Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:09

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    da19e12d88b911af5b755b2be0e26c49

  • SHA1

    fee472a3e4fe52a45c3c81c260da1014d5267c69

  • SHA256

    c5e4641dd5f581fcb40d0a725b89b5d1dca29f1c9d3389eb32114685ad28c6a4

  • SHA512

    7509568f4788afab61054e0f02588da497d148172f5b79ff87d9a8f5ce4c6304437871a423162e628f7dcb52f38f781f5175fd1780f9e701df8849ed4fa3a382

  • SSDEEP

    3072:SqcHHj3Ye8KzdyfkMY+BES09JXAnyrZalI+YQ:STzvzosMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    375814bdf6b643e0d73af8bd9f8dd167

    SHA1

    ebabcb192fd063e314d6dbe9c5d1bfed4c47662a

    SHA256

    14381b8807efcb0d44eef9e0923bef2df7f9967dbbdda9594da0f67b6b452659

    SHA512

    8d73d3ece70a1764de0a30ae3fb23014ab7c9789bb3a2f2c35f9b6ec477cb504f2b60ba6ef4c5ce330f56cc182185b74beafd0a2bb096656d5617bb0ecab6509

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c30320dfe9f249cfe575576e6b04226

    SHA1

    e1d5d781eaa5f79bf01bc33d9da8c221183932e2

    SHA256

    9cd14d9e34dc7de8b68c440f32ce5ac3309821ce32f590cace85fe64893465fd

    SHA512

    ba82c1de990744cb2176a5cf99698080add486681f03e578b9ead5d48dea6118e1a096c3c3faf1ec40cca83e7663885e4a56a2fd6f327b7b8f39fa778eb1f1a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29ef3d7c4a36dcc6c47fe26063d1d0f1

    SHA1

    605811d4618c2e7433139747aaa7003f5df0a2bb

    SHA256

    bcfa935d6aad61efe6f8f962c74e36043f2d0275819e19bb9b78caa3a1caf188

    SHA512

    496a21b5b19950b8d0193b2d812a7ca4b9598b764b51c385bf3cf8399500f5e305a130e5193ba4e1260e680996e6ba863af13a18f68480b4eaf347827bd1f330

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7004f0cd20adabe54a08b8e314b6ddf7

    SHA1

    965b5d6fabcc0de39a94b407b43da3d29f9e548c

    SHA256

    2c375570e3e76a1b5e98f7edf83021c37e3c99f85e1712f2c2cfe15355257f6e

    SHA512

    f2ae0f4eb028f02c67bfaec3e1ee2e0ef90ee7f44d4cc839f2bf5037111ab27a834c38d9ad451492b285c3d51c92e988c4cfdf4f5be27e15b3866d9722834252

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    009ffd91bd3ba642baa9deb7dac6e636

    SHA1

    80bd89339e26f8b951a841224cec7dfce76f3508

    SHA256

    25e0ae7aaa10fc1b707c2837b641fe4af7ba893e9da2dfdfcce2c6954d50e9d0

    SHA512

    3c868b061554413de32fb838b2984681b8e8a8791bbf2f0be3c0529ad1bf8cb0617fd5c26e7b376dc534dc91e990ab8bee6dbe32bdeae46ee4c6efcf7fffabe1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43da749345b5fc129b862015b2a29979

    SHA1

    4f09452bdf8244cb910509bfff8637af023c012c

    SHA256

    e139455d3cbb2c488ace450a38675edeec7facc92a64956904d7ac8e2d17c504

    SHA512

    c0b17aae43acc74a545492a8308a7cf6c5e391d95d64fe80fa45e0f4dfcdbd330a74d7956d6ee1116d4e369e86bdcbcfdda3e60e4c41ce3509d92bed18a0b1db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8df977b4a37a26e62b05d7795921d1fb

    SHA1

    4523333aa375507fd4c3582699e965e2ef254ce1

    SHA256

    8fdfef5b0bd55452dd45cbc1f4ea149a3544d59c9f1bfedacda17c6b3ec001d1

    SHA512

    a4ce15a13c113bd4ac41544a988ba24ac8a02dbed541b6649d546da436eb36b44365bf0e1de5312631a629dd42079be6d3efd204714434a92481639d609d1ae7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65896d7b1d57807e532180696bf604ab

    SHA1

    6b9c29858209c47a11c957a1a762659ebe638628

    SHA256

    ebca7f7582f8ca1234b3c4559361fba7330f648f4f94e8fe2264c77afff25027

    SHA512

    242a78ffc5ae3a6e341733dc1e3cac39a9d8e4cf870bec2c1a8d4285e39c076ca3b3863f12aa486f214d662ce924bdca05006091b4346ca9af770d5577acf1b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e9895b5e7d1aef0deeb7861bcc73cb7

    SHA1

    a4a1f0e43be4923631fa9ba7f85ea11edc504d3f

    SHA256

    63bdd104c70154f8f0bbae548152c94612d785c03f338438a06f964036cd7bb1

    SHA512

    ccca6b3b1b95de985f09eec6fad9a0048f9a716b8e42d03af07f9e568d0d16fd7d0dd792e951e39512342b01b395f326e1a143f9658a87c498d05f0ad5b9288b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b92337dd53ae61e0eb28f09aeec1b1bd

    SHA1

    49f34916c794691385890bb6dd4fe50aba8dc93e

    SHA256

    288a396c4c9bcc363f0faf8c3654283c551908857c17a5f5517ed3efd13edf66

    SHA512

    7bc1c731b15a9afce8fdc586c5b6514293673748e165a5ea12d590c66e21edae6edb9f0aed20b9d4b27742c903e57c5c02ad0a33fa17d66b1b5a8e04dc146ea9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae64f3e69dc20f8ef683f885b96b938a

    SHA1

    bda1c19206af55452c4dc3644abd83c9c5136470

    SHA256

    8455f4f035a802ec87fad8b5ad4e49fcaafdf8cc4222c3e3ed30bc7b3907f790

    SHA512

    f6e24a252fc872670df4f52a81092c2a3ca10c7f87cc5986af4b7f27ed88ec6914896503da62887959d3e0f01cb1011a55607168c6d844f3b40f5cea689a485c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    044beac4429a3c6946777f18ab744ee8

    SHA1

    5aad9432abb93e28dc0a6d3dfe9c35ba9047b9b5

    SHA256

    4ed5e5c13194a9a9fc90426f54a376fdb9fe4b34fdaf04dc147cdedce014667b

    SHA512

    1e609350ce9f26e4b16b9e9eeb0b601cbd40e3901003f8b56cf869da50c3f16591f8b2e8c2c44b7fd4e33224f1320c6ada5064acdcaa4ee87e5ab4aac1f79097

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c52b2bdf1515041ea178f642c2313cc9

    SHA1

    45c4dfa8ee8eda11723f448b74814e263061175d

    SHA256

    5e1efd06f6344941be27c2329edbcab5737ab20f1d21722628a277e58f914ab6

    SHA512

    87592f9e51066e09c4b7beceab21fa05e05abbd72faffc209586ae39cf7fb70e50d248065e7f33ed849bfcc015962829520100de7a1b0f28e4598c76735e889b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37f8810e391be28f5fdbe6eac17ec760

    SHA1

    effbd61ec6d372b1d8bcce2cf9cc545a7138c563

    SHA256

    f1cc4e1df7fcea254ac402bda4d83fca9c1ad2da94add6c35ef7c75289ac51b7

    SHA512

    e9dffa5e83fed51bf44de4a27544b328528be9af8ae1e237dfc9e070d77f8cd4f47cd78aea38c57ef5ff579126c323fcf51485548adc3a4925affcc38d3a4ef3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d265a389c622f3a5fde8f2a7813b9edc

    SHA1

    b66012ba7362ce2737948d338eb6a32a7c0d3645

    SHA256

    23083e343f5c158a649cda76e02818fb4ba8cac8cad1f323332e659c3866e3bf

    SHA512

    a05ebe7a1b0411dfead47613b754c90c7625c9052bc1bda83dd498b2737c73771b273e1c785d4d46db333aca5f8d5ef21659e064c710425066ca422090805ace

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0da491b1f6874da9e7ba10bf3b33b6e

    SHA1

    aa8666aac2b25cfd868744150d42f79d8c05e969

    SHA256

    5878c3bd4407843daf673190fa438c8da0322a4a86c2594b1950d50e77d94bd7

    SHA512

    2b8cf59cc0a9fa9891d240bd12a1d0c277e295b19ce3452e2c1829b69581bdf889f087f38edf6c18feb49f1232dd4d1e5f592e364ae96dbfb4984257c21eeb83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7e527727c01c86ccd5f3aea6caae02e

    SHA1

    4fd3ecc58b9c0f20c6a501bd244b93b90853784a

    SHA256

    ef4ad5d2a151a228fe0d80342a1ed8cde898ee367b611faaec9c2672323a5ccd

    SHA512

    96963d0e46373aa521baaf43a4f26b7589e072083f73f83b6ca595941bce17ad8de863f2368b30f6cd1effed200047a2b3906ab4ef5d612d25010b0eee9beab9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1a8704d9f2b9ba0aa3c956d2fd8aca6

    SHA1

    c775bcb1bb35cc83ad4d8917caceee434a6f7b93

    SHA256

    d3a4e9c373fca215f5d581548543a5f3d37ff8c765440cfafff13e625f0deb41

    SHA512

    00e4f4e0e8c3c9f3cbc80e5a86b57bc537aaaf5f1ea26dc4c5f4df8ff1ff91ae15e4de15a64a40bd87be69f870081c70b8aac3656b681d4c9cb904a9b3a144e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da8a962104bb323749fa2ba35e17e161

    SHA1

    68f290e93e6a8ed25cb341808781b044a8a88167

    SHA256

    1bd7deb239a343ee3c692ff868c5c0bdbdebcde9bda60f911dd55863a1ea09f4

    SHA512

    15204f0bc6d070c0ef56468cc9a185f1ffa3b228165f20eda2c742abff25f63a86ddbe2f66b7c7d1c130ef5f3fecd44862d35f7a7abb098e859575e38a9ecc8f

  • C:\Users\Admin\AppData\Local\Temp\Cab1DB0.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1ED0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b