Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 18:16

General

  • Target

    xzda4nwjutljmmepxvm5argfszgpualzaszbkmvfysnfrvxheu2tkuldhagplmwrlvvhbdkwzvxhom05ytm5svmezaetka3riyur.html

  • Size

    1KB

  • MD5

    07bf6884ec2755a980d77aef95050118

  • SHA1

    5e6f7ee3e38db35b9892cc987340638127a06417

  • SHA256

    f9bc5da3c4631e68b0d9d3e873e466b0781678b9d82bfd9a252737eb27f55ec9

  • SHA512

    a14397564438c7048308a8b54d3cf322e4a9892dfc0437250c50d32ba572b89f83fcdc0d00769fa8f1d1160c4419dcdc270cc8b5f874d8f0228312286522ad2d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\xzda4nwjutljmmepxvm5argfszgpualzaszbkmvfysnfrvxheu2tkuldhagplmwrlvvhbdkwzvxhom05ytm5svmezaetka3riyur.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    17e51cbcdd72941eae2ec3c63c8bfe76

    SHA1

    62c4f4c3af77feebca67e76259aef0617f98ade3

    SHA256

    394e9218a8f2a8742224c44f7e27e81d37fd9d0cecd83cf95fb5124e41041f6e

    SHA512

    069b591f52e9c9c85b32457053ba3b1aa188646eebec111dc93de0d740059f0a230a829baeea2a3ff755c998e77e0e1918dde76bda659452bd55554d229e549c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a4d84df1e659b585d416cb85a4768b8

    SHA1

    8e1c3349110e891b45b458a4952e8779a9d9db9a

    SHA256

    c9f92499f7ce93e08fe4357d4a70a2430b4831ea7296169e5b4ce5d2cf8bf344

    SHA512

    47cf0a873268e79f2e470c3ee1395709f31f66a4c8f714fa089dc808d75d5fcc7bd49178433194bb19757a3ffb36774d8ec0dd3efaea928b41bead935820ba5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a44e1e09a2b2270dd3f73cfc3c6869af

    SHA1

    317bab55bb64238fb87c8e031ac0ca72b8017aec

    SHA256

    fe0c4192fe050657b13acdf424a34e5fe3cf04f7bb36503549d836d2dc8d1d3d

    SHA512

    9312efbb9858220e71fb3713ae34ed15afa083155097e51b1ffd3b5cd3379901eef1c36d19c32b298560e4cadc4a8a2ecea0e80c03cdb85108ecfef4d05f6fa9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    898b48215a867c9af2e9a18b8f5d85a8

    SHA1

    a82588f9e55a8e01cf399eeec1b56cbeb6061b18

    SHA256

    9718a4c734ea8ecdde197344cc3001869ddf4827b1dd9cbe3fb1a890b1d846b1

    SHA512

    9001e599142823c34642aaa1c8ac3ea74c15d491bc39019167596f599c07657edf78f8018a6371ffbc51c2fa79dda982d05eab8bd3d304fb7f130224d784e88c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86ca1e4a1535d9445ef6fd2482e89f43

    SHA1

    149150359e020ab9808dbae7164b0ea9a7baa336

    SHA256

    80687d859ac800a9ddd29a4c4852ac6eee878fac0eec16b19683b0c9c0a22cb4

    SHA512

    d95c88e265ae36c9345a2f56f478eac37a997c9ac92f9d601e23629128d30e891b0d74d58547cbe20d17a1fa74689da13206d9b50c89aae6f4f921a42bb78472

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    882a136c10a994d8a8739afcd7556b23

    SHA1

    51c487a07674b2efcf81b03d9683cebaef2d91b7

    SHA256

    c86b19c68c92577a8b9e91ddaa1c34849498b7b81c662e57baa46df327064617

    SHA512

    c3b4282266a65cef2067231a818496b5d64bcf39a2326c30de44b38a66b55b917da19660d96b2ea4f77ddbde119cbdc50ee3b6c72eecec53079519b229a140e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    866aa500029aa11b84cd10318ccfe3a2

    SHA1

    bedf4aa53a6a53aadcf75821db11d52b613033c6

    SHA256

    468ecfbec7757cd1dc82391d3afe7f05f76a66da293434d9dcd9caad67b6be2a

    SHA512

    0bddf67b33cbbf219627426d52adb6338874dece8b598783494947d8b82917d16be5d1960960a44280d843e3e5702269dc59982050b1e3b5e3ffeacbcca9aebe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7996312bb6c477755698c2d6939565e

    SHA1

    d134f23ae4fc7872c780e1a6fc53969e883f3bf3

    SHA256

    d640b9762d3c924f5bb37c570cb614e4d8cafcdfb237e857871f117a69fdeeff

    SHA512

    520c9e2e0bcd7cda1fe8ba72f4c560e79c79092f6de23d5ef7b27b967e3aa2f3b019477fde96898eff2a7118427c8d941e8bff02a0d911c1446faefe589f6804

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d9e594752b76e5c8da1f9b70df48e2bb

    SHA1

    66e7a2ffa9bd252b6cf29a47266f2fb293b8573c

    SHA256

    51b97a2b20c4bdda64580e63fe64bd6f1653b701e4ae7298009ff5f8363d9cd7

    SHA512

    6bdc0f2cfa292ef09f9ba75e306e66cd74d252360ae8bc6be1219bdbd52747fbd5cbf8812ed335dfec6c47876f2fc07b91e6057781e3050a188051f7be4ecdef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    686586502da48c4f301cfa8f42970327

    SHA1

    7c0f2ae46c98b07a73839e9d23403aade3e46871

    SHA256

    ee6c5688576bf6ce1fc81d234535adbb12aa1b98d823e61d570e7c1de6d62959

    SHA512

    991c49cdfbfd448c62c242c9de7960edf8c3cdb20927da818c8c4bba84b9b75c653dc8596968ee776678e5ef72e938dd4668da6eb0542111624df5f49309367d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7411a0649c74dfd6d252c930dc551f6a

    SHA1

    d67a5fb666baf13989221e53b3e3bf52df36d9d3

    SHA256

    114a6fb8bacab848e7a5aaae50d6774f276621cf69150e367de7be244ce53fc5

    SHA512

    119ce1041e32b6412e0084d23f5d95973ea94df80cc140c13f759e9345251bd23ffd744076113c09c0639add2baf951b329df81d5aa9f5893e40104cf48daa11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8edd4b634c61af3e1a639eefeb3a99f5

    SHA1

    c54154783101db5f96bcbe4022e9f3dd8007fe4b

    SHA256

    d05b067ba7d27376627d8e6ccefabf578a7a689f4fd789b5a4cc47b04dc8cc7b

    SHA512

    225f399251f301d5b7249f3acfdada405003fba8747ddf6947e56fb360205ba713d6e7a85a789189ca02553d64f51b4b504a62d89c2525d794f22a58c4786a6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1b331135b0ff9a43285f0d9859e724f

    SHA1

    1783a85d10fad515e4bc3de3e44ebbee695acb8b

    SHA256

    a4ab1175b07a1758131f7ce1e27aee3f7de1218998b5bf53df8f3f53102c81a4

    SHA512

    9ceae7d27cb4026234fe7df815e06105cca04bd4c5c15f0848463592293b64eaa2bc78847ae4d36cb601062222b07294f5446d7765d2a3787c92bfa0e8878eab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d21559bed473e187153900e5c1ea20d4

    SHA1

    a22884a52a07ff3e1bbe6b8aa9697807c8c46e97

    SHA256

    ee9b33d416b5e5676a2502d9057aa4575b51a07e1e9dd7ccbcba2ef7fcf59c4f

    SHA512

    b66e5c90d3a3ab1bb7865972bb195adb0138f46aaac324a4b5bf37793db9c0ba97a0c9c048055c92f9efa0b484b237a409cc8fd5ea70f2a934d0ee0f0f84242e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9440448c6c2a9fdd9c34a7e77cde38c

    SHA1

    11d5bebdb7149898c3673e560df236f05ca7663f

    SHA256

    86f0be9fc1876f4106e9b1ad5e0e4ccc21df52536859e04c273b99618ddbda41

    SHA512

    1b70c309f7e7b1daf2be6bbdbc44578b055f41ad8846c35b42e9503804b8dad12acb6761d47df3dbe05acf0bf3c3c66339d13357e1bd67104614b886ce249609

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9e153a8b9ee629f4c724284467ed874

    SHA1

    f2356e54deb2f08be700ebed2bac8c65684373a1

    SHA256

    7a21fd0bcc6b9df00bb1bb1f113f6e8db706698af93b90b6c611f4d1ff3548db

    SHA512

    b9c8166360f88d5a6b52cc12314594b1e9be81440aaccb953022a4be2be81ba462a6a203e2e60600755f111aae5ecfa3bdfb96e284a4caed20f34dd4dfada2b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1614f4be24e60c58255546157c735fb

    SHA1

    1257ad13fd501e5d1aabd52bc1d84dca9be1d7d5

    SHA256

    52aca40627aa1db56489c5befaba669cd74e971d08125f0260cb2db92c2bc823

    SHA512

    a7a06c9b81f40faf0411060ac8042e9db61444392403aace60b2a40884580b199ea58885080f82fc11399aa1ec9fa257b126b53fad8ae32139cda1875ae0e042

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33733f449b98dc59907bef3c1405758e

    SHA1

    d9db58617471ca6d6664241768197b6ccb3e8754

    SHA256

    da683fd4cc3b2ec7e82262a85738e1db263ed42ef49f1d5eaf457bcb67c3faf1

    SHA512

    7da8420b27f587d0ce86019a83353d63793db605bc4ea09aba9d7f401d0a64f31bbef5f44a8585f0e2a0e52b7b47b7dfa8a65634676da868c61487195ed1c673

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    c403f3ddc11b92ad7ae16ffee6d0cd8f

    SHA1

    c3a52c94f59a8fb5a8484aebedd8e0b8418745f1

    SHA256

    5112fbe5327ea5289ff5103a4c88d08dbd9b48837e7b445cc34bce6a17cd2225

    SHA512

    73906d3eaaeabcaf784765451db42d2ee8e49a5fad26a1c015a28a541140a74dfe637fca477d04af3516e3c60142ea202c79c53eeb35703a940cef7be33c6e29

  • C:\Users\Admin\AppData\Local\Temp\Cab5ADD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5AE0.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar6820.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b