Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:24

General

  • Target

    file.html

  • Size

    312KB

  • MD5

    28be84a174982103dfd4341bbee4f3e0

  • SHA1

    5c299ef47f2281d17eb39f2f236cff56396362b2

  • SHA256

    1580e4f84d62455cd661abf31fa2d9242aa01bdcd648cf22bbb4b98f0788a8a6

  • SHA512

    c0917f2fc29fcb515228f8d36e8bed006335db62eaf0580b0536bd147761e3f083b348dffb4b93fbd17b908f04362d0fec89cdb93ec9adeb595eb0bdb320cf10

  • SSDEEP

    3072:Ki1gAkHnjPIQ6KSEX/SH+PaW+LN7DxRLlzglKkVMr4:XgAkHnjPIQBSEKePCN7jBkVMr4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\file.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:616 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2216

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    903addc1b5e67d4f7be1110173e06858

    SHA1

    bdcbe64e21f7dff1cbc4ca9331c861a615b1b93e

    SHA256

    943f7c90329091aa148c34a25e3090dbb12809108163631123156d50059d981e

    SHA512

    7eecdcead7c871b575ce6ad4982f226bc5fec50b6cd1cda3de5ccbbd505a7a07b5cbdd5c6758891277e5db36797407ab1c59a33480c8bd00cc825c22a8c1e403

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    153c87dc4ec45a2ffa7fa91c0921cb27

    SHA1

    dac470195e25f94e64463d418d6068ecb2cd0191

    SHA256

    3f7f19012d19e7c000ec21abc5cdab1004a6763d8b07e476d272d2addcc322b9

    SHA512

    81af3d176f83b0800d2fe00b32f9a25227c0d63200f00c769e2d1520822885460553acd84a5b829bf0af9173b8c9fc3f37368eb1b7b339a75570e4c15631bfce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56c2a753e97a6a8806fd9ef9b4bbbf06

    SHA1

    e90461e4eeb28ae2ff6738222cd1f6b277d059aa

    SHA256

    8afe0a4c5aed648e5d5c6970fa6e0a3548908d8e5b183eebaef8e990fbf0abdd

    SHA512

    dcd3b7fe298a29cc68bd68c55aa029405863ae89f65151cdeb3a1ac7450204ab0cd8ea3d210ae62fe260f4fd58616b0d9e250c37d55865dc7420e2bf17ee9345

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81641ec7bb6199e03c888536fa6abca8

    SHA1

    b15cbd2e005f0aec53ec84d4410482680ab09dec

    SHA256

    fb229bdd159ae80a2a21cf6ca81bc2ad6ccf0813a5769014b4b337c3da826654

    SHA512

    46e368b1583e73eaf87cee7677307ce7db4ed6e6c48e415a31f8537abef711d218bfe0921fbf45a72efbda8e912fa1af3f608b1b4baf48746b272e1ce35d71a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c99f70fae9c866d1fa74b3589a370dad

    SHA1

    d8477582909a63d3d97c00ebe548dda863fd57fa

    SHA256

    9041e2105e579be1f6e0541be9ad94b539db06e5c97cfda782254b1af9cdc75e

    SHA512

    71203968693db16edfabc36f2c6419cddb116c18a64b9cb9716c37ccb799c5269a57a2ccf1c53e10f44fcc21dbaa680d73bf3d58879eba8ea28badc98ee76501

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db5efade47725dd02b2699f975ce9263

    SHA1

    54718e121d970a8a67e872970a3c6f03a15d08dd

    SHA256

    a02342a9f91d34f62e371d204ac14f4a2544bf35d03a1741900bdeb3c7b905e7

    SHA512

    0229522eb3bbfee4ef94447833b009b27ba9c29f43028c4ff027d7174ff6edd66a0bfd8015ddebf1431272f174d3795d390347cb725dda0b6450d64c96227f5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    989d8058cd156ea09e6e3a79f8da7a2d

    SHA1

    35e54893913841c91c61238e67a4427c8b65faa1

    SHA256

    9d9c8f0d113ff5d88fd04e4445d11b37eb2c6c578e20b4d265cef22425da4ec5

    SHA512

    fdc4e89eb2b0aedb698e665abf2d44852cc0d5b629fec6eae07582dc60848beda9e2c5f99ea827202ea99f4273d2fae8f216bf91514a1fe48a30bd25bba54718

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffea2ba0b083b4fbf3c09266e3757c49

    SHA1

    884b2eafc6607b4c061d9031af13bdf3deaa847e

    SHA256

    be7e9cbf4dc7d4757a35101acc5f5925a5837bc210675350cb10a34afc48a5b8

    SHA512

    f81ea5d84c9ef05cb72fbaa38f3c3180828eceb1675fcef3024cde6989f67c2591c199d55b31ffd315c3507adf1dafc2a74e8c73f784b2eed1f7af6a42d23f5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c3094ec7ed640f7b465f1bc53924709

    SHA1

    ea26f31b0ab6e9367256e1b3c45f44381e1b0b32

    SHA256

    333b36af5ddf816c1156380c887b07bc34c820629311d1c34181cfa422072736

    SHA512

    c881b5a2fc8866291cd3723e50f7b2ae1f9bdbf15b142accbd0e3417bef5a14138ce9a373ffea10f23dddf3b8a9873012a8abdf30b10db3b9bffbf83451902bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    344dbedec856fba54d4f1c37ba341f64

    SHA1

    095c1af09437985a27b70e0eac9dda639214c63e

    SHA256

    1c6e294ae33e118e8122003b4ddaad805d382c99d3f1455a0a8d1470bade939f

    SHA512

    87eaae54cee294161db2739f67d95a3af3de15e2497f981d64c114b9b89bbef14c033a49c682856a988799856ebc42cd96f751a4fdd33459d703a9da10b83ebe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0093101399cf2bc3bc4bccb2edfe921a

    SHA1

    d48711ace0122d46df31e91043d1561d727c6e58

    SHA256

    47eb3c9b785270fdc65fbc043f66add6f2700128ef612f4af4195d6ef16f3d93

    SHA512

    bb9f07102336dcb1fc2f02ee0d924a0733cd240b45ef1917da95f9d6e7a420131af55f7a6010fa39cdcbd27b69d766d5db92e0de60ec05eb11589674557d5963

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67c14b0f8ee4ee679221e2489d04d3a9

    SHA1

    f7b4240e32925ce1888dcb36df05826b626416b5

    SHA256

    8e7bcc8ee66b878afdad47ae4a7369dd73d78f313f85cab9f52ca2cbb59ffefa

    SHA512

    c4fe1e2fa42974a55c1bc10c7219d7450803622ffd801232b9a783b7cac1e98a2dc4f0c8fd89f73b5348983b623c269198bd5c75c47ea694977d8c78d15d11f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23a59ccd6c0cbbe2d87d19c5963d4fc0

    SHA1

    c40bb5932f32cfa1e6d5b4093eb9076ba8076b1b

    SHA256

    664c81134839f8504f3b1e29fb848aa738bc6c471d33debc6b34acb58703f278

    SHA512

    1fc72e1dae35025d1da5890dcde0aac38df5d2597786fbe52465c0135face24cb4469b8ef64a6f3d60168dfaaf3bc45b460479169230b2d0954ee0b40ec4b94f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    741838635a69a54eeaf5cfb4ba419170

    SHA1

    1edbe1cf15154410d03d5a82ddcb95015b09dc7b

    SHA256

    13c22508916d2a582acb3b2813aceb652ae78abe7d1a23208f248ae264b35801

    SHA512

    83183fc4a615c4a82c51874dbb68fa871440683b87a12e9d8c167683eb439476451d0af9c611b6b698d471803650cc54a882feb0187d9a4178638f23bc52fa68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0036e59540aab504618018b31307ef65

    SHA1

    35c719dfafa17690183777907ae2163b6b899535

    SHA256

    0622f59e89f2a6675f159cc9231c661e2a13ab30f12e5793ce3e2f81f35c6174

    SHA512

    dd92572c08b98ec4d044b7a3c70f0323782d8983c068e6fa3e93f5c1acfc38d3f596046bc2703fc771cf55051d0ea7758c71ebe2891558fe72ea91d92fe61425

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0ee6ca72ea20cb57fa76f8c871899e2

    SHA1

    88bb7b66c782c456aceae94178ce363dad8c4f79

    SHA256

    ddb8d5ec9c1d52b808b0f64a2007c07c2605bbb4b8eab824558abf11832d79b6

    SHA512

    36620c5cc0818f71b2967dfdd7d788c2116a16d0dd0cabb96e534ffc2d879751b98b1c099118ead5b0a6e04a591c77b8bc4ecbebeaaa18dcf8b8d97b86bbf6f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c4bf971792413cce5beda4d660dfaf6

    SHA1

    48d25f523e91dea19303072a177395ea7d13300f

    SHA256

    9f74152eb6980d46ac5478716ae074f6e4a22866d11d4572c2c80fc8c7f15df5

    SHA512

    a499c99c28ca060b4a9ca1f026776d5e90f5be762cafb30b110f060f126e77cfb1cb6d5a2ab16524902055dfb0b0bde2a16c08bc2f3689b3743c43418e88bce4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30772d8d901021f308dd8eb4e6f3216c

    SHA1

    d4cf7382276d7e156d3100483993364bc93bd10e

    SHA256

    95a11decfaf16bdbebb97f80d311a33cab31f179a36359493d7ebeeb7e4add8d

    SHA512

    ab80ab2d48f846c3a04ae490367c8e6d6867a180be7cfd9b3ca271c000213c6e54c464cbafb75268876e49dae73329046e5122eeea3a59abe9c768b286536709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b21324731a8400ed074e78113e74644

    SHA1

    5a4591d5efbdc4f7bd683bedd83a934c29052208

    SHA256

    cd19c8a64c7e8c561354705c96afd094808da364f4e4fdc004ab747a6aae3c0e

    SHA512

    dbb68af556507d88937724660a4da88cb81284c84cd1579cf1bb4140118c59f9e6854aaa1595242793605873c944631afeb0b0d5828acda3c06c080bea693513

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    438be6ee65ad5dc97e19b79e3c3b221b

    SHA1

    0a4fac6fd2bcc923a1a256a4618f5f8c65c165d9

    SHA256

    320b4e90b91f272a2deded7af45fea50ddb46c4535f9376250b4af8cc8bc94b1

    SHA512

    c78e1df10f260b1975b3f7282eddfa94f6763128a830e97e6a563e5f934bde23f30fcb192dec258adf4efa1b3479732ac377082fa09475f564af3cda1433acd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d66aa218cc8ff0b8486e6bbb13a8667

    SHA1

    238623b531bf7d89c4eec9c8dacdbf295d97294b

    SHA256

    91d79b02c3211b0a6b89ac07c9f27ca50f8f84cea103378e0c04d848bd0a7d8c

    SHA512

    2b5f51422243255e597ec29ca43c091bd7da341a4e4823ebd92095e9aa0424af8bbd9da5eef416e53987fbc4da8d686efdf207bcae7b46092e00f6856e8df153

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    318e606eb42daa86b5d7408966c783e8

    SHA1

    2d9171a7ec56585037d529eea7fc87b65d35786e

    SHA256

    659653498e9c617c57f1430ba8fdf47e501ad3c3bccdb8dec23bd09f8d725f5a

    SHA512

    ee8bb9d3d1e5a56b583f07ff594bc04fbf7ee59ef6c8fb1192cff5fed2526a962748ba17d93287550838a72d3a22f09d33124c83d8f1d54c7d43d4fdba8020e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00405b2c010208365b85907028119452

    SHA1

    95569b3a4ed2f0544201bfe5c6b0160072a7445e

    SHA256

    d137186d75df1485a02c6cabcc24ce1e1959003c40af50f7ed3abbd8c0b2fa19

    SHA512

    67fc65d4dc17a6a81136088646bd340cd5980c8ebc284a7fc491ed40cb89822b3aaf12d53c0112cf2b2f2e6c9f697db5620be5a88f96d84abda87b94bd33910f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f6c19ecac42ed3084ecde160987f8ee

    SHA1

    21af2d2f4bc356040d1c80b42b16f7ca37d7faf4

    SHA256

    a019725222e4171cb7f07b8f3333fcdb23a4bda0c1b43d17cbeb7f5016d9f3cd

    SHA512

    2fcfd9e7ea4892b0ace6967030fd06332373eb5010dd36d105291c35fd060d83829475617b7eb8e11cabb560d2440fcb107f9b55ebc253adfa19478b0c1c47c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b38229c2c9ed30a83714763540ab788

    SHA1

    b1d5a9a2c628c641337703b0d24b5731f9fad168

    SHA256

    0a3f7fd3bc1114ed2d4d6817c92db00ebe51687d7f9b6ab8859013c6e31da800

    SHA512

    d18951a47f622ee5cc29b48219f3ee27d39308c789c5f1b365d68deac8b32bc9bc2156f9934b0d7f6b79888151125aedf43c0a048c1334bdf628c094bea50e3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdd13b748a05c2ea7585a5d5a97f0efa

    SHA1

    f520aa580e15dc5a5de8ac2c7fc3e490df3415df

    SHA256

    793850fabcc4ebed3d08051da0627df9fe5a502499f12149e4de5aae9820515d

    SHA512

    e7ea12ef57eaaa396c09f67399c478e269448dfa8c0bb7dede4d9343a647f60e59978992649229b0aa8edf332708f9b480ffc3a531cfcfe5f5d6f7a6a537a44b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40e83747d6e199d5c25438a5460e2c2e

    SHA1

    624d17dc9e9e92bb004b0f14c3bb259185ef413d

    SHA256

    b9518451fbc308ecb5b330226b3ebd743b90a12a21be729b13fb49e0613cf24a

    SHA512

    53d60a06eeb6b16796dbbf4de720da3e529983867ca948bd730442bcf6079ce1ef0988aaba119825f4f73e1e4138665c6ccb9f6a26060a79baa2ba264f4c403f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a550f9c034b8bcd2a2a129003e61f236

    SHA1

    be7915d7871fc4cb8ee6e9c752ef8053f4e67a28

    SHA256

    24cfb7f1dc57b96cd401b8311ba68c010538e72f2563b590b90a4e12ac7c2e87

    SHA512

    a7a7a5dc4c2b1f672069a19f4226c3d37edefcbc841c2671929bee0848625837e76588a10364f0edde47b7f40bc065b10263625ffead797451eaf523001337f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a826be37c7264498f614b5cfb5a0505

    SHA1

    a82729b5872095fadd2129a8ddd9c764ce2964a2

    SHA256

    1ee5fda965c76e3d76f2b99ccf8ce162feddb2d663d3837e9390700c243b139c

    SHA512

    a0e66a6799b28fbf5a3cc81ed94678bb9d486dbd7d5b2948ef0a83fcc077436cbc07f17929d91c241e899a95ca4598bc5d9b723e285418eefc404febd36a84e9

  • C:\Users\Admin\AppData\Local\Temp\Cab1CD7.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab1D66.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1CD9.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar1D8A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b