Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 08:53

General

  • Target

    LICENSES.chromium.html

  • Size

    4.5MB

  • MD5

    d4a79b5d46f0931b9eb7125fd40baff0

  • SHA1

    3a38fb263dde2251b9fe157b5fddec7acb07c53e

  • SHA256

    03f1d245e6a2facca9edbdaad108169e0765dd9101875bc2d123797994b9e80f

  • SHA512

    17cf94805f11d499ff12d8e42cb262ceecbeb265f56338e0837d291f6a7ed7f8135a025dbe99fdb2e2bb299f2267bed9365976ea51269aafd4c3220cffef9339

  • SSDEEP

    24576:thgBBmnLiLArZ62BrcrnKHq/kUkBAwi9QxruE:rYBmLAehN6KK+xV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63548821b73ca077a3606adec5ea4d8e

    SHA1

    8682ac7278a27a0fe443b647f64ae814b7c48e75

    SHA256

    9ed7c88e66d77449e801291cde0b8654120ebfd5d9ec12232b97c0bc8afcdf89

    SHA512

    0d065405f86fe942e513fade25ab60007cdfa0224ba17b41e26f351591798026a5e2fed2b7ca943cafcf7fb26e94b1a05743a0f972c5387c18f243799c20967a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15badb69bcdb6f50a10fc8b71dbf8e73

    SHA1

    54e73a8b4b139aaa4afeefcd9fc8310d2b75d5ec

    SHA256

    ea8ae0a350e7fe11e94cb9da50b3bd7ea35f93dc7183bdd77905efa2fb8bb7d8

    SHA512

    bc6dd8330a4d3fa7d554c9953e660e969dd0f65741a7ebd7ccd8812baeb44fddb1504d943f7ca1fceff25cfc6899ae7543c0392de841ad071b1c5a1635090732

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3bf4ce3dc4f791b72dccaae72accde9

    SHA1

    4d2e60cef40284fc52b2d70cb9ea69cba37cdf1e

    SHA256

    90614563bfa4c340fa08a6da9853684329cee7636d4c8ba4db1c9bfb5c3b5db2

    SHA512

    7d05e1aebac317a480ce2a05505addf10b2c06e719ecf4b136974b43a2c8b55f9f5d35415dd3633399cdb00e1f5c5690cb10307fda2179a0f291b11fdb4d3240

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52de1b879f6a27d2e7d05ff4108336aa

    SHA1

    ab015bdf891ad7fb616675009920cacd352ef63a

    SHA256

    3775f9d26d6216a1671716b3b42eafe3dd09278f271ba1898f86f2bade5a87aa

    SHA512

    df2e30a4b29ad982933eb094179e659cb29f61ce6c48fc7e0a657a1928717e6787106ef7bb86844501ad6bd25f6a7357a7329df5573540e9534873b122bac6fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff74fa2a628a4f306c1b953a4a06564e

    SHA1

    11ffc5ce9071a916279dbef3d4122ae37ca7b269

    SHA256

    51474f8fc870ae6c1ec984261cdc25eb0d21169080e0421e6208887239569b33

    SHA512

    51a066fad840069f36bfa1d7f93a20c3a669c005ec26a34f2e9b02039d9bb71a2f9a7a5ab251c50221acd853e6b91b5b3478df3c0e0c0259d3ccb97e994f5bf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3b5b9e54a69447f0c17dbb230b995f0

    SHA1

    f3f7fc0a01c3e355e9ab4c97f6bedf76ca3a54cb

    SHA256

    dd5d9cbdda4ae88cef09229f16d063ba2fb3e2c526bb254f8cc3f4fe888bfdfc

    SHA512

    8b7cc3720dcf3d5292af9449564cd3a3422de294f048589ba7b5510dc4a17eab0e1f383a2a9710e3e32bda5b292755bc10caecccb3fb5f72930a11c0f780b3c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9799be48d6915779045e755ab5539fb0

    SHA1

    c3c8168550efc34e5095816b10c0e42fbadb1eb2

    SHA256

    5046d56f41b158020813c22691c1ea3ccc9deec1d79dd5002dda231d4e3fbaca

    SHA512

    d6f5e6c7a31e764b506b44848adf9fab2c640f3db773b3c2c6b2462174863c84e358978af8b1d153d044c386149238046b0862f2b18afaded1cbb75a98e9c753

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fa0cd793d99816cd74d94f4a2eb057c

    SHA1

    020306c2ea0c26202b221387c5ef13cf8e4da9e8

    SHA256

    9d025ee49a7858c799c04cbdc79c52542bf04baafd32446076aaa354f1778b87

    SHA512

    16e45497147ce4a66c4c13809552430d211a435a792448f70bdc00fedd6ad067747545ff1fbc470faa6a265d02db3a94cf75dd6c58d9aa42e5099cf1afaf887a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba8781d44ad1f3c75a948f51f5387408

    SHA1

    44ec0da8991eaaaea6236734ba00355b0977befe

    SHA256

    c647b53b3c8836e1cf76053d14f55e98f52578fcaf89e3e259428a7657ada87c

    SHA512

    cf5f3cdf1bbd2233e48a84cd9ac3abdca69eca43239a81d75db191bdfa0320993d0a35ee0e9f41ae281321f0d5f42a13abb9122acb2781aa4efc9362147be300

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8eeb4374934ce7e87149070e67b3a49a

    SHA1

    1a9355b202347b2567110916f8214752f0b59816

    SHA256

    940a09218b533cc5193d527e1fbf7625c196ba2351e8381d79706740d044c666

    SHA512

    c18bd2d9cb89a29b7ddedf14f16beddaaa0af7ed8767e63cc8cbc5455f956b5ee5d22731e4dac08f3ed7e85fb509f73081cf8070a0a76afe898b1dc154318c77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7802c5824ca4f73860a969d6257e9b54

    SHA1

    04a57bdb78a96d0573273b889783af60e1fad649

    SHA256

    39768a94416e56a7c95f8d89fa82b219edc435ed26d1ebcc170d45bffdecf09e

    SHA512

    4acea02f22bcd0a95709297dd4e6cf740d7803cac42787d794e3e857055db4ef18f310431242633c47170151c13ee46b9de9a443cba367caec2e5a9514c1f319

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22a65e09e274dec721e7b36f7d413152

    SHA1

    4863c5ef1c1010ffd9287044e8a2db591b4c6007

    SHA256

    31e5880eaf48a1c9c607e06b96097bca5b4a0f092785370a135945566a52f754

    SHA512

    760e06f3e7df5badf536ccb4bdba0f01efe460a3fc521320b1e8191134804af2ce86c084d8364889bda51cac2177f52b9a1b83c87914b791e030bd91573a0608

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7bacf0dcfb48eae91fb4f39a30f6cab5

    SHA1

    0860758d0b3e9a94172db531cb10fbc3b75372bf

    SHA256

    f269fd9acdc131420392279ce9dcc7e9514b768c800647548c2197026743df50

    SHA512

    dc5ed5aa54f9aab95f4efe952382fcd28a999dbc75713e72ac698810fd27469432aaf8e1d36d95169d05a028bdc0057f3b31ca7d7c23c7ca213c664782e86235

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dca74224a071c26574ee69df57ce1d2

    SHA1

    563f97229a6fefbf36ee26614dee897699a12e07

    SHA256

    888f1bba65587c521f1676410531967cce588ad7d0036ebba92045ec1e545042

    SHA512

    9d5de8dcab08aada81cd150fa3746960f69bdcef4724c27ce47fd766c888f30ee21fb7100f5f4175f637334e2d4dde612c70655c554503bcd327cd99daf12151

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35de2f2f8f5604f14ae8a620d9e8e29c

    SHA1

    1084fff69a1ad0ff056cebcee8d321464af46e5c

    SHA256

    619b695fc89930f0c91340cb6b7e2b96509f6d5fec074dcfdc6eb19369d6d92e

    SHA512

    0269790fe414b4c901d4a4cfbe99b7ed4d0e5e86dccbdf862c3f47c5d1aab9f16f71d21400dab5c5ee0c24dabf8dd4af924ed45338daea4f7c3eac0517703f9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc0c2a99f919d92e2406e17d1eebe50e

    SHA1

    4fa62779770a83b098028e2fd77c5708a239d44f

    SHA256

    cb438fa48828a1843831c09ee4efe82bcf7e056cb368508cdf11ed6d19ca7e67

    SHA512

    c9bc7aea95349d686976e6fda732a3942e228f6d95284c228a98c4c664fa70f3d100f073ec6b4aacf9e21408cb7f7fcfc1aff55598ae41d38157703a61737f33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e4e1620398aca3e1191dea888e295bc

    SHA1

    dd8b16275e0e1a0715f4dc95d2ecdb304d250887

    SHA256

    5e50fbc0c70f275c43c291225a120a5f89927351b40c96d605388dc2954b9545

    SHA512

    ddb6ead8d8a6470538c15ffea1226ecd108ad4d24d7dd3a0b14b01cf67af2468cc9832438e893d875140f0cc21b877f5e4388d2be466cc687f0c48eeaef67b16

  • C:\Users\Admin\AppData\Local\Temp\Cab5B9B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar5BFF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b