Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:41

General

  • Target

    a3c692ac20875662695895a24326a9c0_NeikiAnalytics.html

  • Size

    198KB

  • MD5

    a3c692ac20875662695895a24326a9c0

  • SHA1

    7ecb7a7dc2c2627bde5473e181c70f93304089ea

  • SHA256

    4b88602a9ac49d54d1fe02472fcc7b97be13950c49eef4fe3a54293e3d265085

  • SHA512

    edaa04eae7d9909cbcef1815a17242c873437d8b422af8f7b7b3bd7e7d05808c978a1b467b0a42239c518336a036dfb35554bc8eef7a22e2cee8755292480672

  • SSDEEP

    6144:ssjV8ciXxJoH5Q0zFndfZSaUvLwUsd607dOL1wrLUdh0xK:b8ciXxJoH5DzFndfZ5UvLwUsd607dOLZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3c692ac20875662695895a24326a9c0_NeikiAnalytics.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

    Filesize

    717B

    MD5

    822467b728b7a66b081c91795373789a

    SHA1

    d8f2f02e1eef62485a9feffd59ce837511749865

    SHA256

    af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

    SHA512

    bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A3BC975EDDF4BA4DA58105B47AD80418

    Filesize

    503B

    MD5

    bdbdd8bf2056249fed97d1e3a36f5897

    SHA1

    8b93b8c618e3be111d220ce2fd8ba4a909f08548

    SHA256

    c4e21da13051c8c25571a0e5de749fe7dac7507e569c2d580abe0a0c7e2fc9ad

    SHA512

    08de321e3c34a9b419cbc87a2df9084244f05af5e1dba7ee74b7b8b0dad4a205ac223e2fe1e5dc2f69b9e8ef2a27fe82886d6d12aa7954350c8a874603a81b4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

    Filesize

    192B

    MD5

    475fcccfb01652c682f9b4ce7155f7a7

    SHA1

    936cf8b7df8e28026e22c8596c5f2dd859bf4487

    SHA256

    0c90ebfc2202fca01e25705f09dab5f21c6901d0e44172d02dc86aaa282e7b73

    SHA512

    1cdc689bd6afb6d4937504f649db6f9e27b139058737bcb576ca7c24df82b21c62b6b1968ff9fb77e8c1af8b2cb85a597162a8d9d5aa08017acc5d2677f0ea99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    5814c68ef1198d4c8233fd22b30cb7ee

    SHA1

    a8aad0ab6290159c6c64f3ad623543ac304f09ac

    SHA256

    c593533a24026107899975727a9470454ff7026417612135f0c19b89de10f6f8

    SHA512

    220d8e8811c8134a5e23ad895f510b394bdca71ca5e02994769c693368a21485e7a046125d92774b844b69bb0373e744fe38fe5e22f94fa9a881c9cc1e39dc30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05e29904034367b3da28a8cb57c373b0

    SHA1

    ee84e565efbeb016916b476d2994bcea4f471171

    SHA256

    656aad60f48272c253f22a557cda881bb8dba85c89a7ea8f2aa0e41f36544f57

    SHA512

    42640a1521c7f8440252466b37ea14a245e17859375d09c99b91a0e883f11ee145a1f1756fdf36c6e738aa274fc6bc56cb37d06dcfbafb44e4e244c16a5ffd2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3480c9ceb12d6060a81a44b6c4354325

    SHA1

    480633483590a81759f4a298e4c15859ab195166

    SHA256

    c0f6a4c7478dc1bec5d356bff1ea90d01c577ba72070d7f411bb76be35078708

    SHA512

    7a532520ad36622d9772695d2652409f68793b60ca6ee6a1801d2a1bced40a6b603561df4528d137c413304f428ca3600931daf3e1119128021cff1ed2568a5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb19de67da747c1e36708f2b41126d2d

    SHA1

    04c0017beccf6f67b80f9995d9bf22888ad6046e

    SHA256

    d7506d6ade1da70fc1a243f563e689b0627a22d57d4b41a43a28869a1d571a7f

    SHA512

    1120ce6bb06981ede1ad7989a267456b71cd827036be5567c015ff77e25cd9813bff45d8a0d3ee690f5eedb706e8b4f761768567fdb43ff29134f80ca79eb47f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9eb22ba6c715c550b696de1488b2c8b8

    SHA1

    e57032a3566dd848edd3ff55c1a1b79d3e33af2f

    SHA256

    7fd892526f7076c642be0dd8974aaf269ae98d9d43785387c5b4bbed5874fe8b

    SHA512

    56c33cb7da86d9a91054628aaaee7f072660ba67cc60316116bdaa1ad63ad1e12173b4b706d39cd9f412d33b181d9d622deb9b01dbf3fb8a7cf2eb8148221453

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df604d2e450cfee89e9028d8a69e3314

    SHA1

    123d2a31498f42acfce14ff17017f8b2a6968d31

    SHA256

    e29d579f454a4f488f2f6ae48ebd6eaf500c83dec92d3d977c8195ceeb36f0b5

    SHA512

    c3f1592a7b824260f9e21d933739c232ac5faa90cb88d0f9fa13beaaef7445517778ff8a5c9c65ea34ca43b61772c7b6412311e59df3ee39bf96ecea78840f63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3181b22d21e0eb677b4dd58b5f3d6d76

    SHA1

    517fe3acf31814a4067eff1cf58edf2837d901c0

    SHA256

    287a5da29a0d73718342fbf5b97fc52f96105fa40d60a5ce99792dc8de777ce7

    SHA512

    fa3cf2e798c4012ab676e374f1ef0ba4955ec68de6013b0669831d94b3a7b19a269cf7f2821926229afa6b77bb75b5112bd4c92898208a779ebc375f63abd033

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14a53e1e25cc902bd9b56a67709b1648

    SHA1

    e6d4127ecd8dd74771b39b2d660ec971794c2e39

    SHA256

    364d76d76c1431dd194e2009b1ced2dae0764f54520319d640e170bc9bebe520

    SHA512

    1e440531a2b5ef8458846a125fd74758cca4f6e472fbced43af1a016f8daca76f52b5b482232498f82fb37f3f422194f16d4fbcd2381096c282f9b828f95d47a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe5e564fcec4e66f848ab70a322a1258

    SHA1

    e5009e67747d956958813b821e02a2d8fa04dc8d

    SHA256

    50f58ece56642b6119eafe27e35383473bf695a13796bee629c8aefe18f87dcc

    SHA512

    77410b33064effb74885e7378fdf27eb28c9c8f2fe7e7bdad2fb1c9fffe2278da45ed82dd9aa888b6eedf064b3659d5b73f7987ac2c4b191d1945de024c2b95b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c4e97f38f28e1bbda5c74b2e953e908

    SHA1

    bba6fc445427ac6f3231f79989e21e5b10ff5509

    SHA256

    6e691d841d417c1a22ee7b4b4586fe73ca76e1cb55ab61a6d17440a4ed2ea01e

    SHA512

    4e88ba0bb600c5a3db95aee372118e62f3226e30cd9c567c7b95d1e156cf848f2358111a9ef5b0f8d548f235c8625e5d6b4513672e11ca669260cc58e44a1c76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83a60648dd04afd8ac583c89c5935810

    SHA1

    6663933e3cbfc1ebbe076255c2353722aba9a4b7

    SHA256

    0001b8c76999d734c26f6a5a18f83baef878b4a7c770db50ee8b4a225268e5d4

    SHA512

    42aba54dfa0c833f3b32a3696095917bf356452168b0ecf7933f4e035aaf3d0c9c3aea977a3131042c32fc8a72a9ebae5ae42c9d9f73068f8dc3d6fca3b4e168

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd4c801cdc98e02522f75afe1b8f5b52

    SHA1

    1e208568360c46cd182dddc20dba03f9c57a7fac

    SHA256

    fa8400aefa350d426ba27ef5c003fe4d5df0554e9907279aadd8eafa64958825

    SHA512

    3c8ba54ea40d3ea278577e15127340a0c3042bf0527f58c543e1e749f7376711d0544a3f4cefaf73a02c3271312dce0f3ca2e4e2971465f4de9944c8543d5494

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29b9113934d171a0b024492e91d852f7

    SHA1

    2db0cc498351920076ed66d4938b48e8bdbbfbea

    SHA256

    74b5e57bfba86dffeb69a375f38ace75a71ed744acc9ddcafd89d643f46461c4

    SHA512

    e1ffa1000cb2c5eb82adbef80c240eb1ceae0d9fc7779be4221551e7ed5901542407d91310b187131d0654e4f0f21aa128606043b02b53492931ec48d41f21b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f9f5eae988ab873630a7866782746a8

    SHA1

    3b90c2728fe3317a46405befe06d45d815a25e69

    SHA256

    f3aa9d242bd7c9c6ab270dc8d81d3d90cc47a24233c0b3f35738f8e4d849fb9e

    SHA512

    0a20d26c2cf8342ec61cf8e9f7eb20c140621c275d757c001fb14c566685bf8344e0ce47d3eda0b0450d81e7353377332a23b0fc10fc5831dddedf8470c43985

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    46d0e067adb58b4adde3669a507740dd

    SHA1

    38bbd2de4674c66b7a870b86733472256093a101

    SHA256

    581cf91d84a38adf815bfc02f4e78715ba854442e3ebbb0f9b21f31933929686

    SHA512

    4ebf79f7121ef94181df3d993f77fd7dd4e2f458c42d60c1e5c28280190f1ce8bc0c7033f255cb39f17f6fe982901ffcf78782132c0262eba4e71554ab63bbd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    962987694be72ac62d78785b23a0a722

    SHA1

    299dbdaa6757583430e7278552b3dc669e292b66

    SHA256

    14336b6380fb8c8e9377bbdc24538d06b179163ace47bb9a8d478575515fc20d

    SHA512

    129d60838f410d928ff6d5c3a81a009b5574a4c54e821f4c497b0250816ece2af7be271326ad6fb28f11e4e5b159894889ac57e0934404f29e9aadd8dec2a082

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3582e2e96e5575343c9a789f68df98dc

    SHA1

    7fb88dd46b700f3b9379acf1e599b93926b40714

    SHA256

    e2f024a7e14fd0e7988492a2b49cdb510ed9b01dfe667e17f7941e6016258820

    SHA512

    e5bde82c9e84b68779b8747374ec5296de9741d99e4c53c21d8548034c9103219ffb8519fa0917faa7954d90cf24abca9beb2877840f73cd568d726483c6a102

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3de1e9ccbfa9a308240c3cd7caaaa84e

    SHA1

    117c46871609034cf62e2f67c4716939b26b09c3

    SHA256

    6bde7faee06c107b9fd5f041951f2bdd96eebd23fa1564255246e985360d051f

    SHA512

    025a59851f7af3ed5de4137dcebc6a3c477ed5cfd59655e8643f966790ef53a41abe6944ed1158caeece8e850ff3621e3f3b0db051d458d5cfa9ec80efec6c7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3840fdb1d497f7da500e0b149cb5ef38

    SHA1

    74581a958d7762b0a84c5f93d5b27c4f0552570a

    SHA256

    5dbf559b4cecdb4b05d82d99222f9ec74209535aa2484b37ce7c2aea15e139d1

    SHA512

    40fa7e955869784b14c95cd502f4434a562cbf13cdf3d0554563ba1fac2b7bb82b3577ade8a2183ec0a6d7c3a14c1f86a4673deeb348820621d399ead9756c12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7452edf96093959ceeeb0159e3b14786

    SHA1

    9b093bd9ba29a601317d3145c5340c828994170a

    SHA256

    9bd8511d625746716469399353ce74298909a64152d566b6190d4b3275ebaae6

    SHA512

    fe582b4bb24aa57295475ff431e4c4d71eb799156f9dd795c29545bcdb9424c39d7645095901468974330582a45631574fa8ec7d59de100f4b624cee58bc20cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07a2dde7d9c996b32a38d83c81100d11

    SHA1

    717d11748cb79536e714daf585f42d24c792f29a

    SHA256

    091ff3f676abfe83b0d35ac61a2a3d38b4fa984f9a03b5a4be1583b7a9e6a7ce

    SHA512

    65ce4d7f640faea8d0841c12d0cbb10c9a3e504b81b62f70254c112e5bb3a5544f1268b9483ec62f28f7d5d564e21e7737a2b3fe49593f30675301b8b845786f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ad33278090d6328a0f271726e21882b

    SHA1

    8d4a18d8702833f4c213f260ed2e5dd348d4f2b5

    SHA256

    37e83898b85d0b6cd9afc11f9d59f76a06436c95f24371069e17dd45179ebf44

    SHA512

    10adc03a550f5e2f5ff784388076c2cfb23e2ae25d36f592aad4a206982c805bc36c99e970fa00864d018e9fa7e28206c90a8626b19cefba83c1415664fd80d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f751160b86ca77ec4e0325a946bc82f

    SHA1

    ec4690a46735d2ec087634a44078e6ecaae886f4

    SHA256

    5c922adbfd9d056596e7fe968cb13b62244c390e8689668df550e783acf4f7fd

    SHA512

    52abe5bdae56cce845a6fe0f0f6fc83c6e51c888246a7d2e80f23950970c585bed1b2ef95673976136c4f0b09b01dcb20fe7fad8fccf917e2acba8c9f057fe32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    e585f052dfd6669f86a26c3f27dbf5b4

    SHA1

    3898111741ca87fe41aa4408644b01ec9bfae8ad

    SHA256

    317ff750d890b10354900ace387b6d8fa4e8960d41e5d5f03baf5da440611fc5

    SHA512

    584773bda1651e41f9e9bdd1cedbf5238d5027ebc7a3bb84430d9f4e04f26239283fd413e4511878dfebcfa214071aef1ed8d92b7aa9573c93bc12714fb60be0

  • C:\Users\Admin\AppData\Local\Temp\Cab2D4A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2E17.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2D4B.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar2E3C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b