Analysis

  • max time kernel
    80s
  • max time network
    77s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 18:16

General

  • Target

    .html

  • Size

    334KB

  • MD5

    e5491dbdfaccbbdffe8f78058853b685

  • SHA1

    fcc87305fdf9b54c0c86b1bc37ca77a8e8de38f0

  • SHA256

    70bd92e383e9bb26f22eb5acd6bafbbda7e46272c7e4b524076c6131c5c1d555

  • SHA512

    12ed889571f2267337a9f285ad3e8cbaa186a6a80dbe9c6bf3910079e52233ced5aa91e84f5ca10d7240e79e19bd3f65f964ba7f03bcaa5f07a8c50fffbacc09

  • SSDEEP

    3072:cPFan5rSPZjJ6O7RTaQJM/ComR7whT7aYpNFS4/zog5:YFUujJ6O7RTaQJM+76PS4/zoE

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2128

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    aee21e6908624d41b50b5b61f8020ee5

    SHA1

    a10e90fb8ecf45029ee66cf1086b3eae4c3dc8b9

    SHA256

    fa127ca1ffd89315723c799f3abdf4b46407084383460bd82be0a872c66481b0

    SHA512

    1dc6bc06adccf080fc2f5513615acd3a7e94150de4d43524b79ab874b3a9cf8aa9344034f3710c65513036d8d139a49df2fa56b3a3c4b95bbfd4f3c175fc2011

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    ab8622ac03ed81cebeaff85072a41af4

    SHA1

    ae9917b1991274f07f184c9fc643e36e14e55aed

    SHA256

    e1e7411612a0c29a22b5665b9aea37fe7d0844e402fd4113969f88843682386d

    SHA512

    62b76fa3b3d0f25be2bc26d480dba6328c6d92a05c628b8081270e79cb2714dfd6b34cb27c3e0ec9f2e94a8d162f8d02da28c4a9a3275565a0bb276a5fdbf05a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d22eb40e82dbfb850ef6be08b9604cc0

    SHA1

    94a809959bb11d630f2f9751c90a3ba0884fcdf0

    SHA256

    318ccecd5d4d0d86ea73d49a2836131129d7be6b70255b728f2ba43ab0029387

    SHA512

    4e76e0f4ee10b8e9f59c2bebe5770c82b77199f914df88df3e05f7c41e5acb39d0720a9b588d51ce01559366bf342a75cc903b3b51daeb4ed8b6fa352396f291

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6bfe5784e8b8df9c0ae55234454d809d

    SHA1

    5e3535c294867ad5e6199ae212d96f01cf5a3601

    SHA256

    341c8923744c7329ea5794e74bb6648633fd3a87595f18283935f058055186f3

    SHA512

    a657b3d6190612ae594fe2c16b561c9ac52118f396cc76402a3d3e6bd6ba28afea3e21ddf86465b59fb222b03c8cb34b8e47d8cf212ca5934d7323558d247687

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea18dd406b5d8429431116c06ff9f268

    SHA1

    b32b9048de14293241c93f596e95878926c36d05

    SHA256

    4b1589c709cebfb4f8a5e11321f5d7d068eba43d0ac3c01df6cfba6384efb39d

    SHA512

    4b731df43a15dcb6e87f7e4be96edc4fe1cb329cfd69e48cd1e859aa0b803c584eeded5ef682b86f93d37796263a0213c373b1b84d8c48725898ff813ca2955a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c4a6037e6818cc5fa32155aefacd08c

    SHA1

    d3a1049fa247356eef6809fd95611b44e24552ad

    SHA256

    f0cd1f4dea41909e8baa37e4e806c3e25ceb72d7b3d181a0ff1d0dfa855f1cf2

    SHA512

    6a041d8be6eb6e1d2d677a4f768f6338ec2aeb2c92b869b2a36c6b2739404aa9afa3dd49762a960f93462245f0d8a5edf167f2839599261e512a38051695ec87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e55ed7e1131e69d83e72673ef3481d2a

    SHA1

    d984409224265527505e9829c199de4c7bfdc486

    SHA256

    2a728b47dec65f7b781be2e9552b03a7088650846ddb0cceeac074e6f8117b25

    SHA512

    09bc538fb718b8439170defadd94730e69fa2a3decb2d357390f12de9045977a650b76aad5875c0914f240abb05ed8bcc7e95736d1945789e7f69ac9cf6027ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e4bb43cf1641de231c4cda88f0d5a9e

    SHA1

    29113d4b082f28d5297e27f3dc39cfce3fb1f937

    SHA256

    e64f5e44dcba31d7d0d9e8c30ef9ab694bdc3e638b1ac633d8adc1fa12737b7e

    SHA512

    b9a0cff1c014ea1f9f4055808d664d45bde5d42e977c103d0ca0d6643732a0263492f043cd2708001325281188efa178f9de3e00909d0b67d6e390f096f161e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d84edc4a27b96c82d512ed4942bc49d7

    SHA1

    65d122d48913f3d46972dbb074f298a3db6c2a47

    SHA256

    443dc2eb2ceb72d93af8c7cb54ca6703e5b1eff044eac515c964e3cdfa800411

    SHA512

    0e3759d5dbd2b82d330cb542d035153abde60b85aacf2e82b0bf6986a7afe91d03f421abdf6b91a20ecc0b049158a43f810c1731b199991c02f812b9bbba4190

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f157cb135a01ed63b21480990b01015

    SHA1

    d1dacab9e170e896f9ca1b73474264ca8ecfed1f

    SHA256

    de1c6d1009d7ff5f287d37efc6830f6b9304e7f881366079e81102efc0b4f6fd

    SHA512

    17a846da81787ddd381db5c13b1e069d611a789a58e82b1c833b0563d79d738074350f8ad710978f53bcde6f942760bc4b02003090e5d0fd5104d0f9761e5071

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e8f8bb2f611b315ffe7bd608edaa09d

    SHA1

    685aaf08db4599814d2c0c3e163162e3349aa136

    SHA256

    18d5ebc83747b0ef706ca5b5db865a502e8d63a81627c1069a1d6a38a9d90c78

    SHA512

    5b98fae0d857ff7f1bcf5c94525f684037e6139f6c6515f8eb0c28b7d00f69457d75f8e58fe74f3e5e02da0fe91ca588a506b55e12e40dfaaf1d0fd21ccdccf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff3215cc527803b8969eb46443991441

    SHA1

    2c0d68a54530eaaac3a9fb91055cc0b98dd43c3a

    SHA256

    2f3a126da7641e3d1c99951cbe53af635f4ea51360fc0e12471e9fe3fa703f49

    SHA512

    a87fa8554a77226d5a53d69169c8cac8f3525fe5c059f1eb22b88b65d150e4ee37fef29d8b0c514a4f851c1f2286ba8b17d46bdf5cb5e51441830616cc285bdc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    570ec9227e3bf30028ae1d1ef04340d3

    SHA1

    de3464686d8d6527e5cbe5dd51f8d7d700e08282

    SHA256

    3c8299a03ed57f635526ace1009e9286807c31c6a410ea985d9add282fa810cf

    SHA512

    308d16f33357761edb5c8523e071525c1b4aa6477662a7c9602130baf96c7c3c9f6ce62f8a122a69be0adfe3ba97cad0e164539a4135b07fb189714837d62aaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c01098b89cae13788e25a791995fa59

    SHA1

    331b27a305a2434e4018d5b9f26d46c0bb067120

    SHA256

    2ea5ea933a83cef89d0cc097b512b572f78e58af2bae16df8ccd7e316e3629ea

    SHA512

    ebeebcd9e51103b5a4e7934ed522ff97697b285b3d064388b700f0975725884b81127942b31e4d85e4d26c7d39454ac144018958575b86b97919cd17010895ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6dfdce12290b7f62a1553136a888c031

    SHA1

    05612e7509187343d264152abbff319c15d19770

    SHA256

    f5a850930a145d57f0997580563e383eb0d4d6872762f96237e431afb29e9f23

    SHA512

    c19bf82ca6b40f96164184e022702e7304da8979de97fc9e5e8007109e621f28151612f3a191b689045924c5e20229082340d6d7f06c0dd0a8699f9e5f400ba6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    034e76353d2ab8267a8bdf169b5b34db

    SHA1

    01f2eac9f22568188c81ae8f78393292fa047209

    SHA256

    690ec20e2aa607308dcefcc2bf793c3c4c9258c7b33a224655ff12fc2af7f147

    SHA512

    12a1b5a9f1385763f9bfae6b8c16b6e3b03cf14cd73b88cbc7af215c7407d712f39623dfb6ad1462c4058123a4fb43a534fa5fee593f2b8d14d0e077565954d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    cd6b4f6618285086bf13a295eb3e67ca

    SHA1

    55ad3940a35b870700aeba0ed6dbd1d6fc83bbb1

    SHA256

    8092ba19ea40776bcfe3b4cb7ffde4c987ecd02e5824c276265ae20705819ac3

    SHA512

    3f827453b36978f55d0e30b7552fc90b18419a875e81e0f84889d0c034239241b60f80b554fc652b62cb6388523da20b06ee66d5db6aa076a4e8c3251bb64153

  • C:\Users\Admin\AppData\Local\Temp\Cab2A0F.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2F31.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2A60.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar3139.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b