Analysis

  • max time kernel
    144s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    capwarn.html

  • Size

    3KB

  • MD5

    b53220103656c35f7baf47a04f086e9f

  • SHA1

    2e2a982191dc01c6fdc529cbea380a4819bbe389

  • SHA256

    dab7f6b3ab91493df57a508fa58538ede16766300a5dc4be2b755a3b3954a276

  • SHA512

    b96275d181db815615a2d95ed7e5f75f9f69a2cbb332a680082a9aeed205ddee3d8dea550f12655d30cd7585313c490edfc9d1dac27a10e0bca9d70eaf868ee9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\capwarn.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ada228e8197f5ea276a870d3cd91d6ed

          SHA1

          dc4ca166ab0c571ddf8d9edac08ee5a681124ded

          SHA256

          81fa2f7c5d93802a7fbecd45b401107e03334da368d75136959e45eb53a57ea8

          SHA512

          c04c4a86fc824df524dc02edc4c5e806e489b3e03f6d179dbea02e57fa8487b023665d097cdfa2925f08c06a75d89c1759268f5bceb3c2589ea44215e7ec6144

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a78a65dc25b119f0ebfd3de8be7d879

          SHA1

          6c9d1e6a41545885bca7d5d3185d3b6f924a01f0

          SHA256

          e81341ec5162cbbe149a4ccfde5907bdaf528123cb236fa31cca521069dc3ee2

          SHA512

          39bc767accb10ea902bb8a786a0105fb21a14f0406414b620bc50a8379b33c9d7c26fc2733b52a1785021ebdbd5a2bdf9d43687d213db410f18b984949b7d0ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          89726a5660d2cd5c67a4f5a0306cddc7

          SHA1

          704c03e6c518e9f40be4ee82deecd802f1aedf53

          SHA256

          e31aff2c530ea85d921aa8eea278aa59a4072d2ed34df20ca90a480e2164a266

          SHA512

          f5e37670bdd131af663627bcbc6847b385ac2000182c7f87b20282ebde2fab832edfe68c746a9b159ce292f70fc5a7c1fca07521f38131ace540a54eea60f4c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          473f628ff1181647a4f85385160e8efc

          SHA1

          9aa467e61d6019827d2180fead43e792cfe789c9

          SHA256

          64caf7199d4abaa657efd966f11e7905ff2b8efd4d957d5124748c9bdca295fa

          SHA512

          a00372430927a20c021939fad54f5476b0bec71382e3df9c2c6df2e7542ecaa802314e1a66a20becbd2b257bf943f1c261d49a219c7a1d8a0e250ec37dc3b6f7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9dda84fd904388fc52d55ba127e12a99

          SHA1

          ed35a1f5c126c263a420fa9a6c74375116871ee9

          SHA256

          ad34f6a1066536cef5bac12c5f01f004c65c6d7d7a79bb9290db9166a347fad2

          SHA512

          d1eba6cca5eb597c6240591abdbc21d94d782dec4f264e77308ab781a3c56f72986f58dabee6891127e35d8d25734e6af07c5ec8515e35cd5b3c3130dd4addc8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b7817fdc7883025ff3440d8359f0dd21

          SHA1

          7f2a83b1f023018e4937194ecc1e91d8d5999d9f

          SHA256

          d04959825a52282fcfb469decddc11a808d815509f1aafb77696b14b0b972cb2

          SHA512

          518a31fe50c7d326bbf3befeb72a0a8f991e858b86b275d72e21f1d06e9bfbe40a4d07c653eaa82a10e66adb053d6e6b9d2b10ef6ccb926aebf6fb0731256f09

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          33b4b099c6edbad4d9bfec2ef9183224

          SHA1

          2dd2b98146e50df34737ad6fee609e65ab63f9fe

          SHA256

          72054095f9f90142922ceb91153b1a89fb5d9179ac6e1a1fff718f7d2d7c65d0

          SHA512

          04a15a4d5d3f154eeb7ddb391bb7ab5463ecfea0ae1779402e9bb27f294db326f4201d10898ce599210cc047d9e580c3d5d5319d6cf38b189f7aac5c46e1a7d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          11f4bbc2c4a210d1c18ff297a2746603

          SHA1

          f46fb0e2fbd4d879e9146f1ef5721fdfa40091af

          SHA256

          8045199f86103d4857e107ca320cdbd02a1cff900abd5dd09eb788900b0251ba

          SHA512

          dbdf2447871af1465671fae7f862c0f9f747c30d3785b70dbceb9cd301a81646118c333fb9f7cdd409cd004f108e2a21b8fa31b7199f73bb30fbc99c371685d8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf3a970cc2368d2b6249c654c8fc12ab

          SHA1

          5ceaa34a9235c9f367bffee19c601c6bd3c054a0

          SHA256

          5d2856408db4e8f252d3a2eb2c7fafb429985e0a4e7e45fe94aaa06de415bd20

          SHA512

          b7587dbea0fb54737f7d9cec8c93c67699a55a7d1ecacf7935ef051e593a3b2b690e755e7f50e2035d7b495edc52d8353f1c9ffc41c6d0cd568924cfd9a7e48d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          135822d46ce625f2f5f9c37e8713f4a7

          SHA1

          ca4582f58ed4fb6f91e1e712b2b480195a1c5e1b

          SHA256

          0a79c02c37fef16791aa18eb07934f0678d9527e0967bca799540c1caec80d8e

          SHA512

          02023403b6f77cd2f9e648f3f3da38c395836f70f677d4f79b38518fa7f2667323da1aeb4d318e7168f439ebe7e96369cf5f7958a9639d353b448899571414b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          52d056e26380cbb1cbbecf54280acc58

          SHA1

          8a772825337c7abb35efe017307de241298b87a3

          SHA256

          3ade3bd7f65d0b2a7226a34477cce6e79e0c6838af79393178c5af129a5a8eea

          SHA512

          77d26a97ec09d3ebd08c248120cb1d2a8a1d59e646f8b4bd360e336b4dd1ff188058b6a09b7d62e17140d288df97bf54b32fd9db5979c5f8a5f5d783f7f8a2cc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          84aeb3384fa90a11e09cdc66d1a17a50

          SHA1

          65b8239b950727ebdff3f1493a2e94f6750895f0

          SHA256

          364754ec9ba187dcea8edb0e0ba13368f4e1231219a6d71b99153a99f2da9c17

          SHA512

          276fd829e1d1f839f091db0d204eeda55561ac9ec38828217827792f277876c12d33451085618e8367419128d594a511ee309f13d197023b5a0fa8c5b34c587f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a84d847e546975d2e331b191a16df9a4

          SHA1

          bfd00b1aee49f48663501a14fd51ef82ed58e18b

          SHA256

          a4ea9fd6a64f4d27b87c13c52922ff84a0197800ed2c1b62a2c29951c7870637

          SHA512

          0ce31ef8546ffa76886d37f79640bd63af27ca8108fa888e8f682dc76f5e6d31c37285dedc7529f2085eaf30eebe234b6a02a1170612e8a4b8f3d069f1be8514

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b51e9a2f534c826edebfa8e764a18751

          SHA1

          764ab6f235b679a1bea53baba4e7a926b4cabd40

          SHA256

          41010020cf068c332b62b80ca17fd7c55ac14e869b37c864e0250e6c6f872d9e

          SHA512

          3bf6b32860503dd760d662b8c7102d22ce94799e6e89219a13fc148153b201d7beffd6b09a34c29e2dc7b7e8f3bcb13842d19b575c9b855ec75f3bd104003606

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d0d18d1bfb9eed46e3af5cf9c7bfb6f1

          SHA1

          c9276f6e13587fbf2d2091c463b2fea23335a770

          SHA256

          6ad301b2041de0a87fd705d26b0209e5b308e8c6d6565248ab42bd543bd4322c

          SHA512

          1c5f0dd62e4779da8ca09b4c3f8fa676f28248e8b6807a857bc5ef27f57b7e1bf93f8cac1915f0fcfe817d8eb9e30e5fc5bb4aad9ff22276f2b747f5a1bf6369

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f54033b02790f5e2b07286771af90d60

          SHA1

          f2bd9998f3ae6ac87085c023c9c0d4e41bf7b7dd

          SHA256

          e3056bfd3b3512119701949db7b07858d955b2b32d5f9a68a841a2c036cf99c0

          SHA512

          6b92d3d36065f28bb0875ce268543582d76d78b06e5889a224b9615c0a7993ecb121a2a2324b93a8c3e8bd16b5756c6f00cba7e5599897e8dc6a40ec88886b07

        • C:\Users\Admin\AppData\Local\Temp\Cab2445.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar30CB.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b