Analysis

  • max time kernel
    140s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 18:12

General

  • Target

    download.html

  • Size

    130KB

  • MD5

    049c556c1bafec23ef832392099157cd

  • SHA1

    06a6da129d5b07ea55e6e825dbaad69984dbded6

  • SHA256

    2ca50f1448a180e2b717451281fd349b922a463fdfdfc5d62f7309f92c37531a

  • SHA512

    4c80c8b995e3b54a7879dfc4686ecb208de43bb61ea8c752c8a7edf96919f7d9be167f70a4ad3e9667539e1a1be7370b3404590ee5f72db32b8de264e177256b

  • SSDEEP

    1536:MhMsvneezZkFb69c11zhmZLaUnBJJJB19/6VMdNwRL0WGO:MhQFb69SbmJnBaVMdNwGWGO

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    f8aa1a291d20db704aff8dcc99c0782f

    SHA1

    52ce8f8661c98ed78ce5e778da3ee0a6063eee0d

    SHA256

    67e07cd7b225a0c1e39e6977f6c9605db430dc8bc953f619b8e6576c0bbc7d0e

    SHA512

    ad9c5756b501c2ab332eed9f82a3d8ab1efa36c1163bf875a249071ebc3ca12866c470396b42510f73a86117d56e074bdb4e82e55d8ce14f7028168a5a350cc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    5b6cea3c249dd887dbe74c718953780d

    SHA1

    e29cbfb91f85e1459c3fe4cf6f180b5da3f91669

    SHA256

    69277d5ab12b33205ef524d891f6af03b74a9508799d29b1e5ba23b7c72232d1

    SHA512

    cd5f64d957750e72c1ab9d364207e76a6dc77b91a32adab4a963227abcba6a5303bccb5a4087582bcb848fff506051fdc9830ec2b2ac2242122c7603edcf4802

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88ca2c780e3201d7427c8cc7cf47b91c

    SHA1

    97e908a98fc027b307f4c8de5a0b61dae8ceddc7

    SHA256

    7dc3844ca808c2c9436ed27becdbf3bb11079c0da43b3e6c46172fda30ac88f9

    SHA512

    d12099a9fd94299eed34659802fe3e7767c9d5d81d92de436e275e3fb5750e3fccf09a13c7706462a21ba223bddb7ee12dff3e4eb0a863f2e09345fe1b2d1659

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a8a08306416b846b9a55bab2baec6bb

    SHA1

    2003fd403df853475da6c8d6b88fa0eba2eb5174

    SHA256

    9920d941e6432ef7a58d244e5b5e9cab2d8e3e8bc255c74b134705d51055ea0a

    SHA512

    4c4cd9293da2519ce3ac1a643806515b0aa08d3056839505365abb9dd757759354b47cb0783e226e07ce40fb932957b21301995907b73d6e5db6602b4674bad4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48b5b51e4610b1e6f88a97aca9eb7eb0

    SHA1

    6991399341cc75ce9182f8f83d38c83cbbbd37fe

    SHA256

    ea07a9b5abbac070cecb05b5e5c62844835144cf7b3a767ba37a63afff0cc871

    SHA512

    2377e108de365e3d12ae1455617244fb6d085023271db2809805a3d409bd53216d202244090dfd23e677963f49983add122be415c2fc22b7836cdf76f52f825e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d04c650e4c651c73d2321f8bf20b82a2

    SHA1

    fc32c2dde65f584d3627c9046dc12c74b95b0ae7

    SHA256

    227315056ac3f30b74346264626ef5ad1580bdbed28801057c7faeac1cb91891

    SHA512

    7a473cf949f0648a8b1d83e21a6dfe2c01808d1decf009fe63bfb66ec5593e818fae89419202b3d93a80959585fc0b2fc88793bc1652bd2f166d9e434aef66ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42053b9c6f592f35496d60f34943b1eb

    SHA1

    11ac71a822717027f035cb3445dea35a463d82d3

    SHA256

    f9abe8e5068f1a3cdf1788595cac2deafa0c7ff8c0dd3a31c5490614a49cc063

    SHA512

    6246d06a627ba7bdbb74326e6147f0f80e2970061aa9ddcc954545408be0fe6abc1e9c87378b798e3cc27d60688befeabfe185e1b13ef6790a79fee7e042f9ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98413f6520dfbab51a5627cc40d00278

    SHA1

    56ea7a33bdc306f201ef5fdf7e423ba57ac98d7d

    SHA256

    c4a69cd3a1186475c106344a4c0e2d70eae4c259e92c7e675731fac3382e5241

    SHA512

    a258931d41fd4b32bcd1e52f676f16bd2d20c910a9c86c431addd17ff6caeb51743380c535b9d334c1f3524f17e9f4bdd373e00a34021410b29d0168e7ba7ade

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f484ea54a281d57bc4f07adfab30fc2a

    SHA1

    615cb9b6bd5bf5cf83c7a45fd3fd5bc1d8ee631f

    SHA256

    a7faf9b670d1fe8c1a58f4aa237259d86b11ebeb5a88d90b3942dceb6fa941d9

    SHA512

    42b20f8170bcbfcb212057b58df2276610ea6931aab580bbac0ce299aeb639aa99c2bc602b77ad3147a74a94340ab2d40e19cd82cccac36219563a9054aefec8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb53d083347ec044fb5d99976a90906d

    SHA1

    cd3d7880a3dabac527412279b55e90cd5bc403c9

    SHA256

    660d6a3e2e5af7fc5ddd96fc85362d331afb1f542115f2b0fee21f9a1fb82d5b

    SHA512

    c054d594dd136a5661af76b58be835ac4b48c378e54965ada168ed17da6599888e5a812ae69d11e0d6d431f184397dfb8c53c8354e27281fa75e14bd6f689c3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e708f3b75b5ae5f245b8bf392a0a57f3

    SHA1

    9cb4e0fdeb3c33a0e6c3b835ac5008b452910fa1

    SHA256

    4f6699307efdc095761d4a71c708a94d5bccb6c28ec6e2c7d61372f94e443f2d

    SHA512

    ffb7882e778b3f72407ec79bd1565c156411744390e712ff7df791959e3b74abfa97c80e18b46a00d7c9a0b32ab383e3f2b955ed681723285375e94fa53fac0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d29b238e7447125c01510c8a4c8e6f4a

    SHA1

    748cada4251e5c9dfaf2868ddacf2d51dae6aa51

    SHA256

    e6d050b3590d5feb2dd8e1c27c92f79200905625e633856c4fce3e82cd431aa0

    SHA512

    ce5fbf378afa8839dcd668ebfb689fc8d0ab165e0f1ee0bf7ec3d3db169be3f4f6b507cb320cb5efd0ccfa550fe94bd72926024390eae77df7e4bb6cb4bb6769

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7dccb41fb2854b78a3a36f864c5d1d67

    SHA1

    eba68816b140ef7ea34825cec97e5ed558bf6c1f

    SHA256

    7f4c1ffe7b16d0ed318ed6845f59f6343309e5519f0509338be5bd711f2a4a29

    SHA512

    72f8cd98a0e74d275538f772a3e52f158c54aa6e2b4bdff4daaf03be51c01fbf465d845d63c225d87623ac3581e36a9543cb8b5aa89bcd802aad324ccf7278b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ad0f7994506c455ea4f8b741eb5216c

    SHA1

    085d4c1f204d4d941ded9d0678e2efd2dd9e0704

    SHA256

    16158fcc6b56373a5747cc43435fc00e457ba6ef0b8c3d00cbf15c8f60d733a1

    SHA512

    07a62a3735011960cb3ae578ca5562310cc99b48072f69a8c9cc7edf92b8b4bc4befca1768f1f406df4f0546bd0a6c60f0fa227dfe453f0e8a6efacb753687f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e2580d39e940c38359577f636e40e8d

    SHA1

    3cffde0fde841c8bae2d0328a82e197b5efb0fee

    SHA256

    32018f141246df0c6156378def3a1f24d77dda5baf944f0e222de2284d0ddc41

    SHA512

    f67084b04978f08a0907c0e97f4f45aeeb24e574f2cc3824c3065da9245a4af107cf56907243900e26433a1601c6428ed1ea648fe55531b160c410d2c99df6d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03cc6f8da520eb652430133ac6f0caa9

    SHA1

    f2ccf1c401ee46296d08ad0887db689798862af8

    SHA256

    ae116d3526e04e9ea0a3bb50008303ea1f2723a6ca37a419a676582143ac23bd

    SHA512

    1ef722ce09d4e0b7ac727a5b65d0d8d298ce55783f909b0a5ab6441183a54e5350430b4cc4570e4217d37c761c69b86d84786d8332b68d823601953f8d18b10a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4316417c96d1c96449b5711d77206306

    SHA1

    0d13a591c2aab0ea706c7b78f5653e27581f2fa4

    SHA256

    98005cd38755eefbd81812de074ad59b014341bc4c58680838c677ecdf1818b1

    SHA512

    a4e8147d8eb1171039cb5ce6b0b90b10f9a1371e045085a4298036034d0ff5f72ad885f0cdeb6ce9f5ec50483ee75e447ce20df0e61a17b6838dff1044d1fb2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31c00cffddfd487d297dee11d60b1fa4

    SHA1

    6c975ca906952a25c69cfff133b6b297d26723d3

    SHA256

    10852bcdc5e42e1ad7f2f605634ff961ebf1d28e7ab4d03a83711d9d8ac02d44

    SHA512

    81e5d57c37eb443574487d642878640313e69eb7589052b82cdb97fe309cd3c45b25756dddd8910ada7517890df27793abfa6d2359db1c01d98a8ad8d7a8219d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1efbc53092dbde59280a7f0b4ccb40e

    SHA1

    ac4dff223f8c52458b953a762b51500a25ed4bce

    SHA256

    386be574ba45828946524f1ba443e134ba82dfb3a8fe531d9f26211c1dce94ed

    SHA512

    720afa2e2f40910191ddd84845c79c371e0860501bb8c0907786529010d0430fd480b0d889435608976d43215c101552973a79281190b5734f8eca9c8c56ef3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ccbf901e66a06921fd0288138267003

    SHA1

    ab5f55e636dfe75f486d8e6399fa76d69130c873

    SHA256

    e6a9cfe6c24c2673f37bbfc5a70a0c42d4744b58992af1d295ef2c0af6f38ded

    SHA512

    e45da0da2144493726b18fd1d4067dcefa96ca96890b4e292859458384d44d68a167151d2f49862b4746982484d35d5b0b24fa7929e293630d2defc7a2e41f33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1d6f5dce6656614d2fcd54c1c4843ef

    SHA1

    399a27051e7a31746bd2688c1d51d8cbddc497a4

    SHA256

    9ef9908521c118d60f2a3bf6e76e7ed878ab43ca58b8e2111f062f9cee22eec4

    SHA512

    b49e32f3610f8b3bbd96244465c91f566fd8c5359aa7e7962b92255bbae7ef630e661b3b9875b5635b8b72282f218004677d8577d7ca19b0d288e1c8b4a172b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e07345043a5209942826515b5c5258c

    SHA1

    6154ed89386305b4998b825611196cb31c239081

    SHA256

    6581558cf994c798a12113da11478478a3be4a8259754515bf6ef66dc62f8ead

    SHA512

    1ba6f7998ccd3061fe0e002c592cc14f1f00a4bccf9fc5ddae2f7e2123a74d148fe141f450f53002550bb12bf046d53b856102f576e453cb89b6a77296c578f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_F42EE0B26294A18B6FABB48D92D55F87

    Filesize

    402B

    MD5

    9970909d0aba40d65ac5b10b1392712c

    SHA1

    f8a7220d7ddd6b033f1dca6500af8ec9b7907c82

    SHA256

    a062f4d9049ce566c85887afec5d73cbb471fca7149a12f32b9f51753ec7acb4

    SHA512

    51b54795c500450b9a0cfde7742592919edd66272c42919d78d9d93f4e33c87ea2ed973aecb619c4241309cf375988154d4d8207f10b4b6134ed388931713e31

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\f[2].txt

    Filesize

    30KB

    MD5

    cac580c733b97073494b84501f8b53be

    SHA1

    c7ec514d04d6d93c98de2047ed8ea8b36ef4a37f

    SHA256

    3567d3f1e303ae3d52dd5283548308e35e7330ce7e8c6db71329f4b7e4af91f0

    SHA512

    00968245534a00e8f341103011218dc1ffb875705f8ae10251c31b43afe89f0424b349c6f79bb9d919ee63c6ce220b5e564ed827132acfa2a916d0a87671f1d7

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\f[2].txt

    Filesize

    210KB

    MD5

    543f1ba5d21d72cfd5af1b7f3f5a7dea

    SHA1

    819aa419ec1d9ac0e6a75345ae8e501476abfe65

    SHA256

    e680f15ef156077429b715ace513107f66461727a57814c75b32246ed87e6f07

    SHA512

    6e0fb83899e7cd129c677115eb17945418572d7c357b848870b791d131451374833e39eb0086a498dea4d915133104a140de8dfd83b8177aacb27fa6ff005125

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\f[3].txt

    Filesize

    2KB

    MD5

    98408a561a774e2414e19971eec1f993

    SHA1

    f51216ceb3dc42de1416511664a7ab3bf7ef6b55

    SHA256

    bc7ef6c5abc6ad9f53e4b766c83bd5f57fce9d43db9cca546b1187e4a0583ef1

    SHA512

    a81646843f0d44a52db9e04debcd5262d8892827aa0608fa3a9284f3963e9177cbf3ae99538c28692dcfa78ed6240ace96486e9e6eab6562a6b8d9e1b545f844

  • C:\Users\Admin\AppData\Local\Temp\Cab537F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar546C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b