Analysis

  • max time kernel
    143s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    d-capturevumeter.html

  • Size

    3KB

  • MD5

    6b547ffa1596144f4ae2f9b78bcc430d

  • SHA1

    5f4afc3a91cbe670fbf0d46f683d7c14f9f543c5

  • SHA256

    29cb18c81871a5534e7e4f9e731245cde8c02e5fc901b25d6bb4108862e0f864

  • SHA512

    b0c16a8abb2bd762882b5ee77e75755f0cd3c9292e28122f0201b55e40841284589d94b23ad97aeaf80cd2b2195eed9f0a28cc53894142652e74821e696631dd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d-capturevumeter.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1272

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5f162bc4f583de1b4e8b531c7bf99f64

          SHA1

          6fc3bafa98799736f2bb5c7bf630c3d5d4ddc9d7

          SHA256

          d592cfaff024aed97817a3201826e08d82f1cd91e49164df01e79c3a5da964fe

          SHA512

          5f1e704e25ac4aadc08dc70ed4e2805df4d0b7b732a7c8af930c3ea87829e62625dafc87368471fe49d9b56f25ae4f0057d246ae97b5a375d4e5e1001e63721d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8cb796bc92bf1142d8ae604fb2052aed

          SHA1

          98c567c764a16b68eac74c29892f166abe599284

          SHA256

          c33c1f5a1db5f7afe9c7d9d127c88fdc3d1a713e923b2d25eff718d5e930190a

          SHA512

          a25ab436b35dc4c6ce275520b816e2c2d6a91f06439f451e3e195c7fe84ed0e8a6cc822144a7bdbea82174160fd20a98209f0c97851acd907c5d4fc701abdeef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e34607149c2939f4c6e0e04dc8f0593

          SHA1

          c6a890c18909aed5761dab5f9998208b437bed8c

          SHA256

          268fb2351239bd7c55588c99c299287a5e38fdbb6931f23212182309d3ce67b9

          SHA512

          da4d634b3988e7809dd4b10522add299cc571ea5ba787a9f84661a16904f206fa12a3034bc8a2e4c4a44ff3e73315df35c22eb065dccd592f932eabd10581220

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          46ae8177d78997a0b763ade94257bc17

          SHA1

          322a3ddbd6c6234bd071441ea36113993980701f

          SHA256

          927baa865354567dedda7e34654a786a664b9f8c797f6b7fcb85b40ff72b6987

          SHA512

          73fb1ee31d7a008949e49064d032bd6a3461d7c5443b401c282c479f823e61042e7412a6e47ba55970ed035aa9e96fd71102433175ef4db09d2ad7b847651c46

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5561a813e66438c57b43b27dc0030398

          SHA1

          1e78f267a4526dda1b1198c40799414394e34dbb

          SHA256

          f67b26516a76b79b4c19211b7385791ff53bf66ca42e94bc47d18617bda3e231

          SHA512

          c56f5ced47327eda946f815e85079e89b35ba77cf6cd281489a9d8921bf4a99320239b6ec4090c0aa443614c53b777fac1022ec66d9a66ab2123d5d66f5d4290

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf4ac8d221d966462051083ea52b380f

          SHA1

          9968c61d06d2f4315ce591bbc55d49fcaa693c69

          SHA256

          bb6b8ec55dd2ea55bdcc85c7366cfbe6b1aedc9bcc88d8951a2946402c11a16d

          SHA512

          801446e049c312292693ffe8442e97bf9d9948e27c089be1f890f6e386cf312c85199d3481ce620bec5b116dedff9552357166de345e09ca59a4efadc6aefe28

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9d1387627e04ecd5369f2f24405e55a5

          SHA1

          da8a447270423bdbc9ec49b1230390b86a27a103

          SHA256

          fea3858b5add22398bf716c0f36a1e5964ce618b29f2a755d22d5655ee8ec70f

          SHA512

          81b239333926a1bcb9cbe07f4c273e7843ae34f00fbc900f0404b1a200ef31e0272265db7f765b488b1dd419cce40cc30890d5a0e970b03a906817bf26e3d938

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          443588f79a7a359a44c2dd3f82767838

          SHA1

          2d97f97a5b0331f9378f636e956320e26e8bc28f

          SHA256

          f83d8d37be0c8e63f93796f0f1d14a67a8c7097011312f97ca2fc0ac02e53134

          SHA512

          ffc34c78efcbcfb1e582f9c2638e67ec9cbe732f40d5cf120497d1aabd67e7d207e023f513f212305721ce25e57377ad36c1f0342815b550b8005b8eb4d03726

        • C:\Users\Admin\AppData\Local\Temp\Cab4128.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar4F81.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b