Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-06-2024 12:43

General

  • Target

    apps/admin/view/default/common/head.html

  • Size

    5KB

  • MD5

    cfe9da57720d3da018838b5a76c340a1

  • SHA1

    e3dd1e07d083fc74665b3439880fdf3514ee190b

  • SHA256

    40aa91d72e6a1cf5bd40996450cd4aa2bf7c6cc008d9b34a61f3be9871adc4dd

  • SHA512

    ac98195be5156e467f51208940cc6add000a70f4634801a866cc80ea2a6aa0e08892dd4c9ce037955e731d276d55980adb6813f1c08201e46724fbbcc31aa5c6

  • SSDEEP

    96:/e46QvcCtNSb5rROW58VdKcJHSXuyIkyKqKjy7VC1kOFVmJvQ3V253VE1KH3KqKH:nhFtWzuPBmx04kOFijkGy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apps\admin\view\default\common\head.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58a865bdb7f7e60ca1c1cef5c71ffe20

    SHA1

    82209e9c943580a01087ac5dec239f633fbc6000

    SHA256

    2465b6ebb6581c6ff0dcbcaaea726475b63cacf96886cbd8ebc2611ee05489fe

    SHA512

    0e3664a3a188852bb1590e027b82e803fe295a11b979815528768ca981755a9997a6fd442e51762f9b699c7450875882394e8a9dfcb3338084982801102b1624

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ddaf51f929166722df2e2e14c30cfc5

    SHA1

    8cc3dd0a99f424e661fe47678886fa09fc18d448

    SHA256

    6a4442cdd5eb08de51dddb500633eef8944567f91196cddb470ec50bf2d17831

    SHA512

    9360d88a07f77471533e8e8890e0df2cd7c3964a57f9502b163ebf3e725410bb999343a394379e41455494b704e582c92a08003fedcdcb4d3364f17e7f786ae3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bcb1e08d90c15f84c4703991a3d909a

    SHA1

    6fb7d4ed24f7fe264a2ceeae0b80860c933995a0

    SHA256

    8fea2405dd224fb84dbc73b2171b05c1afedb076593738ddbb69861bc81b1ccc

    SHA512

    92bce10cc70cec5bc7fea5ca6ed39492e8302c04ea8a06fdb5aac00f126f19a60200d23fa562f9c6acbc820e6679df5c1e19ad39ec79b6b6fecca56b171adbef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a3dad848bb4e37ff577aa24dc82e181

    SHA1

    c0dd52fc0d54487c9887824bd2c333ae17ee7471

    SHA256

    95b50808a048227b449235ab2282c1f7d6df840c0de7f8aa2ee90f6e29255df1

    SHA512

    c52f5a06d1d5258c05a4efe0c74702becabda46a5c1efc134e627d5a4dd2a51e9bce90baad76f6d21874839e26a50bc94d4def5b8a02670074d37745bb12157f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ace8f4ee0c5974154e858f2c957ddd63

    SHA1

    e7bd41a64ca3c1ba84958e5152da38013e86fe1e

    SHA256

    689c83ccf8bf65444ffef470cf32c47fc0da815cc6487c9be323c1475748541a

    SHA512

    cf6c30ebfcdee867acb90dc671e4de375363bc5d27d97b1e4090563203c03618bec3b9f70c4ac6f48a6d7614fb970ab46c8f2346d03fd54fe7a097f41cdab90e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    115f68079b59e770e5e94f4b2a94b684

    SHA1

    669de79c7f70ed0164ad40df0e9b336be9d394f1

    SHA256

    f7067c923483876de1f1982ed7637e148a7c6798d4c3350c6261288023e664d1

    SHA512

    d110d4fb4629692d4c0542893ebbd026907d2626e4390f362c32ef3a4e5b22ef5a266aef2632226722756d68b06598e1e8a215d250fe3bc5d3cde374568a10f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d70ba7da8e047029c4fb02ffe989c73f

    SHA1

    012e0f1cec4dc1274cf2282cc46e6adf5238106e

    SHA256

    f5cfcf279677372f8f0efb42c938d58050092fae5d4b1116abc21a3d0a7de7ab

    SHA512

    aa4e7e321a5fe613e59287bc6d8011143f82a9f9e7e29c9ca01409820454e23da2ac8f9e15574f63451df8193e70e434a7b1301a3a3625f81c9a4575a791ba15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77bf85a86bd104c5b82a2e2a982e52b0

    SHA1

    9a6530a0f03524e6ba01e8d2b4a5c357f6e68aba

    SHA256

    654ee396ecb619a8cd4fe8d6e0fa6e36ad420e54f79d7d2953cfa6561e5b5d49

    SHA512

    25d997522b36496ec9c5c8e97083258772bbf732f3abae91eb38c7c4215cd21ddd8dee59341f0ab8250af657d86ab826103427d262c3278c484f93a0ca615cc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7069524eb6889311b286a859a54fdf3a

    SHA1

    140697c1fcaf3138c163a4d6f7c71cea993b1c93

    SHA256

    c0a9c1cccd8885f68b39dd76242bd493ec8d005a4ebe5075ebf3206872b3d474

    SHA512

    f946938cd3a2a67cbf2b591eedb81b44d0450c059d2569a74fd8a39bdd3cfad02aa95925f51b1d603eec47bf33e91df9729552d5e70d85aa50c630274526de60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cefa325df8d0c12459f0e93cc3f6a9b2

    SHA1

    a8ce69e1f6637e0474b6308925ce03eb72157058

    SHA256

    547ef8f73b6dbf4d5a0859b52787d2314ac43788e9a11daab3625bbc93bafcbe

    SHA512

    e404b2f30846d65d87db8eeceed9708ea3779309dc883ed50fffb2030c5a187615270799aa384979340109606c665b518012fc4ae3352df3bf9b7a1af4304ff9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    427c6edb50c83a3a8a7976905cb3126b

    SHA1

    070c80daf5a6f479bb8de128055dd8bbd056ab03

    SHA256

    85057157863c893477dcf3821e36feaaa9e8a5a98e49427bddf59084318df35a

    SHA512

    7d48f636d43425d97b839cdcbceb4aeffc1fdd85997d80f3b9676c6f0f1bac600a1e5926c2d486e6695dd7a170040a6ef88003320fd94511491cb816fe2559bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b310286d54055188a669bd20836c2314

    SHA1

    be36727f142fe8aa8e3c412211923ede17b9dff5

    SHA256

    9b26a48bef737e17cba6808fe91b00bdbcad6748e220ae9929078b2ac9fdaf71

    SHA512

    19a0f70e822d8be7f3ddf77ceec6a0c6f6e136be39379cdc52cdc64486517a8c726051960ff638968a144e51e6efb078669865acb38780067747fefa07e75b63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f40a720cf4435d0facbc5b8913f68af7

    SHA1

    67c7c2567d3b85ef3e436e764ed42684759dea01

    SHA256

    9af890fa44f5466153cde5b568c3d244e46eacac3e52ebddd649a0cd3b30cbe5

    SHA512

    ec61e6c160f0af2d01ec4f8053c717a67d7c3c65d7109a04db4e964841d092f2cba1b9af62d7db9c2e8bb4631feb0f652a0441aa61f446de448245a268222c3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0269a1b480f83f1194cad3dca9dff673

    SHA1

    c3b936fb8d2b24a1e79ac2468a0ecfd8c65ebe9c

    SHA256

    78ffe25fc1eed2bd2307be887090566143a4b0c81221c41c9e6393e0bdc0a3cb

    SHA512

    946339af30d3ba30f3d4c002b386529a7060ebde3cd141efd69193f5ce232f2464756f2ec768780f4a7e933611d0be67782af7fe5bafe6251d321b2282b2af21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2cb5b4d7498b6c1f250b8ef9c16af2a0

    SHA1

    2e0a167e389e52e4099762018a396b60ab382e1a

    SHA256

    742e4efa8b0b6b4fc69a5357ec2fef684d534f9d2be174c7d423048b451fa90e

    SHA512

    9cf542a9e2bbae8b96fb106bba7bf763ee8cd7a0f95baf69f2f4ba2d2f31d465f82012ec9b2b1dadc311e6882ecfccd121a9339da3179fee194b233f0830d363

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c92a5ab90f0fa09992d6201256b67c1

    SHA1

    3e9d557ee0c9be4bbfcb8bdc29dca7d57005208b

    SHA256

    147e105f1f06d516d7568d21df3b8f4627195c13c295dc630f4d905e071ddc75

    SHA512

    090ea6256fa8e2fc493c78d7efa524d318b0bc50790c74357e8382bdc304b2a0f52eff14574f736a1150af9e03951029383392ef3e8a23845cc0fef4cfdc2b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7e0090d97ec28b92593836e7faf51d2

    SHA1

    46d3853553ad1969bf8f4e4210ac5412bb2bdca3

    SHA256

    a27cc1dc79db9ba265bb1104d2a212511eec16e80d9dde3445b9b3e8a2f4ff4e

    SHA512

    23272bac994c4bc506790f8fb84813fb4c4c3a8af6520dee358e63f11ecab3d6bf21bf30a4be0f2a65fb76035bb2bb82c60d3236786a9369b1b2b8c04c267570

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63a92f9bc2dba956effa55df9ef4298a

    SHA1

    031489ec39ea8262e2d9d66bac468408a8baa2c1

    SHA256

    7345d3ecb7b3a85307bc5631adb8cb8dcc55136d67fd27aa2da0766373bd1903

    SHA512

    3bc7b72bc04fae87f79ac225831047d6f752c79c7b29cd8c098b4fdf5b198b1a6cd46baa54908996b60b614363c91789af98e9eb6fd3c9d27a1177479f3181da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59a533b415d69107659c26d4f0d3ce10

    SHA1

    722ff43d4d819783e964fd089a884c71aa68d387

    SHA256

    c5f4d2ca04d16d9cf59c5aa29147b2b8cd50d416f29fc4bf656265685f2df8e7

    SHA512

    3b2a6e691c33ce6de8e3a21a9925f87dc304ffdf03b9a58bfdae511adc9954a7d5ddc314230b0a8392fde812afcdbe5994a1584cec43e588bf317ef75c9619c1

  • C:\Users\Admin\AppData\Local\Temp\Cab44B1.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4593.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b