Analysis

  • max time kernel
    137s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:10

General

  • Target

    sample.html

  • Size

    220KB

  • MD5

    c678b837b3474cf7a7553e7e34fbd015

  • SHA1

    14eb31778ca2be4e5afa53d319fc25c595c25c90

  • SHA256

    15c8b7ed2f6b4b1dc0bb819208b8c2941240b842e61286045466d648d7ed4fbe

  • SHA512

    6344b38cc96b9ec598b494a645eac051b4b6cde65c0116e896cccf2ab53c7246e12dff481f589670cf11397541983b98fc9c0e4dd948fdf2fa4ec71dc30959b1

  • SSDEEP

    3072:SVXMO3sqsenQDWFgIyfkMY+BES09JXAnyrZalI+YQ:SNPsiPFCsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    db89c7832393d44f6f404b8cea729d8d

    SHA1

    74ab8cc01362c6995fee762f756631f79f7a4731

    SHA256

    8f0a519c0263760a395cfb421fa735ce9d2d189b88c9bd54565572d1716084af

    SHA512

    84db45c91773bafbf1fcef7c00880dea8b0e96b95e7d989649429ef90cadc65b4cd0115a04782a485428ef4d6122f7a8b4c9cda495544eff5d4cb5fda96d38a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    973e8b3fea644d1e0720dee32ae82058

    SHA1

    237e95eea61d173bd3e19b25863688cb8dae0143

    SHA256

    192dfa857343c0e58490a090791ecb17f299a957f6a48bc92d7bc1a72c53c436

    SHA512

    ab6d62949602152a2335f9229c4d957c90514584f0de2612a7bb88b4e1352b809ce13543f8099459325fe3fe8e7d7612bc7145e22b32930f916e9e90900f7cbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64dbd9fd8e30dd3f9c26c6e70790c19a

    SHA1

    6067fc08704714894ecfd5964dbc96c8107b6f58

    SHA256

    94e72eef62bbeae4f13e158cf9fa118c75ee7bdc0f9d4fea6930eb35bbe48c8d

    SHA512

    300cc0137544bcb78db3be88fc4958f13e848da36d11310594115a16eff92f00bbb0194c19576461076f4b6dfc0c3830d0d68e2a9f4df4e7d834fb8b6fe57d0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb85f16aa300b5dd47bda7a0f17ed95b

    SHA1

    cb62ac5b752fd2f57ea1f149d2078863c921048d

    SHA256

    4425cb1fc559eec475c2f6d4eb3cc9c647258e54dbc2ced7829589a1719e9e53

    SHA512

    c009a864ebcfff1b0fdf359092d350effaf3c46262b36cbf19fe43944f9624929a9fc6e355afc18315106b0831fe945b7f31a53bb7d11bc3b954fadf8a5720ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8c53ca2ddbdf7a8507b25b0709cdabc

    SHA1

    a43d5326c26ad13a91b019c7ec73c2fe89ba2288

    SHA256

    7f42150c05a4046d78701bc00bfed7d0aae353528c9799afa95891922a971d4b

    SHA512

    08351ed863ef6b7fbb0aa6dbe875439c01ef605feacbe9522532c403872062e27acf82778e86712c3621b429c46c7b608617053aafe29a36983082817924849b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4e7779864dd7d2bd70eeba4820783e4

    SHA1

    1d73bb2112b772f7169c89cf96939408ea0ef6ff

    SHA256

    03291166ae3045e59225d606cf5791829ddf222f5d6620e142c601bab5503f54

    SHA512

    76d1f3b79437d6f900c9f1af56830621a00d9cff936c85044399ee1caef45d3370c64cab4d4bc082d023a9c376d8e99915e20704257a675aaa0e5483bbf60875

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50ee9bce21ab1a86dae1876f0d90e814

    SHA1

    660f951889b94a76aac86dcf67cee4697c7f250c

    SHA256

    0f898c6231d7d60e4aae0e27b6fbe46e15e6e86904b302d35e13210ad0543cfc

    SHA512

    d38a1e0c0ada70d0b94f6eb39f1df63ccfb417eb99671d7ccbbf14769daadec205c856ec0ed49ff43c37c5ca89af3a56878c35a13016fb6ea63e07c2462dcb3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59683643008b553a1ff30552a5b4e2d7

    SHA1

    5a6e9477b4a67d07b6f99c0d980238842b5158b4

    SHA256

    3ee2ee9080369ce02eccb41fa20aa4d1a525773968467dad176bb169490fbb76

    SHA512

    a374ec85d2ee6433102e839d4db59937e92590ea6eea0e03a371c4b1783912fa67d6e14c767b06c01f5cdb8f82a013414b24223cce6ae4a5133579c8ee8eaf87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ee8638927594f8f7143b48a7fdb8934

    SHA1

    7bd558d5ecaa2de08a528df7593eea659289cc1b

    SHA256

    d36baf92038ebab388c11f0060aabff7f87cbc75959a6a57e04fe77ac46286d1

    SHA512

    3ef4e22cb5570e84298e1b1c0e04077dbb262264ba0ea28932f8921c3e78aee807274d2bf494bd9d9b32118adaeeb8aa8d58506166aa03fce4eb7e9725ea5912

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4185b4c04b6f40b0385e0b84b44a0534

    SHA1

    3103c4b2855dc4e7a6f69117d904032b7f83b73a

    SHA256

    a51752eff1cd58cb4c36210d9392e2aab185cab48d6df144aa0b8a0e760c6ec7

    SHA512

    c8b1a7d6aca909933c58d559781e998339773bc95d6ae00584a572b33f2cbc45f0493277e326ec3a07c102eb2a8fcfae604ecfce50a17354b6bce49904a50508

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e10e51c062af0b09f56fef7c5e4778f

    SHA1

    b57c10479f05dad27e7792a928ed6bac62429233

    SHA256

    3ed0fa1a346a51655d0a2203b203b4a712e47bb2d0797fedb8aab1e3137ce5ef

    SHA512

    1b8ccb5596a54fb4d3ada6438fc776950ca42d73a420bc4c7a60769a89620752508a439509d75011ac494ba4327fea5b4623b261421ece6b0a432dff6ef4327a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec8a9d129dd3b62f8a42b7f8a845435a

    SHA1

    643f5485d002f0539946b4f6d2f3c6974eaee9e7

    SHA256

    6a485ef9532478f2177efcb8242bad21ee81a1aeab8e348191e26c66709f4927

    SHA512

    0885176c8b89e40339e4e0d2a0d7da509190c859320327091532df22c419fab2f389201bf28715503bb5f28a604298164b1d7ef5c618cdcbc8901e8d0560ee2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9bd0b9f2ffbb7056e6a5228f58c1cc5

    SHA1

    3396af3eaaa5659be79bcdf867a617bc27f1dfc5

    SHA256

    3622e84e734089a1e183e7c71d04ebda54ef3f4ec9e2b796faadf3de9f8e70b6

    SHA512

    c2ba99e4093c0d9e83f981f68d4a9653f656b163337036524c26024ec4e345fe02b2eadde4e2f70c0f55fbe63205d1770dae650856e7bac69fb99a48f15a5b16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0b1c0185a017bcbed709ba8df99daeb

    SHA1

    a79b48c46842060580a09f5372a135ec5d1f8301

    SHA256

    0b8732106d1b8fb69aaaccdb9619a7657955a200e32a70cd71080ed6bd13ffc5

    SHA512

    2e85aa0c6165daabf8c65677740331d75ae8a5390817d47574584c277e851eaa71b89b6ff16aefaf431d1eb2f415ff89d41ed43c4a7abfc31bc7266ef02f901d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d312e15512f4ea8283403d8644370919

    SHA1

    c1fed9f929430adbddf46889671aa8ebc83547d1

    SHA256

    cb6a717499d8ca71dd780e62b3845261603f7c1ac345bdb8794d05fa0c0c6e29

    SHA512

    9a9565c3585cc9ef1c1ca7f55f7d04e43d9906b82f46af6db1852ee3ed310f8a36cc5ba54e643826a75dc786473db788473dcbb3dcf8d8ac0a5a4a9a05752f11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef2239db502a1dc9747806b500049785

    SHA1

    bd2669dedcdee0f148aa94a348f02c40502d92a9

    SHA256

    4060f4de5c52df5df0bcfc1138ace13a2e659ed6a47f9561d45b7346bb1a6e8e

    SHA512

    535a8c6260563fc58d8475073f734292026fe4604dabaae23e555ccce6ddeb47062849a458c987cf999d85a7e73ee31d3c02260e675366ad493d14185a2a5f3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48ed615a8956e43f279b707aafd2d081

    SHA1

    b2002a5c74a60061ee9faf3eb8df80e4095a329c

    SHA256

    5acf48466cf3c4b16139033f85c5b4f90f27bade3793bb6db2c22f6f6f56dc27

    SHA512

    a8d1753893b774ae0dc43149d74aed88eafdba8f8735e7dc09ca216457a941cd84516243576061c06a2f6b529f312208a62a5dd1e659f27868cd94f90f98896d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad2f057ee45aacb8e0d8022bca8661f6

    SHA1

    be5ba5adf362d33ae7b20ef88b7b12445ff867ec

    SHA256

    db4f9e49b87660823a5dcfde03b7b0971010d8ae778f4e523a2a00b021a52fb8

    SHA512

    8eabfc1ccce1a8bc857040326213152b9dd40b1e5621ab64a9458d1e8f4ccf514e58836add1e335a6a29133c7ffcbdbcd2242cd86e2fdfb137fed779f4405082

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e37d83eb99537a553054dcbfb42fd24

    SHA1

    87ea6c4a9b62340e38fe52468786895462394ddd

    SHA256

    2ecb7f763f9102a72675b13cea0be013cdd4b6397aec026cf1231d1005012745

    SHA512

    eb3dc1feaea16143abb96d92b96ac577d4fd2b505422587895708e6017f13af89197e31ce4975ce06cbc02626466533b0347775621c89f45a46ae3cbb42a4cf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    13f8aadecf95304fdaffb553696b95da

    SHA1

    9ee453953daac1500b780ea8cef7b53ff07432e3

    SHA256

    9cf935e88e35a387aafcfa9681250a4c1fc446d6ea0bf194578ec1049c361ac1

    SHA512

    4cefd912afa671c20d5478851520c773d6b18826fc5245a5ed99ec615e511a6d1c608f688f757e49ce093fbdae6be98d66fba1a3d6f381038ec4ee5c7c2651bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar6434.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b