Analysis

  • max time kernel
    119s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    d-capturesettings.html

  • Size

    4KB

  • MD5

    5a5295d2477efbca05dc53f6cda34381

  • SHA1

    ba37f7fe2069e2e53202ac18b18c1b1b9a1c07ec

  • SHA256

    47959274e82c840ea122b80d0288d3918f60516fe8dc037f6edc71d8f9426fbb

  • SHA512

    17f058c1e4bc6a4bb7190d904b1dbc4ac43037b4f093673c76c8575e0541db73e86d28e37b8a3e046fe8ccdba37a5ba42876c56388a9b204d5bb37219c2bd693

  • SSDEEP

    96:WMQfVsn0apnGCot2f6U9j1hTp2Ho9j1v0ujVn9j14lr7nCj10Jr+:WHfBa8+6ojzd2HUjiK3jClr2GF+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d-capturesettings.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2560

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          71ade9f4256336609f6057318efa7a42

          SHA1

          0f20446e3ff069988b652687060ea9d9c361b396

          SHA256

          fde04f6b41bb03199042536bd24ee06e1742b63030db5f9fff75239a1cb80a78

          SHA512

          ab60e4ffe2902998989224e5e72a278e33067cda990a406b1e6d2303b78da14a10226e434958d43433d0a0e8c87806370d2a4fb374c5bd8859105674232b8f59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cedac7f1e77590b23862fe65ea64f7a9

          SHA1

          319dbaa5320c29c9851b44d2711462b09e5c83ca

          SHA256

          1a15b7ae6f0333a98760215ace4d70bc30a19a338c27169c772e23c839cd0c63

          SHA512

          d5f9a6ed31b9d132e7fdbfbd4fa72ff4c77b63d98eec1e4922d1cadad95b9ea503195568081e439d4191f3607db208edb7f777a3baa87e860aabfd8ea5ab1e5a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9f0a6eb82f1ffb028b7c6ace1aa130e2

          SHA1

          247d62aeeab2d3b7cee5fa008ede4871cf5f5eb4

          SHA256

          f533768bdb95e86d0eb57d84db20f8205246de5d20507cbb0728c5ab9ff7cd82

          SHA512

          8243d32a5c28dd3fc5d6dd974ab547327c2c27b2ae329ed9150e1141de44ce3b25856535e83f1e6a315c21a778c0c6932668332ab5eb210143d775b5b3c09763

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7b1f61a856e6c696fd65b5a0453ceb03

          SHA1

          0bdedb1a14e2242eac9c492312e808341611ed82

          SHA256

          a700b1708055b0791efab8146e446fc43f4ce63420b97dd75a60695553f09e72

          SHA512

          5f0fc71c4708bc078bde0fa373653ba5ecf4b5a0e3cb98122cd85906a6bbe58c45a7025ac01892c7c77cc0bb370fd45f9b072c8c7fab62c86d47ba5e85923629

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9d6a389c44e89233beaf71d6dd262719

          SHA1

          3ee4ebafd4305a7022c9d90ec9e6ba3e8649e1b0

          SHA256

          211bff544e9cf72eb15297068e79b7386a6cdcd4a77e7f780e292c603830e278

          SHA512

          0ff157c3b625263f3dd5dae5fadf5df67b802a1f2d4dced3642045a13771ec335d2e0779637e0f4457562d1f198dae3a74efb006bd25a3376dec9ca6e66a362a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5ec2f751a40333e4269ec50246653157

          SHA1

          49fc4d3cc4001c350e8b5284cfb4828fc4db6338

          SHA256

          d6a7c023636d715724878dea88ef94c805290fae0d74b3cb28fe65d66bbcff18

          SHA512

          a19c98f72037d8ab0f62b8b75e4abc753c9409057b3778eedf3824bccfbcf3bfc35bc9009705c1ba80ac3a031cd731e2b6312cf1ebbd55d76fe85d065933eab7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          686fa7f62744c31d5214797aeeaed90d

          SHA1

          fdbc28d76d97418377c969179581f8bd5feac263

          SHA256

          2f7e74b525a15819fd3673a1996d23bd7e00109c839cd78b4e882ee780a7144f

          SHA512

          0b4b6ad2a09b4bf4a4bb72a1ee578e7b7d51d90bed66d4fb870d6721abd4818f2821c546aacef0e8c3fc04a9228a375890c3923fbef3a8e01f538e8bf05e0c1f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          800a67735a1558f9182af8094b47733b

          SHA1

          1e226168bcfb53f53eba91ad45d4588c661dd553

          SHA256

          ed57391bdc6d0a420fc72fb18f8594d57b7d5a795d58a07bb3fb0bde972cb45b

          SHA512

          c9ca1bf0d09507be7408d2bcf6ada8f299d3b653d2ba4970191e97a811a86b73a375a740f91f60276486b89343121387624ac3f184b60a64f0bbae6e19507262

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          630429788ff4153c9669add12d91d883

          SHA1

          ea4d8deadc3c70873614d7af75763775ce83d111

          SHA256

          1f6697cdb8578c66d64f8870b29e4b333c8afd94051ad9605b4279cdda6fdab2

          SHA512

          f0e9989c272250e3165df0f2551b913c56bffa4001e7340c9f98d911b61e8928d40abdc30dd62e253d8c64ae759c9057fce8b91c0fd839ce59f81c0318a4bf2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7667ea4faf5ed9cc44c13cbf5973087c

          SHA1

          1937f4e4225a6c07b9c38467e86e32fa99196b00

          SHA256

          4a45fff57ccf9b345e0fda016cedefb720404f274e357958e36e4bddfc46d4e9

          SHA512

          d7e77554af03f68703df91e820ec877e890692fb367a519bb61b24665beba2d03958545f20a6f4441f7ab5fc519717d69efc076b58508f57e9a90d4a7bab7ef5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca6ad798c0c0a9c38ab79a182c96d9df

          SHA1

          57944957a7b2efda8257b2e36bdfa0f26db011dc

          SHA256

          5671d656bffe6fe384d39418babf185d5b4b83093e5f85ecbc3e0bedbf167d5b

          SHA512

          7ff5dd12c72da27bc9296b44791af580580e89950611cdf9e5bf97ac4d977e751b1652dff2f1051f534a962f850109594e10e7c50d320f836f6df4f3b2366e27

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c2301b22681183195bdb2b048425f43c

          SHA1

          b9be5f7e5d55e4664d3f1fe9172ead31852649f2

          SHA256

          9f1bf2eb22e29a4aac9a8f307cfa9c8f663b0a6c31ad932b9346978ee6a2f1d1

          SHA512

          becff009841a82b64ef7ed2777ad5ce16e9c7dbf652e4213059eede6dc1010aaa0aab8a8e12d298289574c46032b083ddcca3d3df450714637cc06234fd08af3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          030ba5fc642157e6f2035c6a1a0d45af

          SHA1

          be40c8075bb713f3bbb674c4b09d333cb12f6157

          SHA256

          771cdf683d85c61314e94cdc0e21ec76a2dee8ed0673c8ed21537621231779a1

          SHA512

          117a44214f0e433057f98d0924b6083fae92f2e68c0a36c8b8b17d109af1f2d7a44a67a8a2a02b9875b7e7bf716183e06bc14c5ae4dbb566b7b1106fa9dfa601

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          91b8f7b9f2fdb51f764907c03195f09c

          SHA1

          20aa784231ae739736a6075a880226315a4c5c8f

          SHA256

          91a7ea0e4ee0a8eac2881ca27d2439ef29da63ec62b416f2daac5680a66291eb

          SHA512

          55e2f8d28013598883bda9286d176ce08712f57a0e410633ff2d6b418c7c8c721d5a6729a053baba763f1e0a24fe1b1e1f41dd0f0fea7ef58f4c85c226a14871

        • C:\Users\Admin\AppData\Local\Temp\Tar4ACE.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b