Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    crash.html

  • Size

    4KB

  • MD5

    29e60ae23e572610adbb53aee1617645

  • SHA1

    4c6057e033566df096f322a2dfd42d63c9212363

  • SHA256

    7a6ec91baae45c72e2c61ca1ebb6f7738ccc930e2bccc3909dbabf1a029dc1d9

  • SHA512

    fe6e24f68362b28c621df7339a31f934ca8b983c82df433723b4828b5c4d16c2783512829378def51034c47749169d8d8f4856edab428b350fb4505cceff185a

  • SSDEEP

    96:WMQfVsDapUot2fmp45j7cEVXi04AngGDZQaA6FbgP8vo59j14NHm/aCKpYWAL/f:WHfWaSLcESWg/q6jCtmpxPTf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\crash.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d6446514e56b8ab3d6b16ab2138e8ca6

          SHA1

          4d671dd15cd1c2b046a881b7026ef8d3b168b658

          SHA256

          e44683c1cb6b6046d5d9111e2aec03ca34f008f6af6325dac1506cf41159209e

          SHA512

          2609800ed3b283b04f5609d245d105a1d0fe2f854b1d0407a11e8c056c81bcc1bd0466e36377f97809768c44611c501a95b982c8c03d1ab30784b9510f165257

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          78dff074304bb908c00c822deb790075

          SHA1

          c25ba90c72035d35777fb0adcec305d595b0a7bb

          SHA256

          e221585d512f13f2f505152006fc7cd0ad8d96e62f91fa7d747301c0fed80536

          SHA512

          10cb5fedf924f9d3436f0ac31b27867e3210ac2b86ade8f42ef19c685aa445c2ae10cfca4d17b59d7d1b14872511cc5df5cd776ab2d9ec57759f187a2958cf8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          495710d1025fb74b98d1941327a164e1

          SHA1

          df67746bc13de4482c8650c1b968b5a63ea93eb6

          SHA256

          337022f3e9d1efab26c2343970cfef7ef49623c6d54f3b5890059994ce06f03d

          SHA512

          736c83612526c83ddf37e81414b83fcec40abab591cb49ae9f8c0583fe2425089acc1cf178b1e70f22033a5ea0adf08cd1e2c2af14a8bf3b8229d6eec139fe04

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7f3a3121e32c9069b2085d62ef67d173

          SHA1

          d3060a8c23af6ebd6c444d1db15e5737413e8e04

          SHA256

          7c12e0d1b870108321a291ce20b8c39f8c7c92bbdfb5a1b901561e3a83690693

          SHA512

          f6c1be2d433a497c0e922365b95a54b377487e674d7ea3437d75c42409f33332a74dd7ab50151f1caaed480a2cf2a6777363980fd38b31cc432033b6dc48ae5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          80b791b34432406d4352ebdddbe3e653

          SHA1

          f4ea4265b6bc2e50bb7f65ddbfafd6dab6de10fe

          SHA256

          dbd95cf19a5379743b52d85ed352581876cf5723bbc9cf924fd8f33272d076a8

          SHA512

          fb66c85300975c954d21b88df205f407eb6d6777b2c1f687d4ec3580f3fdef9c4cd40ee063eb2528a04a30d0fcca122c5c43501448ab1d8ef53f13053bba3f02

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca05e994b02dcffb20e32b48b787ba70

          SHA1

          9b78a699e6baea3a58fd3c6a3443f1cc485520b9

          SHA256

          de70278c61877ac7ec42eafd41ddba3fe574956cdf8a98a44ddcb60aa7de3d15

          SHA512

          b94b10f97443d600455c93eb4f87117bfa1bd1de5c90dd44e3771466ee8180508f6f07c70bb31efad6f0b447dc1d7579e3b476c0d51c1dd63cdd691f1623c5f5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e43d8868579e4aa1b716063b938a4ce9

          SHA1

          24f16894872216781c201f0a787f27251a50f2e1

          SHA256

          faed7ba7258fcc68d25474034bdaa2a20cc57fe1954bb967381e4e05b7cc4672

          SHA512

          ad444ff003b2fe676c8560d1fbf71e3285d1b73c3d04d1253954fba0d9714e22dfc65fc05d7baffbce3d54ca778d78005d78ccfeb54a6c2e341f0b598ab04234

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2527718e042f75a0354d196a00553b8f

          SHA1

          539004956f371eb1ae3b6d26c99f5875639a3320

          SHA256

          e9d8a39e23cead32889dd9121bdf2b90b846c4e528bfe67ce07cd8aa5749e627

          SHA512

          eaccbb2c7cbbd12534cccb5dcc320f3ae9bb4345df5bb9a495e4ac94cfe9c1d2f23fab089973d880d641c9a59eb158cb95628d2a67ae6833284dd4ea4b45956d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e9ba25453c831dfb29768fb1a979a68f

          SHA1

          3bff0594070b036789592253addd4dac3699ee20

          SHA256

          d34d9acbee318922bc0a6c12d212bdeb946c9c18410d82302c52299ae974da2b

          SHA512

          9987de2da29af797a4fe290713e7f06071e5e2bea5faf332cee31133399e0aa1fb68e7011b949868ddbbbb1fb58a88b90fa89f4e40685214e137aec31349a76a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b962369037978e020d401e50686d52ab

          SHA1

          3aa685d0b3a045ec34be9674ae35e8e1cd65c051

          SHA256

          cf4f4b3c5da5193ade080479e83c6ecd88023f65a1efa3cfb56b74868edba4b3

          SHA512

          4913aa1f16a9daaacb30fb80bad0c610ee1c9a0279688faabf9635da33758fcc1d18ef8261564740def2c5fed243c28bd0bd5f00ad28cf6d7e459de9c528ffcf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2e21f83709bcea118ad18c55087036f6

          SHA1

          4e21a26af2d975c83195992b448162770f4b8c57

          SHA256

          cab00145d0b0d3a752106410e9fe375bec602c15b26afb4a5d458342431ecb20

          SHA512

          3b48e02d6e60578498a69b22d7ae05c1d269449bc11b6f4e9628ee22b15a6b282dcd60f35495074da18a6043fcc0b60bc30fd43ea5ae9dd2d85f49547c9e8eef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fe47cc6b48bf50c74c80f944a39fde9c

          SHA1

          b43787226b22838152c72ad14da4ec77b1675e81

          SHA256

          87a5beb59fcb0ec359141730cedb664452bdee57298d3798c7dbb41bcdd80656

          SHA512

          efc1df50c1b1133b30f3afd54ac1ce36478fd818c29af940508df09093fd358c45b02e9ef55ea87ae15cdbff865c0eb36a30db6b64c194a12b1d6118f69e3c91

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          14f97a5fbd5e62e09d46cadfd7acd3db

          SHA1

          c1fff6fbdfa7c782d48e4a2757c3a623c2715d5d

          SHA256

          92d36cbfaf87e28a0d1e3b82c2b2d791195e964ead57ca488a8a7d53c5869acf

          SHA512

          5aadf7addb68dd16b25fccc901c64a95e2ccd7fcb679069245157c1373d5e64c416a7d656c00c9bdcff972e64293ec3490f18ee10e0fffa6cf7c29fa592b0e2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f80bdb0bcdedf9a7ec3e8e48cedd1a4a

          SHA1

          002c283dc527443a2637d3892850d40a2fcdcccb

          SHA256

          91088f1cc76795a0254e6ae5026ca83a4e555db0c82cea82219e71000645feb2

          SHA512

          043e33eeeb2d5b8c1ec021d899890a007105ffa31a6cbf3ddaccbfa50a36fe897ecc863fe7698a709d6e6a2bc23f44f2e27463ca3e0c9bb06f006a150a6704c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e300d7b5c0e141008a307142584e5e89

          SHA1

          c769dfe816e8b532bd0dbb3064a0aa8ba6dc9077

          SHA256

          af85166d27c5572a1c960de6550c56ceec3fd03f8c8413dc737d4c8b4f8f71db

          SHA512

          acaffdcbbf4bbbeb1134c377aec70e2a6e7b1120bbcff34ea5ed7c48d7fb34da0337a3e1715e07e51e91b89a5216c4b7df65ffb22764d99c0845f039af4d8e87

        • C:\Users\Admin\AppData\Local\Temp\Cab1BED.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar1CBC.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b