Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:05

General

  • Target

    sample.html

  • Size

    220KB

  • MD5

    0e77e21122b3d6c6af9262174efd45f2

  • SHA1

    dd5ad2f8e84622cb197bde9a50cd9f25a9a96d6b

  • SHA256

    b037adddc2637b124b6cbb15ca90d053ed2c829bc9a9fa8a9e01410f720cbf6a

  • SHA512

    0cab97b7c9110a28c1222f9a0bd8e25906e6c73498028e4b2a134686612bf49b2909cacb491a3063f7bc845f742ee6e734af1b9741bdd9fccdb175f35063763e

  • SSDEEP

    3072:SCgM3RwCa+GRyfkMY+BES09JXAnyrZalI+YQ:SC/1XsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1796 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9297f11a8c8ec13678997c9a4dc8b5d3

    SHA1

    04612392ff9f21d116e34b485440b4aea8ab2553

    SHA256

    7bfd1cdebcbbe2f196f3be2b31ff241e9abbf2b738ef30b97500feab76cfc908

    SHA512

    10ae6e01f4530239b81338dae38922ac9b0fdc097419c667365c54e82809c3eb865dbe481a8a0600e87f37f6cd259f13a9857b515431427ec7114eba1eb600d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a51f94c3b6bdd81ba60ddf00d87829b

    SHA1

    133f1f0676d510b18e672c610f6d0611b2bcac7e

    SHA256

    5a3aee33905c662bb1df31217ff17227100f05ff7ba83472244cf70e412e17fb

    SHA512

    b9afccaca495d06dfdcc33bf3df7a4ece033e42047e1802143dcf0e93f49fbc2e219390360ad0b929cc202bbfb58225cbfa72b3d8f95d9f2a72dc9517e7120a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a0d97bafa27d91f40237082c02677d9

    SHA1

    e5a9829947b8c759828f4e54481414d2d44bb262

    SHA256

    117b6c72802b983d68d970af74431537b196db5bf14803f71b43d8a4af76e025

    SHA512

    ebd7b342a9db123096cd4e43ccd854f82da0deb041bc0d77f347fe0a9dd228d18442f8c740d65c2c49012705949da4d227140ce9cf47df276a7ee0dcdd051726

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f617fc81ba7e795cfcad597ac5dc5b3

    SHA1

    8bdc520e0f568283eeb6d8ab48e5d3d74033dfdc

    SHA256

    b16f28e1a6b28d8432a7590c7c55a71fb7cd842c1caeb33f9ea62a0819b3c77d

    SHA512

    bdfc18e0fbf6f35aee36ce677a0f3790809031c3036a3a3f2c4e1b04f3f0f0e0bf9cad72f0fd98f790f539a6fe13ccc6a7d7bfaf8c8b145dca7b70932e2adc35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e4f58d5d77c5b873298a4626d4b0728

    SHA1

    10affa3a7962ebd6b5a6635515c62601b5eec281

    SHA256

    5c3bbb4c8dc25536a8b071e57844a33373f178c39554c5204097f4ccb9afbfd0

    SHA512

    93cd2edb50095f5756d9bc0ca2a19ae248a6177d5e3537eec036d22384c7fa2f0f3beffae1ce9b47e49ce39201ba907f1ce55c60f94f12651672e7e677a1581c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    377b30155487ebf27086b566b6a45a22

    SHA1

    5c3048cf3f4e7c63678c786a8bc87c2cf796ddad

    SHA256

    ae80d50e4cb9e109d782c963769249a4ba8a2d3af08dc0223ff955168cf875e8

    SHA512

    aa45cb79267a565c441852a1b572cc68ac7895ee44c5340f1e52fc36afb6867e8fba98a7fad4c973744254697f22a4626aa750eaa21b3f5f3acb3ed3b262f0e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a423297690a5f1c3dbb3fc5298f936f

    SHA1

    7e7229df36f523c292c0ba546358cfebee07cea3

    SHA256

    83670c16c78b802b3a638d9cdaa50ff5dd12e23373a0eda2a639cdc0212cea38

    SHA512

    29d80d12ad2386373e6ad4be256fad96ffd84026b230439883a86cfc80d2cb2a71b6029c4770c8b5ef23042312c98d5ffef56b1d68b213fa0e6ce768d82d1cbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da47a7a1fe7320b6939981ed4e8121ae

    SHA1

    beb949b7cbe752a17799ffcdbba34166820b678f

    SHA256

    c9f7b2242fff847e4a00f71e064fb58213fa15cacc0b7d6e41f6c96f5cf81d12

    SHA512

    4b88c6f54dbc91b6b50641acf2b14bcfb083b2f095a37a71de03fa28ae0bf5a0db7eac78c926629308da132ddf4a0fb0cd21995f161fb27a2a2f623b72bd58f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    267aeac28012ea3b797d14b2a1406bbd

    SHA1

    58ae5967ad31ac2a751a82dc36f3f8fe943d2260

    SHA256

    504700dc3c9cc8375bb770d62589f33c3d45b45b949c07dff6221c8cf459f925

    SHA512

    1da570ebbca2df0b158c2396bc6e5f0788163d8972a55f1c383f4713ee1bdfb6ec167aa3b7b3f05a1c1ee7b122d1ad3245ce00ad06525c2d7cb6080d7a264f4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    109a6c8beb8f0ed30b7388e8d38f4429

    SHA1

    757d9002ab7b2e3340c0dc7440b544000ac0126e

    SHA256

    08ed2e75f88f3bfa953b8bde64990b63bf48929ba51b78cfeb8b1aa4fdd11379

    SHA512

    677e9d52b349c99c26ae9bd8c43937a76f15b4b03d7db77b1ff8903947de82991fefae8dcb7c79522678c37ef88fe8a52f01ce82c0bea7f4c6c8c5097aba3ef8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    885c1b89fd9cae2f1fea3fc5e0fbddfd

    SHA1

    1eefb9b450a1351c7941daffd01371f0df483f5e

    SHA256

    6ab7f85e9953d751cbd7f2bb3b39d8367bf5071e94cce78cbf8c4f5ad2b003fb

    SHA512

    c68f2f2e3658a1878a703f2da4d5f310923c04e76a59dbd3909a4de36887d4ce5052b1ad817163be54f9483738dcf93ececed94512c73d84721b216a9ff39cb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d235c34dbe41dc8cf921b62061783503

    SHA1

    4a93de3b48cba63d32bd0adf0e6c2a23da1b4664

    SHA256

    d2371bcd81e898874d79e8642ba5b4879f2450aff21fd2609d77350ec0dace95

    SHA512

    b9fb502fc6f6437045e86132700652ba572e5c663037dc1cba2c35676260b7cab8f82defcd6222dd6682956e9918d3935a632c0f142151e5546ed4c6e1af6606

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90e4a686adb01b8b0f5f618275bf2f5a

    SHA1

    b5676a214782a1c87de3e85c2e0f42e8d67d38f1

    SHA256

    0163db7841f9bd015ffa2901bfc3515b2b12590a51ab4000ec2b87e81f263bb2

    SHA512

    e73fa5a3a19865cda7e4aa0343669a306230cba4936cab949e1624129ab7628796e2d1e1954746f0f248327d8a4ea8b6d305ecbf5104b17b89d8d336137f221e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    498d8029620dfb1244bb42220698468f

    SHA1

    5723603dc10dd722a6a6b518cb35a1b5d02730c9

    SHA256

    471e5d28d040118eb9f47514b88b8743804bbcbd5a84808afcdac48b420ed98c

    SHA512

    53fa87fabcad0eecf171db7a1152f761b6abe69bff4577fc6d4a4c849ff382d56e84fba600a6bd830cfdf34f2055cedd2fc5b0b1d172fa6c55fd492a2710247d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75f07345411255a4aa7cd4e82f126262

    SHA1

    b761ef8e0302ae046a97cf425fce3d1fd4a6e4df

    SHA256

    1cdc32ee4904e24872970517ac157f749907f037aa821fa981a6dabeb6b1a586

    SHA512

    303ac6984a4c03c7ef3964ce930edc67d7b692313d41772a20bca51dcf728ad26665d1c1376b58691b7664c6e8077f9f0446191c14019f3c9b2c506f51ed3239

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a1eefc829ad332040909e4e7cfe05f5

    SHA1

    785c58843f880f6700e4f28c34846bb094e58175

    SHA256

    5e752aca47a6000683e205e76933c5c148ae7c64d90bebd77715d1cecfea0a63

    SHA512

    4792ca40adac78888cf2897efe72aa1f05e5cfd21d8dc2d69507ff1cdb482fc307fba4b8d135a2b388de322559afab1521aaa992fa2021f7871adb794bd95fd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9389a5c2063d9a1a96bf8cb069e0e5c0

    SHA1

    330c43ca89d320fdf5d4a13dba280a56e4abf1ce

    SHA256

    53198a0a62873311c9be1f2dbc84e512383a1f9d5e8024024774edb2362dc240

    SHA512

    b333aa90b9218a42ffa9e4ca98f33f0d4fc800cddd2624ac32aeca850598395252b8a5641fa1479272e3239e05925ad0e2a97d9f8e7ee727e7191cb6b557d72e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3649778c028288fb2a58eb1238bcbac

    SHA1

    3d3eb47e80cbe6084dfa07a0f3e4e5849a7fdf4b

    SHA256

    593202119731f84a270c5b1a72c62c7feda87f52630efb988c9ef89645d1938d

    SHA512

    33cb1d6cf209fdf4fd7f2dc50157ebf1dd6ae6ebcb5af22d2427d32320520d9ede04220cd84e9af8207e3dc9e08f057e73d7aa7ce97e3d8568c3b32b1f822d30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    992f4fde6b807f17b52cee3e34b8aeac

    SHA1

    3cd9f4e93be7966a4fbc63dc2bf17fd981449046

    SHA256

    4d73e7314bf423aaaf8d2d32e8e770491ca2fee01a6d94a498d3b0c37ccd91a5

    SHA512

    53b36953a883b15af8e626646d423288d8956c3fb87aca0676bc428a3aa812ef6c4a726aa817ae2e560eb5d5c41998fabd7d273c6497229ffaa223c1403b47ec

  • C:\Users\Admin\AppData\Local\Temp\Cab144C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab153A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1550.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b