Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    16-06-2024 15:22

General

  • Target

    sample.html

  • Size

    213KB

  • MD5

    df5b39310aafcda93fc2f7ccd52d481a

  • SHA1

    c778258e4188b43c71ab3f2ad762ede5037c35ba

  • SHA256

    49d8534618f3b4237a136181d99c2b283c447120c42cf0880fe97068907f94dd

  • SHA512

    5279ffb7fc59c5797cbec71f6b256f391a768640fe66dedc644cd88601005dc74ab607910e7dbab4e5766a32c64033220b9f41bfefccc677cfd78df70457f0d8

  • SSDEEP

    3072:SRq1nz3QZM3PpyfkMY+BES09JXAnyrZalI+YQ:SRCHPMsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    363dbf46c693e052a595bada3e5a3fe5

    SHA1

    b35fe0346ce9dc175f8aae707564e4028e64e4b5

    SHA256

    1d892ac4b9b882061fd4d57072028cc50e09d5aca844991e24a8a289547d0116

    SHA512

    03a3087b42d563cdbfec82c1ccdfe1b0efd46c066238c79efca3d00b7ce4fe715f2ff33e3c8497a840a5f6e749bdf521b6f5cb81f80bad600a89d19a3b6c9e9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c4a6e45c20b97edd92c9e0866e52558

    SHA1

    a44b73380ba82d1cd0b0cb164a0f35c4505e1ccf

    SHA256

    3c2d5b9701a1c93c4c4bb2f4e61a48e2e0fc41580e70a80a1719e16fcbd3847f

    SHA512

    c3fa4dc262529509a5c3ab95c03469ed614de14b0a5f08f85d8affcd999ea44e1a10eaa8407bac5e6dde0a3686b3a0fff347a2d773eaf8319c36e3f3d61127a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c77172205efa081f2ecf888b632d38ba

    SHA1

    8e51992774646031347bf74a28dc8c4aaa161a51

    SHA256

    228f915e33fdd1ac21e2183b82e92f0f6a795fd5e1b4f40ddeab2f0bc4b22af1

    SHA512

    347f0b5b810c804cb1b66c27cbee7aaaf7b5897bd8cc2c1527b261fc8cd42f3690cd3ff19d1b90ff7131b2cd5b92ba31b2a7e54bf94521e37e553c2b471798b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d369cbd2eee2ed9347f6d8bb84dafa2

    SHA1

    d7b176c214f1d5ecc997317a1ad57132a5c60fdc

    SHA256

    591b8039bc3dc72ee2daa3447791c2cadcdea56bbebd10ef1dabfe3e2f7e1735

    SHA512

    a63aceba8cd54b45c61c2d8939a33648bdc3370bff9194431e0d3b50dad806e3e54a9ff7bc93bc8afb8d197a39a8a73a45d4a5bb913f5e5ff8100dce6400dfd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7908f7836cb54ff9c82b310d569d4b18

    SHA1

    83885e35046b2e48625b2dadfd56787e6c5b39f2

    SHA256

    e09a7a166eb68c584f04ce1ac8829f6b79ad8c9f6e5f6b60339d3c67ef85fe5e

    SHA512

    b5a80ec1bfd804ffcd28b298cc01ab8f85b8b91117e9503858a40b18b8eea98959ff7d9969696051f3eaf89415823bdd4b864dc22bfa0f8aec83c27cd428bbd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70a3893b7a9468f4776ab6b8c4f483bf

    SHA1

    63cfb94d99bda74151f33f747cb1410dc50b0f93

    SHA256

    0034dde8406713f75cf0505737195c1c13547636ee48ab65796dd94fcc0c3e81

    SHA512

    ddee1cc589f86403f01add99d10427c1c8c2bec9bdf4b0d5020e3cc15f9f731159f3c9866645200b3a64191f8f6de71666a0463f87dd4325d273deaf95369207

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a047c8e2e3ae15be62753b619ee94f51

    SHA1

    c039950eda2aa0fe3121c36ade3f0ac86c499ec8

    SHA256

    74754e4cd9b42d217137dc397ee333b056c8acbc1f648bc45e746c4f61cc6321

    SHA512

    841582cc746c5ec1512489f4d6e849e91d8bd0c95d6fec6d62875920884f5e65a1953b24efb83a52f5ea7a153bdacce5fd82d041a7f83a8ce75f4f25703e8876

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9aaae30494f7563b4ea5586f1cb09a89

    SHA1

    0812b50138ed42ce37f9f651de26504628509ddf

    SHA256

    c04ad4a78865866f3b82511a057c5dc4d79c02aaeb6e6b91ecf5470a8327c052

    SHA512

    8699cdf9fc8f9dc6619af6b1015fa59e4b3773e1d8e1544176d4f3e1a4f7330ccf68561ed1292ea21707938a5c7fda55dbb5e01082916927ac238edec102e13a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ffaa5b15f9df3299e78178096dc34cb

    SHA1

    f4e47777b31984917f55ddfbe32fb37d3390dc43

    SHA256

    87abaf05b53b7963d1929a5a0248b5ea4e895a2c15f8b0d12f5e50ba9677a134

    SHA512

    29b9c762a0165127e564ce2f50cbba0411b33fb68f7cd990a0b6405b0ccce2c67003977c6b9dc250ef0f12bcd25798a33971a889a83501ab285f569dde57c460

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf7e4e97a738c9fe9df589ea44b3758f

    SHA1

    828c16aa944f5efac835b5f1bab57441f1c76eef

    SHA256

    1650bae4b287f539c6edebc305fba74bc6c3b6420bcaff00b9b44ff36e31bea7

    SHA512

    d95c73fa742ea8505e2d8e647c1237fcc706560e0147e8ff0b9fbd64e78370c9495bf54a95d0b0032593cfca4b6f0b3233e08992110e3393c0f3cfc6af681db5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fedb4fb9034ed6c5bcb268b0f888dcd9

    SHA1

    9bb265f5465e5b8a7749684982eee64a632b796e

    SHA256

    373d5b9a622429c4a357c97c8d35dd3626f7957f41e141221547ace6cb46d3aa

    SHA512

    17d8f32abfded9154a70c5f1124501508157242a720b42152eeb813c0c04f68639d60f3ed79f79d62f0c072042a388416449f6ec846caef8405b5767293979af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5d8a3544b4dd13d9082479d7b881742

    SHA1

    e37c8f295d2f53673e648abb17f894f602d25c8a

    SHA256

    4e8a28a2cfdba8afed86b837ee4b923b01a19dae09afbf947f787dd808df248e

    SHA512

    1d297f82bcab00a6f0727335451f033997b8785933d9a48f279b9d67b1bd80c99bddc8eb28597af640f33e354d55d3ffbd045dc9aeaca0ed32d0e1bed252d38b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6594f131a2bd4c4530fe25298a0c416

    SHA1

    81e1b5b67f9a436ec23fb68a499514d297d37103

    SHA256

    9e9ac5af57d342f4e485f43d0de89cb096d7e158d1a4ded632a6c2076d4102c5

    SHA512

    22830198df8448d931db724968cf62df73dcb9eb872791ee1592fdee8f452978b194e9f5f21fb6a275f302f7f0bd8d48bde00cd0d89993ad983821237bf85bf9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1debda1ac0e0767345b9d9fd5eac1d9d

    SHA1

    c61fd5ec3c165ee56d10f4e82ffb2447bc17bc27

    SHA256

    79ffec6d2ae2c49a4ac95f23b89c86cfc94bca220433e44c897b6804114eb6ce

    SHA512

    295d9aa761bbdb3a7dee44e9025094c205adf001c63ee1cab3921aaffa748df4001b5fa16f55d18b7ba30cd722bc620a4b444660eb2b78536f6e204c9dcbd3ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d905e15a4b00b572c0a030fc81f3c052

    SHA1

    fbdbd635ac4bfa75d6d2b8bad4cd1e96466d127b

    SHA256

    dea7168d991779bf48ef9af8032b5575b68f3ff34cffb3d2ddc887157830b760

    SHA512

    b733edc17a0e971ac422033898acd4eb51b5733031b8909647ae2e4ef9fa74b14972bdf54c5645ced6a5d49fa8ad43167928bfe242b4b15688e5b1dd883f4864

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2f2d0b74e785307c7dbb3bfbe65d7a7

    SHA1

    25b7725da222c8763aeb3908e33293f550a561d1

    SHA256

    45551d3423afbeae965a4c7b0ff0d27a64b1312ec05d8549a2bcaf2734702336

    SHA512

    0b9dd3adfa121686ca3915e8314698505d36f83b6622fb449c6dfa92f0cc762be2bbf114b0eb4033ae232ba8e80730f4496906d73d3e6ee21d53d81fc2c74d1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b73984985b0de45379e990b22a1cddb

    SHA1

    2a1120e4702f2a010d1948bb790bc60287c1030c

    SHA256

    86d9b3d5f226ac4631230baaac07f8164ac786529facab9be92ccba742c5004a

    SHA512

    e4ecc5c8e4118c4f2a2a1897bfd7311a27abcf5fe520e7a58e10fbe671ca1e79737596989b283d26762a90e09228e89b3fe3b6ae6a6f4256cd900c69c2c6ddea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d4a2aef3c41feed877c376c8ca2a4cb

    SHA1

    cf5abf7ebbaf5fc056a3c9f49703a33644461103

    SHA256

    0d646d3332d7125491f3ce40d6b383f6d2e6d8c54997a2af0fc91d7caabcc43e

    SHA512

    0aea8ad38d423a501adcc85e23da964360261b97d86ec6638fbcd7867e3d178f6bb30b5646fcf94f32082ebd2abc4d0f4d6a72653ab48df66a652258297387b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82f4d80f63623471139330103c0b5b2f

    SHA1

    e3a5abd1a46862a1e7c48d7042374afe35d2850c

    SHA256

    fe8029a1f53f937741c6e5df311c928e9ff7bdfaa99cab3a032deb79f00e09b3

    SHA512

    f3f34b9699286feae0af24cfb66aa3e09f1c415ad05c31065fb348507ab9cc3498bebc671ac9a70903e99d1141cc9f971d074835ffa2743c17dc4803e9c45a0b

  • C:\Users\Admin\AppData\Local\Temp\Cab17E6.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar1889.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b