Analysis

  • max time kernel
    121s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-06-2024 01:59

General

  • Target

    6d4d4a4488d7880c6ee2b032cf25682a9c1b59bfeefef5530ecb36035ac50574.exe

  • Size

    38.6MB

  • MD5

    df99ac14410ba32837617246483e2626

  • SHA1

    5afba82b7548cedfef1c08cd436a2a5c8bfbe626

  • SHA256

    6d4d4a4488d7880c6ee2b032cf25682a9c1b59bfeefef5530ecb36035ac50574

  • SHA512

    e37bf035be81fce9d4804da0646556855fc225d27bd89423187b30e887404966e4726e028668bf4c3c2efb87a2fdb9ffe0d8a5b21d8068d9de66f2dac2f688cd

  • SSDEEP

    786432:wdn6iTfRwFOUPofAl2jtycEScDxvVhyaPZN:Mf2VP9l20c7cD1JN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6d4d4a4488d7880c6ee2b032cf25682a9c1b59bfeefef5530ecb36035ac50574.exe
    "C:\Users\Admin\AppData\Local\Temp\6d4d4a4488d7880c6ee2b032cf25682a9c1b59bfeefef5530ecb36035ac50574.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x86&rid=win7-x86&apphost_version=7.0.10&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1204
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1204 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    daf09f1a5a8bc201bfe2a5f6141228d7

    SHA1

    4c3bf6b74af1b58f6ee807891fab95a08698a074

    SHA256

    b4bf7dc8685dc3a907bdc4672067ace3365d8b157bcf669d055fdade892e7f99

    SHA512

    855f459dd665d40cab7a2cd31f0f21e8cc7e7e86c27dad4ecd4fc9f244a6ab07de4561f472f6641bb252e0d5609ed34ba03245c61539c9e2f05d1c0218dd1cdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    165b28a5efffc2416f7e5a8ff09b4ea0

    SHA1

    350e7f46448891091ef71f76343c042ace43e14a

    SHA256

    ebad2e8e55ce57acc92e6e4cdd293578c67994fd82b8b09ba5a20c80e2d4021e

    SHA512

    9732325485589edc9e02dbc15b39696dac6a7f5ef57786f841180a111075f276b2de983c460b100ba52c7cf8f6358f156a5e9a51cb9137b035ba11ea0ddec670

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b4f0587ce499007ee6f515e0d4dbd65

    SHA1

    55c5a8852edae542abe92913a510fe2571c61093

    SHA256

    39611c70fd3dde093ea0a03c573e7158f9adb4cd36b27cf519728e1660e4f59d

    SHA512

    72b78aa12a495f7a86739a8b5b45389269ce7285c3d125ef36bede8d3bf157c218333cf3123e9a4c059b75dc0e3443846d356a252a8101e868d34eefca3186be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99845bb41cba2697512262056f276657

    SHA1

    ca6396c37c4ab87b10a02dd369a384d6ff20989b

    SHA256

    d5cb48f0ace1af523424460c04bfe82fccb52a4833cb099c7ca86954f68cc741

    SHA512

    678f9eeed48d8910a3a4504afeced916aa763d3214e20c7ad2c438c32ce0c6270bbf63b00cd671270243d17e24dca652d8c19a836049253a02216648afdb6488

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2430282e67b6d8b94dfff353fc1c6082

    SHA1

    0d5e45f1847934fe4b18e24e5159c44cdd061173

    SHA256

    a6f0f5ab117c8a498b6a4cab8775d929bb95a7f2d3fdbbd5c7f6c1930912c262

    SHA512

    d63cb09792ae20e036d73650d37eae9ba9e6b895c4266c8d45e1563b3ad02af820a472bd338b691f9bbe7e638fe633d4343593b5c1d4b39f0ee3f3a50e247884

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d6c20e50c0fd2883c041689da7876f5

    SHA1

    f397e714d17dd9035c710d0eb171a12319822d17

    SHA256

    286f93fb9c7910afb522dd9b84b841297a8c3b4b4648aa15e8b8755d81a886be

    SHA512

    cadc66e51abdff97f370dce7a66d829dab035d0d85bf5d412e28393f1b57ed4fb1cd455579493026612c476c9e3a9808f8567e50f50c823a43d4fe567c4a8b68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad174c321ac179dd0530e9970e4b4b87

    SHA1

    aa3a39d2d0afea2051df361e044efad160c37e5b

    SHA256

    42ad9bc2d433f939f0d9e56ddb4bdc628050ce48fa2e28bd1d459cbba0a8be4c

    SHA512

    6ab8280ab92523e174a75de6fc6755ae6a063091b611edee731ec105788f804d5b1ab3bbcfa162453bed5e03b849f57630cb4f15fd965829f7f8c6a125569043

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f7af96d6e49c9eec3e4b1f031d626a2

    SHA1

    b3a68ce44f2e57cecca4f9cdf9a46738a20262f3

    SHA256

    be07cf706dd70aae02a139d7b65d5b2d21dff28369279080a917ea0188a63f8c

    SHA512

    4fd5a98f44a0070ff13c6c8e47ef52e80a6ba08a98cbfb4861b0ecf88010c7fc85e050b6bc7c6547589c96dd9b269e8cb4c1b82074d18b1f7d787e4900c99299

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36b744a6575b2e3f0b3009756221eea5

    SHA1

    60796aea40db8e202d1ab3a9c293946c2d815be0

    SHA256

    eff34e434a262b4c36c40639fcde024b127b4a4b29417b35f8772fedbc64ad41

    SHA512

    28dc7677870b6f2f448c6d6efebda3a7dd158da139960bf02c8abee3380d866f498333ab3e698309152749417d99bb1b49e1617a8037bdc72a225845626c7008

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afd2dd79f172c5c331f6a6dc6b180200

    SHA1

    3cb80dc4a99cdb68419378ab5c7c1d04b3fadc47

    SHA256

    02c20252420f21832e8b5115b4e21aacfef141abb4ddf57e44944a3805c87fcc

    SHA512

    77b87d931887202469d61e505099bc7275d9b50aabe413f7e18f46836dcdb310107f8f5660b6c1d081013e9a04d14c59969dec2583b0043d10ec8cdfb6a70022

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a47f823d468dfe6a670d67d1e965942

    SHA1

    d57cf3c5c0c09ee074f9ccee8a5bd67fc6cc7548

    SHA256

    287d57e34353a5bb3c2fea37c17e4890338100172b9e236d4be279d5a9d434c3

    SHA512

    85a658fa5e8b5cf6ffce3fd007a063eb9c64fa7c1efa2829257d8d7a17a72d01cb84ec3974056f0778e8112e7f26a63a9c4e8348695d7cb77728838c1fc386fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d539d620723a3478ff749ef58e1290d6

    SHA1

    7dce05f905dba453e4fa86ac96c02f82df3517ff

    SHA256

    9b8f767914690b0c253806a3cf7e935bbcfb73f6f4519ebbcbc04f0e18997502

    SHA512

    5a3ca0d126bc8a6a4c7c43cacc835a34dcb9d2be86962d55cb21be413f294b6ee1c3757cd9dfaff193683add215aacbc3478928196d39ad56b943de9163f7f5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    347bccfaf78954474eec21ae159ae516

    SHA1

    0cccca1c55ab5907250543da14d1aef8487a7446

    SHA256

    7dea806c4f5fbedeb30faaa3e6ef39a418fc706d1e8dfb5ce1934e5d789ee877

    SHA512

    d0ebb2b4d0b4fcbe8501d9965faa56ff1924486d9318acf1ff18866aaf87029ebac91e2f8fb3496a8bb43bbd63b089fdde43dba93b99d79d3a961f967b074ebe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23eab086286a7fcda5d1b4c10fe16342

    SHA1

    deeac38d783b534614aa5f2b2de7e36d54990c2e

    SHA256

    cd6ee2f6d3e256f90afab50fea57ffb5bbf267074c96f587f4e408bab0fc2595

    SHA512

    e160f249c330b0f5a748a8c01452878b699eab9a3fe6e2ccaea2969e1b1b2ffb5092e1abcb5b24723c3856d50c89e11d3d8c99c2323d5793355a88c54fcac84c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fb5b3004b7a7c2bcad7310a88c643d0

    SHA1

    48493bffd60faf4dae43f25c61151616e65090de

    SHA256

    3ecfa09ed1aca4c3d826ff0e5826ea2b295e15fd5d9da785336b6ce68727702f

    SHA512

    623d3649bda6bddd2273821e6db3ab91fbfc292546b7dbdf4227c3454a318b0bb127ac49d2dbb63bb8d95df879624dd4c9536e8e760e20933108ec6d097aabef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cde142d3d09b3c65edc19e8d4436896a

    SHA1

    c38a87e5032f97f6fc02262f43bac4f0a0c32c4f

    SHA256

    8f587acead44b09c69f2d5f51a8a2365bed400c38988901807002baa4cff77ae

    SHA512

    232a4e32ec3d425b9eae028a91869c90594d3183d81d5df95a1cc9dbb8c46423bb45eda30ae88fca4fbbf21388f4e4dcc2bf80212aab590fe83868cbf78f2a2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4b91ee0ce70435bb1956d75bf81d6ad

    SHA1

    973891c5037cb4b4e0e8a6bba9c791fd3152750d

    SHA256

    f912714b84c05a6a9028b5df338e6804e46cd38ab6d63692038af6b90c727dc7

    SHA512

    db2ff59ae99f3dfe10d900b9a33462a1a353eb91ab4694611a294d2390c426028cf8e0aeb1c8c8515453d14dd3303ab8ad263b9fd362a531b18285b09392ba57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b63d087f123aa668478a21e57da682ea

    SHA1

    4701f9a3346efc2727f4a792530be866e80559da

    SHA256

    a171d1f6e32ba32b0c9c49a553031adb8e3903edc4f822be35fe5a41c33c88c5

    SHA512

    d49fb51cdeb3a7bf0ebcb615c164c0c1fe57e3988e5d74fb346a677a6e042b6b8d335d2fb79e0a2f49bf011b27f28f470882071b2fecb7f21fde8b75e8539514

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bcc0123fa9d8b56aac3e2a5c264d5fa8

    SHA1

    aefcb8d8d99feba93622718b8bedf01c9992469a

    SHA256

    246098f9c54763fb1650eaf69d41fea7a7e155f973fa9dc68e2ea60c1f7d4199

    SHA512

    02e932604094aed009c3ad4f8af6ff3753140fc29c98497a979b3ce87bd0397332905b678c72faaa085e2fd8f4bce18c2882230924e2c2b386d90a780c28b0ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56145db40f66873ca9ede2067496af75

    SHA1

    2db600e3b8cfe418b0054db6a647508d66036e5a

    SHA256

    b31b4cc99a1bd3e8d7b03a082ec18cfd3d32823fb8459c48efd16cafd61bf3f8

    SHA512

    54052b4b0fe9b0d2e508511224610a760eed4a7a85b1dfedc2106b915c248ea215efa68108d2724bb3980b4f5d1203e2cee0f2814d062ab49d403362a25772ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3498a14fa66cb055b68512c7f769600

    SHA1

    326789f0cdbb868d3af9d00144e0bec48ca01e26

    SHA256

    bc156dca1d69ab8fd4568bfdb3e56d87c07fbe7ab610926e5e537b6fc71d1849

    SHA512

    b83909d3b086460cbe7ba23f99a6e6afb928a0ca0c94041109c437cb1c7332d3280ab8fe67b494dbe96128495c38428094f313725c37fd105db8497a54223f84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f9da28a5be0c4bb26d5fba0cba874d2

    SHA1

    e9fbae8e4862a35c98c12b699fd25fd5126c84bb

    SHA256

    5afe0affb80c42df2c254bd6fb7b8e4fa0d40407ccf69ba4b043801e94d8ca92

    SHA512

    ce83d572c7da610da1326b27ee9b823009b48be98a6913674763b4328c5fc5b48d452d96cab02f677ed436bd3db9aa0ba6b03020a8b71cc5d9c2a08f6d03f533

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d25e7583ce8c2c929acf61d7b09f42cb

    SHA1

    30fbb65693782cebdba340c45306034f2084de40

    SHA256

    acd3ffe3c3584b96023973ab27d70f27c3f1aabec58514d19d879318c7e1c53b

    SHA512

    eb7d3e0e2e26cbabeb3a6f4c8d82829c696853202f254d450b59b8093b65b4581a878acb120634ad63bb4eb78d29654a9571827aca95b2ac4c9df8a63200ed52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    407cb62a9f034796d51e756014388f5c

    SHA1

    ace3d281cb09bb42b2448ba1a90a17b9d21ff02e

    SHA256

    691e4b27a344c00998e09e0559547a943784c23a6aac86040776bbbd967a04c6

    SHA512

    2b622285cb8e1def0cf268cfafc8e593288f77d9e0041cda9b6be98cbc2411447c444365f9e920dcebf73c9d91e3f45e8f5f64cfdde8093d8be14832d8a6f025

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1020b762d0685ff526068e53c172a55

    SHA1

    f86a970f96a7c2938240f3d3360e18e7abf4a985

    SHA256

    6f283da2aa6a6a30dad668a831bbc032303ae4e4497b4f026709d85dcac709c0

    SHA512

    15bbf8686a4c517ad88f5f342010cc122a5014fd9b951cbffe9e8b74a74d6d17a1c4d66686be42301268db8f017c89dfa21fccb5e0f981494b7c95b15517f105

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a3b89cd147aa5e0b40d709546b7f6ee

    SHA1

    a3f5404569408e6d08e05593a5e40981e720a1ac

    SHA256

    251ac6a504d85195debddf0e29a3287aefe8c8d3153d259d3cc5374acd75eccc

    SHA512

    0299e04d518072c8f9c1ca6e99e2ec782c71f8bb6a4453386d3d38e36d3c5e0a7538836a05389da4013c530ab5e5bc86d177af278347df9fa99814db6840efdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a13de6e1c88965a7361f8dd75f341ed8

    SHA1

    46668f276dc7e520e697e0209b3ef8799c092bf3

    SHA256

    ddac6e1f2598371fedc7617867aac6042261923e8c5be47aff9da1537c6afa2e

    SHA512

    d3bc4b5bfeee5d75080495082b778938b53b373f1e40eabb5f5c4e706a4f04a4044dba395a985c702ac7312981dfaf143a3b6e959d89a694d4d644ea384bdaee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5aa36b979b19e696f7de50ff3b515d23

    SHA1

    4e2617cf96c834bf857a619b640dbc2bac966e1f

    SHA256

    dc5a6fd4e14490209cf9ded585151be3a54a46c4c434c6f03ffdb0a620275041

    SHA512

    97b78eec0ebd3e0c27791c52c96364aab9527cc83b92b827b7564a2bc337afa2c3b0300afe81cd6d58b15553f99475d0bd78fc0c1aa7b67a478523dd37b4b0b1

  • C:\Users\Admin\AppData\Local\Temp\CabB981.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarBB9B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b