Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    09-06-2024 02:24

General

  • Target

    XyB1Uc.html

  • Size

    520B

  • MD5

    e94599644c40d64c685a60aeca1c6322

  • SHA1

    96d56623f3eb9a3c7120e8487871517b58fda426

  • SHA256

    d1be270c73073f46b07eef477ca15e81df050aafa15c225bfbe1b8fdaa107026

  • SHA512

    1a2b42a0314507b04fc9990c6a336540df560b73050dd8981ee4c7b9d86aed2e1e37c659b33e5b0ac115f0b6b34cc66e74cc074a9a1f638398a3a04ca0230433

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\XyB1Uc.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1804
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1804 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19b2a7ffa5a1c10b2a4a2d317ef3ea10

    SHA1

    2cfc22dd827cf8b0daebec0e172d34197857d8f1

    SHA256

    4d5b5856e977a07886398801541acbfea8cae7b917de1bfa9a5d18af91fb5f4b

    SHA512

    a05ca98b053f20761e6b882573cd08e571fa226bc9816dbd89d888770ac0771100b3a62cf76696a12d03ed05311b2f0cc25335d7df3645ae3f6520479d1fb709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    232265758dea455b53aa351fbbb8a4ea

    SHA1

    237e1dd235bca5bf7b981cf8b462eb2e784823fd

    SHA256

    e03017127a42e86edca7a60709bcb6d03c8cd99b57590556a97ed583804a64f3

    SHA512

    2c3d1991aa686c5e3ca45db0843ef9cec4cd12b6fcb169aed826539b0ed62ec52dacca0aaab82775a7cd22291adf398af94759e78b3aa31c8a785b13f5e324bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b64d5e7dff8d15ef7ad8c8524dc309c

    SHA1

    cb94274053a9fe44b6347efd4622d6b7c5debe9d

    SHA256

    83b677f10de8ec555b4026e9375b7aa462054d64716fc3add2d8d8272cf16def

    SHA512

    cc068eda81d836f46ecb1265a5467770536edfda2ffc839200f1ac2616d7ca844e7059dac02ccf177905c3d2d5f0e933b0daa4f15dcbc6bfcbee8b7cc867a842

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f03869e5baa2531475084aa06b879907

    SHA1

    b34a70927604cbabda6307f0c128fe86393ecfae

    SHA256

    e9c26997560ebb051743fcfa855ffe3882a2da43ceb3d068f77f2d65746d8fae

    SHA512

    87fc1e8a4f619b1dd79a05ec8b77689cab035bfebc96e76b3fe7dea2d3e8270874599fe11804f7d08bf4309b1f0f273b95a2ed29b2a5dffd1b0ba3ba3ac9ced6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec5bef4bab57b540dbd38ce528298b55

    SHA1

    5a97915f884b3220efdac3861b9133056d964f8e

    SHA256

    2af42b481d70c54675d4b08b0333ba01453324c09fa124a4467784cbeee6dbdc

    SHA512

    c6289f2281d6d9ad2e82be9f450079a322da850f919444b732f18d1cff4cc88fbdde39da25be9f32f34ffd754e8e1dc9c46345a539a162e98e912c7b750f176e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    837aede1e2d350ea178ba392d1ca429b

    SHA1

    640cbdb443a710ab10b5cb29973fc6579a197679

    SHA256

    f647c4c52d2d02bd1023909c2020e8e7fcaea9be530c6ec905fbd45c1b649501

    SHA512

    1a6995dda479c85e39946e774ddc282cf19e76a01072f41da0690395d1d1f311bfe0f7956769d1c969f1ad92ce938e9176b489a0597664f99fc2899c1d6e28a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f10d1d8896dfff952d5dc65781d6597e

    SHA1

    06f154345fee2d927ab36f9e80c7049301c938d9

    SHA256

    7d3c7f10e72ae2bd8d167ff760da9c3b76071a9daf8a27a743c1221164924dc6

    SHA512

    4b671c6a95157a5eb8fe139562e67b22672168b3f8dd9a775621124438e2566cd976f2ab5eaf2eec1160f3d454d4d2ee3c3e3216373c902e4ad185f76a0c17ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd87d39344fbb6000d51a55690f116e4

    SHA1

    84b509141cebc303a3d7154b5aef576f206a6387

    SHA256

    650788f8bd846af861d90b953e055eef5c7afcc04bb0d412a5d14ce195bd8358

    SHA512

    7d8b7126fb12fd6383651837246a7a0426e9870a526fe1a54bcfde1f2f834f6a3630548101a6c1161c1bfb731dbb8bb44bb18014e85757fd5620830ad4b62848

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b0f6c62dc0a840a22e08a4db9f0264e

    SHA1

    adaf9868c886836b50788c3f884bdb7016a4e786

    SHA256

    303a09efc1bebcd6cb33ca4869b73c8b37adef902116b75c44771c4812c74b37

    SHA512

    fd67cf1a93acd0cb3f25ab775c40e3054fa5a14fac805bbb45f25b7b3ed88d51f5c5903cdeddb90fda045f134f39be8d587f24b0ed70782f8437983bfe22497c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49772a8abdbd92be43d344e5cb5b686d

    SHA1

    a159c1658775579943d52bb46c0d31d087f0d58c

    SHA256

    5a2a34f8e6abc5dfd555af32d331ece39434a652e3f0f85e073413e5e401128c

    SHA512

    b0fc1ef0d9c726ac59b1a331373be36f119f1bb7ee0c3583d3e019cb28f8825b3d701bd437f34aa2c71eb686bbf4d0cbfe7cf1b6264c4b4a20c14ac77dc01b6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f54f5e4763732d1f1ac9463ab8f4c9e0

    SHA1

    f47b4d78dad1dd77a42c45a568286e73ef047179

    SHA256

    8a11fbfa4ee3d054a835625aa98529553b30b9cbeb228615b0bb9619e86b459f

    SHA512

    e1e534e5ec580e7d874a5afb46d2cd5559b1852a5ae6010d7ee747b3c4bc658eab4b2bcff2674d08b9b9ff3a93e03df41d9e41747d9a3383f45b1fcaf284cef2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6db43dee4834f9b9f513ace54289b82d

    SHA1

    b78bc4312a7418f1c4e772f08b7b0f912b206270

    SHA256

    4d9de58a5824ad86b566e5ff99205f0e4b1e0fd485cd6248ce26fe374c8d1849

    SHA512

    c4e6f366d8e5a1fb413550152e22bed7f9bf3cf651bda3e133d1fb9c1f5b7066e42b037bcb23adb0a68e123a7cefe7f303f63163e45a195c20351ce7d3c39d77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a6e9fc8eadfc8bbd1a8f16b48b07d4a

    SHA1

    7871d55264bcbfe219309f5ac9acb8d6188075c3

    SHA256

    8064454a05e4cfb47995feda63307af963125baca93cbda070216ed9de3a1477

    SHA512

    868db87c6184dd3a4da138a25862d1ca17c41794c8b64b881020669156ae1460aeb26377405849281b250bb7c6e18729aebc36f70f6d1b6625383cb16fd66b4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0025aa0e1309595204f84f74638fde64

    SHA1

    646f64cfec0a0748403e79fe4b8a02152d1c0e1d

    SHA256

    724bb8fdfcef012f8b7f439829c5a5bb8488307cf1e282f9069af394ec376f36

    SHA512

    79f3a66028ee12f2243a6e8e4e9c25a7614853f0fff174fea467c1e78690f5515a23e407ac020a56b46dc51a2686daa7959b3e1c3390eb1704687403b3f77c90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da6a3d7b99fcfcacad13f3f7688303bd

    SHA1

    0da2a8c02fbe5ab59aa14d8e1f8237504c1efcd7

    SHA256

    8bbd976b8aee1202769fee0a6dc747e5d4645f06c133b0d1cf55baa0b3ed1b7e

    SHA512

    83144b37256fb64d323c6219cf9fe9c03d7e071c88fb12cd79c50bea64b1712a5c2e9cb08adfd62a32a21a46e236d8573dc19b98d2c101976669805783bdd152

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e69879cb87daaaf10b0b624b405c991

    SHA1

    cfd6da2f1feaab2285f3a11adbac4c545cab0643

    SHA256

    4e0c4e960eb112eda3288fdf149d7a45981e0f8467c6a98bb281066e7e44eaec

    SHA512

    a0dad8e69d1aa55a7fb20efb6c99daa6cf31789170a3b398f235bd5216885a3d571680b7958623f29d74d43d4a164d4529d161aacd863cf732faf266285df44f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    467324da391404fa983badef1146789f

    SHA1

    d0727db875f295a4ff45a6e2b94acc5be832b058

    SHA256

    0ea011eb44f9badfae8e75a8e9d9dbfefa75722bcc50b12acab2ef361e76e807

    SHA512

    5af92fa455f8dce4f19a0967ef83c08184e9d9d7b63cce004d12104134de4dbfa138fd53e978612e0ef3e659749cbe3d35bcb5a8d4fdef0ebc727b04e277f823

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aead540ac5c040c51f49240d961c9b2f

    SHA1

    c2a54ed5f686c2b735e162f2bcc2bdf4fd17022c

    SHA256

    b4e797062cff9ffcc4d0d5e7e4adc34bc8a6045560d21283a602a8b976965350

    SHA512

    754c20d99db7eb525e9d76376810494ec0f68ce141eb70ac7b56963da5ac784a4a6c60b8176f4d4d93a5438ba1d391d989bf0ceb5c67834d1081bddb968971aa

  • C:\Users\Admin\AppData\Local\Temp\Cab1FD3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar20A5.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b