Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 11:08

General

  • Target

    3VuS7pk.html

  • Size

    5KB

  • MD5

    caaa86e2e815c1258e9e76ac42f12b88

  • SHA1

    5b227fe8a62e681b474fdaec0e726d3114a0f1b4

  • SHA256

    79f421ab2115223b265dfacfb5a5b61f09e631c9b281db463984409273954c38

  • SHA512

    cd8a1ea09b69b1be6afa184c0e8dbb76c13a77225b7425f44f28c1459e132ff179d04cea8c9c636c1e56c22b960e88a598854b307d855a93bacc4ad873a78797

  • SSDEEP

    48:hSxDAOJBB6Pp/TVlaM/l5u9Z/xH+ur7Iq1KppTnjsstyJKHmWnE0MzR7YHIV6kiT:YDRsD56ZYdq9SyJKGAcBQkuFKxVY+csM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3VuS7pk.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2152 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    e494091d0a6e97e8df8172f5290d037a

    SHA1

    4acbf310799d537d164c546794dbd24045b3fdb4

    SHA256

    fb35b2e0b08df13f6a5362f51fdfd1f146cf5ea0afc3396b06ea38253f7dce4f

    SHA512

    589d312a3018f39dac6c7cbcbd12b301583a6ba573d9b425870ccdd9cc6c3ae45ae5eeb9b7a05c9989fd6440d999f0574c63689c31aa41e74695d6b8dd169aa1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29641f9f71ce68aff92d78fb263468d9

    SHA1

    6a6060cf724b0443b0437b59097a237a25b1f48d

    SHA256

    abc0f1ee388693b668e8d704171c429a33c223cabb96e5fa509b6f3cc6b5aae7

    SHA512

    793101cb0614a163587350092a09d61e5596395c0f9b03f6b3acde7d305619d19852f81950e8ab4e39cdd1083ceb294bd5640e4feb984d4fb8537c1cca367f1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e82a647bba8a52ea2311d2b299382cf

    SHA1

    6ba954cb4c738a6375e9f9df53b59a20061684b1

    SHA256

    69ac985217eb2dfac4a9887254c37305a5a1fd364906532ca079c1d9fff4061d

    SHA512

    3b906f8ee8279a279359aa76b27f5883efda243d95b1a4a5b828b38cde54a7d271aea14c28fc66e4ba1d835e57a301a918384bb41808ff8f98033016afa90347

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de0c837c13e83c9a097ec5bc2988b8d2

    SHA1

    0327dbd25588f11828d30d00fb2f45a227eeca68

    SHA256

    ab2dd9358c5d0c6c5cbbc85a3f6e369835b191e4a2c88531b13ccf7db873fd95

    SHA512

    d3d344370c0fea149dd4b3fbb6f49e7c1075cd36db82dfcbd6ca0b60963fb36bdfa3d81330a832d935ef7ee915a99e552cc25eb267fff3f8f1da0b344404827e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76862f4d82d4129117fdb279021c83ff

    SHA1

    baf1899bc7f1799b0e534157372410664f5fb400

    SHA256

    17f69a4576ce6c02e5e75d87099a1f79c6426752f860f93744dc8da58aedf7ff

    SHA512

    09f65e81f1b61d9e5b6b5dc3b291c600c74d96d9e1afd34b4225b7cada381e9332d9e51c91a8b93021d6414c0e22cd72d6db8bccf87008d53d5209286a204803

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fb5faf88e81bfcb6671b94e6acaf6f1

    SHA1

    45b1b05f41486bd0ee687bc23b0d1720096605c3

    SHA256

    8c976733f91ca04d478eae72d11522522bad7434c131ceaeedf0f0aec75ba8c9

    SHA512

    188afdedfed87cde67ef2f8b79af5a858d1e227cc518eb35d523bc23d324f93aa4fd78a1bb94b7f25bca32ed5c35ec8fcfae55ffdb29f846b68b18d8dac24d87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30e335c916b03ca3a1b7e556b0a8d275

    SHA1

    88de08c2bd657cc4598cf79749823f8804870abb

    SHA256

    772823c806a185fdb2ea15e94f9e0f8c04c867998208473fb8ca6f0ec665221b

    SHA512

    62b16ef9242a663bc725ec41c9502435fb32c45eef7d8fadfa80e2110eebfa525e44d4d9d46795c1ca53dc6831c4c0932772fb188b9377a950b17f1fd362e77d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b11e4830ab11f4bc15172f5802473aa

    SHA1

    2becfa1936d05ce670cb5e1f3c351d6d89d8b6e1

    SHA256

    16cc9588e298964605426515338046cb4d8a7b2b05a782428aad9dddafa9e5f6

    SHA512

    fb3765ffcd1ed6a2054b0808e5d78a890404426666572fa25541e5ead43cc0a2d3558d0134349eb544e86aa1d9eaa1e01f3b29a27167d9cd401808db255365ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8ff21103434b965ce7f96697a040bfc

    SHA1

    df2c31709eda3c0e358eccd982c92b3a17d65747

    SHA256

    8c9925a66fcc741a75501071c02835cc87287756734181d6c042b35bbd85ccef

    SHA512

    61d1ca1ac1b2f449b6a7becd62b9436312af82c89d545cb016471828769ea50ea68948aa2120a72f5ad907b61186164ee778da61fb77938400794d36976d44b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d0e1785cfaafe0dbb29d3d2fe04719e

    SHA1

    4f5c954869dfd9f4abeba1dad4a4cf048519d328

    SHA256

    f0287eb6dcc739c67c892f6c217234d6bea48de4ed212b3b3667112d6ce4f51e

    SHA512

    66fb25b61db9bea8516a8ac1e4f2f3c15d896c678165372e7e767a1b26f90c00e5ad77a2c816d5a396031b5b822911b78c68cc2d539df86cb4fa047e7f26b1ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    caafff1ce33ba0b121f0607d555311aa

    SHA1

    3ca622dae2d72788894ba6afa5e3a5bf5b164489

    SHA256

    9b151fcb9c1b04088508835cb7939f2dfdf6bfba0114a49c5d4e62b5777bc781

    SHA512

    78cff47400ac6168725725e17b0521b2096d35f48edf1df9a4bd593833512c0e223a265e22bc13c98372393ffe63f3cf4ef210b74d3774bcccc056bdf16bd59a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8037bc6d25aa52160532dcb1044222cf

    SHA1

    249d338a188919b3248a25a2947d7e7d2aec5232

    SHA256

    fe71d49d5104d431ba68cfcb9d5256a3a062290d00073114a97cc6d3bb7e51d1

    SHA512

    15d252260d63283f93ef3d938e3fc2280a1ff77df41fe0a71dcd10b546b787c3bf701742bed1243f34a485c18957cf5e4411152e3f86dca994f0854be95d57dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    395e354133e00aed1ae0a632e6635053

    SHA1

    c6601f819a89c5b0cbfc41fb08375992d415d239

    SHA256

    1f694daa048873a725732061db9d39f911ff5b8af343a63be2a06782ccf2a870

    SHA512

    9ae4421913438fb78cef8d37ea4747346672d3a6705f8517d1f9fc41b011a68f16eac80924aac99b6c1cba8fcf9ea794dc6b6b0e01ede04ead40fa74d49b88a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20e9eecb3b20dc41df7093086a47489e

    SHA1

    6e31c6c32647d68e9a015c8a7a288b047cdd7a14

    SHA256

    7ec5fd17d3504bfd77dfbc210cc58d9c354997b40f390adc0f50e22f493b3251

    SHA512

    b0ce87744d43cb5f23fec74c5d11334906d9dcaf4de8e5d5e465c90513a87b1d9ffede83ca0f726a07fd35622fee84401de59db833402db8dcd002c37c6ab3e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ec505a97087e55cc0cf6f86db78f840

    SHA1

    da1a19aeceedd75e8e136ca58fc786f168206371

    SHA256

    e89b5bf9c46a2c2331cba7685c38957a89dd60f64c1fe1053e12eb548ab01dc1

    SHA512

    31377ea7f18c1c123933b1af47bb59ff70714e7f2840986a197e56297a0eb95476a39e958558f4b7a0acaac4942b0c69f908affb9c1a4a2c7e6133c3f61cd6b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5094d3c659192e5ef4dca34ada4fc69c

    SHA1

    1608ca49d44f6a1a031912c690d75db13dae26b7

    SHA256

    e361eb0276bd7fde31e6bccd7d25afd5612c9e0f16764d31dc0f7ff4319933fc

    SHA512

    0485bcbb961a1d74d2c6644ecef726889b2e612728e747daa6e935126386dcfd368a3d8784909c63e36a3bedb986b830dcbe08cd561dfa74b1bdf3b923364a4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8b8f6d7ea618be81b193143a260f1f5

    SHA1

    ab3d6ee94cea23c5b1ace0106ec493044c5f24f7

    SHA256

    a279c32fa834aed7ea8d3b0989a95119ddd8a18046018b90c01ac03daba422a9

    SHA512

    f3918e0df14b95f3cf5f5e5d6918d6c9713a07b801b93c938f2b09c2277d2a12b3791cd629357ae8650bbccf578f92fc061e6621de99a9a632ac74c74c12b934

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99b86585ed939ddf6cf6a94a4a1fac3a

    SHA1

    4e366cd60c6c18c95583b9aa9510df79e7b73913

    SHA256

    2095a13ae18a2cce126533b755b7aa357d35ce831863b900c3c6b5d51ed1339d

    SHA512

    bb893ffcb93e86c7ef8c214819274df761b26d915379edd87078b32fdc1accafd6f71584a5536cbd53ceaff8d14a181be5a27f53327fb110724c5058737a1f54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb5f154e566110626e727bcbd974bb7f

    SHA1

    090e4bf72b8e0c28493c9ec7cd75c8ac8baa2692

    SHA256

    8e854d6600c3f7e3e4eea6cbb5072bd4e395d1a231fa1eae166ccb5080642c6f

    SHA512

    23853c5a53446522ec393cb9253e3f106974cc1468b187c2f205b61e9d4a108562af5418660536f092b087f3d6e791d56b36e2183a39800ec4da1abf12c35bb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d501081a17634decf475e35f561d991a

    SHA1

    e37709bdf56172b3925046610bec6e596f6fa371

    SHA256

    13c234fe10b53428d3bd1a22bb8b920318aac31d163c3fb5bfd0388eb731c4c2

    SHA512

    46321e0e577108ce7adbdcdb917d74e38eed295ec540ed56fea45df1565177b3375b4cf0060eea442b7e251667339538da2403c2a96b525fa7b5e7d6754347a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa62fa1aa4e726a11f61bce1112b63ad

    SHA1

    f31da054be96b4a633c1782d2f6cff0d669379fd

    SHA256

    50fbb9252430f080745319715f8f2e22d1e1a74c598dc74f939e5abc99259b91

    SHA512

    f817c2d7a4f02ca97de10eb7ae36cd5d9ac5fa6868b91e4006496c9bac176975cacbb5f9ada5786491426e54988daa15bc5c98b6eca8076d958ea6d4b9bf9edf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    773d18848068b57dba96fe51e3b7c70e

    SHA1

    8d374b951db5392765e2ed6dcb6774e944109f5d

    SHA256

    54136225d6763f68a7881d98972389dcdcac2b099c6d8fd4fa1f857195375b16

    SHA512

    bab52b249129c661a014a0ed06a705ea4d7c49b4a06c422d0619f71a2bc8912946cf89bf158936dfaed9064baa5345974c8ee4bef103017f1ca90ccf3cde2fac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ece751518dbd6670f13af0c1022ad8b0

    SHA1

    dc4453d163a5a2390b08b48fbbf7ad6ea4174ab4

    SHA256

    5ffd4038336b85edb99769c868173385749dc094bdedf386198512f1457fe85c

    SHA512

    61c19e9ee83db30b1dd4107e9e3875ef6093027d95771232fa12fac8970f1c03d6d0a1549b55ae44490985ce74debd3b08fd4c323f019e21718b0b426086e74f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    347d2140b15c367951303f17a2ba8251

    SHA1

    a9f5266d8a60877f68b880df1b329c494e60c5bc

    SHA256

    40b5b3144389cb38e08948c35a0675a5d7d2ad0c468d5a7f8708f7caa9ffdb0c

    SHA512

    38489ad54f87b37a0581d1d9b70857fd309c05f390b5971a3492de1f41fc22a6adb9c0d0639b5938dee6bfe0ba983407d6552bf9e09aa1836acbb8c4f4609553

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bccb76f689854167294c67fca5063b6f

    SHA1

    08c7e759f483ab979c9ffb48ebeaba539d854dcb

    SHA256

    6db6623e1932db0301da2566980d7de7c4285f1fd7f7373f5e3deaa4194a83a2

    SHA512

    0237847eb7c4fc808c4285a83dbb76c484a665ba04ee882007889492b1311015711e7340238d4cf81ca1b8121f7725d62f883953ae2abb872a8d15910cc9e4c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7206200f3c8b67a10520fdbcfb8608c

    SHA1

    e09b5077a09ba3777be0765abfd2e856abfc1c0f

    SHA256

    2ce065660d4b1b009ee269fd42fcc86e3ac25a6f650c967da25eea7e971df554

    SHA512

    47b761602d475af86e3e857ae872b375448baf56d950db39fced683a33fb7bfdd3e1c491935fd28694dcfd9ebee383258ff9fad7358dc824f3d5ce4e1621ebd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    2e8cb5b491b8c082c1900eb5f5996646

    SHA1

    4916c7c0861f9fb48355e8e77f9fff3538a6528b

    SHA256

    a499d2da492c6b7cea61440397267bf46af8c26f21f75397188e14490678a4cf

    SHA512

    6f8ec7e3f223a6f420abe4550d566dba013f4366487fc313b28ae74c4f2b9427f609df816683cc52f614a1ddefd1fe6a0d6dd532c11d8b8525a0b9e6c6243ba8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar1328.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b