271d48c4279ff08c98f4e3cd5257c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2d29a53287418464732b8570242382fc

          SHA1

          ad4352caee7d619e58307daf979552ea6e5e7899

          SHA256

          db0d2fc4648dedc7e58b419bd6b1922600cc7bfb183389b4b1054444b9dc3578

          SHA512

          fb4d06339d72bcac4b5c451e3c4bc90b5112851ce545948fbac3f14132bf6affce17364d53a195ce430be01632600cf558eb908b9d28df9856dab8538f385b12

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c1e0ebda321e27e9d48321fa3ebbb0f6

          SHA1

          a24c8fd0f2462fbefd6e82eeb8e93b929b903e66

          SHA256

          0d5e744a87f8b8813b4261e9ace6b67b72b6c3f9a9d4fbaf78f51e1664ee3653

          SHA512

          9de1e2c7d1612b795ffe69dab9e3ecc3fbae999d84234e73720ea804e29f798786ca3a3112ed747d7d8492fb8f7acfcfc9f895e72b394cc233f7899d991e145d

        • C:\Users\Admin\AppData\Local\Temp\Tar31A3.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b