Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2024 06:49

General

  • Target

    cs/antiphishing/antiphishing.html

  • Size

    3KB

  • MD5

    15c9866d1804b30848c2c4be09c49d54

  • SHA1

    b34bf2c7e749762a66a96f5ab5f198493803207f

  • SHA256

    60510ff358ff52f618f52fe163402bcdcebf5e65e24c6dc800a90b0357df791d

  • SHA512

    d924c883c6aef3a2294b13f407018169642e31d3df686b7d295e2cc27f3aca18633dd0883036ec509e64277efd3ae7dcb8c55109a18f1cad8298739cc27c52d0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cs\antiphishing\antiphishing.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54e2d2c8021a82a9761f94e03b6900a6

    SHA1

    f2292ce6d5895f3a51e7bfbfdbf49fbc95fdc6c2

    SHA256

    c2efc3494330ce5375f8a8e499a8f6cb64e42bea0279a130a23985f8c17ba309

    SHA512

    995c1749558be1796493aaf0b46e53ab00bc0f83a545b8bb881f558902664e84e63332c10f561d1f599fd84a8058f8cd21ae91b5f5540e6ca2cb6aa670f81fdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a2e764e3d9cad890d8b54fcadf1f2a3

    SHA1

    79293567ff42b79b81e49dd46e408e7fd759ca05

    SHA256

    e00758c053d138d1c617ac430c4e3fb50436acf941ec2ae6efa88975a6872092

    SHA512

    ceb1df6cf99ae5e7c1d339d950d339316340428c59383c04a116b92fafed6c3018237449413e13ab1582d2861620da211d7d0f9387f91571a6eeb9920c5ce5f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cd9194c97e512c80ddb82e481876be5

    SHA1

    4d5fab7b7a111db071697a70490fd94352fb9266

    SHA256

    cab36ffd342f4385b7437bfcc269589a00654431c228382984dafee2a02a6efa

    SHA512

    fca82b3b80044d20a7507241f33b3256fb29687223b05eac154bff043a9f6864c2ce31e24d87a38333744e66db5e4e234a4aba598a5af818af0c2bfb11463551

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ab6e149c4820bff3769dada89cf21c5

    SHA1

    3d21e7c9f0ccfe7f8f2c12d39acaee14c095292b

    SHA256

    86d373ff60615cf6c3125d0bca7dbb6d0f63e42e67f6289fe04f8c98d3186cf6

    SHA512

    a440048d8aef37527515d037dfe063a189998fba32891cb319f89176527e8e5c4e9f6de1de2c79fb4854e95eb5be5baf34ca471441bda97d4ffffd9541a39d05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8313e553b358b65d47e03b675912c6b9

    SHA1

    c2dfb418b1a93dab1ceb91fa84b2c2ac4f2f6e01

    SHA256

    ae81f7459ac640aed4069a1e3182a41058c7f6c7afe8bc3cc056da9c0e56a144

    SHA512

    19314017d126186dad7800122da35718e628ded0063ccee46388ae7301e14b754f71e3496f6c6314d32b4ccc07900f2c40295c51d5adaddbbd7eb76f635ce47f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f64cf1f28b544062e03feb07866a5c8b

    SHA1

    59e8bfa8308cf6a420340e5a547cf631ac3d7608

    SHA256

    c389d42644e4f192892856b240950340b32c15327345a8529accbeda0c846193

    SHA512

    c4f28a9837d11174edfff707c0fa4585127ad421dc11970c5fb87b6d8b1af16553120a6907c9690301fb0579505586bd3932c90a65e114a68320d15c8ca61a8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7aff2fd2d0b57c92c0ea295edcb1280e

    SHA1

    d5501de0f7890b6caa48a52a2430ff9abd274e5d

    SHA256

    b3480dd772a4e340dfc4fec25a7478fdb8e42a01629beed6c14a98425a6b4208

    SHA512

    93fbe864cc11bc48fcf76f8aa0edc16d993ed9ab59dbb0f0400d033a33123a0b6c606adc35deb213fda89c3bf3b6ae8d0b606caa08fa8e64a088e7fd1df4bc77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d917fbc1f22f9ce25524781b0ffdc47

    SHA1

    7d359dc7707d3a339333bedf1543bbc6f601acf7

    SHA256

    0618215d1fdbd1dcb010966a90010673cdc0e27210f0c31bd9b580bd4f1260c8

    SHA512

    0cc286e2f4557f87e55242a22883b1ccf9a3ada981b2be52c694d35b06fb3316c89a97847c1dd5763124b0149b3696db541805695defc199d0e60be3bd8222c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb096b3aeff5a66ab800240ab9fa636f

    SHA1

    265f00ac535e83bd3020d3b8282615badcbb06e5

    SHA256

    6269301d81d87981aab6ada587dd8ec2b91a550719fe326a0691492a37bf5c9f

    SHA512

    92cb9c97d976689ae777a7ae8b691de8d4b561ba7fe01ecb0ec65b491a1cf4271e1dde5246b264ae53faaee7906b2e4f9ab2db65c63e9928adca6f4eb00f1c64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    189bfb09e2c868ec80ea1d92a65f7e15

    SHA1

    33353babb6e776786e4c27171aa20d012780dafb

    SHA256

    87bf5ec6affb38e0be38619c82496adcd7c11a1a64036b40498cb630645288cd

    SHA512

    637eade8f251c6ea42c5a24e397a5ae9210ccea8ab0eac624d96c054f0fa316ef9a11f6a095f5ded8d2691a1be6adbc298c6c9ddbdf977a7f7a16703997baa6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7250afd93d345d921f2d970e1ce46cc7

    SHA1

    ad757502f151a1924e64a1b294e343a89141830f

    SHA256

    7fbbd33ebada05ef3075c0abc98fb167e6e0186d79cb34e63d3acef8118f005a

    SHA512

    c8ba10d5596d5775e50988c56b043857d0cb1876fc9a2dcdc72a6007e32f1b5899b8d2018cef821630d995c618ae58f966dbcb4dae81b82d53ef60b2fb287145

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    583f79b3f00e1079c5ca2debd4d005fe

    SHA1

    3ecb0a637fe97a7fa9d320ed3a35192563ffedf6

    SHA256

    a12ce659d1840d52c5ea57307e1d2453a8d3a8c2f295f62dd8e5df94ae745c71

    SHA512

    2809e9e61f41fca01e0a8bfafb3da1eba3d299bb74b649e487c7b702a343ff5bdef4251a5c2378ac90e389877c315664b561c0f143dff9d028a54c550f089f55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9eb0aa18b9b9d7d23d3bc16bda2f863

    SHA1

    dcbc9d6b21d987cd1c2d9886d8eb59c6a2c08bd7

    SHA256

    f46b889ccd14495aedf34bbe67edf006d10f7496e9d3f29b110ac39bb17580f8

    SHA512

    29cf0adfeb174b051511a649fcc6bea3ffe29078a4b6538dcc1125c0ceed473a5089054987c04086390c3067ac3a49198b570a644454c4565cf1485e4eac9998

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab10f01245d71ef0865900b01277f482

    SHA1

    b0de29b673b2fb186165a4f3c67d09fe5dc03a6d

    SHA256

    5026d5f5c23013c3505d243fdfd44f64792937067233613d2c97d2e329103259

    SHA512

    981b82b7e5815bd4be93a565b46b9a0134b73d626e4daf9a03db485c9c7cc1116f03e57cd9dc165477e11fea22914331110a2f7b39e3e1a3f8bd92f780a613fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    753f931cde358b425fc8c265963aa488

    SHA1

    4cc8b475761bd4b24a2ffe42a3412ad2beaf32a4

    SHA256

    78915295bbc54e1942b1cdb22d400c4cec05ad7e272c5f5058ac79a26805c1db

    SHA512

    a1f5de79d36344b82f1d2f81ac94c0eee857fe89fb77d8f57200a8d04324ad87e7ae541c59e246e5bc7c9884e7cb430bf818d881fefa50cd4700e77d08b0ae2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a34d309ca4e9ad70e68fff1bd4ab7f8e

    SHA1

    6e23e312ecf6bb10bbaeb66a88c96fe00248a4eb

    SHA256

    e5d4fedac57effb2f2ab9c0e635265d6d499cca37bf39055e0f93732cea8ce21

    SHA512

    6f4ee5ae01cbf1e704572266fe389e1f744803d744ed11745faca61ba0ea882fd522c2667bad63fdf169157c54d1a7e9c725c490aa3e664c91b53c59d6d31b5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78d1ebec460a6911cecd15d2dc4a5ebd

    SHA1

    d37495b0e89f3443944ffa1ab111b2e9346b3e86

    SHA256

    51f9ed5f40142d621e4b262ef9459beec681abbf6b7ae95a10c97819ce44acb2

    SHA512

    52dde768d7dd3e147de507e92d59661d0e949006d0dbf5f3d103659cfa592449a4a4bb6e873fef78dffa6856734a45cf62ce704b863e094edcce1e9e161d1353

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b1492dab3358c036af47939d547a80f

    SHA1

    cc7973856b8e435907caa95c9384aff5acc927b6

    SHA256

    ecdbf78ef9ec27b9d64ca9c020d45529d84a3234a789b244c34d60f686bb546e

    SHA512

    1046da6f9d51090854b8fcd85daba94208a4d4a4f6e66ced38839033e4f3f36405f3d156521897318f66c29adabbec936b5817dad8092f6f755fbd311df8eb86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ba02bb6c9f31d9b95770a1991e65248

    SHA1

    d50d6768089c37917572984fd7ecf4ffcf05c583

    SHA256

    434e3b2a9a742409c599220ff678583d80288c08a5a41b1a3d663dc13ccb088a

    SHA512

    ec474c3118929d18ee29efdc0a287ca8c554e7397053d00473c55cfac091b2ad87260c689a5ff155da3f94079d0f250d832fd33f0b8166776af4c615592f3bfe

  • C:\Users\Admin\AppData\Local\Temp\Cab988B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9959.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b