Analysis

  • max time kernel
    120s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    audio-filters.html

  • Size

    10KB

  • MD5

    0fe2e156575ac26abf97e43520f6868b

  • SHA1

    759ce54b23b7f32605f12d7320ba7de84d23fe84

  • SHA256

    0b3ef0b1909dae0eac1f817b79dfde5c80a07948244c927c722d9c1b7c658c48

  • SHA512

    3e9cbf14b8f4f3b0478aa5de2aa4bb6ce44de014b13a075a906cd9b9983c014945504e8c3e845ffe8fec38e21b170d45a613c4a80916337105eb0ba636b21314

  • SSDEEP

    192:WHfqa8+XvE2h+u2HFM/THEXDrBhFD21YqJfMuXezECMtAbHKjCPYr:W/NeHF+H+DrF0pJfhezpNbo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\audio-filters.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aa3b556bc1c54fa81a7f6a776a0dca77

          SHA1

          cc0464d8c91bceabe1de160d4ba90736e5ef95c0

          SHA256

          78c600b58c86b4e8000edc9a1bb71c324e599f354a183b5ea44f8f6dd18fe637

          SHA512

          bccd69bdbad7413fc94a1c007fc684a9f9930909c619ec63665f68556ad02a718dd5138905b9bfa643af5be508c261e7813850b90a728e7fe932807a07cdd163

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d15c1908fece9ff3475c4cceba3eb600

          SHA1

          f02d68f0cd625351cbbd5a8d4e16b1a2401c6c6e

          SHA256

          e7ffc8a580e87c3109f0e21066d9ab1b6cb965e612483f85d96bbcea10da0771

          SHA512

          7fb5fbc3c2d5f93438f1e7a8206e0ace3faaf24afc49a0c11add93993cbfcd5a885112a920b19c27e4aa23222077570c2a0ff40eb5e554a38253e42b7fc3e124

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          85c8b75526a5885e6ceda35bad5f3de6

          SHA1

          03482cf0a9f2a7bf6c538ffc11bbe9ac5855076b

          SHA256

          6284f076250679696e26f3fec2fde7d5c2bd4029e4ecabea698263101b31e9da

          SHA512

          bb17104a9d7254d00599f9b86b0afb90f04ed1c8f303a21c7879d536fb6890feee5091537de44e88237cbf3082514979ac300c340d41cfad9343cdb1fdce2753

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c861ccea7cf1af6309b69cc2fe8365fe

          SHA1

          438fb694d99e0df7c06b4b52f83176c8b473077c

          SHA256

          dc53161a004bca5b799f0537031ebfb8f15cb90f761c096bdeb3cd8834287cc0

          SHA512

          7b987d35eea7f93e619bd6273978b4ca56adb3029d8f9679ee74cc51e6fbf53044bb53139e4762a5a22df52240e9f83cf5aca727d49f2c55a2ac2d8012d30f22

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b15fc012f7e64559727d55a49f550b19

          SHA1

          b0169a2bce0a1acdcf2b52e39a1d88e12078e041

          SHA256

          d089e847e9528554953c68912c9ad903315ec32dd457d46935b7170c231eb282

          SHA512

          fc27ec008aba9a6494b5eb2eae03dfa21d19cfdc70350b8bcf33535c7423765da419348ab439411c5646e4511d97e962895458d54828271c5f03b1bce9d1f2de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ab46aa376192700e41ba3b1ddbf827ba

          SHA1

          d974b8eec9767b169866ff870b6660787da8e1ed

          SHA256

          0ad043af62fb256f23842a3dd0081b19c8dfb0c433a987bfcb35d0a3925ce0c2

          SHA512

          bc033410b8de9a75c4260dfe87fcc9d7aa7dfea31f86af23e7707b0f842df2898434f6cc29fac4650c189f446fbe506809d2f24d0d4470bffbb2eae11cc08154

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          269c40ee5f3f290a0e18b92364d5fd0b

          SHA1

          682668a6766a3922b00ab3292573fa001dfbc9b6

          SHA256

          199003332dbddec212c5ffc4b3692079ccf591e79cb33513b2ddf30b1f90abf1

          SHA512

          26e0c24d86bed0cbc04ec4cd760c16253228595b3bf221a03dab65f247242091a5bf81e80f892b35a33bfbf604be9f06c161e4114361b3e2e09b1aadbeb14f81

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          27a3d83affc959b0d3cc1404c72b77af

          SHA1

          beb6510d082dc2b22292d43e12fb7772a8febf67

          SHA256

          e26223cf25abc6edd670694317425cc63be267140da8a6d884169ddc32614e18

          SHA512

          9a13e3397195991ce61a0c9a58329984eaf2fd3a219368e4de68a77ebcccbb50a0fb62ea37fdaffc37fdbf3a851ba97e8e6665cd13654a3bff59da79dce2d827

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8baa6a8924e61abb154124ea5137b158

          SHA1

          b88a7ac8234134b2cd057154302ac44c739d5426

          SHA256

          fb85a6f21665e68596ff4e475a88697895e8ae84f12631e556775605bcb86bc2

          SHA512

          eb82b2131eb31acdb9d4ea709b4efc644e2213d6d76258cb3ced68ad2410413672807f10e4eb5d14126ff4585b6835218481cf08f2608da18e38f94c88803488

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00d1b517c29968b768a14ba8ea4cb27f

          SHA1

          dba5c804bfe7c9d4ad768561bb12dcf985e49547

          SHA256

          601e41e051db2e51da788af44ed101df5d423bae78cb52fec1604dbb56c9896a

          SHA512

          c5b8d74e3ea9e82bc88a01930987f183392868a74e97f1dc51e92814320af11c0587d2240ca2550d31e6d8be928d6da606317766fbebfc7ecfdbc5af503b5f2f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          11956625d2586d8af22f07087fed8c11

          SHA1

          a12edfbaca71990db3b61cfe5a1c1f774c596769

          SHA256

          5d902e832595f4594d9317cb4e731e221eb35e6fa6fd8125cbe0f245879c1f7f

          SHA512

          0a44efbe61e6b9f4832e700229cd11d1c9abf402b31e3d66f57f22b8cfb4decb42ce42034af5b83debdc3bae0f31636d20a4673aa4559ce37f641a208e503c34

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5e969c7f039750af77124c587159ae17

          SHA1

          17306efe906a4793f5b1f96577783fb6d4a423dc

          SHA256

          e0850a59abd4302b3609ae5be66e6f6bfd9aec262f982013d8b31ff760aa11ad

          SHA512

          020b2577e542d87ed29f7308d3267c881b84dd1f636861a0d99159dbeac916830d4cd5d54f3062e1a299811caf5b4c0293961ef52a384fdda0cb015c79661073

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fdc0ab3681ae55483aae7869a4eb774d

          SHA1

          04bb62bb72afd8717473d73cc1ed034c84442118

          SHA256

          3d18bf93fe74dc8cd0abe05e8ff8ee8c35752d9980ff492de08a021d441c71c0

          SHA512

          6f39b7180f279fe53055ac047e71e0d3b27b7a2e0b8c211231d1d913d044f8bdf1f236b0623ee6e87c296b6925184ecf4ff7cb16f97fdfe9c6f94bcf272a1ca1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d04f330b33dafa6e9e18237f72161af8

          SHA1

          a6ff664af695d9b7e6b2b10ed040d578bcaf2656

          SHA256

          89713b08f8683520b1db8fbd00b5014704113daabf565457f408347ea0e16eec

          SHA512

          5db4c3a544f0e817e9bcf23bd0cea445e731e8e71f33da12c25aa5c956fc59da6d3bdcf0af1f93f7f8e56668117b11b42e8dc5d4ed533094ee09334fc9b102cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fd4d7bb0a8eae4026ef3019f5f26c12b

          SHA1

          9edab49a09e1f4207f0e6872e659db8d46e9b04d

          SHA256

          5352817e13e4aae3d83b58339bdf8d6d68aaa972553858ad52330a0e8890181d

          SHA512

          d47c1169435a676a595aa8dd4443bc88983295e753659ee5d49845c71fae9999df3d43f99dd88355f0a5f6b6aa75a8d8795a5e6f62cc6c04cb92964241ab6fe9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2f91b1541e9ee273ae87ab73490a0ba6

          SHA1

          46047cf4e5265b847f1695b7093faf3ee542c23e

          SHA256

          34c503cef5230f951fc30ea5072cb51780d3e3900546012a4db2a58c91c7ae0c

          SHA512

          082b5e4a5e27cb2d4af95e404b2c922ca2ff76c8fe33ec58bfc7f375b99acbc10c381b64678dbe7883bf12d6d4c8097c7151b11decf380a9a152095038f5cee1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cf6e27e19165564cf6c4ca1e94759465

          SHA1

          f3c1c0f8dae4e7d1c094c6ab8897096f8fdcf74f

          SHA256

          042998adf300f172f1d4c758fc94b38b20ab6f1faccebd7660171b01ca968876

          SHA512

          22ec016187d0960da71563977d34a629518ca627191accb5322443b0404b2e0db70d14b9e7637971507c114694cf5bd00a697e980c0e069cbfc46999f1bbe47b

        • C:\Users\Admin\AppData\Local\Temp\Cab4230.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar4370.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b