Analysis

  • max time kernel
    134s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 04:47

General

  • Target

    sample.html

  • Size

    221KB

  • MD5

    b1a5635f55d3081d02efcaec9c9209bd

  • SHA1

    49558dbf9880a5cc7f6e33a40a21491275dcc30b

  • SHA256

    2b6b9ee718709617e230d4fd09421575cd66112612b90a467e74f7d0cf89ed80

  • SHA512

    3f5e5fcb6e4385a6d3aac4f6fb316c747974babe3bce17ee1d0667f06a511397f40baca83a1728b5ec934fb3f8e66d2ba4503350624641483685507254a770c3

  • SSDEEP

    3072:SHe3KF41QZwKuOyfkMY+BES09JXAnyrZalI+YQ:SHevQMsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:860

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          776f5b142b97a5d671bd4fb1751aa52d

          SHA1

          71b024b6fbd500f479d5367fcf5612c7e6ad4cc0

          SHA256

          1c9a499b6be377df5b8f0eed0572da52112b7ee3e96127af2018a1275a88936d

          SHA512

          27322cccc41817953a21914794845dce3b9d12498e99f25b68018a4bf87ee8cc8e1038bea967081ca052b9ca4f7b480acc8554c1d4020521456fcc796caca6f5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b3134475356d1fbec9fc37ee94f3e5a

          SHA1

          317660bb9ff249ba3e9d618acbe1d7141981f2c7

          SHA256

          a0b0aa7333da68886029835cd33c12e77375cd0813bae2005834701e30bd6c0c

          SHA512

          9e9f7a90696f147b4b8b1decb04f13f161b5b401bf34d0f5303ad32826f0f3666032995192743a86acc018422b972fbafd995358a6884c991cafd610d69a53db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1b7deb6b4b0eec97c630a0872029919f

          SHA1

          a2426c87a0c52e2262cf59e57469d928017782e6

          SHA256

          56406ce7c368a2a8a46d606e6d5d1c64c670cf8e208c7504e40e9b6cab799900

          SHA512

          3a7ed2b9f813bde5ef2481cc6756e9021c1ec8250bc92f3ae5a94f3bd04312f21244c0c0eda50229151ced113c20f1df5bd990e1221a947885c74bca2752de5e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dc6615b0ecfc80140b15d023bf38d9b9

          SHA1

          c80b37b2f5b4a9af6311d36f570e00a3f52485a1

          SHA256

          fb3a4dd8c7b6e800b546e1d7aac75fcb10011ffa0fb5d92f12c8226882dd74a7

          SHA512

          c5e56d5b826a9818fb95dc0836298a64498d9e2561e4cf825a66285554868ad1c9b325bd836092711a95caddab7f86c8c8fcca2680db45f2d430b941c1723a19

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb6bfbd12677ab39d35dcc764e6c7332

          SHA1

          a455af48d65e3e6a48f2157f98778ea7471e498c

          SHA256

          676e481a52a7f661a4ada32fbf771b8273a13d34d9be1f92cff573f02155908f

          SHA512

          0ff17f569f3f2589123c0137940941b3109eb5725218b694fa595d9fa481754c6b3be4a1ca5766dee901bbfba1e6cec9ceb2b9468242fb23dc5f48c1ab1876ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8f15c91eaab69dba4e87885db1bf6ac3

          SHA1

          a435cdc9dd768729bb540381bb8028339f753479

          SHA256

          421897f44b40aa8b110d6cead0c58303223787c7faa9fcee397a06fbeb805ac0

          SHA512

          77fbe686866372107be85933eb966c62942912e6371fb8ba942f39fa7f09f25fd17d6469329691ae49e0f29fcb3ccaf8b410f45868dc2ed130d6b68fa9231831

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1ee11f2ae549c1ec0e39877c01b36675

          SHA1

          12415beda02fb5844ae65e84f8622a6d7d7c218f

          SHA256

          c6018e1e4a1df1359cb2c67e82451c5e260c75e897d934bdf12f933b133953a3

          SHA512

          dfec6829d190711b0adfc010e255d12d2420a9204482a9c37e686349511d620d5a1e9c11b42de4a663d105a364a5c5612cf74d88d88003a26a8af292b01a82b7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5cd1c66cce9f02e811ca0fae692171f1

          SHA1

          e4fe5b92062700c550caeda4b92dd5c081a634c9

          SHA256

          5ca4e084f4bd7e20edc4edb6779945fbafd130a066eb47e84d717c3ca2bd2659

          SHA512

          bdbd7fb5b22523e36c0118b535afdc6fe1610e8b0806dc6188fd198f11426800746d934f470edcbda6a68572575df786c5489323f397ba2aa51a04665ae740b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5a334084b9a62c45ff623ce0a9883b98

          SHA1

          9e592e72a573990a85fa291a9bb4c084a56dfbed

          SHA256

          5aa255606ef92fc2fb27ffcab12d3a1aa3f52e54f51655c2e5e892a1c2e40547

          SHA512

          607277e03f41704a6b62772f784a34685cc59d2166ffdb2fc14f6def643c8a125e40a73846613f5093bc7179131bac5a2b57a71f42c94caa77335bb93355cb8a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          58d385d32b859595608873885f2a224f

          SHA1

          3fbdfcc9c417fdaf743708f65e0f05dfe12e157b

          SHA256

          c36ff59a33515be07aec5931bd1c415201dcdacebde452e21aee72104a644258

          SHA512

          62d9a61ae29ddf857285104fd8e07b5a28d14abe917590c42245be52eb494071b8b8d336416ef2fe6f29a354858ed861e7737494fcc2ca60707fb4190bb95f13

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          20071600df006a77574acb4f5639716d

          SHA1

          6c709095fba7e895bbe87c0ffaafbc9606226890

          SHA256

          0b5d9d222f6cd1536e08a6f6cde0cff3fba749f3a5fd1cef6b78646cf5f76e3a

          SHA512

          945d8e24211cafa63e2df6a8bec517dd52fff48384d36c9a6902ddd83a4fcc6d783ae189b58b0d714c72ab418c963b8ad662b96862ed5b62533908b6d1c3d167

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d4be37c1df082d971c5d9180d7e3aacf

          SHA1

          ac771b15dd014aa7287c673e21593118552f43ab

          SHA256

          49d52ba357953386c6c8390b4095f808d3833a766b18088e02bb7d6cb2705f7c

          SHA512

          a162d722edf1e00e6fec595d97479d29d3de541fbb3cf5b221f38b9542ab1a7f2db8ef86b3ec6f5889aeaa6a8b66ce0fa32d5db4500a2639ce34b8bc4f0dfb18

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          317d2418d886bc55683d898b907f292e

          SHA1

          2a4daa69c459fe31b95cfc7b60461bf7d93d0957

          SHA256

          0f23f81615a848941ec92f8a47f0d99676e7d6d1cb96b555630518240b959a0e

          SHA512

          afcd6108fef97b4bd56a2c5da0ff348ebc2e7d233f3f9d002cf6c33bffca61bd448951df78ac3fd5a79291678f096b4bdef47184f725e1a02fff2826e0937376

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fcf71aec00e7c45bae4ebf20621761e2

          SHA1

          f38948a3ebf42c104ff77a68fa990bd4b35bbdb3

          SHA256

          147c06ce6944bee768de3dd2bb892afccbf02515a9372a71dbfd10c6b6a15857

          SHA512

          b8d4b2effa7ce078dc4edb675705f6486591f712135d7da5db11622ac3ad02570dd4962ae7f96025fce71180bdedfea041244945b602f88a6346a4b6e5964de2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          da34c7e1d111c6c78a0e80dfd1eb736c

          SHA1

          880f4f173a9a521ee7b8ee88616d77715011415a

          SHA256

          228110c41bc101a58a6a4561db7a7970a5aa1bfe2ce7e780864777c7ee489fc3

          SHA512

          01bf17e4fd15c406684b6500dbd39f825fa39fd97a6850164d5822bb9ed156909a5ad2920c297b3e8e42cb9b33b6a8c84519cdf1155cc9fef1f0422b51a86ba2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          90c5116631ae9a11c67d96d862dab929

          SHA1

          d1033ec1c0ecbd85f5ea42c6d5b85dcf0271b636

          SHA256

          9811b119a45e5bb9895e2e0620ef595851ad4268bf2cb720a3c7dcfdc07e09c2

          SHA512

          dcc4095013f799d6b6bd807cb9de01a5d54c382822d5337c55f10f901d631e9f4b23dc12e0a17bc8085568b69c3ffaa7aae44cd13273a5a521a4920b436e06e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5d9bddda8fb050654b6a759e62994d0d

          SHA1

          0bf11f7ed7ca288dbd67bfc36bebe19fbb71d413

          SHA256

          207056d0d37425e4d809636aef0faccac167dbe90b4920ce2e537455e0fe087a

          SHA512

          0262071fdef83569a2d85e4adc3e5a531f1ac47935cd5ecf1d2bda1d888ed0f156ce49a9eca3f31d3a75fbfc0ec43887a6fc5d436e6442526ec3ed2b1d30cb66

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9e471d4a3ca4d98590f221399f4c2be4

          SHA1

          451112ddba2f867dcae1caa9f5488ef155cf5ed4

          SHA256

          8c8b46cc7f92585c858c7b61b3a80b41017589cd3e82ab339ed56d80a3da6cd9

          SHA512

          2ca9f9fc871abca5bb330502b63606ae084f1636897bc16f3cb41caf0ddc01ff35201efe3c311a12bdbb09c3d4554fdf27c3ac9e373dbf72317be1afefd96a95

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4eaaf244ce5f510c37e00f9807443087

          SHA1

          416e653fc658f7d800258b8c6f4b9b9ac0f8b672

          SHA256

          346e119ca6e3f93371a426f9dd24c399ec4b9465a41c418e57f6b641731e729c

          SHA512

          e10f3f73ad7b69d4680946c70d64336b34445fdcefd4ad9d55530a652a027f44bb1874df2962ed5c0dd2dc51d78f4a5530321730f9861f887c6920c08f9017ac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45e74e7b26918ea0943246684ca46789

          SHA1

          a53f35bdba78a2216722a3be0b54518e0ecf398c

          SHA256

          7b1029f4251d6ed31c2d6f843d5e6d4ec9e8e63c04ddca526952f934a61e62c0

          SHA512

          bc88f38391b333a2c50bc02b7c0d5e0675ffb23dc96cee15b5e95c308504a0f29fb0046937a05f2071fe0a0f68b57abc693da8c77c10902a90d58065f6a93392

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          a6950f3b544f3ca7501a2ba0c3c66eda

          SHA1

          e7d93325fa47acd32bf109d61c285321625fd0f5

          SHA256

          bfe386147a57647ec2cc1405463e8336a23e50daa5e1cea057d66ba237050652

          SHA512

          8f6c1a7640de7a8634a5aa0be30e000805a9f5ef095a39221e63db5d48b16a54a07f94b45a0062b859da57635eced7d67e44781b337275aa725a2af896a117de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Tar1B33.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b