Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2024 08:12

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1920 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7a33522704dbeffe335fdb92da51734c

    SHA1

    c2559eb767927ab3f92c772bd5d885c55a25cc4d

    SHA256

    4ed983ddf3f7dfe4f9d428a177922721858283fd5858d4761a9b0bff47b31a84

    SHA512

    9fef5970d4be9cd0d109108b13f5c517bce070ea6a25a70bfaa4263dcdaf074c9f740a6c565e8cf6e9a6191d31abaa05fb3dcfda6dc52f6051898732ef7eb1e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21ff7af7ee630ab770436eef7cb5df60

    SHA1

    7da3331ac62f8360c5706c2549b7787f17b41406

    SHA256

    54f4bbde63ed3dc11c4804b58b6e22dd32ca7af64fa732438ba9c942b669de3c

    SHA512

    6b74984aefd889bb55e158e62e8ea851a1d06c4eae751fbcff56639b317ba3968ed2b265b1e23926011657ae0cbffea96cde379c81683cf97dc730bdf846c2db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e77636712b4aca880a4f5081781fbeba

    SHA1

    f328b23800e82415495c5b4a9cf1f42347a6a90a

    SHA256

    6ee19c46978217bd2da69d583f55a22cd3c9f23677d444ac7c6b04f8a4f4e8b6

    SHA512

    630fafc7fe8ef0b1147c60ed31585a0de54812acdf47bdf1b0fdc1d242fb17b769ad6e1464d38cba040641f365a077e8c688e48993b657d93678b9ce4b6666e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    858b478c5d783bb1e0f33804eb19725a

    SHA1

    402d8fd9dd0cc49764cafed47dc2528cc5568299

    SHA256

    1cf7b7aa143fcc74779028537f1dc3ee9064dc88fb6b05fd043a02821d6f4b2a

    SHA512

    f71650784bd5f8b35f1107542baa4560ac328d9e372dba35274a19deb86e3d4e651dac55ef5df832a16aa3e8d0a3720d17c4ba35c0104fe5fedc4e024954dfe9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84e55afa14632c8fa8208ed3bfcefde3

    SHA1

    23e9dda01beafa1443242d8b98c04679cb4b80b2

    SHA256

    81e97c989110c30933132ef9726e65609d9cb7fe0b16219772fb08fd0ae3235f

    SHA512

    ee47b4454f8995ddf5b664cc7ee7712efa8735a532e52f8070f2f95b74805f73b3841d1f871b4adda0c90eb06cd8bc84162b68b917f4f1ba70b250c1abbfdbfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    296bda1ef3cb3723ae66161f1df505b2

    SHA1

    09a1739d137152649b52fd4561b598aa0e777bfe

    SHA256

    6001e00631eec243e17142abe2d708484ab16ea0cfff0c783acbde503e8e30a4

    SHA512

    e5018f468dc27d87d8c271c732a06b420635881fbe294b26ebf7346eb4ff1e6119b45dbf0236677e94286552c5fbfd79258c76254376e78c69e6516c716497ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96a1b14cb7a25d96be8dc7eefbccdcb8

    SHA1

    a35bd629293471d4e182da60081c5076135b8b6e

    SHA256

    ea0548a601b750f56cf1e63435b11c0792ff853bff51c60b84c84407e19a6546

    SHA512

    03782e67791206ea973157fc9cf76a778a8b77d52dd33158f1cfe88ef5f38984375c45e41dc46e4a4099fd76452763fc75390b184091c1fbfd53838edfebafa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed4afe2b7c25f048de11993446b61e79

    SHA1

    5a5db57dbe373f04c7dcc4cdcf4af05f80f63b39

    SHA256

    fbdcbcbe5c7a386827f06dce8dcd802edae4db24bdde1d87bd092d02524acece

    SHA512

    5b1744adc2a555040e9b3d8aae7e9e98fa5b8b2a26af117e1716760169861bf8dcb0d868a19d1048d608ccd10c85ab10348001a4e82c3e8ddac6ecdf50e046ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a4dadcd8494780d9d549eae15b3fdfc

    SHA1

    b14acd208b9fe3cd2dcd5f0f819b0e2b52b244b2

    SHA256

    f7d99219ab05dab47499f8a02a26a070d7ad1f74aeb1f5e5918d494935801edc

    SHA512

    7dc2d57aa945b73ec0569d05e48a4026014b06d91111c9c2dcaad942bd5986629e578992e1e35cff8aa489d570a1918fe92ced349a82e320e87057ae9cdb98a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2169841d70f2900950a0e92029e0a2b3

    SHA1

    4d9d3f691df39374648217d87dcbcdf85dc55a0e

    SHA256

    441b32fb127dd770bfcddb6ac232b7dda032046b9d34608b3a08a104ae141173

    SHA512

    4937384023fa039294ccce4b82960b09a0da4c3b1fffba54623114da2732e27b201f343c5736c1b1c20237ab97287d72c1e503ea3c1d63e27a2779dbadff1c8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a05e91a5d639ea4fc8aedecdfbd3cc84

    SHA1

    c5e56570fa8afe99126cac3965e1e046c2e615d6

    SHA256

    ecb618a5eedf8a77f7caedada5dae410d3ab09b165ed92e587e11c3b686fa091

    SHA512

    9124e29439916d3a58663fd651c90ecb2903bc5b34d62391e00721647f604607e63f664be46e4c13d50f5b41c67000cb8cbefa5d9819a04c1d7957a14f7719e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9b0e7ccb54df3cb908d01203ca9e6f8

    SHA1

    72a33d63d0073fde500584544fcfbfc8b2731b80

    SHA256

    edf8c400b9d21780d3bf1ff8d470655c551d92056f14027aff5d862b10322bf5

    SHA512

    ebd9d4a92dbd6fe7e5e56ef7f5f8cead67da8f185c7f62773f3d1b3c5104fed9f63fa4cc2decb4765ea6608dc59e250ccaf65de31e06551a303cebc6ae265ed1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27f295a46972df1b0347c1cfad866979

    SHA1

    786770ec6dcae2b810f9d246d4d9c02c2c747893

    SHA256

    9a2a2a9fdf41b1567da9ccf345706fa453cb413dd94af3ec832842ae000cfb09

    SHA512

    2389a72674f5a74e7e7573e0dab4304ff64634b5aead144d5f7aa6839ef882a182a7ad4202fc42f3686d78bec03479cb538456b44a930de98af7f3220347e787

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28746442c64f7abba53e9fa005570f9c

    SHA1

    1982836981634f966e770fe2f4544c29b3ec7733

    SHA256

    73df4196d5d12cc7c895aadc25a40390d997ae140d04b1ffd7ef99a438a6469e

    SHA512

    643396480abc243d22ab6d89d3182198a0502e0fb7f233df1309e2a1ed88d6bea5e473cd23b1e463b8853a165a5986a88e2c0f964ad5612ce4dc9c9572f1fee0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b5380e5aebc6bea1016c2ef223f7cbd

    SHA1

    1ea2c67aec815e89aa3a054703c54b1c391fe04e

    SHA256

    4a92cff8f950f6e5f38fc0f50738fad8098e599bc5690d7c59ff3ba36c70869d

    SHA512

    65502df97beb0587f8708344b7a4539cd6e50f3a84a10a45ecfcf41a6e62950a98ff0b5291bfeef6379d8240416d7b16d4b97e67b6e3ccef059cad020f4e0af3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5c3274d7377cb0e3d3bd2f06fa183c5

    SHA1

    fd17f874d6c81521c3fa3993235fc7acfb066f35

    SHA256

    b2ae12f2d631398b84798aebd01f39d3341c6350053999d35f04cb5d0461debc

    SHA512

    ed35307b6e775b1319e7b9e797acd08cfa123f82348490ef52380f55fe8b011df540e9d72b13f9efb9236f199214e09e6677fb7b242a265bf8faf3c2be65b5ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c374a46c282554763c91786fa9c0ec1

    SHA1

    276a551dc09095a494f6ca6a1990c7d243efcef8

    SHA256

    6fd945c16deaa5adecc8ffbe1f7cec8b74872a6fc0d3848bdced714bf79b3de3

    SHA512

    8e18ab0be7fca7ec752676b6969f06a714554888996915f2602602fa45f455199b62dfa9982b00b9fec5aaaf4c6de1b1999149d729c2e6ade192e39d5ec9d329

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    338afb5f401c0f6e72b63ca46709f147

    SHA1

    3ce09eb3e3c041484107ac9708909f18786b1103

    SHA256

    524a5f25045c52679789c7f30b8a339b552259490a8ea612efba602fdb0e19b7

    SHA512

    7bb109aca2070179700f7abe3ec32385122edc97dd7ee44faa97475db795a553d11ad651cdd1ea9846e485da3118b901ca1adcba7769668fd88264867cf634b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f2033c40010cbc2875ef05c6329243f

    SHA1

    618baba906b3a4fa3bfa31d4bf523fcf465b681a

    SHA256

    d5d30e858dcab5062fa540f4bc9f13af2f70e4a5244c6ef2b68a8b42f5497c7a

    SHA512

    a903080f4cd89c55fe43379b428b2e909ec6e8b6f2577e940bf4eb7c7e4d04d25332ab79f81872787804c9983c935d10665df80ed9eae101cea61a9c9331b1b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f84372c43f56d4011a2d4799864fb9e2

    SHA1

    a02f86ac4ad9bfc5ff859b9e1493cb6634942288

    SHA256

    f07fe11984d26d1f2837fd3f1e6923df944d78794387cbd157c50ed260cfad42

    SHA512

    3e8639e59292b62d3a6ddda0749bf3a00f4a46be654f38b1c7f710ec7b34c3966d68055141dfb2cfd6790bd7f806b1f116be625bbec002629c9d64da79837498

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    9a3a12f57e931e288807cb70ce819e1a

    SHA1

    9f49e9685d0c1cfa146b4adbf7d0acfecb4aef50

    SHA256

    07d90ee6ba10c156652c3ae4bf517618449acc8bb21c3ef38ad702e688a79814

    SHA512

    a25026d369379dbfd922c2badc3f7aacb426f0cf6633cbce3e1d55cd4f9e4289d69374e677ce527063a0488ecb0caedcba30376dc4aebcc80e899cbf86a11040

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab2627.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar27B2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b