Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-06-2024 12:43

General

  • Target

    apps/admin/view/default/common/foot.html

  • Size

    543B

  • MD5

    e451f41c4646f04e17ea27892a431b37

  • SHA1

    e293a3565276fa46d1d8989b5e3007cc80e7effe

  • SHA256

    e258dbaa329617fe2788b05ec1a8402a343003e439ad263b13ef60e1eb70393f

  • SHA512

    efc4a904413e7399e7e97c0659d0fa6e11b1638814f527348787b3a6d0d6b2b448b4b1bc6abb694335d3728e9f188c136b47b265f6e18c3b7be07fbf596a86fa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apps\admin\view\default\common\foot.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2f342ad3dc218df12dd0addfbde22ee

    SHA1

    ef37404bc2f6a3ea9bae78d815bb4fa2bdad425b

    SHA256

    d01bd67b064392a554b9d25feea27bea865b6acddf4867a45d82804f5866ecda

    SHA512

    3bb586ffbabf8ccd45cf7cb361c97ea134f107e8542b4344ebd3b0e0181e4ce8a43cb4204a789c767162444a56eb178226ac1e25235371aa5e985e964d5a97be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4705f4fc0c62ad21cb044e3697f66578

    SHA1

    b150e60a507b1f9d795d820ab4ee1c621ec41077

    SHA256

    2e732ff519588760321b086b9a401823c4e247b3f4610e3979a9797e5b68c08e

    SHA512

    dd4dfc082b8a0e75965733cf2116348b7d1e02359d2621d8d4b928d44e409a1810b7f9a4c94970431133166fc039368093ce2aa9e6c39001b654620a6ed96c7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95eb4252213ed07170cfc6820b39d922

    SHA1

    4c7873d6c4515828fe661bc66b8c855a312fbea2

    SHA256

    0ec6d2ca8548cf8b81fb27534f107eb740fa3486ed553ae8baae9175a9751d5f

    SHA512

    8925d278fcac8e2572c36bb63df4533109c15338abd938a6482df78f35c5610327b2d6b7180522a4dedf61074156606ba872ef3ee364f5698c7470dbec927edf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab8a4ebbd57506ff9acf80b8b410b626

    SHA1

    c24ba922a70a116a24e64374d4c5ec978d25268c

    SHA256

    60db033ec0f10af16208ef54310991ffdc82a0bcb6b7230006295271ecf10f02

    SHA512

    c390c81b786400d9a0fda096a1b87fe5027865154ed0103520236a864f5ba0f3ea643950108cdbaec611df3b35247a4fd057b1521f8070ad6352f08c2bda7b7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3791447c50c492a4288eae8f263db5d7

    SHA1

    3f1074830581d84b48d7a1520a02941e9034a8b5

    SHA256

    b6d4b404e436787130bc59f9c2b6d44a1e023dbb7fbefd17796ef04ad2a7ea32

    SHA512

    32d14a717ea76d020ceb0618101f1b8ad435f169f282e96c175788d1981ad41dd853f2ad5481c778293a63b31bed4ca428a0ef0372eefeecce6f1b64382128ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    641b5cfdae56fb45966e38d94a6c5135

    SHA1

    ecf920e12302b983795c10f88138710827b556a6

    SHA256

    ab9d7dcddef56da64e8cc90546780c81c42f900f36fe1b58f62bb487ee945481

    SHA512

    2459e34fe6e339111b4941616d4d2191607af916ab9e8ab6826f127be3c101b08083df24ba2c8cab8430eff5667764822a9eb56e8aef9c9fb805a90f776f8e24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8600f4ea26e1fbed46b094648dd947f6

    SHA1

    a685da266a76a1b8c1e84e28dc37b1aac1829118

    SHA256

    fc5af5fe92c96f078364c2d7014f8dfdd5941a1846eec5cc498d6ec47292e41b

    SHA512

    b015c578bdfaf772aba2c91f7d938f0ba8171ab146f57b42cb37c509c28a56c4da9e8b2a522f8d1d57ac1807adc33326cc71ceb89bc72fa6b2905fb50649b00b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54752ddb18d33957f3b2953be98187f1

    SHA1

    ffa0c057d327e9cd39e306b2cd24fbd0dea25d6d

    SHA256

    8d0083f32258710daeb42a6ece2486161e5bc3ab5dc1be3dee74ecc67518369f

    SHA512

    8673309bb7cf212bd7e8f7bfa88f41fb3572ed50cad29c80afc87ad450a27aab8f9fa37cba829e8afa217ba26d0e0871e337ddfeead515131277cd13d1512770

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6234092a639872b1b7b5638382b589dc

    SHA1

    db47b59debbd28e8933e1666349fca767bc8d592

    SHA256

    a2eac292dd63473f29d001e5665a3ae7506d85253e1b16215283ffc70b082e5f

    SHA512

    9481b2343c10d7a275f0d2e8955c5d46d0250e0f0bea082445d940562e5e192828ff7dd1c9e55a3837544150deffbfd4e1d0175e867a3a4b85b5396718360933

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d72835bc556a14ebbd62fd14ea21974

    SHA1

    de6aa4e1fd0185022cc2c17369bf803cb3a608a5

    SHA256

    ac233b2f4d48960085575c673c235714fe79ca313ea6492e514d94eebcfdc151

    SHA512

    db5c7704142591c9ec0c206f19f854422983325825579f47d8beebff1b6c7aca341c1a696bcf7d66906ec712c50307b8cb770a94247e629a30abdcef13eeea09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59669a84a5c25e2b520ef0124e6b4ea2

    SHA1

    2c2895a1a29836210bba2b655c138adee3fddf19

    SHA256

    9c50f9552903b8369a46cb7413b46fbd5013ec317fd9a2718d8cf6a59758b356

    SHA512

    a40e6143134eeaedaa1e018762554105b2e24cfbe5183c05114314cfe156ecbb51248beb6488e73497b965ac64dce592aa8e76b4983bf0c4e1abbb7c4d759856

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d66f4b892b6ea27813590930178c1fb

    SHA1

    4105af7f2601635586d40c6b29e3cdb132bf51e4

    SHA256

    a725bdcbf07f6c43ae942886fc4f0f8f72992e6bb9b78f865eeed4fd5964d228

    SHA512

    647b7f6c5af0b1c8cf8827464d53ce535b7e127cbc5b438825f13ba58cb599fb92d7a815004268e6837e8bb3f496e71e2c2698b72994db1533d3d7440c14db91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c8450c82085022d549a5ef725e81427

    SHA1

    799974c4fb0d163ddf88520b2c1142a6d289dde5

    SHA256

    8b3048a4ed21ec57db31f050ff12453f47a047c016626d1f25095c144c016b03

    SHA512

    8ad09f9f772e083a0bdc1407a4062720383c949997f77d0ac44359b4d2fb15e71dfaf8a8d9b76203d2ca3e5ff2094c192a7898347627325b258a8df29b872d42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf005d3ba92a7a5f0ae006bd1f6de26c

    SHA1

    6a87491f97f111a219819f42b68da73ac8f3ef99

    SHA256

    931888dba78dac5e1d370552e57bfeeb9571e947e0a38dc2ab7c21a45b4569f0

    SHA512

    7903ea5f27deb2fc5306acf63228bcd518c1d7426378db4a36cd9fa308ca37d3deb9875cfa0534fed97305e8ac48e7925f3025d619a8edc729d08f0e3a75b26c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac3f1c91a4c1478d6072eda06defe5b4

    SHA1

    07514b28115a94cd7f89a59a89d41f3455b6c056

    SHA256

    f3ccbdfdc0803fe160c083cf210f23c2897bf197b2193e852bfb92d7c15c9a0c

    SHA512

    d88052adb0d60ddcf43f0fb6f4316be198774f68758d64f13770b4cb3b92e1af62b33bd5227f83971f6c97e383c681570df1a2d497a00517c5715bb619b6a8d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59c5aeae0c4ca2dc8fc33c28e2431e6f

    SHA1

    a9ddf61a4a9e4a3c770744234f7816d0200a38ec

    SHA256

    e063a7dc1fded8570b713037c17a7738f0e99d826373055f0e220f8966f41d3f

    SHA512

    717c7861b47fdfdb7477cb53283ed306cdfa79db5b4d3751041b57769db2a973e9f4d858e882d37249387d4810065d63b89d646d5b8cc16f84cf5f5de28fd86a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f25b27726fda02581c9e5516b9f135a1

    SHA1

    7aef67013a28f5051a8bff9e7d9c53b15f61688c

    SHA256

    58930c1ef8c7235b0ac57c41c9934f2b9bfedff4e4985cbc64709bf7d07b9465

    SHA512

    afd2ee6cca2031dde9e279af56f20b2bcd7f10a69677d449e0412e2ac0375bfbd2d0bfc38aab465445a137df8256e67bf0a6282e57acd433648ad14f4ffa9fd6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    155638bc37578fe5a702a08da1ae199e

    SHA1

    8303b60a2cfb5044e2879f6560b37817df1babb6

    SHA256

    89bae0c56956677fa760d4a0c6a51fd3ffdab78c04cc99621090c5c714fca7c9

    SHA512

    9a0d9eaa649b7960f29851a80b64e84a70fb4fd98a0f5d43905c1dca3ddea20c41416a67213124e9dceeafe75c4eea9453f2da73c1b56a80f1e0f81f3ef8507d

  • C:\Users\Admin\AppData\Local\Temp\Cab3AA2.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3B27.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b