Analysis

  • max time kernel
    136s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 20:20

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    c556977bf72ab2e28fe527bc14979159

  • SHA1

    64a0939a92637f374a9b224768e468c211a34aee

  • SHA256

    3b1bf5fa7dd3c0187b234dfca22d89fb3394f09c289266b89457fa0ba58774fe

  • SHA512

    5ffbad51e704c11eeaa12354909365a95685fb5fca9dfc284b92c22632ed2c48442950ba7f1689c786233f1e95802c38014b1fa7f47513cedba292327216bc51

  • SSDEEP

    3072:SGCjiqxLK7zyfkMY+BES09JXAnyrZalI+YQ:SGSUWsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83d9ea332d45927f9e910e05ab3e3b37

    SHA1

    d6f0f630beaf09b63b5b9c79b213c0ed65fbbbb2

    SHA256

    2bf01f87beac9d5b282e1f62c3d69d39044799a7f2812ae65ac5b42abab471e3

    SHA512

    5d0a4956b8913afa8824058e4a72c234f4613b0993c7c210df37431e57608e63018e27b19ca285baa82a66406db78714b12c71413a667d1066732f760d4083e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3b97e42474ba3e1679483f58d6ea404

    SHA1

    9bba39b475fb8ecaea9e65de6ffdcdf6f74d121d

    SHA256

    36c9388c8650f1166638bd2d95141f0f4dbf6dcfbb76a2d54f49d479129347f4

    SHA512

    4b63b89aa93d901b569cb25dbbabbdf80ec5a945332cd2f65a492fba3c9d1be21bc3040c66dca849d634fa84cef930798e3643adc42ab39c8a9d00d0cbd15dca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8fcd3017bd4d566ec8a2c9a8bba1a13e

    SHA1

    641453776551670f41dda631a7be5908827bdb5b

    SHA256

    202c5929f113fc5ffc12a1a4a6185a0b721bee62307b9ec0b4f5a4ea5bc4037a

    SHA512

    626877fcab83ec919a4319fd2097e69d316b3bf6a2dab8abcb4c9f3ad7482d6caeee59f47befde5427d93bb19b954122ae7a4140e8b404f135656479d4013ca9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0697b278eb3ed3e18a3b8539ecac746f

    SHA1

    5759a201733d766fabe136da52c723984d0fdb4d

    SHA256

    d36b398aa7bff11487599ce59b6e37925cf27d8b91c3fc41d63dce0285d2f009

    SHA512

    b7becfe4561398fea33148777f6322fbb50701bb130223ef7f96110a7bebdabcc4a32660be67f7dadae4ae47271abffe63dd0b2b2f52bb3cc14fd9e44a65bbde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1c4827069e21afa9032a55ad72c3c01

    SHA1

    56740b410b29948e9f181cd24ea532bd7f472d4d

    SHA256

    7c97e87c4f06d343cb0c46f9c48a6244cfee2c6cd57545189f8af788f7c5fdd8

    SHA512

    d3a00b943af2d90b3582f04e764fa963a88a358e5750b5f9bc479f32f837f45f9e51959284b262d2379be08771bbbac6571265ec1509c867d8d3694d5cb35af8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8fd7e0b5ae7030392d6f899b22f84cdc

    SHA1

    4ba6d13f895e45310e70a8feab9531d3826ea4a7

    SHA256

    d00a812fff1a7120fe2a183fd0fc202158a06867b213b3cc4f97bae30e9cd070

    SHA512

    cc640d7e7279884eca81fbd3eb962a83db69c2e5898fd8c3ceddb031cf279bffd6f70de5e1e61c41e563fa4d33351273df805d6901ebce9785de6fa5b648693e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bba3a4a8358b3c0e60860e43db800d58

    SHA1

    7cb6a0b41a0b1b41266ee7de73a953a862a0d90d

    SHA256

    178d820be18ddd669379c807417a0678c2891f12881ec0ee43a6f37c0396943f

    SHA512

    8e353f603c5baf68227ee95255363cb4991d586da2cb270fff22f4c79c5f7dac88f46254e45d54c925977c4dfc3ea300e9557313d406823288b7579dfa6d49fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5865df2932c1735db56f1e4e1993cfe1

    SHA1

    227292a82670be06d41eab483c59ce315a753767

    SHA256

    7f03502374832f711aba24751c87040dba013e140aecb57acf47bce29050de28

    SHA512

    aa6b4739e64580b46d72428448c2a8e3218642c3bcd47b5abee1900d1d9ac7bb188a08549d68e76c7dc29f8acc48e69403555120286fe3e11715108208f83125

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    095704ecea68b0fd2941de8b34440c07

    SHA1

    5bd0aadb1ab832482f51d9395ca53de851b3f534

    SHA256

    645fead1524929126922ac0fd2bc2af1e889ab520d75257901fbee75f976c5ad

    SHA512

    90a0b82875e8762e21773203ff98cdbe224e0747e6489779468adeef5171acde9c220c3721326b2160e5a478c38f2e0f78121eb012477e5aa8d43911832b930b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07c107029e1f0a69874b56a77375fe7c

    SHA1

    7efa1280e80885b063b8d8bdda45f106ebaa4dfc

    SHA256

    72f0dc0368d1ae51da8241bd921c01c86879c40ad8e66abeddbb01cd91e31f8f

    SHA512

    9bc889f8fbf06c92aa6a24c562a205133ff7af7deb946a74407a4ff46fec987983ce5920002d84bfe1fa06661c72b797dc36f3b4f4673e387026c9994935eb55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca45f76fffe5f8741aff5bf29e3f3993

    SHA1

    5bf2f7becce575f9f2914508c93dc82c0a40eb39

    SHA256

    78ff33784e3fff7004b56d36f146b45a19ea0f4fade4c7146be3527377e1daef

    SHA512

    0f10b61b0577a84473fbc116ec5d1fbfc0c0970617cb5951e06d4fb4cb35bdea05124cd9a7427ef1b3cac0fae77bee01e79f1a475a39f72fb45f81e8e8e305e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed376e086f0edd81df50efc79f76a624

    SHA1

    24c70e4f4d428db7d4f199f17b63e571b8bea0f1

    SHA256

    88e18eaf6c939d6f695d6130cfc294ba0384589fe56f6aaaa78eee9fb6b5ecc4

    SHA512

    3fdac03a13ac9c0608f569c52771c9c303c04147433a65bf618bb25e60cd88cf3c94b3ef0be1deb91fdf3f62ff340bc8460f63970649d0e9affd01c0bdf6cdc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6cd851ce655e0a6175087c0b827e80b

    SHA1

    6c55e803e530dbbc178bc3f41f87b7ed31e0a28b

    SHA256

    669997a5aa6f70105da7885c591e6e34505d522966a6f714012f43201f5eaf1e

    SHA512

    7c59d269823941c217ff5164f0b2a03b58169f296413f74da8032a70a5077f762b732a6ce00cec5d9e436b568b04987b70c5771a1c7dbb2d5f1bdd7b8ced10af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f463f79295e9b256185f9921775e12e

    SHA1

    ad7af8fec67abfbc412ade36d54ac0858f8b05a3

    SHA256

    2685d494fd13b773d86c016a2101d5b59ba32a67f939a07a98c8cb0c12f87e73

    SHA512

    827def8009a829fc13895d6a8896ed934ea6936ec2e77fe7ca5b42914def6a2aae8be2762d321826ca871306082b14cd3f38cfece8247b77da324faffb4b2431

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7d896c2d9559ff3b810329e5aace853

    SHA1

    363fdc36b48a8778d18d10ea07b8d838a75c2e40

    SHA256

    3a8a8758bcbdb17764e0165abdfa4752980a2434cb04199b88405451c180a886

    SHA512

    77a41000f8c0613f80ef86f1c880aa19ee3e0b94a76ab48751e1cbfc63760928273a6b2de9dcc8b6b72344341eb06411156d57493b578f4c735755e78d8ef0e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20e72f3241457aa96e166c61ec76f6ff

    SHA1

    216cf45598d524131f84bf02992c26e82811fc88

    SHA256

    db697d9eb84ed07f1ef88235431a1eeb6a79f6130969e6570d534a49d5c8ae5a

    SHA512

    b2fb8c1c4637bed145c08fd8c828ec10d7eab1dc93769cc9b8cd5dfdc1b472bb6d6322f4f29bb73ff4fe7f81f6072938ef0367abb017fe252e0abbca9d4f9701

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c41fdd5b0c0e3e4282a5e01c035e87f8

    SHA1

    ba668a73a1a562101ad97aa866fb4829b4ca1cca

    SHA256

    618a69c99f8db0784db4923c78e7f65a487629318444fa26494dac3430cb25c7

    SHA512

    9cec620d38e84fa468c570023eacef6c18c6af8801e97804112fe8f792c569153ac493b4bc4456011157ca121790798812a83b7eac68c5af4f495945a57a1d7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    164b14d6f0bd14abc30bcc8346052075

    SHA1

    aaf37c466f9c8b436bd1b1de5ca9ed58b473aa22

    SHA256

    df0bc6521601afdee3eb4de3b95d8c21369a8e89f7b1599fddef9cd64ed2af5d

    SHA512

    3af9b8f706e5d19205f1531c156b21ebd459e362671720817ab794b638691d28d4336b053dc8df6b5beda4e8a50eac9153520e2ee053a71282d811c8b0cb49b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ae38464275231ca71d9dd69596096a6

    SHA1

    1ba205a383e16b2bdc260d95bb3da1656387fb83

    SHA256

    f0345c5614439f1cce8ef61ae46c5f19d3f1959a805fe282e4cbc239abf9b0b4

    SHA512

    8aca699c7f3d09f9b6cd81d6e26c4675414629d6fbfb430f8e8c91dd0e5f4511bb22f6132e0c4f3eda232f34cf4da56b4d43db0dbd6b8007659e2ae3e198849c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9cc3329e9578e78599f533a879b8e2f

    SHA1

    4b7599d238652931ee1b9cebea0a29f8273b58fe

    SHA256

    cff62d2bbef66a4b6bfb4231c2f4ce160eed6393b205a9d46a8a566d5fe07b9f

    SHA512

    f3fb1437128841d5f38d114c1aa1cd4ff4be91bcdafd13f7ab15e6f92bd22cebe2a6a9a568e26ed55858aa7dc3c270c3a6d9f7b22435d38c3927fdfc61020d72

  • C:\Users\Admin\AppData\Local\Temp\Cab7004.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar70C2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b