Analysis

  • max time kernel
    1563s
  • max time network
    1563s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    17-06-2024 13:57

General

  • Target

    https://google.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://google.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    cc7f6fc794a2ce2cf59f21f2960a65c5

    SHA1

    cd1b07a405505b06912c2903e1004b2620d5ec51

    SHA256

    262f648cbd56e04da36e160e16f4bfa8c84eb666cee3151dca65f0e1bf1ad31a

    SHA512

    180468874006970f05fcab595d05d3218e5cc3333da59e97b84021ffdd0a0802b6d9db48df77709e0216e39a7e626b9a039af3ecf94df4b0a0f2c3b545e433ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a93444e0642579502d5f8c361f0a5e75

    SHA1

    941d651fd494433cfdbe8f750abd0946f861b9a3

    SHA256

    49d3d5af2fa6db9a4defd16cdb418ed2a935d54fcf2ce643460522b4bf72c937

    SHA512

    19e47e96a3eb62013c8b8e484fcea5efa7eb2191acc771face886086082e2232a3cd88b5d033b81a82a56745591811f1c0acd74e18bd1ec14ab8d10562cd3f90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7e0a06d80874e38bd1f09b35080655c

    SHA1

    9dc3b18ead804160e2a98f9e01283a7e4831623f

    SHA256

    0f2318eb86533e852e045a306a91a5840ad8a38030cfb92fe6716eea7a4c2886

    SHA512

    cb62e78d126d9a4f0f1198b37f0825141809a385b38fa760ca97d9463f07b4188f2ce5c52344da196dabaf4e818b8f4390001a372ab97eca29f0bb0398ea12b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf2c4eb511df160ce8d5131276009588

    SHA1

    6df1a742b2636619b37e7a97978af1be63b8ac39

    SHA256

    eeaf80194887847de0c1dc0c6b1ff162e2529f11865df2d47eea50622d0834cc

    SHA512

    3cd1a84f8becf56502cc1199f78c20de9c6ea70302db44adfdbbc7c340784fb6b3d961409b0d747997a0ddef224e38bae9e0c50411c7b4adc2ffc7383b7fb04c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d433fc2c6c80e64084548330054b348b

    SHA1

    a0e071cead987d75d50ef7aeab004793c64f2feb

    SHA256

    047992cda42bce6767294ea4f1ea3484f0de16c78f03a235369f8ac0afd08bb7

    SHA512

    a90f7ee4dbe6533d9cef468e18144f1a3a2be4ee956361784c1fc8221bc6e8ca7dd7c9a718587ef000bae1e295ba3b0c3bf2962a14de653d4871462667331a55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed5c4f7d99f830078bd473523356949e

    SHA1

    3d05d871fb784d1663dba2439b52ba98851e2cfa

    SHA256

    43790eeaa830887d4032fb793a993b0b68761af4d6f9c1284799dbf6f6c087b6

    SHA512

    416a32110c7cbc898f8daeb318ae96f45b55a4bd6aaa03c0149130c5081b383e644e2386b82bbe740f3f9b6c13992990557e5008d223397e19deea66c480c343

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e6447e09468a3625cbbb8eb9d5bad37

    SHA1

    568bc17a50cc1297444eb540046d5aa1cec297cf

    SHA256

    a3e882a147315bfd080747649070b178f3cec8ebcf7618950f39f5f1e42f53fe

    SHA512

    d95c83865ea29a5c48eb069bfb0331e65664587f4d5e48ef04c3955b73cb5cfcf0b233453fbd7dd6b6cbdbfe8631d6f76e400d745a312c3ac9eef65bebf50275

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c105a0bde834cab2e0c09617acabb28b

    SHA1

    78df87801bd18f6ff59418c3161321ed6389eebc

    SHA256

    f597f554fa61aea6f480384102a28257239aec7a7b73089688f9e3af3d19b3f5

    SHA512

    cd1c60552ca3e3bc500e72935cd7af195cac6ccef91e5afcd5251d1b6234634a2262439a669c9e1b9cd3b70bfc48fc0c7ce42df94bf153369738d874a4a02db6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66a13a32c37542fdcc9d480ef04e2848

    SHA1

    5fb00f71dae7e8f70f8089791bd3583232701a67

    SHA256

    fdf9a625ef427a6bb1ed10d31b691582df560fd20e9f36b96a35e19e9df9d782

    SHA512

    3feb1e73d09cec485675cc5a53cd3036a6bf033aa9d4cd9c7dca8be58a3670f1ea7b223e07196fc96c2cb194a0017cf142f33ef1e074873a175fa77e6c6a35bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2bf3316242ae76fd4e0e605f76c451f

    SHA1

    5a10cf6ba35de6495f6ae30f9b8b795f7b23a9b8

    SHA256

    63dd6ca73e50df22196294ee37f9cbd9d37e43650dca58a1879402ec6bbe9215

    SHA512

    8495c8bd7a4e8cf0e65a28c7c60d8c572f1b484228f53fa7529facc71c34a298b44fe275d7f7c6e4389dbe4c77156f84a9fb4504ff28b3b7277ddee1f97e5ff8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e58a35c512a681c143ecd031290e1866

    SHA1

    44e834152c4de2857e0ff8944ed6206cd8f45cb6

    SHA256

    f20b82b0c226f528a997b54a4985ab5228deb6238b7ad4639797ec3a19cb25fe

    SHA512

    d2101f20004a7e253e0fd200672f6e3bbc9be06f62ac9b8490bc82e9bd12e0b3ca9cb98d981ce7e971fdb5f3e6a2f4d402f5970293c250e6308f56add41e7072

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95a4a12c6c5af8ad108ffe53188b2dd4

    SHA1

    c8880d8198846b8d052da7d788e7184779142eb8

    SHA256

    bca51d51214d5cb98d2c3053c09bb2235e4683b74748f61c4c4c517c9d2676af

    SHA512

    4453da8d53e640c779d23b5b27ed74f7122505c7237a3c19e83b6cd953dcb6e5f32d71b0a41f0ff209bdb7d80348e3a11af535e189b35abdb832afce62e41f6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c006093693c377d32818bc1858baba3

    SHA1

    c86bf01eb2f6e55d420a22d176d1dcee05955083

    SHA256

    d55a90c5456374ea8c5b433f042122e5026d6ae1d46f2f1959d5518120130ea0

    SHA512

    5f7eaa6a8054aabbe67775fe54e21cdb90edfbecd0ed2c5948c7dd6acbbf295523ac451fc21ac26db07fb6101db9b6d44872d5ba25c0a53b5da62b2f23224fb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ccd78a234ecec487c2d70e13f9ab761

    SHA1

    fc3eb225f850e2f5aad6524d84af974c8536b7f5

    SHA256

    2d88b5973017e81030f2727759fe7e74e3959949a2f3c276bc5602a438961796

    SHA512

    27b2f91a7a7e9c094081e35de0ea7704f2ead43c57f93b38ca52d681241aea9b019a9323c0f14454c82c6f6e7f13d6382a1571b913ea62716600575735bf08ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd858751be63343ce6beda85e353f615

    SHA1

    3e0560492345be22873de7b8684628e85381ebc4

    SHA256

    02ae86b967d94092dcc55c5b1abd2db11d908617d182535caa79eb75493b9164

    SHA512

    5d10b49674e66e531a731ae65ae79ddefe2469a6809f7e2c900ba77ab8bb681a5ada032c98a35796ce0e391a89129a6f99f0afd03b3475dad4434aec7fc3db9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbcf8f8f32384651cae5282aaa49d290

    SHA1

    997e5506b2cec1913f1a992635bf255ddb37c1e0

    SHA256

    7457b13328d5847d84be91d724a2f9c76c876b0fdd706782dc996cd49ffdd9b4

    SHA512

    15c71a4f38e1eb1ba6fcd548b7589c494bfff19820e5740315a14490ed198f4701697567e307bacbfc8435289ec740c15eef2f4d0f21e1038f1cd4efcea2ccbf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27a5b005e62e7caf0171bb29683196e8

    SHA1

    ada23416347800a653a22c02850de9a1f7ca9d9f

    SHA256

    5941c717217d4f24beabfa048a21bbf6ad668c9cf79050fc7f98f1dd0731249d

    SHA512

    9c3a371dd1e36660f6835bca2bf83827f5f009a55f4ea7d118836cc4fbcc7b52466e59eeb78bfabfb14b1a0a972255963181482a57112b6b51617cf677ea3c1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb27521613d05a9210640f8420352345

    SHA1

    e835938d79cfd3c87b9daf8f78b817f392fd3db9

    SHA256

    28656d77509ac51b4b3b394803c34241c5d8f5c606563cec38cbebace98af93f

    SHA512

    0d11b8494945659fdfdaa447eb75ee009055697e8c62c4240cbb1a1fbab4b435bf7c800a8c5d2ed9eec9639c2b4af9fa2da1f08374d47bd4adf721fbade0c673

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e80a0d6fc01e67fb880094e92bde94d1

    SHA1

    7fc6c5917dc4ece4d2a56ff82b458c0519124333

    SHA256

    ff2417e52031c79506128f515cf7ba713df1173b56d8124856d5a5437288e529

    SHA512

    f7f883af8e3ff93a591bfc9118c133c27d6c86ebaca1b6d61804eaa8b758a1094f592dfc23008fed5035ea638fd09dea5aeb848129c4d284ca026639810a7745

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    333e94c6864991765866ed0741635ff0

    SHA1

    eccd99ee8451639d613ee15accc5fb6ffbae812c

    SHA256

    66353b8f87a8737d879b5518cb756dc2a2dab7d9f636668152974100c30addfb

    SHA512

    f8dc4e393265f1e589c5b6012b016a2032de6e14a69c3476ee6f3918ee33a89d27fe502f870df1c639da9403b0731e109b9e609b96911db45216892f22c076d9

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\X003SIOS\www.google[1].xml
    Filesize

    540B

    MD5

    72a7173cd8cee979ee77a456482579cc

    SHA1

    8aa0b798e6e121a99829d9e7fb907b2758e31d9c

    SHA256

    2065f364fdf09324a9b61c8d7e9de00990fc2990c26640b004dabf829d75b619

    SHA512

    f5dc2dfbb9af72e8fb9ea882f0f50d31465a8ca62d1192882de888d438fb10283eb279fb5e0cb46c6e68db236f9bc8f0e9d8c4b94771b95eef95670907da4bc1

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\X003SIOS\www.google[1].xml
    Filesize

    99B

    MD5

    849e2b789dce4a704aefd456c1f6bbe4

    SHA1

    8e14b36d868a0a4447b0c5aebb5d8a24d069ca81

    SHA256

    c55b571969337ce960f5666b1ca96832e64bf66410b3e4aed9730c498a546ff5

    SHA512

    eddacfaa90e22f49f6652eb62794b836766de06856de9c9bd451ac0b984750382146d7ff88d2a0569e63f9f6afa8d657703767eb56a2068dee138ea84295203e

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\X003SIOS\www.google[1].xml
    Filesize

    238B

    MD5

    562a2a7aafb7f4d4a1e043826de89fa2

    SHA1

    20c6ca86b325900c855338ec374ad90692a25437

    SHA256

    a4d3b4c33d91066934b6e2515fd267f717c813107fbe1fb05ce62c0f49e13b78

    SHA512

    63014263d6241be2e443e5c6bab50dd75078affeea6f1801c4bab03fc22669a29547289117ebdeed64a9a60dd9bd4a919e193036ad43ed00555093602f7a12d6

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jw2rl61\imagestore.dat
    Filesize

    5KB

    MD5

    f072d7f2895f980660e9451092a706ee

    SHA1

    5fb289e8d7acc2d9de7be1e2077e67913bb429f4

    SHA256

    80d064dc248c620aef1a9fba33919b2084ca20fe6054c4e597a8d9540bc2aba4

    SHA512

    b945418882e8c3f55267f5d4486d70cb68214450bd11167b56fa5d101c6de41c65aecf87347513677397b5e3194e1acd2a9c9a27bf70569039c6079adda39aae

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CY2G78MW\recaptcha__en[1].js
    Filesize

    514KB

    MD5

    38e25c4634858aaf2fc6125b7a8a1205

    SHA1

    ee075d53e8668a2267610b05df51416d1912de63

    SHA256

    3be69375a428a615caa7c5307c15298a41a4f272c77ff19051a462462d1af5a3

    SHA512

    ec8cca0137d29dc8eaa217a6d923a8c49c89a6bf9bca01748f09a2d4cb8d7863b7393f15eaf096591933373fdc96ca6fff0f1097e7505e5a699738a61498c066

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\styles__ltr[1].css
    Filesize

    55KB

    MD5

    5208f5e6c617977a89cf80522b53a899

    SHA1

    6869036a2ed590aaeeeeab433be01967549a44d0

    SHA256

    487d9c5def62bc08f6c5d65273f9aaece71f070134169a6a6bc365055be5a92d

    SHA512

    bdd95d8b4c260959c1010a724f8251b88ed62f4eb4f435bde7f85923c67f20fe9c038257bb59a5bb6107abdf0d053f75761211870ca537e1a28d73093f07198b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\nAi3L_grIveh4_vTblADPYCzmMAuz2fY21GywUlmlrY[1].js
    Filesize

    24KB

    MD5

    a60833c49e99a2e6bba69b878e7ca60f

    SHA1

    ee07c061eb17230c0181a5c2c802e9fa07160491

    SHA256

    9c08b72ff82b22f7a1e3fbd36e50033d80b398c02ecf67d8db51b2c1496696b6

    SHA512

    d07320fbc0154e233152ad6d76754fc57b4bde0b7cd3ec3da4cfc64edf0a37a64cafd9c720dc60175d2a470c376bada2c0063f79f88c7dc7be5842a7fbca9160

  • C:\Users\Admin\AppData\Local\Temp\Cab1C2A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab1D17.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1C2B.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar1D2C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b