Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:06

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    df9709a392b743bc865ee98cdc7b2885

  • SHA1

    222cdb546f6d946ca2e97422206544793450b184

  • SHA256

    1e7d613fd97ef9105bceab6e1b5fa08cc1c2b72ced4110e1731e66480121eb15

  • SHA512

    d72c10a2fd11fb11cdc93b3fecdf210fd8b3e47c07fae44d84c84194145415051edd6723895cee090275db75507124f22fac8023ca68f06ee0954c2443cf363c

  • SSDEEP

    3072:StR/Zc0z7xXyfkMY+BES09JXAnyrZalI+YQ:StooisMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b560b91b3165b4822ed58b4c5bff3aa2

    SHA1

    63d80f7fea28d5a3f2b47b0cb3ec3d8e64de79ce

    SHA256

    8295ed01976d956753beecf987c3576b6b17ea1ec844fe46b6e7698a0da5bf73

    SHA512

    249633c477e8a092b95033521fa1f5990ddff288229d52cb42acb8f8b9fecb5abe1e0d4cbb376caa5a8f54b5c9ac2fae6fb056a24c4fb7f9799509184f488346

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    175d13d19e264a131e874456fcca255a

    SHA1

    5186d88d79fe1025ea873a3ac0139987582e56d6

    SHA256

    1295f699fe2d04061b3d081ec45300bdad83b74efbc0c58b2da92b9618770f8c

    SHA512

    e16dfffd8e1b8d5c92690806f0c8fe8bb7563c9d0296a3e5bfd891167544c491a21509ae2229a33e7107f06ab5dcc0dcde87fa2b487a79156e3bd517e465f2f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a7af8029cc61bcf65c032710cc92869

    SHA1

    2580ceb4f0ebb156f7fb9b81b1c6481721a6e776

    SHA256

    6a187d32816f74f6164cb8b4176384045a56255a48664a8927cc23fc047284b2

    SHA512

    a4fed10a7fc67c49407dd860b3c8b57661de56846206d3537b3b570e633eef5f77f4d5975d7a1c003e55ed8ca3115f6bcd1f1d10cf613381addd646523e25f69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    caa77f556b1e2ee4f871863be6024746

    SHA1

    28da7cc33617b185e7bde5d31074d27f35323f44

    SHA256

    c3be1eaadda86d1cea3821ba6d072f2ebee226a0fcb9ee8c3d2f46d1de84ad70

    SHA512

    1ec4e154dcb174765bf93bd7e51440932ca74d53fee3eec72f8087ac89ac9b55bb38c063251c5c483c94b3557c61ddf47689e2cba65a794d842f643f7d24e189

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4212bc59e505e4d04c19550be8c9b46b

    SHA1

    7ab785433f34df979548adce0a4b81000cd58aec

    SHA256

    35f19bf9717dd980bb68de67d7a571aca13ffce8072b36e47283e2712f6fce11

    SHA512

    95fcdbc206b28426f09227f787a1f2c93b91677312bc4eb209c1c562df6ff8089f7f03f4b9963c1d5f3e159f0540eb1c7a27ebe1f5eb6a24eb8d71d3ea32c9a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    208a5a4290043be497a62f107b8c8f2c

    SHA1

    9e402b2762287fb4fb29de057fef8f787eb7bd73

    SHA256

    d488655485eac1743672515f78f297267b3dde9c172a4386340f4d1e0a2aa26a

    SHA512

    64a7d620cf5c74c1fae3b228850435d120e54cce8a4f7d2a52d75665cc23ccbf8ea49a9d129b8a31ed1dee2734275b730af9c733b960afc73a60575ba7d2c2c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    786f1f56020a88ae7c8d74ce975c4853

    SHA1

    cd6529f4e8d55631723ce69229e3df51c8ddf0a6

    SHA256

    02cfb3a36081a38dff4c4bccb67af99e00ce93c007e93e14c5788299b5f20cfc

    SHA512

    cfd9815729a86801b88fefb7014b180e239037bccb4b290d36122d331136b0f898095ad527bf1cbe4a05159ba3e258e20b17856180a3dd1e6c7184c20730db4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    263d846a65a2bb7ba90a586977ec74f4

    SHA1

    f60dfb61d49fc8897c87d82a3a09d0467aa23513

    SHA256

    400fa5d1a2e937b2d5386824028ef280446b25c753b2dbbd5a9883bcf2eaa774

    SHA512

    c55cc6ff954cbd28079bdfec31f2c1142ff8d5aea8561338cdcf1201bf19988ee432558f267adcee902a4d122c3c26a3c77d8e6ca2df649d90a2bca9c10e7158

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ddffb435232fdcd59d08e321570f242

    SHA1

    f677dbfc05b9fa9fa778a7b05edac850cbc7169f

    SHA256

    d0374b722cd04e4864235fa3b9399714883ce2e095260a2a7013450005db1cc0

    SHA512

    bf985b321c3c6b65cac2231573a34b76d67019a6a78f0af0435fcab0780434c7391a54c564cb0c0a1092968bc8983d851764450fc0c459428783366c653a360d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3721c62889816edf7b92f6820ad0adc9

    SHA1

    8fed13daf228d6af3a4b20dc6bf7039eb111bbc0

    SHA256

    a1a491783a157ba323c392221bb3cce0f46c9b43c7268ae13ca33675370806a2

    SHA512

    135f306d18e6cf17e0319674b6e315386da92ffb4695b04b58bfc4e6c5a36c87baffae22d1bb209b405fb49fceb201349ece38edbc242d0efadd6660e8247611

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dbb3e7e7a9b7238110e17c5fc20863b

    SHA1

    4ee006560a8b7b2958ca1ea27984171d353a0df0

    SHA256

    2ef1f741dbd580ceaa885c8e5a35fea0dd6527eb7bcbd5ff920a5a26df9ca3d0

    SHA512

    c7336153127d9f6ba44376537ada81094227807add1db0a89f05344d8a372549037da0c0211fd99d2a1bb7f0a5d7b53f75f3b57068b4e5001c1c1682bbd93f92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec10e52f34b7ca8402882a916768bb00

    SHA1

    f87f158d87c9acbab29a63b51b539103a9608b8a

    SHA256

    c7edc85a75ea7369f831acbe80b6341410903f1fd3a1c9fc5b08db484d22aa1d

    SHA512

    7aece77826e84333c50dcd3e84658650828d28b7fe2d7f2897c352a11d446e21c720569b466ba8700a07b22096b38565edd091064ad9268918ca332e8a0007a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a6a99ce7acbcdb5d9c1792476b3d63e

    SHA1

    09d6dec9aea49bf17e708f95f6b59058df669180

    SHA256

    e8a94e27ca0b02b4370c82e45d356e52e92cd9abe42aadf3bf0e343412a46254

    SHA512

    76aaabc6956b430095b09370d2bcb7deb859a19cd999d6d2ca51a88fdd395e37f56fe66b8e20d4dd5251c6bc0c7af87bba4965e0356f23674c44aba8c99bd4dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3f7779c73dfd6feac07dc753a335623

    SHA1

    e33405b41565746676796d6f429a43158550babc

    SHA256

    fda3a8b5b9e5a7aea61556f38916b4732ab856240c2996cd42ec43b407611917

    SHA512

    248939259f4d6a3f708c69b074412bb342764aec1247219a35b520fabe4927d3339c1bdec4ff5503c1faf5969da78f52792d2b5ce3733d06f2abc89e519fdea4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    433969a42f1e8711d66ee817f37c00dc

    SHA1

    f2c6d9be28bc7734b8666c1dcc41f1b529e03f92

    SHA256

    fc886fbac8252e0d7b3d9de2e6dcb0c6c36423fd7bebebcebdd7fe7e6950571d

    SHA512

    7a4f496432d10217ce0ceb0c648feb9cfee844a2526a1bda38a682c3fef32fa34d99e683b04704a67477c2e97b514e313a889b7158ace7dcfbe442cc234ab52e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a059a0d6abdb19d3fd0c7b3f923a92b9

    SHA1

    78089c59034416e7896ea96656f40b559626f0d6

    SHA256

    47662f1dd1f66c649768a3d5275c46db2d2eb79d36b99cff2bbb502b7f58a96d

    SHA512

    c323cfa1002f8493ab03c8132cd1faabea8eae4afdef4180d365f27733601ef5fcaf455c9b00cbf7585aad2cf2d1e1d92aed6e7eae03aa40c77f3700526609ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c60aa8e8f712abbdb3edae02cd7a8a02

    SHA1

    24d630c76cfd738c44143e625b4f0b19e149e953

    SHA256

    82f138c2945efbdc6da48d2db2a62120059be5efba243e06658276798a7e056d

    SHA512

    d8205670c2990f71881d7ed14ba2ea2227cdbca0be92a7e318760324e2072cf8fd29fe9866eeeb584b53f9765b8cfd3c2c42f08af004001b804cdc23abb64032

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12a35c384883424e59ccfc6f766de020

    SHA1

    4d65b33c36d2afa89f8c3bf503d868ccf574a7e2

    SHA256

    dd34e5a0a90d4364d6b22a8ee0208bbeb3ca389b45680b7d0557de2639370cb7

    SHA512

    816e541f387249b96cd7df5bedd28b611838a10fb996e67bc13921db44afa35df6d9fbe5d636c21d84dea61164f96d9f6efd79ebea32d30d2af1c4b26234759b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37b993601a30b79c0b0975588ba848bf

    SHA1

    a7af22f66c1de9bc83d8e16dd4f2833efc02b6f6

    SHA256

    60e6f7a088ab9a2335a3223a8d952b00a43fed91a994389f09b23f0a48905646

    SHA512

    e51b83dbe9505e126892b9d60c42e95a8e9571154238850f7e174ffb9b70591a3ae58c2f80592d4db6d87b8af0311b6df4d2426d478b6d56fb325619a41c5b26

  • C:\Users\Admin\AppData\Local\Temp\CabDB9.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarEAA.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b