Analysis

  • max time kernel
    120s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 18:08

General

  • Target

    sample.html

  • Size

    5KB

  • MD5

    6b17135aa2ba63e407118fa1983e337d

  • SHA1

    aec1bfd7d5e5fa62aaf916456c7713fba18d88d3

  • SHA256

    d9a7e6d3cf5d9f794c93ab649d14ad08ca69b3427b9df6fb08569e4b22841dcf

  • SHA512

    bda69051cfc474302a5e93a46b0da9c874df951ca85f482bdcfd9ff32b9426912522a9cd10ef371f8b7bdd911b7674f382295ff071559ae4834cb20df66c6b8d

  • SSDEEP

    96:1j9jwIjYj5jDK/D5DMF+C8kMZqXKHvpIkdNrrRB9PaQxJbKknx/IR:1j9jhjYj9K/Vo+nkxaHvFdNrrv9ieJRu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15a8dc806e2fad3c67acac1cfed8e758

    SHA1

    d2babcb2c23537b22e08f11e88840302dbef370f

    SHA256

    db0ca77628d5893e71bb85a84b4a64e4595250c5eb3266eeb01c4b0f08a5436f

    SHA512

    f5bdbad809658ba8f9c2f7ecd04dd53a97944dc08f9f22b2b6ba6b1e0a0aa585266da1e60056b5ce834f658dea05644618a14a3d9dff75098cdd7aae95df7e62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8004b02b811c215b50e4d5685712e26d

    SHA1

    ccd4c666d9d3003904e12b9249f5a8d5fd9dc183

    SHA256

    74c37cfe76273fabc61376a26fc33b0c1cfa099bae8b423957d08920e2e68e12

    SHA512

    0ff24fea92b28055074105914240e449ea69d87a4e5f557abdc2c448e266f5595c84efdabb880c9f8162cb761f0e3d01409a91f7066f5d478991cf1654dd08ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db5240c87a4357db300f939114529ed9

    SHA1

    c20885375f96e05befbcee2c5ddb42a7d5bbcdbf

    SHA256

    25acb6b802c1817d37f4ff6fb0790ea73450bb19e285934ebdcf334e85e7f19b

    SHA512

    ff44f775269d0359cf20a61e043b5281d244670dc49326ee03304a528431a68421fd6236ca20b85cde594361c668ddbd094249275466ab7bea6046023a7abcb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a9c3e220773d076fb2681863518b787

    SHA1

    38e3ab5eb4d7911a9b380f6945dfe8e22b4220b4

    SHA256

    06dfa36c271cdc1e72d6022edb6bf7d89f1813d3213da15798cba30991345ac9

    SHA512

    da48f7170cfc80f5f0433dc81be046e45a1f05d3ed02c183ada626902f9c0736a44f2b42bbc21fbd6f9b8abd622b840b03061983d73de106d420943fe28e407e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30a9061affdb61d6aa61d206ddf526a3

    SHA1

    7db9a359cfc1bb19322ac1691ad20e55b92fc404

    SHA256

    100e3838f1a594d41f27ac98a365389120ec3989e55e604b61baefd7e2ecb97a

    SHA512

    06fd97cfd6ccccdc4962899a1efaf60bc21ac63514bd105cc51777971ffcedd91cfd080b25b89f4294f08649fb7117d2752f291135ea140075d8e28739a74412

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1adf50e1dc3e632fac915063c53ac931

    SHA1

    15a542e7324cb815f38bae2c5d0e7b8d2abe1588

    SHA256

    6065d8af76ae4b269561305551fd9d4f39c4fd3091d52dba9f7281f9354f2a78

    SHA512

    af85b95ab9a4c64fa7ae2e1b940dcb3b163bd8bc3951b069f3c1b06aea3408ce0f24eab4a3ce84ea3fae6c758821250248411b9303929e41fc03d06309e72255

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4c260d87fa46365feabf642ba03a3f8

    SHA1

    d1356d5271e0149aa4853fe755a02746bdc345a4

    SHA256

    76df1cb052d99659447fa54c626821cff7eade3c62f8b014bcf795d319953ac0

    SHA512

    f8c7ba22f5b973e5ac6f148e23a0475e7220f6f0d1c1dcb11032162a421a0914ee8193db2bdd741d0b426cb78675c3dafbcaff62d9d950685d1162abfd482df5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de2f1559ba5e39d37ba649cf8bee2d87

    SHA1

    3865e0f57815a299418f44a341d566ad6f2be70c

    SHA256

    4f7720bce0a092ef40c0f6d292b109f0eb13e72a47f9fb7d9af762d60bc2a81e

    SHA512

    c2f3732a1109e3d5e9c41fbb1a0eff8c19011d4dab35b3f2afb11b8dfdd5cac4fcd80dab3752657af40ae007ef151e1ff9095f99bec7d87692ce209ade4b959e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0791d46a3e4ebc68e8cce8c899c47a3e

    SHA1

    a9125b3df51df3cee22c6f18ef0f36c88a6d7951

    SHA256

    90a45a23af490b6763ebeb606fa1577eac26562358c8cd7f1f2715589bd23fc7

    SHA512

    f36cd5b0c0247bda4f2f2106aaa70ea7a1c17822625a8bcb0a0a40bdc650259ab6c67c50eb1556de4aa9d82972ca22a475390b63f92f675eb5778d907a04f22b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    782ffb525e81f391917547ac5337956e

    SHA1

    f7cb28b86229cce170adde6c2d3070a7b9f080ef

    SHA256

    ce9eb93e16c5baada61ab004730cd918cfb04cd73c9a7fe9b7be57d01a9a1a70

    SHA512

    7610887f340e688010218836ebc74c2f1840048c033feb1fb50052eede7662d35587aed166f759771ac056f350a568d1f0085c28208fc1cff3877909e68849e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69cc1fb334c160a9a4b3efa06c5be5d1

    SHA1

    aa8f9871a6dd7bc1f19e86f09d84c8ca1cdfcb3e

    SHA256

    bc631375d75ca424233f5cbc83ab9f1784cc085abd60068dd68e21a7dae98c45

    SHA512

    e798c0529e165488a2dd185e7f808f7ab936a4cbb923f77ad94e3fa3ecc8cf3e904b2f1658b1029bc26b2761e5613c0530b964018f84483369ccdffe09f60b9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f0562e3fefb6cf7bf9eb893449e3699

    SHA1

    045346830cb29d0095f5967665a2b02881106604

    SHA256

    5dbcccadd78a5bdb2f48af7c9237c58d2379ea078d3b32cfdc8a90e745df6c78

    SHA512

    b6cc9b64898f6e2116ce9d305982267fed1820519b6bcb5ed0646e30e60ebacb6dbc600c5e9aaed11f3763bac5dd94828d954ba348da6bd561e9f60b122a2d0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9db3bb216e98c357326b1798342d3b38

    SHA1

    1ba27a09b645893bf9ac99971e6d0072d7b5d410

    SHA256

    b1e3298a58244e670fbd7cfe828dac66f3a7b71869455077dea3520643cc2c55

    SHA512

    342842b7ef91567b4e43ce482a92af562fbb190bf615b2d0b519f17ae8225f61d160667f0841cff481763bef338134e8a0586dec8c0c5992e71678bcc3ae17af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d22b2c8c212ec419b339a8c91c35405

    SHA1

    a88cfe9b8496c1ba152a18e782a3df9bc0be265b

    SHA256

    051f10b2564f708fc5393bda34bea96ae0179ee5b140d66e13d85159c8c7c88b

    SHA512

    aeb9da653203bfcb8a45e32a6e489a92ce88d6c7eebaf87374a5cfc51aaa57c171d9d04905370ec1d155b6219b3689b3c09b57a6e62737efc7ffc2868051ccf9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92e78c7543ae444f94bf6e5453a9a9db

    SHA1

    4fbcc94f307d48bd78f8595911a3ac9379264586

    SHA256

    1666212047d315a3cf838c2f5e811e10a2f4f3da60bf92779d4a255aff84ddaf

    SHA512

    f3886ddbabd13b077c8cfedda7388143bd0b6a7afb305626314da32cb0b403ebc1c0a33d280adec5fc6ad96b24db5693736dac93660c7d3eaff8f6bfbdbc8fc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99cb30b2af73674ad1ce3d98a747afa3

    SHA1

    251c1a5c04f1127e7a61cfedb581a6b1072434cd

    SHA256

    c9a05f977135f7a68c330be0a339fff4fd64f63b0c7132e1fd1cab9113864f46

    SHA512

    5a2f817f277740a64cd6adec797fa6e72d797e858cb820980a5c38f899e34442bcac27bb335abe197c1fd52d90b2f49948249750d11695e1d8efac994324624d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ead3c87c42935ac4b993bce488250dbe

    SHA1

    8bba376962d3913e5d2a093db7a156e65c605244

    SHA256

    4d010e882c5cb807777445fb9d98f4034451441daa2c5159b2af34b645f4b074

    SHA512

    43515414270b11054664b05044b659eb8209182d6e6c8e40bf0153b94dbf576162aecf06dfcd4307e3988dfb7952eeb7951fc20df616f0bdea6161943f7f7061

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5812766fe3a0e8bc92ff42e723bffaf6

    SHA1

    835fea02a51fd9bc8e9e153dc4637e2905fb141f

    SHA256

    595bb3757aaddbe75105f243b109d8003114c0c9b229f0b90e5bba4737ed744e

    SHA512

    052a752c7e323a46b81947a7f493b36f047bba41c4cd5632e7f645fbeedf35b06899409bdc7287cca6d2d72649f2af34414d9ed8d5593570971637573baab677

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcd0a53f55501d71e2e57984b2b035e4

    SHA1

    a4dc500e2f6cb0466508f8109f750e4a773bc32a

    SHA256

    4e8eeb95309f7736891e7f7a0d02c7140adaddf70dc4f1a23c57f7b3e22bc43f

    SHA512

    d96ed4fe73bfb9bb2a0367dc57dbf3a0572c5d329bad6a4faa84a2db2a40708619b4df87750afe03422a47f1e1342f4aa176bf3ef40b7d5c8a8af3c0a447e95d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7685e2f81391b9f0a895f74209d9fe0

    SHA1

    22f5ecd5bb7f9adac566714b312add71bc73f251

    SHA256

    1a47be4122e08410100219884841c90bd02115baee69f83a7b67b7445b373a8c

    SHA512

    649effc12a6ef07860713841a938d2af4656ffdfb3a6184958ba74564eb73893534b8fa4977ca5a65a03eedfd91e81a38d9f2a31ab0ec3cce0c6f0af2346e951

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86226d6f1217832dda66446ab8e0db38

    SHA1

    7363fc9458fc3676e021d4d30e813d2e992f4e9e

    SHA256

    10363e460c2a15b225f011feb095ee43b8d21f86f5ff81604879e52b70c9e26d

    SHA512

    4a76194e5697318e52809ffd2eb9cb9b911f13f9f6ad1824ac919a09cb056cc1975198b893f01d0b8d29253e3ba71368ddecf037ded55e33fa5eb673a7e084b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    622db45763d8e2a300411ca3529acecb

    SHA1

    0df812928a4025408813bf978567f4c2b78d5bbb

    SHA256

    3f19df993fb41c39b73c776b3ea7255abe3b221787ce9d96d48f41dff95797e6

    SHA512

    a718d7d6939cdb8fab16ef86e0855916888bf2ef9408cd394e91b98068c73ceb8794c1fa42b19385e210d45e29411161eacc5ff5269282f3df61fb5b7548dd7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96455ad01cf801ce35b11ef11466cfd5

    SHA1

    490163f76ce94207e6a618792dc95bdaf896a94d

    SHA256

    468fe00960a9a436b8b3c7d800f43c5b9005edc2662f1399cf11c8a083b9ef68

    SHA512

    176a599fb27db786a6ee4715b029f46e9e707aec025fd7e25e67c6186a3a2d93505539644cb58649e1dda9a750b18aba51fdc5191ff4ddf58f57991ca1982dfc

  • C:\Users\Admin\AppData\Local\Temp\Cab7F22.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7FE0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b