Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:45

General

  • Target

    ouurt/index.htm

  • Size

    9KB

  • MD5

    a56676c13cdcb28c5c0c307e3be65577

  • SHA1

    5d94bcbb5ce1e8dd44b19d7d457e9c59f5661123

  • SHA256

    c117ed8296dbc49afda4f3bbd231931377aa40ac07ebdd8e5faf80a9139f1ee0

  • SHA512

    767d18f01be6eab0fef3987fa0e44b4c6122a92284c3d7664e1577957ebd666171d689587bb41f232b5ee1b79cb90490d0fe8764f07c0aaf6dc9bc56b9a433fa

  • SSDEEP

    96:COot4h7AmAERsNS1sn7DTicKOnmh4n+w0kZuDcMIga874s:Tot4h7AmAER71sHTicKOmi+7o9Tgajs

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ouurt\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    623ab318dbf3ef4ccf6ffd2dcdae7c6b

    SHA1

    7f2212b5e98a306dd56822d5c6e53806301677cf

    SHA256

    7f0de0bb7eb7450a44b6113ed08fd75f16ae801d20db46f22ac469ec8e441728

    SHA512

    484ef757c16a9e09473eebe3729f83eb76bb499c4ddbfd461b5c5e2472d3c49d47e77c3e10b5cecae57d60e65afbec6299c3a24065c198e14c35cc91330de68d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c01853ad2dd62fb6ed849c8c64f032f9

    SHA1

    5982599050f8772f545c464850a39af887d8a72f

    SHA256

    829a95bc3c794523cbb00dcd71fb4077b1392d6b09d9cac1f8c64f723d36b76a

    SHA512

    39b9606c8b52e684b32769512610561d6c18ff50b75ac1697e3f194a31bd6df686165ec17c99615d6d9b392f56ec1c7400d022ea46774d7b96a76b0300609c7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    848ee0d8fc1b05aa49ab2f3f3124e2e3

    SHA1

    e8ffe2408100e886e36e42bb6a4b28c1f9d51dde

    SHA256

    bf6f4a2a1e0bbf710b782116d13b7f735152fb628610cde81065a9cfaaec39b7

    SHA512

    79ff7022ef49b2d586fc751854e4b7dc147c10547d1efa43cd5ba349f60542b601e01e91478bd4189412ef751a31ee6ef1c9d05f01d6ea5711d77bb4ca26ac0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2adb8acdd183918757407b5c4a7a9d4e

    SHA1

    1a2b015dd1e2d39e5c752ff2af360fe021c75476

    SHA256

    16c73d50c0b5a675de18c3e569f8e609e451fd6811e9450740c7d14af8a09a23

    SHA512

    c1d4d7603be02074a5efb85c83811618bec7aa66c9d65627803ead5328cc7f09f27390dd54821867e1cb9093c924ab2ec856234edbad792b001e25b61b7fa67a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7d75500e957e8015dc1c3c12d090e5a

    SHA1

    66ef649a3f52ba34a7a7401139dc2109e464829f

    SHA256

    07ab67bb2ffb1931b4dbe0ea3fc62a86af9650f7c44b55e611cdf5686ab46d69

    SHA512

    aedfdf38f65f01a34dde9d28d3b883587872a36bf3873e68ef5ef92c17324f11c984bc199e1b977cee09159f345f0eb11467e4a63e4e95ce7cec8f3b6abb7742

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11d491d5bc6e3a86737be91d6bc0dda3

    SHA1

    203dcf53ee8a74d2c7941461ebf7f27192cb40b0

    SHA256

    db96e86c8392f8956eb245b93ba681ac61c5ee5a324cf4f7aea6f758d5bacc65

    SHA512

    f10b8304c17972beda0b0760c7f8a39d009960de1d7751b3edc631812cc86d3d1e02d8e8f74624d16950e25bc9f1fdfe4e18439bb5ff9c6ba610b99195da094d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb2087b5ee6e88a68899a7503c6fd290

    SHA1

    9bc1f9ff0b96fc9f1063ee0c2f9c5088a8827f03

    SHA256

    a9198c4ee61234d669b4e25fa6ba46a7e19a7fcc4c5f46c8fcbfffbab4be1303

    SHA512

    6f482a84a003ddc68f19cf9c1995c97b5207986bcbfae2ec00d6c0658f6f0f68474a50ae4e3b06c0b478129050551719a254d7fc6997d61f4b797d0578fc4d6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7edac4d47d5919bc3517e48437c674d8

    SHA1

    d57672af0f8d97b9fd88ccdffb1c10e3d6921714

    SHA256

    026e21dcf212ec857fe479cc131a45e673eb7979c22a226d4ae884c8c0c5c2aa

    SHA512

    4100a0e7b01c7617a452fa13f18a469917b96dfab70ee83202279237ab8054c38f913ef1184cbeada940874cdeb8486da965126cbec8316c2a77eb49eaabc9b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fe881a65891c5418018f77e4722fb14

    SHA1

    00b47f5b4a5abb6ef38525a738f914e61177d0bc

    SHA256

    2b35e7ab56f7c85840711363e997f41d26430972591219b7b299e4e186e1d218

    SHA512

    6d85dd6ed393864fb225a892b515f0641239549215768c3cc497907f526d180c40df8eef7e006a69c5b31fdfd1cfb444e57d0477449e635be08f661251a63c10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    566131743db6a590faa8438f3e65ddee

    SHA1

    3148d690262a58a6f8cb185129c1255ad1524a09

    SHA256

    f9ea88ff7c78a669915bc227dda255c64d092056b94394dafa51cb5b9b10c2d2

    SHA512

    a1cc3f923914daa068e5a0860a4b75a3d42189f08f39ae247ac23c24650c603801f5ba9a985bc1ac9f6b1dd52c994ea32049d49b85d4a37bf4492c322473d866

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3232e21ba4b05d9470a2df7c25a888c0

    SHA1

    3e35f07cc192af4896c07efeac3a108b9d12055b

    SHA256

    846ef869f3943102bddd9bdca494198c49002e4ec67bf4c2d52d261f8d69a952

    SHA512

    21a0ea6384ab705bea7190513c297bcd7dba7b680d4e3beff42dafb56a87702630a38c0d3b398d41e57c97d21b7789fc2ae6a5158702dea48bed5c3b299d5283

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1c816a724c545938b54a3cdcec8e831

    SHA1

    f715580c28d8e7b76d99a7400936c90b072d34d2

    SHA256

    70813560da0e966f8df9a439e94947dc3b10b6cdffda776c4f118c88823c27af

    SHA512

    75b880cff15c2a780decc8b4e75bdc58d6d75bb6e338799c35378c512334aa0bfc21fac09948daa87a2d345c7d90746bd331dad3b26c313dc2c148bee4cfae3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    878b78f2b7a7eee21f6882ed2109a595

    SHA1

    24b0ebe0b459b064c41cdc072c989f6dc25c9e4b

    SHA256

    59b5c888b99cd10c3cb4504fa00f1608f494d866d312f501971ba5192bd8038d

    SHA512

    694593c4558b14eef6f5780dde7f04a377d5db5d786b60d34133a8e6e59ba23bd31124207207ff5a00cf6d275f5527c80a5e8f2b70fb3179c23bd0cdd24bbe76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cea186bc122ed63045dbf90db390d6dc

    SHA1

    05b4a1d8efc88311e8eee303430104887249d3dc

    SHA256

    87b8274d7101445e1ab3f5ed113357575b3f6081c009a72ee4802c533bcc3d15

    SHA512

    751336076f9546dba6fd20984f504f9d38a133cde3e2725c7840fa62250e1b3c9a0f893d25771faad43ecaea1e8cb1f8b2104daa3610438b127fc6de3e671d4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5265c1f1acd1d044d349e3414160a3b4

    SHA1

    d49ce22e2c922ce7f3a4d068b98d3efb2c9c0653

    SHA256

    17154f2399692780a13453d6a35ff457aafd76b32330911c609555937168fdb3

    SHA512

    9adf99977eb0ebb68626b2fa0539881ddcd676a5f9a7b5052749cae009fb03cf3060d78add5d475584b35953bb9b894de0070b6b9ef55dea63bdd727ef6510ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8f24266ea2a5e28dc132e9ee89f6251

    SHA1

    3d8d8abf7ea8ae6e0ebcf539ad08e0e5ae013143

    SHA256

    a05fc3d0a127f50a796e639467eb96c70db643562ce370a254ab8d867a1a5ae6

    SHA512

    2d24b7be679791662d3fd3c362ff4dfa71c88ca849e3cca53c1693f277156b4ee86f838110390d2706d69a56b7b7f9b3bcdb9026d25e9451ab00a291b84dc6f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca84628fa6c556f8bfd6224be42d9eca

    SHA1

    e353a73d174ee05181211ca936cdd36e6da2d4ba

    SHA256

    02d4bcc3933696f42b983fd7a0dba24132c0c34e5b88c87dd3b31e55dd6a443a

    SHA512

    7d27db12f3003b9832ae14058cdc6a9a9dc2b75ccaf703bfc41245b1d174a1db066fbae595289fff8ea7cdc7caa51ac036374be8fa8b3715d5bf4be75c42616f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a55233d07672c9d33361e420c6aff629

    SHA1

    159da0ca851b4554b2f1343579f4a5f0091caa71

    SHA256

    5549edb20158492c37badc35c79319cb03d0bdd4ea1dce148f25d7189cffb877

    SHA512

    edced4e70d6f893ac59d57562edd3368f16bd7d352639c20952115d656980362e7ef761c69276a43a8a578ce3d1f301d536046b3020467c586af5b677f04402f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce788941702a1970d7e167422f4f156f

    SHA1

    d673ed26b2c744f81f0c774158ef5160bdf03367

    SHA256

    c1809b544c202c72f6bab8b85dea76a944b59f8bd8c08c6ad6a9557879b5a27a

    SHA512

    8cfb83b491d3606cc0359b81e5aaed2caf8df143b643d191aa9caaabb6227d7d9c8f146b36f70f5817e4e00ceb284885a6d2adc225fd7a2c032406be97ba9a64

  • C:\Users\Admin\AppData\Local\Temp\Cab458B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab45EB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4600.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b