Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:40

General

  • Target

    Court Order78314mal.html

  • Size

    6KB

  • MD5

    5344974c50e55f2a77a59dda974b6552

  • SHA1

    4cc7149c0474e093140f85b2ba5f34e261e852f3

  • SHA256

    b5887396c08299cc39ce1c55860f5f27850b62d0269e2ffeff54b29fdd03e52d

  • SHA512

    2d0da1088a903feae17126d3d88ca982a2ec1e660a4010bd2a37f752bef10eba49fb5bdf28170ec71067e5e7c124a3e6a4ae6df9fb4e5e1101d273cb275cade8

  • SSDEEP

    192:ajXBsratXQQTL+xgYibdMlbImRW/sRpFGIODJsjUYR0pVnJuX1Buxn8AND:ajXBsrapTL+xgYibdMlb7RWURpFGIODf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Court Order78314mal.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31423137baaab4f9fcc913a074016862

    SHA1

    069d877821166c06d46911b1e994f5120da5635e

    SHA256

    3699db1320d35c544de5f8d30dc3301d684cf16f614d9001349f96a3f5f29cb9

    SHA512

    e424d4bd267392df7b8dc9637a06b6218cba68828574f36e511d020ec1b42531dedcd929c28efdf2f1f9160ad4960cca3062d554f31c71dfbbecfc18ea74bc9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a6fc7239e4263cf22ccd1e5054c2c73

    SHA1

    d074da0e94acd10b30eaa0a581fefb2c9cba21a4

    SHA256

    97d99896d5f469de5fb537b9f7bcbb79ed74c9a6d540e7ddb4a5d99b57c56cd5

    SHA512

    14267a44eb4d47e8e44dbd7d3db47f7384f82680cfa448149edc4b384497921812726ce41bf253804f3a512f986c777c3a26ce65a4d45f416e0e55d999abc028

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abc52f19516a665c14aa8a5eade576b4

    SHA1

    a3205e0b304c9b857ad3ef11856d91bdaee290fb

    SHA256

    aabdfc94a398887952c56d5bfeee7bd7456b9b25d71b840029f477369ad66d78

    SHA512

    5b70c78974346eb43e605df592adf2649e8c7e4a905d8d208da5f8bd92426b78576edf6111a3085824a38ea64b7740efcab2b7f75f1e1fa7385cafac5192c48c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    757acc67ac44257e2be88fbef381c016

    SHA1

    e11a889ed426f09782021be1ddc1d94c35a7682e

    SHA256

    4ab669f2bd912ee2b3e10ad78a279caaea62348414eb78917d1d73f94bedcb8c

    SHA512

    9a60381ee0c851951ffdeb3158705adbbf8686b65fa22d52e69e7e1222c60b5eafd21b54a8886420d2cb61eaab5720bfaa85b328286baef084d1c9ecacbde3a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0dad51b4ea86e1365458d0cc3f77bb5

    SHA1

    d0894fe47a463ee0eeb0187945b8ceeb0fc804ed

    SHA256

    cc1c4b1a981c32f4346d0f75fa5abf3d6a9bc6d6557ea2a798333d2929b21e76

    SHA512

    f170eb97a72205d9c67b88e0f5743f913f57d4075c460802b8d2e3f97ff521724817e0de59f4d42cebd2e2717c17c559b507316221d21ad0145e1f3e02dc1d96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5393c2a8651da542c3f69803d5667a8b

    SHA1

    4d182b7342fb3a507bc641c01a116c497101c036

    SHA256

    2496c7907eb1573b56032edab4d36e1e7c6919207e754a5c33eca3d2ae1e700e

    SHA512

    8ff99f090910ef82bde412f9eac402e6821ceaa06c60515753ffa8624a4cca03ed0671ed44f1d34d533a6c7e079ff7b29ccb0331d90374f46b1101cbc6c11af8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    214a42818f002538175957468b708e89

    SHA1

    0de858b321e14129bcfc16328f341d4c5598b5d4

    SHA256

    450c6214de9f75658c76acda9d12eaee2421b0f987e0e6164ee7de8ccc222162

    SHA512

    72e6d914988b8fd179f1dbe93ffc369d790a9951ca043523738d3153efc1fa866c7295e035711c988511584b557d5c2040d1ec2a956188e0e419a5a0c2f9eb33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7429c99512a0ad1eafe0c877c6a4d93a

    SHA1

    ab022bf0431369561f6e7bfe86cf0bc117878bc7

    SHA256

    3c723da3bbaee04396f4dedf22a0fca8ebe0bc06e494b4410c9a931674240334

    SHA512

    afc6d9eb1929fda818fbfe7ea2abc80cb969d5a5af64ed086c77b1652d0f63a2c77f7708d577882514866e42880754e13d29924bb42259c07fe0a1c5b48427c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72b92eda95435304f023410c81885a9e

    SHA1

    565a0b294ef0bdcceefdc8cb18fc3558a4986e40

    SHA256

    8831b545dde33f846e1c87bec48879fd993f89d98df75bbddbb59be2184772b5

    SHA512

    2028554e7a8c1c24de7e0028e5c72fe484d70c9222ac7d54527fbb669c3df329f37b0a2a16aee934aa2a749b83351345af4f4aae42ff715f1022ca744cfd9ed8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20f213a0bc5677e348eb7e3d512ac512

    SHA1

    b13c68db4e70258ee150b1799dca7f331fd4db37

    SHA256

    07f02114ecb3e10acea30b7b0526a7391f473fcd323e7c8dd2ac37c0546fc8ce

    SHA512

    7e79f0c01140a2b16d2b70748a0e67818c584e05afcf6c515b8df20e68f1bb885df694c9b2cc8ff686c1f2a0b7367df291c5980ed442b344fee8e338363a9dae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7459a194dc3ef7ab78214482c1852f58

    SHA1

    42e9a5c7ce338c2e6874cf3858de11ddec05541f

    SHA256

    f40b9530c7e3e22312708bcd3748fef5e97578200a427fa90146849131f452b9

    SHA512

    91fd0d951f4793cd3f401b137b44b615cd95f7478714585e269bc49828c59cd2980f88814463642e8d827a28f503d7c6973df73caac79f2e2abeb9f13fcfb0c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f8bb1ae485390467526047bc3e00775

    SHA1

    f4ca539fddddbbb335ff0ab470343c4347237cdc

    SHA256

    9140331557aab35f6beb7b69c148190cd42c245218c7c820061c00167d2f9db0

    SHA512

    59252a5c07e9a4623d33b0fcffed9ea1d3666d8ed2cbc0e6439cb2b5b1463cd4e0daa6ad238a2fa439531e10853feaf072dbd9d33e70c622ad7ebfba1b89ccdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2bb933a707efa6258c1bd02b8c80cc6

    SHA1

    557ea576227ee12ce4286e2fdf1a551319c51d2c

    SHA256

    bb3fb05faf2575893af385c5e6c4949ea75780ccf06bae6f2c63aaf5d6820a3a

    SHA512

    8c2ea8df452b989ddf474bb7d97871ec94ebc1c1cad2931d4d5a594a25b3ad4a6ac6e3227760583dd3b328867f90dc8bdf8a9e0b0f5e8105b29ab50e2095aeee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51b1d3110e5c31db01e7f938be1268c9

    SHA1

    a3b5180a924a43145fd70a5a023ace006d95ef72

    SHA256

    ed77c3612e294aafa94807f2fffc41056a04643db249d900253201973bde8604

    SHA512

    42091a050991605c80d87c254e4f6e6edbc4feb2ae41caf400a38a9afc50fe6c246f114a65888c769f7e9639039dda413d3e0b59967510ea3aa3625cf93de577

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c24581a451b2ea8db2f288ad57058895

    SHA1

    ce0e631199b250fecee6803b671d85672b1f94c4

    SHA256

    04672761d1aa49c26acf67bdf8d84fdc7c7bded1311789167e11f4888f434629

    SHA512

    5df434f9302c48d51647a7865f40335d2bf645a47512cf7837c06a51e31eecccf3e3d2147b4220af0b7df1f5c20a5b1d6e771df268ca470a7ef0391e9b94a5b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6f47ee51463491e2de24f1b54381ba6

    SHA1

    d18b119a4f159ad4e6a2206d61769d423e6d798d

    SHA256

    176fee298bc8d1be6a54c7dc50cb9586ae4b9a75617c9fae7b6b590884e091e1

    SHA512

    bafedabe8b6c941b0256c891fc8c229d31ac1b97d4c24dda382e74480710b35f8ae9f6135895da466d839e655509556501f3b875d5411cbc8f5de2fc2f7f3d0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    244c25d5b3cf598fda00d017593a31ca

    SHA1

    a8802b273ddf49222760668486ff97a3056ed838

    SHA256

    9177c741d9a319b91c3b3d0755e4ac6f71c98c41b875627bb773d8a148b3aa2b

    SHA512

    c4d3e2a25f9040d6681d697a0c2c6928a9f3182ce395fbda59f83ed9b3f514638993bcfda12b678497e15a74cf698cd45e41ed3f8511e19bcaadf20e43bdc55c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec7afa31428d81bcb29a6bcced4a02e5

    SHA1

    4309691dee77a3e533bb0a260064903554c140e4

    SHA256

    95adac75b05e1cfbbe95725a98e0d43407a2d5177fbc84016bc5b01960a34f34

    SHA512

    80d9683c9601c7ae69f23d3d98888472d554cd43e0cb4e738de3c8c63c3d8d90385c74479c257b5687c475ed72f05de075955ea1e7476c1379d58c09f6f1e762

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    450da6a56a3ea8c9297bbe3d573fb5eb

    SHA1

    bb038d05fec81e806591c0961fa57ce381c0129f

    SHA256

    033e80178b146f787a2fbb77de789c6976c7088d69cf18be4be2da09b3971c6f

    SHA512

    17edaabb525a4a2321876533cb202814d39ccae40ab54963a7fa81d4b65383ac3b43a7f4f5d04ea10e3d224d3e63d50436dd53a0dad5395031156a65eb69b4f6

  • C:\Users\Admin\AppData\Local\Temp\Cab3630.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3702.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b