Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:02

General

  • Target

    Electronic Invoice_64549934192-2023 PDF.htm

  • Size

    5KB

  • MD5

    be5dc33df1ed61826aab0d96833a76e9

  • SHA1

    370ab3f4f803d8cda4a3d9c1f5a1f3c79b140d99

  • SHA256

    124e60d01e003f69a37a67a06d4236bde977cb4ed8058c0e8c252f3177e1b42d

  • SHA512

    dc0ea178b2d078b9e71ac1450a7e214b85a0628e895e95b1f406071d91234d25f941f1546b7038b167d28819a5d981f021e7cd6e081a8f05813200c2427f05d6

  • SSDEEP

    96:h4TdXb+xiTb5NLTbpvNsvvR3B5v+mbBL5KJL6wfq99q++t6BVARWMDqxotQ296Ht:GRL+xiBNLxCxXtx5KJLfqPqztaVARWMM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Electronic Invoice_64549934192-2023 PDF.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d77b139dc851c4a1643d878315697679

    SHA1

    7afb5ad9bfdb1e99165346307505aab1c9e77fa9

    SHA256

    33a009f2bbdee0a223978851bc556268e9da5b89ed84fb7ae32d80c22e7534ee

    SHA512

    f911d5e75bf4b70c8c8adeebf9374be1903b082d948a0645938cf97588b8c2b680a5543acaa9d73e953f7941d80bab3370cf8c264fc69c371836ff9a9d2bd2dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11c1afd57aa9426e1e3beba450ad75b2

    SHA1

    4fb9e7dd33786bf224900e37f097d1e4020b57f1

    SHA256

    d42bafd30e72afac933eb2f1c524df6a2e7ede111a7e9e592f3d0deef828fdf0

    SHA512

    162cfe683a6760e2310db731b3703cdef873be9c2f06702c1731b23aa69e0da67b2d00571c62bc6d865fc3dc647c532447bacf263ead9af2701a94748ea95a8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55bfdf6ce23f3a72580e078b7879abc3

    SHA1

    fd6cdf5ea67c26e6e23ac1c3d234ab6ec299c9b4

    SHA256

    46a50b26a089da0dfb36152984f6f9c9bdd530814f13a3a8fc749035a6b30e3a

    SHA512

    65dffbf8761e81260c3467d36aa7216e48b893dc08988125891ec6396b6395af25b1f9befd06bb2b7be562240b7b3f7efdb2edec8ad29e4751b9976f661397a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aea093e340b826c8ab144664294e6677

    SHA1

    5528b4fe219b0f282edad4a851dae57bc95dfd85

    SHA256

    9b8cd4c55ddd83141a5aacf619f8d37083cd922ca49d60a4c1ffb7358c844553

    SHA512

    47ca41107df85530f4f9ca6d650a58edb9e38617d86ff77a42bb48bda272a821277ab501a9423325b2c943fd2b3e2f8f5f94e6ad662941a1d544c24ac57cf118

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92f33e99e75d05a77a6fd24a58ecc79e

    SHA1

    c0eaec4e10043e7c66829f6597a18ee2e4d9752e

    SHA256

    b37cad35bac126d1d858ca8a8502636329898b0e6bc5d6f4d04f18f5741786ce

    SHA512

    ae3518b5dc416bf1be86213d5fe04c90500c912d75f88f9acbc1e66c44414b3f717115bba095341396b47a3cc55069f97837c1f78d9a846aa8f77efb4845d324

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aab3d775b67a7227108f37534b02033f

    SHA1

    90440b72c10f8d47285eed45e91bb5564d3aea27

    SHA256

    8420fc3de94487021013032f89492a847a98c58401b36705b531ab27dce38b7e

    SHA512

    33ea696995ded127c4b0da7e9830451ac6a1c153bbea5ec7ae83dc74b594769ddd778596056f164c52dae496ed8e1887cd1b6bef839b959add31d37ea6a6d086

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    656e96902e6ca00fb3ce78a45f9948d3

    SHA1

    30f0ff2757002ebfce18af3853abf3540cdfb72d

    SHA256

    d8ba2fc506f2c786556a4034f1920d51932a5ad2f664e259d204b553f2033276

    SHA512

    a11165f1c0e811120246443dd33a2bb2703b385827c2d8ffba4f1da092080e662dfff6741365bc1d228eda832a3e1af62845760070c9ac34fd1253d0cf0cef75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1dce12cf93224a30d1a0766755c6ed76

    SHA1

    a97452efc260ce1b3c21ded68cfee3bf33547f62

    SHA256

    9443acaf192efb49e0b3c016c3a83dacedfc50bf9c4639095d23ec0bf5f92473

    SHA512

    db10c2bf348db6ebe40f7cdfaf3c463451be5f5f1ddbc8bacf56bc6b4cfbcdcdf25044d77f7b2d6f67a83b75007497f377e834e571a381b21cad17d6f2141614

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    527133f592e7b43208140d6e1c505402

    SHA1

    803a88abf8ebca87ad27e2f82f8430d5b841b312

    SHA256

    e6f2e9f4a3f61b2c726b6d0c6c3790ba8dd71ff351944678ddb1dd3d43a8673f

    SHA512

    37a5c6f212fb8c3e68d6be183a73ff3eea68ad1cabc9e34dcde59a399bf7b5968fab2fe0b527b973beafcfb6d70f9e6aed4d44a2095c93f78c73606424930a89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30fa0769a56637cd06f1832bef17e6f5

    SHA1

    7c0c2c911efbc42b98b16fec97da40f1e6ac0cf6

    SHA256

    c4dfcfc725d993d14eecefb27b5f88d274db52516cb5b035f7349e8f50435785

    SHA512

    1886c76c2b2cd0c22028303cf9b9af4532ca64f26fa322430fa05ef88ab80ce93310dce13e8d9c60edecc757144384a3ba1620a3257c5798a4bb0e3d3e5bc95d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d72c673c8beac9532344918d086045a9

    SHA1

    7036ef244511c38bbe671b43515df7e531432046

    SHA256

    5ab8afe7ae1d34bffebdcadecc63381fb33d920e07f709a73e2c6097fb8697dc

    SHA512

    325ea88376369b419e753c2e48976b7e06a1bf0d1c4020d65dde161c449052a434554d58d313c81c53a5981d8e920be62014a2fb7db1063e0f48d7e91bd43633

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    258cb0621f23e1925654592fa731e66d

    SHA1

    85a7f05c2d2f46febdf0e11d7916f1a5e8be6c1a

    SHA256

    3ef96da3dd6f6bdfc845fd8aa5ed15de78080953387068e0aebd7e80c69b7cf7

    SHA512

    48433a66b38f9fd029e9f69da1be56071b31e122b2887af9be4a8651d3323d2d77841dedfbc0222dc64f1c23f4df8cd29f1db62dcb15a039768e3f74f8ce9320

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee818397997d7d5f374ab30a1ad003e8

    SHA1

    afa5042b32b4c72ead184cb0b516558a2b01a251

    SHA256

    1d30c8fe3e4062292460d9d902b21840aa2950b2121b4ba0290f6402cecfb289

    SHA512

    8ff0a18c79b8ecbd2cea851254b08cab041338a119ee3bb7a6f5741ea68b1cb72bede49c22dee59844593a80f0bb69327f93aefcd18bf597fa044bc571256830

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    930e8e9c465280fdaeef014003a7e9cd

    SHA1

    13c6d8018555f7df93ad420831e9ecc3c59d7e03

    SHA256

    503402153c73090f846d14e6ee902fa678390d11bf8a160cef557e5cca00e4fd

    SHA512

    9abf19cad188c1f2d40763d903abf62990efbb6ab6581e818c014a558d5b001344dfdc3daeaa2e8ebdd8d392070cfcbc102ec560e1df7635c24725f84d172f11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cec7d622485f52b96191d373f7416b90

    SHA1

    157b3fd8f6432f2e1bd02cb8e2202c62ffe717b5

    SHA256

    3651d423c05ed00761ff6beeeae6147099fda3b57f58b85843420a99c8241320

    SHA512

    3c8090694e1e9e26e5fc4e79635ec90690247b87a5d34adb9c604d7e423da395e923f48b79c00e67158a58316d76d4c24ed4234e4ba240258628ef6b85bc60f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3851a4e6b6ccd48db1bbe2acfffe1779

    SHA1

    5a9143a5fc6dc84ded04230008ec927863d9b353

    SHA256

    7a9c3ed01742b8816d12bd5b4eeeb37714a495a52da767cc8ad072435a1eacc2

    SHA512

    bcadb27350895b7543423cde954c71ffe5921068fd751d4b8eae8873f2842c228fef1902afb34d073baefa81965f804a69e16400d0517aa9218d04bb0369f156

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe483052c5946c6167ae90589dc22292

    SHA1

    fedcb570afd042dcf04475187b5a603b0d16636b

    SHA256

    f23f848800e41066bccac67e13928f3d8bbc37fa74db40cf99e54f1aee6d268a

    SHA512

    22fc9c55f13acaf749c8ce0f15f5a92c741b6dd54740ef5629bbc1bf8249d5d3eec61faec04a422250bce20ab6a335b44a3f75c514b64921409a01e0f5ac4693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    baa7caed49d5f8da4a806a7a761ca147

    SHA1

    f5404f7384e56e1a5bedf0c0d013f1b0a510fc71

    SHA256

    93317b0eac200b00b4b1c07531e32dac6ed5e9526924a9eb2fb14cbf24f0bd83

    SHA512

    9970f105748c693f21515351102c9522f7bc0078c9c414e15a8ffb4b015d05d86df30f57ea49bdc8fabef783a017357ce4a1d525c6560674548fce3fbb468cc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8abd04549c362f7993b60b6d64e49a12

    SHA1

    4ccad8a2d3898952a6959847c17eaaeefffb9355

    SHA256

    8a81bd64ae184d0df74c29a4b485dd6ff6d2096a8e6aa52e9acb15bc6da0d1ac

    SHA512

    e5e74addeada485acaa725bebb63d8a3ca694a72b00f5372df6c6aa49946db8ac5ff5b243c09f888bb5c6c5625a6e1dcb0018a59af7565d33c9bc8dd527da679

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    477078e31602b4c0df4b46dfaec5e636

    SHA1

    5a3b5065e00d45cc6410dbe8fb57b90a61abb77c

    SHA256

    0ee730c093c9390f36fd504c2f87152188dbb399f0f16613d260de9b43c6faa6

    SHA512

    84bd8a3de83a8188b39368cc152dfc48b8bd0a09ad1589551e864929031c289ebdefcc0b4ab247d317a3a596a77f0133f94d7c3d349ec1cab4c706e604d7724b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41dfcc59f49ebb55fdb090aeef86ae54

    SHA1

    00febc567a4cee6bd8362024d7cd45ea46c43382

    SHA256

    5da6efbe9cca1458ad742790ab4d6770098948cc4aa6fdaa422ae95c3b23a45c

    SHA512

    f529f46fa285b1a8baf2c0905238623f87b36fca6449be8252705a3f4063864f72d6d2e04146db3cf105754a6f00e0dac4015731c1548b8dd83da5dda277293e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a891207f78de424a7175dd754446ab1

    SHA1

    deb2548fb48533a321bdce4ff66d44c8129831c1

    SHA256

    d40b68427119802b679193bbd4aeb9843a53f51e077f2a25991e1ca1726cf9f0

    SHA512

    48f12e87594f39e381a2775cfec39107e169c85a09c301aecd5f48120b67dc8d348612a264f8dc3bb1c49faabf51046414856752e73647f8e4e02394bc941974

  • C:\Users\Admin\AppData\Local\Temp\Cab29FF.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2AB2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b