Analysis

  • max time kernel
    119s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    d-audiovolume.html

  • Size

    2KB

  • MD5

    84c5cc10ac3158b32bad24cc37ee134f

  • SHA1

    5bb0d38a82cee55e9dad92fcda058031749c679d

  • SHA256

    e9a4266f40d8aa6e38b67ef5bc4fef668f6449997f4421fc68cb7a4565ccd866

  • SHA512

    2ed9ae28e7bc963173662e1aecfb151896a052557943462d0d50a929a0bdf28af59052e02a9afc739557e0812253d98507633e785b2a1370d99fce3441f334c6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d-audiovolume.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1152 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2232

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5ba057610d28cb4d08437415161b7a47

          SHA1

          65820d069518c2b4b9fce0f5e417787957f9da47

          SHA256

          173e0759437e1c452fd2255e113f69ef129ceadb59091c8be610482ae3ae7868

          SHA512

          f2b54ec8f3fac3f2df1f204a5963b12e265d3a29559117153b077f3161782c90eac9509a8f3f13ad669fd87fbd843feade7b224bbcc37c2aa6a403010b59b34b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9bee5ee29d7578f19b0faaf9c0389971

          SHA1

          9a2ec4f34c1f2a58efc3bb0d919c14423f222e67

          SHA256

          111b08b67034d64a221ad08ea57a3f41d90545506fcc722c0594c1c8f42d524a

          SHA512

          5a96eaa2bb5e9e37b3481b7110e1f7b1e971c3164e4619c29557bca142ed4693da7179e07de4bc13994bb5dbcfddcdc5a3574cb371d93bc7c746b822ff4b1e49

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d129e6cbc094649da64c94bde07fbfe6

          SHA1

          6c3e7c67b15764ef8bbdc00f7ead9212d1165b00

          SHA256

          833a38a72e9b281c2bc0ee9842e21f54e3dd1293e14393ff0ed5d5344be7318f

          SHA512

          714681b6ee126b38ce02d7437bc0fd348e602597f98380f000e6ac91ba52c99916046c5f9e1f9dbe0c50fa2ec4f258fb94084da4f180ce419064e6bfeb271673

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d7f2c32cd1cd3f472e03e6c5c16dd3eb

          SHA1

          4290ddb18819a9b23932cd8c6be6ee3d745df636

          SHA256

          8d683dea3a3bc1dcad1ca7ef9d1b7c6d48aea230dd02653c5b913cee4c26c2e1

          SHA512

          e090840ee7ae34d2855f4daedb5a57907a17fbb1286fddc812db215c485bcbd9c1b1eb4cfe0635a8b2d3713ba831cf511c877dceef71852edab5867432c09276

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dbf8d8e63be6bd5485279f45b9f23013

          SHA1

          cbfd6f136a775ac00ad4d981cf1cad708d6d27a2

          SHA256

          c282fa120d3e2c0b14ac765c12979fe8466021011c75c060f6e82f02ca4dd2c7

          SHA512

          b1f344b5aa7b96e21086e84e752bf72ef73c2e6aca50c9349958da5beae9cf96fa66ce52a4f3f1c22416c210f240396186600a49c886cb0d64a3b8f48004795a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          922f99de1cfa7fb482d4004e83f114ff

          SHA1

          aedeef0e52c0582598953434b45ae9e5ea8a6ae2

          SHA256

          237a95e67842fd8a4e60ed28a354fb62464d80e56ad9133316259d5bde6a28a3

          SHA512

          0524e2ef08ed1a406c353c9366c71e7308b3963f978d59060b90593e72cbaeec622053b4f521e67ab7dd4f3ac8cf7bed1e479a82be2361ba047ca9e1237f1f56

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6e921b9a37351fb011d057cabd7800cb

          SHA1

          ba3da6bf5570d704f71996dca3e2773313364146

          SHA256

          6de24266b8434281691aa7df74c8020b50d2a36a65d0e2d808c464f91694913d

          SHA512

          5651d5ab8da35ed12d72886dd707bf4346dec484d1a2cdb9f4f2600b89d6db55a965449589224321838efbe2b83f0f5ebfd101bfe9fd89cd472ad75376703cc7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          604182df415ebf1eb6b69fdf4237e949

          SHA1

          33c0a70ccb541cb54a927c6405bf4368ce44dcd0

          SHA256

          7f9cb9a582eac3282a4dc2e4d2e5d1070a54f1b69a477130185c277dfc9498f3

          SHA512

          878c90cd54b55411b016e3c360a30f872ed7ebcf4408d749c7b22fffb0d25fad584c9bfe8bd79ed9c8a14b872b929a1b5bd6ccb37e463a9d5f0e05af1dc228bb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0eeacdac1a93f97e63038a99116bd77b

          SHA1

          72be2ebf32b47988e122058cbc6815d3b0b53593

          SHA256

          22425c23c0aa0ed72358ee3423fb605389c56734ba17cefff925f31c8aa5db0b

          SHA512

          baaa94273a64db6d8cb9b3d0050c34fdda7b81c71ac6f8f93302c0732eb5086e01b795517e6fd5280dafa623c1364e28075c2eabef613143a03481cf3540b709

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          efaeafc91dbc6db21839cee7b92ae767

          SHA1

          ee89d1474a81cfb216046fb080ac93b1d2845cd8

          SHA256

          cf147bf058b1c0647935b5ac1f72a5de9059a1f1c22c2aabf936c339a0b150fc

          SHA512

          d7380a01ba55d24a3b3808f71393b17155f4dcaf0eb875d404b7527c41ae4ed5662339f233f73483029533efe6a84b9ba7df6e05041a6a00f33bb3bb0b473c68

        • C:\Users\Admin\AppData\Local\Temp\CabBB47.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarC7BC.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b