Analysis

  • max time kernel
    119s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 09:47

General

  • Target

    LICENSES.chromium.html

  • Size

    4.5MB

  • MD5

    d4a79b5d46f0931b9eb7125fd40baff0

  • SHA1

    3a38fb263dde2251b9fe157b5fddec7acb07c53e

  • SHA256

    03f1d245e6a2facca9edbdaad108169e0765dd9101875bc2d123797994b9e80f

  • SHA512

    17cf94805f11d499ff12d8e42cb262ceecbeb265f56338e0837d291f6a7ed7f8135a025dbe99fdb2e2bb299f2267bed9365976ea51269aafd4c3220cffef9339

  • SSDEEP

    24576:thgBBmnLiLArZ62BrcrnKHq/kUkBAwi9QxruE:rYBmLAehN6KK+xV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    012e6540fdc11b438acce8ee4def2fa3

    SHA1

    4b00789a9671eddd911746673976c117d735bd07

    SHA256

    ccbd5c85b1ff95c7d8a8ae7f20ef8b86e398df72b3fa46590b455b72e24c31a0

    SHA512

    3b54d174b271f0c1d05c7a1c72861edd683c4ef3259c9aaf7f876f83e2181a9b011791f718479ec775f77c1b2da5185081f0234ebeda90a6457dd7255f2ce241

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4db13edcff887c98616588f56019056

    SHA1

    49f06394fd409ec498534c75390056f7cb22ed15

    SHA256

    5085c1ccf1089a314748278990c0c7a9a5e2bb3cd4942a383062f7d347ba7be1

    SHA512

    9d3684d380b06119b460a7d0678fe49b4f56eb7a51b163b3c59c70979971ac4beaca2dde2f3939b23373ef5bb1ea6bdb42d304f1f48fed2aebaf00cb5920f609

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    491fc170b8a6f538a0c2eeb2a83165f3

    SHA1

    06df7c2be0dcaf9ab339fe2b90e840ffd920d050

    SHA256

    9910e1ba8994dbebbbf10ff22762f5969625e7aa60d1ed4c9216c29a89ad5a37

    SHA512

    49d84d8158b47e510f7648311e847bcfbec5a7697d2a56695b6e2a182a3bea418f3e0b3d893e6cf260ce3e8388ea1bee5f284b54c1afb3c37b600c67cbcfb837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    465b584a4603af5fdb782381e18e8ff5

    SHA1

    79701cc458ad8291140eda9fb8ede6faa4136e29

    SHA256

    9db08e97a35e27481fe532420066aeebc945ab8e7ae0f2c07d67fbb2a825ad0c

    SHA512

    91ddaf3bcb691959ec6f6068fbc12f9911fafe5f2dd7a8ea7cdf74731d30d5c836824ed5f7513f47837c51149b6973f022674ba7a793a2ddfbf63e993772635d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    896ef82fc3698e0a2ded88dc83adf642

    SHA1

    7477583fd23b2fc015b1050965d1853c36aaaf02

    SHA256

    4f3f1d931f9481b1463a15ad8834fbd2d1bedc7d6a1f5e1dc133eeaabb2906ba

    SHA512

    bab594ce49aabdd395d633dd83171a124fe8a796f9dd71d871f16777b8837af8f9c5738a40d8d467350eae808756bb1266f1949fae677afc0621f1935e4803b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2072fe2b0120ae2f527b0fe2a1e1539e

    SHA1

    00db9178049141ae4c426d359b8da3f3718378ee

    SHA256

    4a13ae32feda052f24f3eae9eed6d68f0f1550b16804c1419bc075b3bc947546

    SHA512

    bad3641f34bb38e9f7d0172c1895d9b4da447876f62e0866402b6b674fc3748c12aeaa30b5a16c960593021ba771c27e43f4ea7a6e53ef1abf8f6606eb0f5259

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2f57f647697f9b66b2c73114474ffe8

    SHA1

    1fc8700bd248d2b49da9267cde43db7d090c6c5d

    SHA256

    0a7e45a1d14b5ff9df390e8f4f13d5106d2df08527a4ca78c1f0a7c52a1db3cf

    SHA512

    8a26465139233875aabdf05f4514825b3c8c5f436cd883a577b5d3a28e209fab34eedb0d9b1f0fa2e18632e5a46cef1712172aea4356f993b46116a1c31e7229

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31dc51edafb8f88c062e0abfdc1473b9

    SHA1

    25239888ef7dbe03bec2c86f7a4471042e117f8d

    SHA256

    086925dd5479e7a638cf6e50db89b919d1507f6716fa4a1f7cb6918192df6967

    SHA512

    8cf31f803577a0fe59b35f2fbaa98e9b3072f63a5a03552849fcbbbe3cbaac5ad5394b290b3df62e7b73ddbf845290ea1b002164732a20cd1d163fc49617114e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3bd72df291282105c87b13173c81ca0

    SHA1

    ab9238ac4a1b39852ee1f45b91a3f012cf07d9b1

    SHA256

    1d6d59db786ae096d3902542ede28a761cad18777e4e4e5a244d718f8a35b109

    SHA512

    7f296d04f0156013b56d8ee1bc1432e3d4ba4c2120ad61ac2f840a4e1cc0973daf58fe4481e697f640c121361d2c7ca048976c6192aefa1e1af7291a287aa8f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c563bca91146ac2a02027fb735758107

    SHA1

    d467774e5548e5b267b494c3bcdeef8d23b52b11

    SHA256

    faebebf94a552a6bff0090c621605b6b96565453c27239ff00e0cf45d16e6799

    SHA512

    9f21c2482c261b8b4177ecf2427767581278b12b7426221301b5302c39586d19d93613a9ae4ede610115a833ac37ffbb57ce93b73a2603943d1c005de47714c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    484317642050745f34c5047dc327c351

    SHA1

    5803ce6d808bd154a809862149cae9880fe9c460

    SHA256

    d613fc4f59cbb389b38165aafcc1ed8ad457afad13e322e834ab712dae9c7a32

    SHA512

    fd065e6d12994aef37e05fe7b63e028b5737298f810f2a6bf921c44ebf034a0df9df0be8dd46678d5ba3765e8a11c4ff259b84769b699404b964533bb4bfb6b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    deaceed086a4762a423cd3c575a636f2

    SHA1

    15d76daa76c4d441984e84bec8435dd0717df14c

    SHA256

    0c256efcac734bba35ef053bacd2795e9f1cc51cebe4f665a272e9d596b08e9d

    SHA512

    c3997a274762cff8d333ed3b169f2eb5c5f031603f044173663fd1ac9f893e857397ecfd3d1d30ffdd6393aec4b5baa206cb5206e92033c4274f5c71b52ef897

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fae89cb4c4fae7b53d7edd2f0435e9b

    SHA1

    3df2465f7d23f4814c43259336e26b4bf84631e8

    SHA256

    6188fa5813c2cc1afb1415e50e4eb18f05ddbd8784765689d4d9a917d61ae40b

    SHA512

    6a9fe04df2c0090811ed720c53fe1bc4bfeebecab4b662ceea07ef0154f8884da6e30415f3d8139c9e856b35c91cf7f70553ec1ca4581120980e3f84c3488e0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e057036ef9261e45d9f5988e834f043

    SHA1

    cf26d4ac8c6c16a6c5092668bf21ce3fbf6d3cf5

    SHA256

    55ca8f4b8e8b3c190ed876d83bef5797e79697300ca2c50bf7327f88a0633c3b

    SHA512

    5099a67e80cc16306c72649a7234fd5e1d6e352a3c3822dc59a3bb6ae57aa5c82e9335f32a752d615b68357c85b9bb36442fa2c12ad43d3150688afc88f7611c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ec93158e0eeed69810d592b18c864d8

    SHA1

    72d08746f26b317382d0ee09529f4f7f042def5d

    SHA256

    aab8fe1fb12e01af3a9502ce14626e29a4fba72dbfe8eb8c8edd3c8a5dc64a33

    SHA512

    8da704fde44550d686e5871d69a1ef392c5a6874e312a3d00ee244b83f0b3d418fb03d9ee607cbb5104ce1230207d29f9c25967fac336a6b41fa8005d40ae10c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97717d0de8650a603bdae5f158d39402

    SHA1

    b8a8acc684a6e10fd811f110c650cf5bd6832f18

    SHA256

    2697ad24e47a89ccaaa343d32d2acef9b95462dda5f93e1c82697078c804ff66

    SHA512

    45d03e9b5fa817415d02aaab2799ecc424b0f3818e5fdcec44518c77ebe3ea5fecb1f5e82e577e74f270480c7f2015e7de5b853536dda431a6929ff2272451bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0258a3dc5a94e62d2ce404257923828b

    SHA1

    717edbba2928865483f66d4c5f2c0833cd3c0764

    SHA256

    32e584e1db80d9477a8c15007a44eb10469d4f7428d8bd990ae55133f2a6f73e

    SHA512

    0d042559feb275379d02af1f1949c0d1f5bc739b5eb24ff2777ebed5e06e89d7d0646e2384857a068c0d2f91a0d7e3e16ef6edc637419952dc0706b56d67593c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e25a739842948c424a3eb9db1260265

    SHA1

    801a0038d873a82b7fc6bed30e5304698e0a35c1

    SHA256

    72ce27e90a551e42841289b3f0e8ddb85208c4828539a34fe38ce58194b541fb

    SHA512

    43f8ea2817882bf97df4075a5a03e159d9cac646dd78e34af424a3ce186bb8218412b99d9f29d4261df06e92648347eacd95b638e0472e801b751de7a6f9d8c6

  • C:\Users\Admin\AppData\Local\Temp\CabD4AF.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarD5D0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b