Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:54

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    e380e161e387f9d57cb54e627b6d85ce

  • SHA1

    71486a96a9157067b5725f6b4b2c74bd317ee833

  • SHA256

    622b5c4d806627fd00d17008cb212f5381c2c0f11546f8663f33c5611244832e

  • SHA512

    0d190178bf2f90e0818cf02b20273c7f11d76aff88d472c036713524068a8bcf7a47d01ba02015ab561f129be305d21a58a347ecad087dc94af5b0761c03a804

  • SSDEEP

    3072:SWithdO0hVR3yfkMY+BES09JXAnyrZalI+YQ:SW/OCsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2379b2608947b11c6907295f855404e7

    SHA1

    4ca8b34459441afb396791f0b838e3ba2d8721a3

    SHA256

    e5e46d23b0726ec5d79ce80ea54932bbe113e0684eee26f4fcf6307227889638

    SHA512

    3de1d0281d170c4f69e585f2a7ddcfb201b9ac04726f67dff3ff01f48ce34559562e46055508fa4d31a38bc7087c83d064a98c4801d8a2c39cfb1973df9923ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2ecbd79faa28fc1b2c99c8d863f889b

    SHA1

    90a1dbeec0fa0c51da5554504f610194f383aa16

    SHA256

    9289c1a996120166f3e22222264c9d856755319bd6d4b0f2f7b81cb969cf3551

    SHA512

    2f93ccf5847b701d49d5817de1e73ec31d61624e112ee4c5f667f4b2b6ac4b87febfe83318c8a6e403b5ec3166c76bc8b38fd583891757700738147e4cee8b95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6ff6cb98f408531cadfc4b0cecf392b

    SHA1

    afb6f8da0c940e17797e70fd6778251aea26f53f

    SHA256

    f65e019db9ddee4032cdf0f65b6aae678d7cf4d25a1b01ce3271cd377d0808f3

    SHA512

    e71c99607d7035407d082de9fa6cec024a5f8897e24c193d4a55a7ec880dafda70cb1169cb547f33f04c7475c3c803091fb7bca7a01b4afc28de7295a9824469

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    497e3eaaf321cdcfea38ec6e1c100e25

    SHA1

    83538cc4c1dbbb245f8529bef484c18f5631cadd

    SHA256

    8d91a9095411aabf5c58c903b31d0813b812e18e1473ab23e27fe8e36890a14a

    SHA512

    bc5626765450df21e879690bef71b27d072dceeaa5b9d005a6a62faf82e4c80b0fb2b8eb4efdc432d3c9c5c9abba74a65436be40a79f27689eb5516afd2af19a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d19bfff4d67bff4758bd023e2a1f350

    SHA1

    da18674d0ed1244a703d874f73660e9aa46398e0

    SHA256

    dc820d89ba4eed5a02d4e3943836d8d14574e6a191d6a8dbd7a881b9ea3e56c4

    SHA512

    30f3f1e28554de886cc7f2c11487f3fa90630160a5926911280ba8f95d310b71b14da0e35fe19f6260182520267a9720dfe96702b049e4a3628b770e63286db1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a56b13348e76daccbc048e0d0600184

    SHA1

    9d2281b5b1d5a88edad26e05609b928184e3665d

    SHA256

    193bb8351da5499d7efa203087246ca4dc169040e0b5edc6159b71bbb436cb7a

    SHA512

    e52f9fe687da6579a73ec271938bb526d710ec72f58a7fe9e6ef3a99e7fd094c3e11e21605751a6d219f6f4bb63ec0b0a7c3af0c745b36f62d3f9f186e45ba66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1af4e250add533e9d7557dc8e32aeb1

    SHA1

    d5e66d43ca2f122fb028a857ae3c10cdaccf7d45

    SHA256

    7f899fd3d3bf1fa494bc5b2912baf2acdb2d4038661772196602debf113c5c38

    SHA512

    528ca20b349a12b7d19e871962980da64751510614262a7771fd58e2937da33e7472afde1f8953c3631ede5edf5983ed78c71caf3e6e01d645224e7d6fdbdc81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d55818fa6c76221f63fb537d0a24d1d7

    SHA1

    86f2195d2379e1ea67398c684bd23af1de63c9f7

    SHA256

    64e7b1d82968de346c8ca96845c3fdb2ca3b6a17d103bf8b2426500f49208004

    SHA512

    c290e6036e14875c65878ab6c0e80aa0c63fb6ee304af4de82498deab2f28d42ab678699069462e59e2f6f72b022f5b32a2d546a8f85d42fab110bc667cc67c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22416b195566a8a316cc482062d9e85e

    SHA1

    9d5a4bd60db6b0fee8835ef06644f1a961128b33

    SHA256

    372ad449a841bbf8f35e1ca22ec55a3e376f1b7a8fe8266bdd2b705a24f69b2f

    SHA512

    77683c702040f5ee464b1b669a0886a36b3ebe1975acd68bc84a4d529e3ea463d3d3835f30a2828c7ef6075bccf92ca8366af4e4e053f5cadf83671144678db7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e8e961791dbc3b9114abc3717e3b040

    SHA1

    55eaa67ee2632d895b559bdf2b6f4c71779a8c35

    SHA256

    6d90352450a2a2e006223dd3132ca47a3ca1bc1aeb919c0340ebdf5d2ea48d21

    SHA512

    a9ad39972294b519a714b17d0d37d4a98ec675dfb61dc3e54eb01fe7677a8dba2359cb42a753d2e190797747c2b28ba234ff97e278b3a501630c14916c914dcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a375db39b8a325ea0fe9e2ac8e36aef

    SHA1

    c25c33e575f881c86196f4dfa41951aff0cf35a9

    SHA256

    995f2beb3507e4b8168cfab65e62a0ce19dd36add57d78bb463de71af7a875b6

    SHA512

    557e30e3f3f74ff255cd95ef5907f6ddfe90d63ed3ee85843a6952e8815819de59d811faaa0f09889153f308d0846e106a8c289e47a8e438a99ef284aa7dde14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abbd869320f1be61074c42d6d1bda08a

    SHA1

    e2d58ea3d57c25c393ea4b1a09cc6c37e140f79a

    SHA256

    d1c94aa2005059f5ac90f4598229334ba6db8c9396bd785d0fc8dfca3a292d65

    SHA512

    29ab4afe6e4528ef2f8fafa5315a821b1558df9827d36bcdf75e9161f40c1ddacbc5d632905b627b0df37bd4c303f72820bdf3d0d8c8d58457fb07e9d97fbb05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f47fb363a477f9f10878619314f3d21a

    SHA1

    9bdf83b601bb4fa5fa443b5f85eb3d97b744afbe

    SHA256

    3b18844f28f0a87e1f4b4274ad21b09e2d726f366537ff3ab48455bf3677cb39

    SHA512

    cfec24778ace289a58dab912e3f51010a9b4526ad647caa753737f2e3e2994049205cc50a2471409ac9f1eca032f7d421820db476753447ce26f2c44a7a8306d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b995a472b56ac6882adf76eeb1b0bd4

    SHA1

    e6643a669a3ae0ef9f71082806c1ada13eeb07bf

    SHA256

    c733ce0f4d12f0132ef0d78ffbd53cfae33edda8ac1ec13066426cb713ace56d

    SHA512

    89de4996b693494329f89536cab6fdb486e7e3727aca97ab8ffff890b7790bc00a4655d77ea9506c4436f0145d9ae4da4aa3f323798f88c1d140477c1ca7aac8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    913ec1e480a0f3be05f039e4bb5b779c

    SHA1

    e9710ef550a7c604a6f33ddbb3a196e600190d0f

    SHA256

    e6bc35160a65fa19756917e7f55dbce99aab0b6fcb9686fa3494e7c91816d40b

    SHA512

    e02a860720762ccafc1ca19ab8817dd4e549d9225f9a07d5b5b550de616b64160b18c30a04eb1724b09d2fd12a5beff5f6590d03f601d84d8317c3204d8c29d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    238789c55f0aed9c374b7d4e2584e0a7

    SHA1

    f6f656da97cb4e2d35806df91521efa068561bf9

    SHA256

    2d60fa1b2886d63ca65182cfcaf25eac67bd06bea7e608925b10475c47bf14f6

    SHA512

    ca3ff81726492d4e2b1cfa83f5bb333d11608417ef75b8e563ae288c369b87e789a8891114bb209bc04f3f909d0702c29d22b8c224391affdff207f3c0c085cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    322e357ecde2f244777ce009f95de3df

    SHA1

    e07bd8d160e0028a5a2da91301d8fd8ddd4c4f62

    SHA256

    eaf249de3b49da8dd51e84ae18062ea75eb017802a87c4b10b866c4e3bb7fbbc

    SHA512

    81b19f685f8e1ab22a8621e6da2d9078f8b2ea58441e4514c91d93cdacccadc743e4e437ae11d5cc6437a0e3cfbb026bcdc67e7441cacb6134ebcf2e211cb44b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51291ab12f18508482c36872000319f4

    SHA1

    ebbec7d43337fffae42aace6311bf9d6e659aef8

    SHA256

    e77073eeedae28a995843b3e7165ba585e884f8d1db5590e88a98b2aed9542b4

    SHA512

    895c2e63857d5df00703652083a1c995c8f87e3b28908f7222d19bfacff84499c083ef6c0cd8fbadb4818f1931c5b0db6cec1534cc69f44ffa71459510252693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eecdb85f749588f670dd3eaf4b2fd5ba

    SHA1

    1a7cb8ad0f446c0f5f6c4423899d9fdd91e1e3d0

    SHA256

    c6a688aecff69c5e39e007f5f0c177c1f0956ba9955200aea0c6a4949cb59802

    SHA512

    03b94a1bfd340384479284bdabe520ba77a33a2ce267f7f8dd4b31e7e3ec072541f4c23c783e99fe1851edf49cf4f2d63f2720a1e43858db8bac7153edfb59a2

  • C:\Users\Admin\AppData\Local\Temp\Cab32.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar132.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b