Analysis

  • max time kernel
    136s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 04:32

General

  • Target

    sample.html

  • Size

    41KB

  • MD5

    6e4360fe7f2f1f3caf1aa6100ec92a44

  • SHA1

    381b6abce552b89276d14da78a303e2a53632545

  • SHA256

    85863fba44c49eb8fa19a92e37956cba364d7bd8886a28bc0a4fb52cc9eeb328

  • SHA512

    7cdb583b8b9bb639aa0d5e9eb33da6415fc259828518982e01abe7bb60ee92950c7cbb1912c04642f64b47a526809d4f59a22ce5952843ddc567818f1cbfa23f

  • SSDEEP

    768:SGmh0O6I8kESW+K0scnBc3Z8vfg0+ff9pUkJ+kxfUD2h+5xu9l+j+sfmaETo+mkn:SGmSxIzRW+KLUBc3Z8vfg0+ff9pUkJ+s

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9779d73bf30d9ffe597cdcee0bd582bd

    SHA1

    ec3410d34d144c5315db9126a4f589a4d14f3676

    SHA256

    8b94d07f8377861e6fe6f8baf8a2a0877594cab229b71415c34fd6773d3cf854

    SHA512

    748a98c3094f2f4697cdac302d4be3251c12db9b4c5cece5b8ab0507553afb14efa758ae48ca018ceee79027ce3431b4857f4e891fb9c9097f2735e15b45b5ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0668f58cf07cc1eddf457387495b58a

    SHA1

    d2765b5007bf4aabfad32084694fa5435ec45662

    SHA256

    a3c42a4d47aab74ebf876776d3731100211951b95bdaa99a46d8bb1f39375b65

    SHA512

    1908c2c255bff576e962944021df5bc99af18b39476e4d0b46ef25054f4406d727bb1406010decb6a9b727e785ca426ac571f95809514781ca710680f742c8e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de1790f41866a9a3b9e23353d9cbaea7

    SHA1

    8864f11476cd74f0503dd2f7a02cdb676c4989f3

    SHA256

    0f03373a95501def325e31bce89cadb210a35aa9ae7d0ec4fd2a0eafe0e42c60

    SHA512

    7d771ffd2a53cf5ff4875cca342d130681fce57aff3af273564a482b1181e0b8a779607e494293804a507b14a90f7855aa7b82667f7f1552a66799caff7f598a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    805d54de938647559e63d94ab5c589a3

    SHA1

    48cf63f44c7ceafa1fe88095077a58aa4ce31b69

    SHA256

    d128f3f792d6d81036e33b5692d1ebfe8da8fe3c5edd019e1ce2a4d6c36b8250

    SHA512

    0905d9601b960e342773bc005552ff9d1240853a218343888e9bbfacb04aa5492f3f8c8be5046ce24b8e71640a831d4c91415cba19d05e9eb7ae41d683fa9d47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e66117ccccfe8ed19b3db2a68750d454

    SHA1

    bda5643ccdc84c7f075e325c746bcdfcb4199496

    SHA256

    777ed5bf1fe7d5266c3d61e254a6a0b06a5f999be8e4e072a2b0f94f98435b6f

    SHA512

    7037ad9b47f4bf6c5acac83e1718cb0db2f1caf55e743e452e7dca5fced8271e4e1a6807717466f6aade691c211a91078e13dab9a4b564eeca3ab38402182892

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8b46daced3b096e9ddc1f8062a4097a

    SHA1

    a61825b10a2e127a507470f197831bdd65b63e24

    SHA256

    761ae38d3c5cf2fc606d01eed60314109d610c20697912970a9262047495ef92

    SHA512

    94a442c7266826e9d0ac93ebea91c68bcf29c201f39a534f952f37680fe0ef035b7ea686ff61e9da09b589ae3e5237cf1ddec39af21f3b6c84236cdc195c7656

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    339ce38debf2e6082de8afe989b3eed3

    SHA1

    7235cb3f8fa629b05dccd5d89d6c9fd718528266

    SHA256

    d638603aded35b50806824678eab9011fac875a11e6129398582b9a5c0aa82f2

    SHA512

    6405eedfb89dd4f92fe151d64c12757b4ce616dc37e3e0efd8dd35b2aa7b4e3c71659870660c5f7c374332ca66fc5b6d8068948b1d009a24abdf5180834622f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d8c093d62503c8760bb2342e02dc1a9

    SHA1

    4f2200ed1ea42e6ff5db3cd566fa6c360dace6d6

    SHA256

    6f267fb22e7de0e5957ee729fe5c55808a702116df7e640ec9199d9f96c70ea9

    SHA512

    09969fae77ba077401a1e103b4eee0fba34e4c2c30dd7eeb665339589990968d4dfb8d981b43bf2a6becd8e7ead77c7ae411e390c05cba1f6271eaf7e827bc19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4ca2ca8f7b06f0368bf321280562099

    SHA1

    cc5627f21cf75b7c6dc6ed6322586c39609d0a5d

    SHA256

    95ef61a1ac3b56c4969fb04f4e2ab66164d4fa751b11e96f2c2e3e66f12fb0f7

    SHA512

    cec6154f38b69f5287a72ddd43e7c87d8701547a8e19d8813d176190f3bef6dfac0a5aafdb8e14cd1ebaad26b908450a17ec54d8a74c0fc996385396654a4d20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f84b567a9f7683d456427af2183e2e68

    SHA1

    370296292fba61e7386a62035aa8420e08ebc711

    SHA256

    64e229eaa82902861b5da744c27b26321d0135aaef53c2d52cf0bf283d992b41

    SHA512

    7fd4b86ab234599fe87ecc8a475ad39b74c6d14c8c107b3828cf6715610054f40f6c8d3a699b2a56d3fe703452b064febb652caeeaf87e04e325b17d26777305

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    312e573bd35ac2b9694527b2d17b7b70

    SHA1

    f620c1a3dafbf4b69e134801d5ad2a108a77e5a1

    SHA256

    0730c0334cc3fdc398e479c14a76cdf1fed0e9eda206520dff574aaa900928ef

    SHA512

    e0aec0f5f1e909c520c14cfc25b012a74592ec55eb87c05a39c18ff9b34db20ae961890f2ea12a1d069efd1c389e3cd807edb620fdb31a2c90cc991758611c77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    955d795445092e5fb5c8b0e9e611c1c7

    SHA1

    7a33245a96fa98590fe9ba2da243c981495a5f11

    SHA256

    3ddfa67055ba668b4fe4aa190b99f90c586b1ec33c262d0a31e3c037603c79a6

    SHA512

    b674b953a1afe76bc23b7417aeab33d954837b3b96bfee96fa2ef9781d1bf5048b8913878b44afbd985e87f3a9419f5c74f07e6c56953b45df227dbe63233e61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f64889205233d9d99195125b772fec2

    SHA1

    0a7937d726ed8ac64ed34ed544dbcf3179c82155

    SHA256

    06678cda88c7a8626d03329df39c04bddd2c9a5b0bb00ff4c6f5883ddfde0e08

    SHA512

    cabb1f47dc9320af63bfbe8bac22df671bc1fd616d3db94c2a369fe64f3922fdcabbcb7d939f1b5d71f2db9941fec5624651213863a1a1a6bd66450f2cfb2349

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e047b60826846313fe60601ff4ea630

    SHA1

    66977415c20bebf84155025b5b0d0017c642caba

    SHA256

    1c1e8b4f3231bcc3aede07b3779b30746023fc0aee40aa3940aa2b2c8aed668f

    SHA512

    b71f0aad95cc650114940becff1037d9dec56516343481c127d32de5dd8f606b9282e9418d2d49c8bb1ac2e0685c61560af477a8434af94d9b9faa9d7440b5f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a72e08cf193cc82e655fe0c28b4c1a1c

    SHA1

    bfd0e636e3603d24907204fa797c610c5210b486

    SHA256

    2fe7cdb66060360a60d7a17d5d2b43eb5730878f4200bc4cf20f87d69bf9e2d8

    SHA512

    013bcfc35d57730a752bb81abc012cfe238fc01d98293b735d5953149b2a702d774700ae163ba0ae0797096dec63a8371ce2ec3024233210481e53013db74542

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    524769a8c149861b11d75d015b1a5cd7

    SHA1

    3c953957a9db55b72bd3a1b1745f55b6645d9b13

    SHA256

    8410a9ce0767ecebb959fd15efcd270c626047001608269e83ca38e4109b5e59

    SHA512

    7fde2197ae022a96335eab572e40018c8d2fd5bab40166276bbd2e9aa4aa75ffb929fc198e718ca308f6cb5b4daacf02b16612a7ed2b713337cba3b2d9f50622

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5733c4b70adaf60f2a156e137f6f7f80

    SHA1

    f992d99b17f9290be25c8aae9124232b68351693

    SHA256

    d4898e49462ffec25ccda8469dae33ded856d1049ccd1e83a9567689b765b61b

    SHA512

    37ace590c249d3998da1dfd7608538159ca168f918170673c97be01830f7d85c29fed64bb3c3684bcc73089ebd78c99df9534797e9f9e7712c88d2f1a05c26b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4802978911f8bd10f89fb7cdf9e1c74f

    SHA1

    a582034499cf1169050e1e674ce5f4f32aa0f8fd

    SHA256

    268916bd850294540ca642e6cd5f1aea1666015480790f05c63d045e493764b2

    SHA512

    240aafa7a7d89bbc02a71082a31a2a4ee9c21d84ad90f5b8d8659fff4723c70922e6536c76a6211253c7b5bdecb455d112c0389f5ca20b3cc188095cce353ee1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebc5ec5f533e8547bb961f1589b1a035

    SHA1

    398606bb5b34e46342376cb649cef959dd207535

    SHA256

    88838e717a40398846998192dc81736489f323773848743498a3cd6404bf17a7

    SHA512

    a7c3099ce479223dd842af89db5536251851a2c86068f69d7104755768d833850fdec078eb698b33b48565501c1eaf921a618eb9d83bcbd1331ab17e667587a2

  • C:\Users\Admin\AppData\Local\Temp\Cab207D.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar211D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b