Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 06:44

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    736081db403fa246d258f29b64d89484

  • SHA1

    1588a3a90e903b810721e42bfd56be5f899a5e17

  • SHA256

    31dde7d1e968621ddb298d409e5c9fc2d08459a59fc1b77dc20dba863b0cf346

  • SHA512

    82ffccd3ae4d5437e928ed22ea8f322056e919319e887708d09c271f8a83a2dab9fdf67d88ee3b28fdf0b28fe4bb3e97352363dbb93ed92235de47401ac44d34

  • SSDEEP

    3072:Sf3KRQDgDTq+HyfkMY+BES09JXAnyrZalI+YQ:SfLiSsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:352 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b597ab87a770522f2683b27154169d8

    SHA1

    aac59a83ae2ee447f51e3a8806da9ec4f2783e63

    SHA256

    13ea145582684639bff91587b4445cea84cecf7b4a6dce06c23eed8264d22985

    SHA512

    28c1d60503edd5eaad4dd8e57c420030780ec9e36b76a0c9763a3499048c67ff25ea622df5fd092356acbac59ec91b18de73b97b6d54b60f8d90bcff7f989f5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1bcea90749251372c652447bed21488

    SHA1

    ff8b72c8449c1a2a3d47c8b6abde123fa8e43434

    SHA256

    d87e1e1df67b053b53e863fb12918cae1f886745bc946f90c7959735b1d625b6

    SHA512

    8edd3c67f71193e41bcbf592666f8a9a6a8f1317587b246e55ac308a215847cf55651cb3d5d0fb0a960824bd639c0b51cf84806742a60a623c40124efe488557

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97b6f2e56f171d166eaffaac14c6cf23

    SHA1

    ccc86b49858734724cc94c122997d0a2ea091284

    SHA256

    e6bb4912e21cc9e76b2fce2aed059f5f65d77edeadbdef6ae3ce4481ba5eff2c

    SHA512

    c25549fc3508b70286044bfd30f73317ea1ee0823722544a780dd550df0c73feb440cc27a9ab5421c8348f2f63c082b670b2797af45e92b79b576d98dc612625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f269cde160e102f78e9bd2606906cb1f

    SHA1

    d2484f64c030d374dad6edb73ffed5bf9a7fb568

    SHA256

    6499cbb4ffe4c2a330bf3913e44812253cc0b14979cd131217acc7bdbab1bfb8

    SHA512

    c96748f2a69d1356988986589087177dacb19a78aab53f02372cda0ccb179ab03b2a809f249c7b4fd692be33ba237d1eaf781edc23509e296c0e7196da9ac9d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f5c19ae08783a78d47008602d394979

    SHA1

    eada01fe687d755530d535e4e041818e4edab4cf

    SHA256

    e3b2b30728714b16c3158e352c585a9529a2eb60b7f1674f358cdc0f7afb57eb

    SHA512

    3d8d774bb68e2a7b29decc76fb9d337481aeba5dd4aeee6fbddd6e65efe1e81bd2968130213c6084a7ed9938e2a5b8778268a4c99cfcd9671825fe37abd258c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb5e2b86a66a58291c617dd8d4982cb1

    SHA1

    dfcd1c940785799acc511bac60e9114533ac3026

    SHA256

    c356e07acd6374c3d4da6f9c7b8bd1b8203690e34d69792b935de61f79672efd

    SHA512

    17e24f05b6f47f2dbaf709b9f609abede35dc46c0672a552bfcd23e1350f73d5ea08faf3fcd8a390bc3d4515b7c88e8c67cd61edf10e3b084a58f4240d7e6278

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b9ecddb4518f68d5262f5dcbbdf2e6d

    SHA1

    dd0e09c1f49673d26760de2400a03d61bac2e888

    SHA256

    e1ef45def5f55816d9f9ad52ea64ffb63ec945b2ee217473cc79ed2f7438a3cf

    SHA512

    a1f2fb609c6b2f9a855283814b5bcca6942060e51ec5e55fd1960f71942153b5c4f2a8ec41e9ece4e3bebae2b68489fdbc1add4586f19b6c593f0a47b734f503

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fd9ac058b30ddc2f218adcc6780eb24

    SHA1

    e2060144f1bc24f1a838be7116e2ed80cb7227f5

    SHA256

    fec6c652057cfb9cbedd38c20af7f8f94205c8c80c1de571ea552fd9aa2bb765

    SHA512

    46dd9723cd5ed86f70a6967294a7f437d7abba97776945301bac8f7f95f37f37e1ed1d75374cceca66f071c9ec9beafdf6e00dc98ec5943884a55ddcdb6bfdb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab88fd239a566e5b347e3fbf6a189986

    SHA1

    3542cc3fb66a06f294f47cdb7b2293cc761f3324

    SHA256

    7abe74fa068658ff291cc1ddd6db9224285aaad5dcc3505a00c46cad0e1d6af1

    SHA512

    33cfd570ab094fc3944462ab2b1c3c157a02e6b3856c8cb4aa8abf7fa306d2530367877973bcca3f874917e0971e07baa1b5ce9d07911f85cb135a39b30f89b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7a8fe2cc9f79c563d40afaa1e879d2f

    SHA1

    1fb96242fac5038fcdb5752bb830f784fea8e23f

    SHA256

    b1d3f0a91cf52a2ea7f289dda077d10656ef6477354cfdb6089ef22de6ea6e0b

    SHA512

    f73e072c12ea4e6139438802bd191d003991b3457fb99956d08bdd17c765f6b7cc7ccba4ee60f45d1d1c3d1160c128d0c5ac96dbab050cad8d62702aaaf42167

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fc30279f5b3468249f71929e585d732

    SHA1

    1dfdeaf61abbff2ddead080428464ba5b2b34a42

    SHA256

    07904e506db8b13e20f53b07fe4a78ebfc720d7b96b167a34103545a5aee05e0

    SHA512

    0759b7c600bae0a2dcab34525987dbcb502f46a19e2242277866bb9c6826182cb0529537dd6971724d322d4e072b285b0a5cec0604c51c29105175e6ed3a3d04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8b0f480893fc372de3ebd9a0c911ce5

    SHA1

    ed1940c9998a3c0bc189b3c8255b8db136883e0d

    SHA256

    e75a7d154f3d28399f0fe11e37e572bbd694a597e1709aa4161ff21f19fb6c23

    SHA512

    0602b122720fb473c38245e3849b72b0af107173374ef7d6b6ad9c6d8d838a54ca01e28561caef21189584a661d9f6c53ea1ed22cb8bb07bf49459c76080c9ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16e2cb574d15db9466790b6f9df050c7

    SHA1

    7694676cd93968b48e45b13f50a55c38065907e4

    SHA256

    a4eb1d8b877956f4c55682f659f8b3403af74fb17d626f2046aea7e8606bc113

    SHA512

    8f04078eed9698ef9ecf6340058ceacd71c6c90f9d37165953bceddcab9faba7478050869a0ed940c1dcb86a4143409057afafbf4154b001ce80a0d27f5407b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f68e0fbb5b0fe4eccc882b1f6197cc93

    SHA1

    a888b513570213c00fc2e88bd044aa95f1d3858f

    SHA256

    71e535e751d67e414cca8bb9dfec3f58fb0fbe65b1cee65191bd7022543f6a9a

    SHA512

    9f8e75d92ed6d186b7582033e61a0c83ab0b9a1763fc1298665f6afa13ea7a949f525fae8008102d48de40c619f3e7c4b3838b2205f510e882ea87f1a83ccdfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00206d08f6c96517e860a51f80422b27

    SHA1

    ef21ded96aee575a84e42e096d02025e431d62e7

    SHA256

    b2591b46db1823834561ac59c0d044003c5c8a5671f2e9fe25fdde5ec1e77ec5

    SHA512

    226a56d7ba045dbfcdbdfae886a7193dc68bc4209641514418b6a53705dca12bcb89ceb78af2e7f7d3cf675218f5977097c81a206370104cfeb46c5c105af25c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5b8b90d80b18b2982620608bd101df1

    SHA1

    61389d5d8401f7b0a666ffdc8df7dc12ee3345d6

    SHA256

    c8511a04924de0a2549c25b679e84d0b25cf2928228a21911b8084ea8afced42

    SHA512

    739374fffee47986ba5432606cacffafb0549406d3a3d74340ec632f19051f56ef4c1a02215eb6a4b18e39e2048567c35f23c44dbd665464e8e319abf6c9d957

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68933dc60b4f6963a47dea3717fabe14

    SHA1

    5ac8e72346c11696590381c91542a196d38c45a0

    SHA256

    c7d4358c869b4ff85c981866d6055482a53e87d7055ff6f8f8508d12f7d540c6

    SHA512

    0f46729a138ce24bac6c40bbcc6bf659fd0695e4649a691361914fd783938cdefe0afd41f6346994b045b0d28dd537639d9c966abbb46e80a99b1101b7c4d5ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c3b6ff39827a1926b1e8b51ab525c9a

    SHA1

    7c6c8f7613126527dd1b3e44056687e6c4a0d1b1

    SHA256

    1ca185b5bb16b8df6d76e137e6a71b29e1e972b5c78ec79fcdb4c713693e9fde

    SHA512

    35c8c357459cfbd7ad3f844085d1c38e11b65948c979027f2e4278ae36ec0f851e24d765380db7ea0fe089b82a1ce2505faf25cfde51230c990f0af44b5fb113

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    945142d9766292cffb6677d877ea4a80

    SHA1

    f4a364e56085522100ef198e974b1f5fd236b3d5

    SHA256

    971e6406856e3a9ee8d16e2f5ad21032fe232dec5afede01f0c344696e73f136

    SHA512

    4c0e91137ff2581b3f45a187904597db706bfcc92db4265053877b87f935eba5fe090fe038d59919b9e6635b2244bf838d0e7eeeb55c85aa27b27f551604861c

  • C:\Users\Admin\AppData\Local\Temp\CabE74.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarEF8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b