Analysis

  • max time kernel
    66s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 01:53

General

  • Target

    http://www.google.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.google.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    7aef943717efc1848f0464356cd31b92

    SHA1

    68d79dff48f092a9f911daa66abfd904ad0a9b98

    SHA256

    d173861bb3cae886bcf146702c5c41c4d7c845e9f2c87451c2e01278854e7c43

    SHA512

    f0fc704ace4c59f29b7dfd26af77ca1a06e4ce70f91730bdad73b2baf2bce2f92109a615698633d9037761e5c9d22e8a9d445efa61d4015d38af6c04493ab4c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8cfc3a1b7db5e034de13aa65f699c94

    SHA1

    9dbe47d1fc6fcc3d922a3c8676c07b78b3bfca15

    SHA256

    751a46b5ab317472e106ff5d30e0fd7bf4c5150594c9f3c0b636a7a45b452268

    SHA512

    7814494fef437c0fe1b57f60c33364e1c2c05d8792600cfb7b4035a14e0d62a1e62ae0a399fef81c41749ceaa8d46d086057fb5fa1cd7d9d45dcd3cc6ba813e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6eab851400494f21a1dd326e517c06b

    SHA1

    626cd01a42b20813801f393f1fb3c8b096fd6362

    SHA256

    ae0f44ea567483d850f50a7126f4a8c1e20fc53640b12f3a5472eb6ffb7beede

    SHA512

    33ed68968069201f6ca253cffb82cdc6124eeadafab8d576c0ad992f63bf3729f8b76da55426b7b10b61e4b835a54d258171869b85fcbc505e5195bebc5a815c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba7b66b6dfbbaa39de2da4f8e4697bbe

    SHA1

    b7abbdfa7a182a26a07fe6cf6dbbd59214a27e38

    SHA256

    6b3900ef8c653c5acf7130b9cedb21aeb7a056e8ff0dd62cfa7084431d32afa3

    SHA512

    78ad4e2c76730d0decf7fb92cb3b52d90eedfaf6c8a0f758a7e74d7a35b39d2ba32efe3b2d7426434713cd2159927794181ed87acd7b7e28c4f9949e357bc003

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccdd275110da90ebdab7de78802822b6

    SHA1

    6c2d28b3a703424d64ca6d7153f07aa8820501ab

    SHA256

    a12852e6032f9cdafe50df4b07bbae8f755dacd78e2e1a3abb71d2288f98f550

    SHA512

    42f83133f69fbdb6d96c8cf4648c38162f36b657debfc5703eceb5b6cb6545ce7f94f6c80e8b6d856e34727da0661e07b1476e558a8688bbc138efda81455585

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9de3a76e824561734fc013b11f90ed8f

    SHA1

    96504298ab009fdec4b1e0e64cc24229413ea38a

    SHA256

    2916c21aca3b0656dba19b23cdc5debdc55109c93c82f715af819af7956ebba9

    SHA512

    911302d07dd9cb5cd74e3fa161a72f7e572cbe8c853acaaba44f9712b6bf0669cbc46dd48900279a845a8f8b06af38863f9dea028960249b24bd48214a8f5b95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2788fedd044ae3ea4c054490bbc82a17

    SHA1

    c4a230276cc88fa2b24d037654e321404b4b552a

    SHA256

    b486ff03e7ebeb2ce3527556df6ec5cfd444fbd0b473f121e7604dce7047a0d7

    SHA512

    e42da8a52ea72f17a94b2ccdc56e5df2dcbf330727506e0b8b36b7e0449823e7a8fedffd13d5d4edde9fc8fa715a48610570920e4697bfc33e382a61857e0861

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bb7e32a0f2ba2e0dd3c9a8d3a6168ca

    SHA1

    e3f115ffc70709306fc22634d42c8b7050529033

    SHA256

    ef266d257a3ed2df9fe6d1e664d5011e2f642a67cb9f2f58222f0643fcc792d3

    SHA512

    1ff0cd13b89c8cbc95ddd4e831a280a9550328e01bd03c3aba851f7753b2f4a56229b5e403def5b1b5598dd09e5e8928639d4d653664624ce55a365c7f24bcf2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bdebfdc748dcaee6fd0e0612763753

    SHA1

    7bb1494c4a6841967838d08316fc7f865bb78518

    SHA256

    ef5f577dd93d2e0f0e4a1890a7612f0107941cc564cd3b54ba401356572645b8

    SHA512

    b45362527571a4ca863ae51f5982d9b7c8dab1c0938375243465b04067d4611457da708c1658ee480dbdc4a8b170e90ba2da166954d15b6ae18f6b351eb8c16e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68b82591561e8aff78bff59e81c915e4

    SHA1

    1484279fc32a9d6be840e0d9f7c981446bbbf71a

    SHA256

    7bb2088aa82a991ed9e7d13ac43cef7b981896ed5496fb0d998de28f410b1233

    SHA512

    aa807d6800bae0755933908be0c4603914b700ff435ad848a4e55570b9a08681c65a6d98c3acfd584610c990841723b603c99b5c3787d09825ad22928caccabb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cfdb52252ee970d9bca5217aa645fcd

    SHA1

    dcf44933761e7c39f36398ce9cd691e0dbb69bc9

    SHA256

    6bdbf1e970da5f4ec3b58bb00fa022ec459aa8bf6752c54efed08b985903da4c

    SHA512

    10aee4faf312125f8ee5ef904232fa64fc761af4224a8e38846e1155a7c622fe810dcf54817151154e1622c8ec3f76e1fe11088b9d2f5fe780a8a0dbf0678542

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cdbcb218d25a3c880c98b7e626db50d

    SHA1

    fc35b8126c53d5470922bfea4b78eb268b383e67

    SHA256

    95d2500702106ddf86c0682e64a171d1afa7b35b1fa7098759c8b5a64e9fdce6

    SHA512

    2869675d143bff275a5a035d5a821698bd61d3b0d416a8a16de716a246bad515327f255f77fa7cb98f8319fb576764a4f2ca3eac1037271f64b8b216cc561441

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b2e2d72daaaa47a8665e27547263a89

    SHA1

    ae157a23e5226202770dd66a5059bf00546a201f

    SHA256

    97849d8a2adad9968e3807bee71ab1ef10451d3d28a832d2340dc5f600e10b32

    SHA512

    d38ff8d20dbe75dd7c5c0b33dc16629c56cb1830987ce13cc0c511211904c2ef84663f611a1216f4ddc21dc0fc132ebfa441c33f83da8c3a6c8c71f5a3195912

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80d95c0d6cf56ec00ab448691334fd92

    SHA1

    e0c900c7ce7668d56a4982268db9f4fdbc48c28d

    SHA256

    86e5630861b0119dc532cfeedd78d8fba62f9b63d812175b90ff362337f395f8

    SHA512

    3da25483f10354c31bc17993c473e815b68acee7bd60e6e990508ae77267bcbbfdaca24896e6365c86c837148d0fd1e0d16e23856bd0dab2344789daae788141

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08b494efbe2d66073a3aec19bbb96ec4

    SHA1

    5610f87960adfab87050ff1c2f4f3973dad8e5c5

    SHA256

    14ffde1e71a88ecf753f18086936e8100a6dadadd6cd02fa0be5f8e49130c082

    SHA512

    be5d783463f07cd6a7de6208c19c3fd7e92c129fa9f1b557dc67cc8245d15d35cf86346353e822fc7e7c2096582d155b52bf643810dd08371d1b59276d1a849e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f65d324e4fdb998ab1bbcd3db5050e8

    SHA1

    48e84b633c379bddd985155b98b41a7f91464cb3

    SHA256

    dff061c7ac5845bffd10c7b22928dffdcdbc997633c646fe635ca3a3d31bb7f0

    SHA512

    ace5153ba1c4dd7de3b849a2b943e34deb95caae1bb08cacf503aeff6fe30c61d77f59ea95dff1a639f3632eedf687e51a81abe6fae0d00890e1df9298de173c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4588568aad07ad155bdf6fe8e57b4d72

    SHA1

    7213e6477d3a3a7ca6cc76997d1fe3ef55b9a1fd

    SHA256

    4a182f41c469e84bb4d4ab48a9e42fb5b9d3de6a92ca32cd3c4fa3b0d438425c

    SHA512

    d98e0c44a82acb81052ff0040d6ad272fca06712c4343a08fd34f237840f09e79375b969a92ad56b1437c234e85a929de917d32b245bb5273ed27ca859f7a3cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad1ef1cfc928e8eb66fc20e60dc92579

    SHA1

    9c5d0d362f423e6491b7e0df91b860472846e0b1

    SHA256

    9b48115b707ae00c43f9e14655df53e9acae59f36fac47d661d16508480c1cd5

    SHA512

    9f22b34905e912d803cdc3b0cb515dde9ac589d6a3f985afd71afef05151af509020b92e000cbd64c5e9c119046ff75f03f3bbbfc275d3d36beaf2e120577a99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9d42cb357e7390b22c6a00e2485b9e1

    SHA1

    1162aa36816113bd1e40f59a35a3a9131de1587c

    SHA256

    a617e2d206c13f99341e6a4d550167deb4ae7f2d50f552e5c4bb49a3605d21d2

    SHA512

    6d1beb1f847466470b1e1c38544b43f06d254fd9a3695f8ebb6feadc5693dbfef25a1dd8128baade83cf37fcc71e4bcc52ee4ea59081cc48e49361df453b849b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    745c7b735ce13a47e595483dafa752d2

    SHA1

    3273ec9adb058613ad579c134cbee630db8d922b

    SHA256

    ed1ab71f0e723305bc7584f77716c37b0d007fba74ca06ef8dd2b0571b81b2ba

    SHA512

    84c522b269fa620e8b56dcd73b523762c8f1fd7b2f1e813c619749fa88e300ec8fbd80343bb2883436868213082a70b2e75f2d8ddfe66f4f54bb3c7a6e815450

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    24fefacf9415b340704637592e9d1d58

    SHA1

    10d89321b230f065f673c3fa213e2d07d3469fde

    SHA256

    96ec15964574fb8b6bfaddb8308bd0c2968602c5ce57c9f3a0db389a5552dd86

    SHA512

    6dcb9d39da9189aee8792bbc4a811a378185a57739d2806a966cc1bc79aaf3c17743bfd6accb51213f5a115fd941f4fde6bed95dd2a65f8d6e25ad200c79c7de

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\re26ad0\imagestore.dat
    Filesize

    5KB

    MD5

    63ed47841635d79b84cd0a29c899d4d9

    SHA1

    a4f022dfe08082f8802bed6730e7dca4a669c4a3

    SHA256

    93735d6831a393b9715607feb28f1807b187b319847364390ab0416d66a8758f

    SHA512

    383ab30077e02627bd4efe6f064b81d4328501e20c8f72af582b23b7c6a692398a96d71ddffeb49408a1b1408971f8a6a9840b3a44e729029e9a89df0462bc0f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

  • C:\Users\Admin\AppData\Local\Temp\Cab3FB1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3FB3.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar4093.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b