Analysis

  • max time kernel
    135s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:40

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    634782434e205a16c9969b681898215f

  • SHA1

    e6a434b7834d4b77df49fde28023c3f9baa6d50c

  • SHA256

    f51fd8d2d19153a341a1360ad8bc439401fba625cbe29514a7c8a40384cedfd6

  • SHA512

    7a52c7248fc272af581889605aa116bb5ee9ee0828f78de237f3a4a971980da16533ec239fb9512f070e0417ac5fcb982ade0bebbf1bd1482677eb123fc10fa1

  • SSDEEP

    3072:SUpeUtIls7Mx+yfkMY+BES09JXAnyrZalI+YQ:SEezbsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1444 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8734797059cf902b5f40635aab102cd1

    SHA1

    94c60488acc99765c4a74d197dd539f99d768d3a

    SHA256

    c28cf6ff3053f9e1ae17defbed60c4630f3989ae75409d05eed58926ee7052b9

    SHA512

    e5e508fc7566ddb74ae158405ac7368567b86f875bd2601c9e178e535bf82608d64531e4e25b7bf56434f433019e8efa04f8f7e6a1d05ae3e20e23f5098bd479

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57300384aa4f08bdba5c6343a5c353a5

    SHA1

    389141e8e018b942d5ca4d75637aec2bc132b815

    SHA256

    b7540fc2b73ac2d668d04fc6cfbf1d7f659e0b050dea1bf54b70e36c911a49b0

    SHA512

    b2874c1ea984af71e35c002c5c55ff80d791184cef24b55f34477474e237318dce6b3776daec34c354ae2a359931164d84f04c19b560b6dca398551675ff943d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1faa656f0d4d4c16de137fead27139b7

    SHA1

    1413b6a09daeacbad248c399177eb2b85edcbfbb

    SHA256

    65e3878d09732be809fedad60b92ee54f6b808684a2ed43114d31e24efbdb2b3

    SHA512

    59e14dda754a151b5577172fa9339ce22f300c725c591bbb04b32c59df355d8a4d5b9e21d9d9e37d9539271b6c9904a1d578f031c6755cae5be24e778e4027f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    721cf3ca0349b502238a5c06f62a7d16

    SHA1

    83fe02668c293a8c0b3713ce57e2e220f6db83d4

    SHA256

    a990f25084c03dd1e0d760030a1397a0a0841e75f43df55c46b9802214d3ecc5

    SHA512

    132b409e6a9e4e7e3d3476906103830babd914ffb877f51abd4c622af39ee5a40f0b29a3b5fc2a72c1448125a0f73bdd8fb2d8bcca69e330efa80b70b5a9a145

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c2a9380194c4051cd6fdb72fd630a34

    SHA1

    12360868874e73c60bc8504bd3134e443e055e2a

    SHA256

    158745892b96371fcf2ef11de15d924674fd3c15e9f2c81cbc0f1cadbe3b6f9c

    SHA512

    e4e44a311900691ddcfeef8c9d66ed565aef48a35216df94453a152c1b36bfdc7d8b47dccc2ff17d7dcea6f21ad2b6db71c3af81a57ef21d7c7351781f4f4bf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d9406428aef2d51c8172c03debec39d

    SHA1

    3cffd2b947a49869e006cf5adc8578edb86fc7c9

    SHA256

    31dcf90278cef7421fc6307ad15a4d74ba5bb79c50bed6998e706643a9b07bf2

    SHA512

    d92ff8993221530061c5f768abb9faeb38fe3faa04506df7f8eafcf30f8d7a14efea7d001c76700ab935dc6f64e01b6f9bdd1d1e341463fc4f9e7ac0c16ebc6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aaa124a6bfd7ba8eaf3026bcb420fbf5

    SHA1

    648758ebb0154b8b109b658d43b989026e6e785c

    SHA256

    75dd4c5890f491f2932b8cf27d77217dd53e9d06605e0d1f10f6d8da7a135bd8

    SHA512

    2e70f2617d84e79eb3ad6b77051c2b3035ef707b92097082f4a2516a38ee8a3a96623c9c5b6999a6d5f1369cc9217d9d28fbdc8a160dd8a603279c4c71657310

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2677ecde601ed1c48a4eeadbfdcec09d

    SHA1

    620ce108c8c0c61257b1bd3882f0ec6aa38b9633

    SHA256

    3479b21bfee3ee4322d4d2c928eea06458a063db179f856f83dbd53b6698eb3d

    SHA512

    f8cdaee9e7109e7d20c4753ab03d2be02a1f0b73209a17a3d387ef30d64fb4f5ef1a0a7f2478d14fae100e881ca820145d9ffac4f137bd0ebe899d0531cb80d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    602a522de8f933c4599987cc4b3cef37

    SHA1

    c3055b96eb2d0851ed01251e4e1e5ff034c04553

    SHA256

    a9bd9151a9a8dac91d227f97d270026db40a450f41fdbb7cbbf4140504b3bf9d

    SHA512

    17d29122b5a9ec52e2409b0316c403693da8257902fdb4ad15a106f9c6520aeeb0024b913cac9073299f9ff2a4c6edc08b42d946a412f6e7a7269678d0b1ac98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d8eb332558469f2fd13cd810c8c7837

    SHA1

    07230692ed616eb6579eabb7fb59f771b7d7a2d4

    SHA256

    8c8e15c84aaedac143f6ebac01e475bf82db467e8b812956d97ba822f8be1c8e

    SHA512

    830daceb10a89c33c27f9852c30ac4c6980e7f13b83d020e655dc1aa88bd478a63aaf60a7d11bf258586cc74fe31d5b658600d9395ff243400a7b8638e6491f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8710451cee72e6d9cf54b493999a0248

    SHA1

    dc9818047be8c3e835f108d840d9d49f984c42d2

    SHA256

    2969f1f1ab716e2a419d2d9566c2dfcc5485a201c8e8e41849d5635aece3ef85

    SHA512

    b3e4199cd9a5843bdf980d4d3e3a9352e9768e8e35c33da29db6c7a43a39ad0db5cfa9b0bccef9c25026947dca2456de2128fab9682cbd536828d36b91064f65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b44a3c492c285c566db76fc38ddfb81

    SHA1

    d886cb01ba77b05b306f22a7bf7a00804bb94986

    SHA256

    834172179426fb4c175094dbc903f35678a20af6c3e5464c0a79fb0ed8bac644

    SHA512

    aa026b48d2cf6b82478df598b7aaf29b897a79165574fbcfee1f5704156a70481fea74881866284fa7d133f0600615336968d9d9b16c2fa3e4ac0387a4ca0da5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99263bbb67002ff46c3a0f8b5db28896

    SHA1

    cd13f99df23450331dcf683030e40b462a7673af

    SHA256

    90188aab911c2628dd204a42058f2e73c4285ea7ebd100242c5cc151d798a1ae

    SHA512

    0774d46cbc893134e4e0698ea6efa621a8d285bb761167fa6bd00ce8c7417df257ff0007e2288ca5b166c2b9ef21a2247030406b533b0b934bc3271fb24af44f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ea928d36b21ba7990093708e542e8c5

    SHA1

    a964a1e52f6aa1566af8bb88df7b84aec1755609

    SHA256

    0bc94d3059c9945201d4c366b4c13de5aeb1158a87acd6dd959e2a899aae26ad

    SHA512

    6a2ba36dd2e26fb9eeb474d6fb5b58bad60882cbd7916b63e905b277bef3c6412ec70818e31b439fe1b88c0beba002dbb74c0361039bf51ca2a265be8aa842d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    767ec314b069148a614e627e9718160e

    SHA1

    626bf3fbd9ae043db56cbc48f989bf1d4a3b7cd7

    SHA256

    9e0f2917c312feeed84fcab02c6ca43372f2627dcdec1a83ba62dcea5cd6d7ab

    SHA512

    dadbef033d26ca0d184c900345208adfb2139ad347c179b14ef5a53c72e62d54ac2143dbfb2433b2cd4a74408847329783554cea28774ffce79e474ab789430f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04cc1f80bcb469fb298c4306d9873fa0

    SHA1

    19292fc069f1392b3149048e7c0426becbef98d1

    SHA256

    6302a9b0087ba818f3ad30cf3394344801af158a4c2c3ec9302c26d57719152a

    SHA512

    2070c446effd46a84f99eb2c9e26e4ef1aaa85e1950cc9e812f084c4b04724c5185363f4c88835e0c892c345e1edd4f3fe8629594098ac64e9670d6e05afdcbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    272dd601e053d7c1c13382c86a992b98

    SHA1

    cc40eccbde429775b66bb68da8ebe52cc6ad64d0

    SHA256

    b465c0c6ca77f2def1d82dbe1cae71fb88da907ef955ef84e8a55d002ed8cb2d

    SHA512

    487f6c562bc6b39c8f0787a2c2cf77b6f7004cd28ce8c8a63095afcd6581dece19327b360bcdac95884f0b6d96f82b074ccc2a526fd68e3c92b06bbb73f829a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3155c28cda16df52b0e844077ff2ef1

    SHA1

    0d7545991cec59827d5244681f96fe103800bd1e

    SHA256

    9900c879ee8352cc7e7915012f5f8999ab669d921ef388470aa7cca59dcf50e3

    SHA512

    51b0225851d71f8407261b870481ce155576c088b2acb2daf4797bbe880c9880059a7bdb6d7cbc05ff0cf1518c09019b123e222e146c647261b4a7017e22d635

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fe281a7f6816da7b0f8c268d26ad3cd

    SHA1

    f2c2e84aed1a5fe5a8e2077bdf409756282ea9e5

    SHA256

    1fa1746b4065e743e03699607cefe8d398be52f4b794cece036d827c30f76d77

    SHA512

    3532bf46dbca66a900c4a8e1a279d8d8fbf4de075e5b126548162eead767b0e27d3d3aed5af28bf1f0a18668d82c758dde6c0515d3ac066deffaf5c364b46b7d

  • C:\Users\Admin\AppData\Local\Temp\Cab21B5.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab2225.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar224B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b