Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:33

General

  • Target

    edit.html

  • Size

    248KB

  • MD5

    d5b0140632d2c5e962f4943f174e5454

  • SHA1

    fd1f3006a54746ae28a46a9c701c72cf468d5a0a

  • SHA256

    a5ac5abbf7daeac4f3f88590225b5f384661bef482257d7ca8d4752ffec1174c

  • SHA512

    b6575c689fcd3dcd741403fecde3ef66195da888a7a94d2cab01b3b6f6e1fa17190ddaae50bdc38c11fec752c87c0100b18305dbb4d94bc266db7f8a285a10e4

  • SSDEEP

    1536:l+b7wCCg1JtQ7RtNk3092pz2sstVfyGQKFwU66/4GeSlRyefs5/eSENOBjLJpdSB:M6VknBA6PGtCNgWgr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edit.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    17ac57bac95e6307dea0f1c925ed2394

    SHA1

    7fd1ffcd6bdba017b3e6ecfa63702cd7e78892a2

    SHA256

    4f0bca726290e2a4a5a858f38db02bb69ea7835a9921973fbadb57d2b126381e

    SHA512

    d6ff5941bdfd9d63016b7a2ed963391e19e3ea2a651e70c40e85e36e9c81d6ed7be0c8d08d0d19b794572278f5ee198fc7ca211a7f9efbb366bd37797b571efc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    981a5e17dcc570d2997c8edacc61d3dc

    SHA1

    4d3e25972ab76e5c058770799ee59e7aa736a97c

    SHA256

    bb5ef13f2c8845f7aa8700f820958b1368da95fc9fbaa6e70da2bd5f452341c8

    SHA512

    84c341301f14fd965c1a83e0c5c2d7d0e693577be19a7da6aa7ba2ad249e7a07ea7d3f72c96894f024ab481ba250cd115971ef10ca246d5b9e3eaa44a9598d6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2771672f3f1a6c799aa08561af28750

    SHA1

    b3363a106e673d074a57dc613c3ac84b1313ba76

    SHA256

    10f353c2a33d0876f4cb4123ba14884ad1067c0751b2193b241476aee0402fff

    SHA512

    b0cc2ac3bcfc1ec0fcd225dea5cf42bb170356a2946a060eb59140e584e4991ec5e0dcdc454c3d1db004da6604bcbf6919d768cf283e52d8943fa3c6af5555d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12bc29d9d1cf64f191eee6826455da0e

    SHA1

    2149119081e993a9ce801ddfc07e38d9d7731d6d

    SHA256

    0def3d03ff9ea8f995421c6d440c54dd734f6f25223db582451225a225625617

    SHA512

    004c86dfedec25cc0f79b908890c928ecae8b690ecaee92bd10e07359555c25482624b872735b1d7e7cd7459c5de9d2248c68f32884c094e63563ad27bcd88ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf9c82cdb4d19d53476e122af63ea120

    SHA1

    17e740044204e8e52c2b873584ea7113739a8434

    SHA256

    e24a1b1e4c84879f06ddb3d9e46a3600d2cb58ee7ac9f907d94c5ae6c99b2082

    SHA512

    a735ba4953fd6d1a687908e8c65a2d71577fe9fce56b097e02cbbf19b307d0da625251dfbbeebce6a42a0b8e580a968dbe5f0baffef73d40aeb0d9292080da9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b131430720a919b7c9a67745b95e7e33

    SHA1

    0b7d56b9b013618a9c1f91b962e56a3ebd9a7127

    SHA256

    bc62008c4b30c884fce4dd14152b69bcb902ad62f88516ad5ee775ded78ec9ff

    SHA512

    ed3748a7eb063b43ace3a4c97252f891f9e4641deb4d0c8224b412cb941e2be60f26c866946744d7340953361dca49a9743be5a581462483364ab3d91bd61e31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3249227bdd23b21769331fd60ce4fdaa

    SHA1

    410779dfea7197cdabc3da063e4fd6109fd9afea

    SHA256

    d2d44733f2da4580730376cda61be06fb0a7a79de5775b2dcd8d2696f65b101a

    SHA512

    1266b4cf10d13d7bdfb0e48a81008d6b368183c2957a79f605bc667224d223ca5f692bad3602aea1fefa440c3f99871a4c8b2c09d15ef429375cc2775b729242

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19ff2e098852c49b129d1e31f1d11e3b

    SHA1

    661ffd3857546e48f2277eb57ff1581550b05d48

    SHA256

    c9925aca2871e6fe156af143dea9908a8fa18376552aa90a0e544370f7b6bb5e

    SHA512

    82e20d5319125b1bcb5d43381f256d85c3efd8eb9e0be63d3e412b175b541d7d35f74dce4649cd96426d87424329ccab620638104de376289043ef5f339db954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5021652b231d038ef5bff81231d04277

    SHA1

    1a8af01778496596cfbaf3b76bf2ec86314c061b

    SHA256

    1a2efe8688c8f1509bd70bbf4846ad79bcf6dd9151ceb8876338b3e561d9bc3b

    SHA512

    46ba71a9eca4945f47ea9c14ad3495ba1273451efa8e0d3c0f692fea3fc3b940eb2ba794d878b55fc22c6db44eefe1f6de0b53d4b1719d3045c602525fd42256

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5038f6edc44e5d1a09812a9ab082ec9

    SHA1

    92d43f30f99ed258555380a8e1d2222f22e92c25

    SHA256

    2af47f45bcdabbd37b9cf5549e43dc5abcad3bb9d3ba8b6566b598da2c3f6eee

    SHA512

    a4cf6982302d3e30bfc7d79fcd146e8d86c54dbe555e5efadeab8eacdc70944f94ae5895b4cc5f62eb5fb1b38f06d3b3074793173aeeaab78ce8a5c25a522e9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7779ab2b52b8c0422f85eea8d1bac5b6

    SHA1

    e56235fbd29d6b032b5edc3cadf282bab94c771b

    SHA256

    a330c582cbdbeea51f8a7bc7b752a16be5e4ea5fa560e578cc1b1b8c809e0522

    SHA512

    e6978bba375a9cfa48553eeba599d580a3b41147c51d968ba5c8e58fb15a115ca65be61c9059dc2bd0b3439ef373c12d919f20cf8d4fcffac614006b98df9810

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fd46bfc42a6c95ed530518a459afce7

    SHA1

    858f493f372188513d6aceda516164eb4c3c0227

    SHA256

    8df55088153306b13980695f72a755c1536c646955d1b8fa4755f4b08af767b4

    SHA512

    1d1b928b31f209a6bd2f8cac6e2d23f0891a4019baee0ebe7fb0aabad4e1ba58fb3176d881e0b240e5b7fb42896e56cc8069acb4d1cb4c5caee1deed57cf53cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    479c4f386f5b1047bc3c3366fc8223b7

    SHA1

    52af66435ce3239ed1bcf0c9282057a230f468a9

    SHA256

    434dea4a453ae16e2c781f06619af23331a5c3a2537eed8fe533157533c7c674

    SHA512

    a2cb1d4cfe1af2b66ad184608b4275d53e1823e65b4d7abeec302e37be483b0465f31e9fda22b3f23d78e5395f9800648d6d7cfb82ab07c68e6c57eb6591b13a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b8f43c88850cd655201d18a1b5c727b

    SHA1

    de5edbf3523545d81af25e6eb1537b6bae4fa6ac

    SHA256

    249f3d4cc6225bfbdfad6c41e44f6c1ef743236f529d4e12d99837c31c41eb6e

    SHA512

    231b312a7205ecd2fbb0e698de117cde9dccd1a565f0374635ec4328de71e30f9f9c54b764fc4762eddf69af1cb7f85fbfe19dcea1361d492d6d9575aa9f9738

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eba7290b81c50b2d32de9d84061d0718

    SHA1

    cd1fd84ba43de6bca8655adff867183d4337ccba

    SHA256

    caf720c96f67536f2505e2eb64219619f8278104c72be45dec52579b4aa9dc2b

    SHA512

    4daa5a4b787d6f840099cbfb98dac9189dfcc0f6ba682ff537090707bbc7451a594dafdc20f357686e9c898aecefe43f31dfbfccfdfa05a57603aea286735ae1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52997fe74c22ce4e52e955c9fd8ac98b

    SHA1

    18b18534048d4b7e84fcfd4b3aa9b5337de6f793

    SHA256

    f00486952be21c6f3f4171f0b744fb903ca05911a24d2b5f26d7bbe1ed746513

    SHA512

    aa7b658dab927e0d118043c271e20d2c168100a974dc90505639033b991bb9d219e02fc8a870a9c18b5477b8aef5d9b4c57657a399d860cb18f28e4845f11063

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5b7684ad181ed9c2b56340bf2281a7c

    SHA1

    5d2ac30aab568fbdcf39d908549b3871a4f1b08b

    SHA256

    c4ab786a38725f0a5439d876f1991b3cc408b33d33b38fd950d1c56efdd280ed

    SHA512

    04abd3918bb9d84b70c32d97a28e25e411db6c3b0314bb743e77e3f2ff2c3de45fd28f83e6d40e7cca35470c66f453293f0639f1353fefd5e9f5ee9cb1cc3846

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a385ae0a502d09414545d9c95330d148

    SHA1

    8b25fede4d965383c82e8d3c090b6ebeb82cc3a0

    SHA256

    161f5392335408b4f82859f86f26b2b3911f9747cbd6e5fa7baa6b77906e5dc1

    SHA512

    e81d5fdee171137ca3ba76d48f5d23dd46b5e06370a42d7b5d89ad80e9dab8d15a1bdd675babe9e3f9889f897a100658ef5252eb40b747e15263012779fce030

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57996d57d806df63dbbc55a66eb27c6d

    SHA1

    46dfded468017284b4dc02aee8a575b00583c6f4

    SHA256

    a5678b7045ff144f5158fef500f35016a0860c44f34382c63579891de9499cea

    SHA512

    84abd84efb1cd9cb707cdced0df66e1cfb56eb24c2a56fae3c4e7fad1b7bc7fd61df0a5f3b3bb614e52970b08a17b0c0214b447b5ddac100f59fd4b29a79dd2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28f48e5f50c622bfe5ab23292b6901af

    SHA1

    ceac28c0b777151e2dadcdf4644721de68a78e1a

    SHA256

    a9380e8f56d69bb551f8d799817af47bada5816aef96a97f06c85027cc7e1e13

    SHA512

    c9cc2303be653d3c8b74ac035a959564d4a22c74952d8282c3b7cebc4b3a1799eddedad3631ce560399d63c9eefc777b46c7395f8823800d56087ebfff84b000

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de7a08c1bf9b5f2db673bb56ab8ee1e1

    SHA1

    411454702a626296413429a614d3b48147fee333

    SHA256

    5f968b366b1662abbb4f7a4ea2a071c5cacd8b6dfedfb1bf62277bedd714a9df

    SHA512

    d91b0b4d2431451418ed4fc4f24f1ced46193d1b6263b2ad40f2950d1edd7ea6f7f21789680a7069aad6acd8139bd20fc22d8ee5209e974ce1759c6cd487ee16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    add15122f03270c3371e00db2de2b557

    SHA1

    c8a0f00398599e6e3a2b9342e63cebd67a739eba

    SHA256

    2e35bf9ebe175e655e3f009baa4243e6aae5378c0cb9c11710e5139d629efb6a

    SHA512

    d3f2171094853a6320eb6f70940fa1192c2306684cafffaedea223c019633e1949241813ba6ba615be3779732eb1d0caa60c39f2038881eb53ff6799768846a5

  • C:\Users\Admin\AppData\Local\Temp\Cab36AC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar36AE.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar379E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b