Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:40

General

  • Target

    Electronic Invoice_64549934192-2023 PDF.htm

  • Size

    5KB

  • MD5

    030a74f31dc75d77f0bd6f96b9f1522a

  • SHA1

    eefbd35f9f96895dc2d8f5d271b03f64e7ac5a33

  • SHA256

    c37eccd1568ef357e15cf7e2fdff2a73ea903302cb82aac441685f75e6ff2985

  • SHA512

    2ea60e918ef68b108a7d303fce94db7bf4c718603849108fd0c123d79aff5eb383f83706f1e19c13cc47f94e4c2061049f1c51c5b1c14e54663024c11c0dc39a

  • SSDEEP

    96:hOTdXb+xiTb5NLTbpvNsvvR3B5v+mbBR5KJL6w1q99q++t6BVARWMDqxotQ296Ht:gRL+xiBNLxCxXtL5KJL1qPqztaVARWM6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Electronic Invoice_64549934192-2023 PDF.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    e049cef24eace1210e3ccce3b4c6d5da

    SHA1

    1b34c387bac9db9dc81c80c4748d7ddf2db3699d

    SHA256

    1f23f8a98f3f97111a3bc8d8dfe3c1f48372c40124249414c0c13a51429fa643

    SHA512

    574bd9cdf2f8bb2caa9d913ee6af03d3964e14b731749c272e3f8d91ee8e0d2a1bb82ac0482dad9a52686dc534918325f3531d7c9a7c3f4e27e9691a94fee030

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a88367b131addd95f7434713d1264daf

    SHA1

    3e2389078ec2dbf6bb147a71206033c3dbd9ff9b

    SHA256

    246b72ddd1d0d1d407971b0af787176655f13d28aa8850205ba871f9e7ddb43e

    SHA512

    cd5bbb3caea8883096560e1e7b8ea894554425365c53607e62c95ee9f407b389a7fcc1e7e8b6b54502aa23f0df1f0971566c9fadaa23d8f6fa00f8383afaf87c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    621ffe70948f75ebb55375a75516754f

    SHA1

    13050bd96b0478465fdddddf906870fee36b0196

    SHA256

    e3c1b2ed86b66ae9e232c85f9e719cc42de77f945a7e7100318a124e8de91d02

    SHA512

    9a56a109c1969298b913036c4fc900b790f038f44d301afd65cc34a56671bea4a8a23948fcba5f0f603c9e9989a7ead0f25f85559528dae055d02ef4bd54bd98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a86266e4deba67118e89fd8e06bd24bd

    SHA1

    8dc3bfdf27e42b78e484f3cc6bcf91012756af13

    SHA256

    06051212d597c57ab493b770f4e2592b02075798fd3695d8f9bcdc524440f146

    SHA512

    a5d38cef149c21303a6b7f25270ad9397fd225d5cb70d40843c21b429e773f340a3de0ddc31b14f1a5ee107b97c2202d758ea2480ab46245eed99a52a4c89065

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b90e43ec98699f19ca15292433a64586

    SHA1

    5029040cd93ecf6fa2a914a2ff7f388b0a19d245

    SHA256

    ecf547681e8336111069220ed26a97a860e491ef04cfd4fcc2f7af867d72ee33

    SHA512

    90f5a7cefd6d3ce4db380b950082457e9d94fd4fe69c23fb3c8b1f094c743966f278b5d4e6376b37cf99c41bc7763e82e7388aaa58c118d011a5e2fef2a3c619

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    144ccc6320113741456ceeb8416db697

    SHA1

    1d7ac08afc1c09dc9f28f89dfc6bf1146174273d

    SHA256

    55b8e644b398350e4b93266145b50bfff646f2a25bffc6262b1380c1745c40aa

    SHA512

    a1f051daa9c72ec770a8475d1326466025141fd7ed17367893ce85f8ccc670e6f5558dad6c97b9852bd7e045b33d5e3e8c44c99c04426c407e7ad1d2b7fa21d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    448cb77823cb058b5d38d0e144ac31ef

    SHA1

    29177de4260a26d91239bc70c7d4e4ff82f2ed05

    SHA256

    f468e26911a8fb45d01f1e6299a853c67067d6848408508a062f278004b54311

    SHA512

    5aac41069b656cd290e6e7ad894405b1375619838ea1cd2dacaf70ac26eb704b47f5dd47b34d8582c30f38870d7dcdcb458f181866b1ce2bd73c8d51cfd05f4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f7e542cd4a437c4020ba79aa3e8f781

    SHA1

    4828dde0049395446d073c7e792f1abc43e0c384

    SHA256

    cf932a545e6fb518afb325fbc981821abc531a76a2a43997fab29452ba97caea

    SHA512

    35b126762bc9a98a4ac9d844553523e42de99994ae4f1962bfc353db70dc75787f08c90f0d9fd9afe482590a40208a11888dcc37c25634f4360bf30fddd87e65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b6aece083c65f68339631281af6660d

    SHA1

    a29574223ca8cdd08a5f0f7b49b214bdd05145f9

    SHA256

    649d4f188ccecd7d80d0929fe96c0035924e6d9b1f8c6df26de29421dcb4dc38

    SHA512

    e370eefb162d34081be2eca390f6d738a38b4f26a555db9ea6e8a5e6084c4510d91d298458b9379c9259e99c235de668d1243e197c5eb3c4640a5534b0007f39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ea70b8173ceb86f4e561dc026a77cf6

    SHA1

    e186a17c8f4a808f4e9f5005a979531bdbff1941

    SHA256

    5eb82b73149c42fb7f75a1322b0e6ce6410deef2fa7a0953173fd3f640b4cb79

    SHA512

    e1d93fba528807ccceda7cf8f7093bb794f138c8f32ab67d98cf535f79a4afc24685c85d6b2cb5caf5a8bca35d932cbfbd0098a178f915f757eed4daefd339cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    476f7749efecf4cf29aefa72e19fb182

    SHA1

    85dc94841c423ba477a308c5d1a270b8c475beaf

    SHA256

    cbc5c10d9abd46d42e733762d1daa6c5c2dd0343251f58a1516695d189eff84e

    SHA512

    543ebaf016cf1d54afb013507709666c6f2d6aa47bca9768259856769b34c2d3280c98a29fb87c6ada5a17912cf38e4933188a362568913c5ca06bf5e8856552

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba4397ebfe45a6d9253323530617491f

    SHA1

    550f2bcec002fe79d2dd07d83accc59b28b57ff6

    SHA256

    7d98981cd1452abbb7104d480fa842cdde4b5f2dea76819605a5f2fbbd1216a9

    SHA512

    607a182f1fa780dc598905a9e120324e44772c1d09be1139f8817fcc1dc0dfccb12b344b2a108f5279d90fbd5cd21832ea62578c88087ce6ec18edb4a6a33774

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5c7b52b49b23702b8846757efbcfb8c

    SHA1

    20eca1fb7676b7fdf39efc01dd9ec6f61392b04c

    SHA256

    b0cfa73bd27f43374b74ec2865fbd35f473c42ba762cdd470e4f3fa35a3f2948

    SHA512

    01822d3c6ef9d55af59e362b5dc93379efc4de4f0fcc30d9db5484898ced2825a2e2909443d2015ad6de3adfda551a88901df233506a9daffb2af1051030f6fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1b6617612cbcfce7e0148e98c73f495

    SHA1

    63fd58098ed664493ecb085ccc45ffa5ebae8cea

    SHA256

    d20fe6c0d2221d099ec316372897f242b699f2641db62d67488f6f1ece22aa74

    SHA512

    c58d6894543ef8512bcd75d482e0bb773b657418c1c4447b517ddd558d62898e8a93f9fb55d653cc2558513e30e2d2caa9ee4df046a14f0d9b9a7af9db491dd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4511c192ff5349be6daaaa2678f7f8b6

    SHA1

    eddcfdc4300ef27854fd94ec13cf5b58f980a5b9

    SHA256

    6d6a47951d3de50f2feedcd597fe1f8088c26b79dff5aee6ded51f369d57b2ca

    SHA512

    c4437f72ddfc104f339a549eab6e5cebb476bcf23cc4ea7edbda01c73682c3f2c6e601dbf5e0c78d5899f26613624dee94f4080f1d68007a46170fb6c22e4651

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5665ccb64e6927e88dbf799ec1df86ea

    SHA1

    7d52caf621eaecf38121731aac458c644dac738e

    SHA256

    c37353c3342692e7a882def4e37c592dfed6022cdc20057db52f7deff1966bdd

    SHA512

    ac671a03f1e0f26e1f94008fcf2448c2eab031bda55b67850cdce2447b689de635a12c319fc7e59c226800b6dfb65a99308478e9f9fef068bc8e2bcf49bef4fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    450d5fd50e908733d58283a9b87f58c4

    SHA1

    3e25d8310fc614acd164958148943417fbe1b7c2

    SHA256

    3cbae458a1f314c0ab50f8078b83506776076b3225de6e502971b67579a62296

    SHA512

    cc5760ff456b3387fbc4670c8d9542cc6ad9f1779023751c43192e3e7fe976ee19b5a5d683b75c61cb06b76f790ef11daed5b2cf484f752e49acb573be8fd010

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35d6aa6052fb0c1ac80f1ce246f9572b

    SHA1

    2ce77a036ccff44d12100a631ccfb22afcf8d28d

    SHA256

    6d5e4bca0e705d57612cc4cd96bbb76568fa593169bf7ec03c1dfd9aa235114a

    SHA512

    1ae8788d35d46587abf474b5e051cf47e521aa9c694cee01eb1212e3f618192b878d097e6212d377054a5dd4a0dd7550373b427257d746b72d9110d8e2ce732a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28ad1476252385bd01eadaa4dea4a934

    SHA1

    f4231d2ce81b068c3d7b0ebbe788db9612440fcb

    SHA256

    55a61f8f8c99a12885707069ad21362102d997044cf6cda4f1db9edbe4a938f8

    SHA512

    a70a03838ff852ab7c264f8ff33734e370d56bb55947c663b420470d8b8f6e75f50e8347c19ba454d0faf2844b07015f78e392a277722e124ff7a7fa73f2fe50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb3d9a1d2ee68971260448980cf6bcd5

    SHA1

    92eeb458a0cdc9889b4cc43b08689002fa7fdb10

    SHA256

    c1498b5c30016aaa5d62b8df403eff20419647baf204b410f4c4d93f495b23e5

    SHA512

    f13da94b2f360eb3df8ab6801005e51a1c2e00a6a8f9a23f277e2ddb951b9a937ea2fd4689ceff3abd0f36f4190179d25dcbec68a861ca5cbeb1d6d3ccec792b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58aab5af13a9b5cab3e6b781ce37c41c

    SHA1

    10db353a2a65d341dbc77c0f9c09802a67c989c7

    SHA256

    553e91e78a906ac21f045dd89eb146ee2e7f6871419c029ba373d8d6d0ef313a

    SHA512

    5adc1df57bded113822f7ed2865207d8154417da8a1b9f03b75d4f055736ad36a9368b3bcaa2ebafb150fdc340faf46f55c23dd4584c8c7206e6b0ec42ed09fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d23d4532016325165684577be113fbf

    SHA1

    c9b97266e59594d40e1d68c2c370cbc6e990d721

    SHA256

    54afa3835da93e5546c4820367ab5c0d2de53adfcca96b7fe3ed4e5ee9d3a542

    SHA512

    eea6177fd2a8f030fa40a8999c4798e7f86f9ce490334c52accb5df73334f2c2cf7af60bedad0992397665b6fe5dac27f140d65c0c569bf1c210b4ee964b6b29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    ad8ebfedeaa7d6725a91a3e9dee00029

    SHA1

    d6214043ad1d7695147c5de1e90f5a120a75faf8

    SHA256

    f4f93e6eebc04e9586854cfb3bb38e232f27b7471ef6c0cf64e7d16fdff3eac8

    SHA512

    ea28ed3895afdcfcb4fbc0b1e905502f9976adfcd6449442978bac92454681d2f15e2875be5d47bd1fa4a23dee16cbbff5b0909a2ce1d94565ba896293f7db01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1CD4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1E6F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b