Analysis

  • max time kernel
    130s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    d-audiofilters.html

  • Size

    3KB

  • MD5

    d84ffb379e9de66fcb6fbff5b9551452

  • SHA1

    f37e8f8fed356dfc07936fa0d7665b1543086c22

  • SHA256

    028a10b99aef5f381ce2799eb43da550e12e16db5c419ff64a57730af319f223

  • SHA512

    3bf78a071a1ae51255e539d16380731863278fdbbdeba3d7eca08981e2d45877413b715f2408ab94bd8b3ede10cdd1b104d927e612092ac9caba3ee89baf1eb3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d-audiofilters.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c7b83ec92643e88b8e59552edd9422b1

          SHA1

          740dd0652dee3d9872ece1637b4a2a875e0776b9

          SHA256

          59b570f7675e673d67c49164aaeedf5207c19c30dfc796b327e8d7ea941ffaa2

          SHA512

          1ce6d61c3b767490613ce49415f56799b1e44bb02d3e14a07f06dd2411c79d21629abbee5e51ecffa2b9ec8f7ccf6af8d580919ffbe8cfe5a55c6213283ff8b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1b9904b3c0fd3081a26c8755832bc52d

          SHA1

          f499b2e4fff92c6a4c7ebe1b5827907f61e0957b

          SHA256

          56a3a1942b6ec8b9c95d89f17537c8bdc73e063541a296ef61d7581c0aa4b490

          SHA512

          75ec5f85a1ebca5529806dd158b2aed904c0e62be0f6a42d591ba8a4631c76c9ba53d7e5daf9d1195a4e4ad5e2163f40c1886567b1a084bae34488cbead5806a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          74f58b8dab8385cce503d36e0bfdf25f

          SHA1

          da9ded2d081287cd602690668c1e5d4ea89e8c6c

          SHA256

          baa3d19a2c76902768d0db6a3b5700d5d238873671c16f436688e9e07eda712f

          SHA512

          a91d1e8b9646d9d8dadbb70246c68ae162a3540f1089638052a2eb394394204323bab414cde314d72cf8e14a18a04c9b43c13f027bf6b302387043db6953e757

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          16cea2f2f21c2efc89310d42b7f5e10e

          SHA1

          d210232a3247b8418da27cb3e71e1b9ce98ce891

          SHA256

          88c7f4c431990f203d168259ee5780e512dd0b404b1a8f09322d5ee3bcdd0bf4

          SHA512

          5a8fd1af7b90b4a4dde8bd6248fd425664dbde856617d37eb7a8446b9c1f158894d83aa9afe5eaddf815aac9cfe26b8d6260dce9237b976b21558fdaf43d2963

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d4a1aaf7fe38b0069e04639ae2656d87

          SHA1

          21a7baa0cedbd2b2b5e2a32bcb94bbffa815e961

          SHA256

          57b862d4472e1bab2de01eaf26c7136a0301c2943cf94c120e4c2dce2d23e318

          SHA512

          ce1deb4403e7a31f42436e4d78dde8c86a36176c243b7f2d91b4439d4eadb560901a088c060ab82d9c9d1eb627d3e33835a76d9793e8488a46b6a3f07c2bf4da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          030d4ba93d875d61f56542ab26071675

          SHA1

          92128e42a4a99839f28f54e1a72e3c511faab606

          SHA256

          8e831f683e6af19f8226de7163b1c954450f61dfbceae29310256f1883ae1607

          SHA512

          734d93a808052660c6080fa02ad467efdf47645ff5f8b115c4a932c5e0bcf6db6d712957692dae86a53ab56de7244cc520717218dea2521576645057c1289de6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          107b289346f32df7d23284c72d651f7a

          SHA1

          294a852ce35ba5606bf678b5568965904967d660

          SHA256

          cc9882751ecdf122ed824b9cb44a3441d2850fffcd5cb8e3cbb58a154e617633

          SHA512

          4f72fa1a40d9fdf6b01dedde698ef5479f0bca600236cb341ae127f8cb1ebefd8b53dfeca9c6165d020ae6d9704efb722991575ce67705b57dd955ed31486221

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fefbcc81cb46a738ea89dff2f4b8379c

          SHA1

          54f51ff1535726a2efcad7eaf2ee846a883dae44

          SHA256

          3dcce16e635d405dee8d064c3f508d38b8b158f443dae75002dbce53624890d7

          SHA512

          fb4fc11b8abf9d33f5f196d8fbd73fdbd716ebe56bcf90d83d6ff78677aa3d06d7a2ca263747bbd9eb317fdcc39fccd7fa6bf2ba5629ae0de74a0762bf6fc889

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9b49466c6d0996bfcf27fca6e46bf8f2

          SHA1

          1e368b9b12bf82e777ff35fde4a94f76bc7ae5b5

          SHA256

          b102023f67ac1ad45bc822fd8d019364a09332636b9cbae4047366d790605734

          SHA512

          08fa9acc23c81c6aaf237faa320b21e0e720468c61ff361dc8e887431fe2e44514c1329ce8eefe75e4571d8576932608e84e0cb4e2b31fa9dbb7390af75fbe26

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          03e6e7fa8c3f53bbbcd407fa5a323de4

          SHA1

          aad3afd7028af178b35b4afa0f36fb1dccd9603d

          SHA256

          0b97225c736f7f0b626b624f2612ec7f13e7fdadf20516e7fe609e2f9d468e3d

          SHA512

          904d2a4eec4b6f33ffa40afa9c0d686a2ae641b7887199be526c42ca37b51847c49084012d6204575f00b7ecdd63a549c9a870766091735136a196645e73da2a

        • C:\Users\Admin\AppData\Local\Temp\Cab39C9.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab3A95.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar3AAA.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b