Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 11:31

General

  • Target

    email-plain-1.txt

  • Size

    301B

  • MD5

    dd9e4ea4657c65111919d3c38692d934

  • SHA1

    ef4de4495e53fa402e591c19b08a9e87e474b14d

  • SHA256

    a4ceb411b7d2e40e2751cc7df90269e85111be43aeffe2fbd05cf99ae8ea64ee

  • SHA512

    2b1c30ba3db0b1f22ea895d7064b6d2c541dc080c3bb1431dda74b609aec8ccd6a804e3638a9064961ee97186a01e08830b337ff5b96a22653b7d935c44b0dfa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\email-plain-1.txt
    1⤵
      PID:2236
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Desktop\DebugAssert.htm
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3036
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2200

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      b74ac604e0b4fa6c08f505c3f77703db

      SHA1

      58f6f5734e11e276ff679a28936a69844de0f738

      SHA256

      59daeec52a4585099af9d12a66f2c004f5d64cf44c762cf52046e5cf2755d8fc

      SHA512

      4a70fcc2d0a6ec8d372671169fc278217ed3fb983a0685fb6af2efd65b3d6073ce8eec66070e8cc969a366fce44d9687f14aecefa57c7eef9d8f1100face716e

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      29a21a420f7df48f7fb9754d22cf79af

      SHA1

      e39ad89a771625e806fcfc70c33ffbfd4257f28e

      SHA256

      74b79347df5ab02a784df10c7e652213b9c8e555cc5bf462c9783936e3bd76d9

      SHA512

      84350df32ffe341a20df4d491fa1a24c0a0187641939c2d47709f904d2427d2eaf405e5234bac45c5912d44ac51c9c532fc09153251523da87d16fdfe94028f7

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      defb5c13bfebbc24e372536a834eec03

      SHA1

      4200b4608b3155d30f0578c177b9297fa66ad340

      SHA256

      74178ea3e378427034ef75127fd3e23c8801bee6e0513b5a0f39307736aa8b9c

      SHA512

      93903107269ef8d164944fd89f76dd5f5ac594a8c3dd1aedc834268a4e37e5b6d7622ec672a6032d931c53547adaf65652b00da18332e56496941b44abda8baf

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      24fae08f66fb66ef63a5527766ba0d8f

      SHA1

      3732841ddd2256f30f1068be45e80515dd5c57a0

      SHA256

      698d45e9c64b8a6bfe372ce5af4a0389cd4a3fe0fcc6802d4faadf7c6d3c9b01

      SHA512

      9e91b2fe2e870954deebf8f4f566acf4a358bddb1bcf2cd89bbf7f24f4291b245ae2c7452b603fdcfaebfde12cb5a49f7a42ac997b98d8f1db5123ef8e29c26a

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      cc398ad2cbe6019636f281f4d1327960

      SHA1

      1a6d7a501ca16cbe9887090506ce6d73a271a3f8

      SHA256

      7b7e353bc542a4d5306b9a987affe0e53e3a137fbb8be45fbc6642c1cac23912

      SHA512

      cfeee5bd8e16f3cef865d551bff8916774ab1f24af9039c7df77d9cc7934dc292df06e1dd16e6d11fa5284380104ed60977be985a74f1a643c964cbce552e8ec

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      62d0828a8bdd7afd11e2a2296a23119b

      SHA1

      ef4571e517fdfccfc8d54abac67439eb5f6ca007

      SHA256

      83a885ab5da5a0df7b0042891b0de00b5029af7140270ad717efee2ab8fe4d5a

      SHA512

      3082ff71e57b779c91db4ba9ed0ca0167027686b14df1871c332f722fe49caa36ab6da832dfc1f64e5c167bce5b123c7d8edbd9ca177ec91b2096322eec245ca

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      cf66fb36e4c13b917417528210130c88

      SHA1

      7befad9d62ded0cebaaf100beef93afbd139ba2c

      SHA256

      1bbf88d798ea0752bc4851dc12a6ea1658e088509d2d348cc96724732f1c5f46

      SHA512

      3776c070455682c3b49fe61b91e4de26449a29bd88a7d87895f31aad186f15050f8e224de3b42e79c982f1c41e53bd96d07ad70b3ce89692db4428394edbb292

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      31bc3ced2156ebc68bce456c42576b9a

      SHA1

      8e2fd341a26a36d314f51fb9de20f1c110dba006

      SHA256

      062d0a5893c50cfda9ce54d9c8d77855606fce6412fc3f6bf284df3e8f7ac3ec

      SHA512

      0a26d1c3887b556d9a8330517470554a8c015a0b673366d3c3b2982db98d014b204737478d59944988fe1f8f7a5da2f6db801f03833e205cc28536bff8ff164c

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      0900433146621fd33420e1cd48a40ec0

      SHA1

      7b39eba82f8d92a2fed0f9b4722ad0e768fdfefd

      SHA256

      3857809d2a8cedf1333ebe7b22c66150ca01411cb4b736af49a4ad90748615ad

      SHA512

      6bc6052ea14edfeafcc0255078e00a972dd8251e6b379926a19b11c94d1047dad56ff55f2358b838f3aee83b496ddf85dab6af8fd3c24f3d763e4a6ec7c351c5

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      11e5a52fa5cc1159ddaeb9233d57d9f1

      SHA1

      913546d2ab789e96d6850d4ed614bed3c28ad899

      SHA256

      974634445555b78f17afde2513ed913f53bf341b3f0fb20d3ec611d9e5a1f555

      SHA512

      005084ed8fdb4b77fa46513b54a6b93bbf57ac35f65b84b4c5d6ab724ad2e0f482d40f11a18fb7c3f25a4cb8ba63b636375755ebb99e9a07ef0535e03c40b72f

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      481eefdf6a5c5731921464ab0979d44f

      SHA1

      94017bd6177015dde27f01839e4a9f3d29834e50

      SHA256

      95037c806e1834bee1ef19a0c42a6e5535cdc7a341482467d9ce74122e7e47a7

      SHA512

      1f32efa9b640558391f2d379633a98d4b8e67f6359926c1ad99666cafd8541e1f9c631b9746246b3090e1cf6a44d29d26dab2c76117b26c2ef4fcd77ac172201

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      1f1f35d0630ca76a1c3d261e0f27f03b

      SHA1

      dd72f3641b91ad1612e330e87b2c04bafdf962bd

      SHA256

      c25ef5f064350c1ea036ef3e42f6a7f171cfb3f10a0cda3df27df2a833407aba

      SHA512

      39cf7a33cbbdb3cffdbfd5a6219fcdc563026c3f66e0a6a367d3cad5aaa0f9bb3130032abde26ad8d110d1f02fa8ba07c0feb92c43c23ea284e64e82b7e604f6

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      d98480b6665469b66586e166eb62710e

      SHA1

      f40cca3e8c3b7d0ee661be2e530c110efc7d3801

      SHA256

      ea401a1661108130b0e789a78085d2986ee0c1ef73b100b2a82e64cf118847a3

      SHA512

      6e92cbec30eb95dfb07aed59375d2c5fde3dbeaa28fc00eb5de22f10c809b1319653f0e6828bd0531ec7967ebaead39dc19ded3d2bc85f31a2ce3e23ab661861

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      1c0a48a1b4cb743a6a7340551bdb307d

      SHA1

      f1c54bef1db88b994ae85dec3d6d4d60f4a4a98e

      SHA256

      d8b9b6eb0d1f6fd931d7c118a39387339dd0c3ccc8b67d4d04b64ab25fa622ff

      SHA512

      5396a28293878a5f59358c9b3886cbae8e3e4c01f2e4258d2ea3afa3e73dc5416749dcd35a4b40df07e1668d7ca5d29113b8343c819c37156ab01375250485d8

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      55835bed5ae7a6bb75a189d252e20932

      SHA1

      bd466b03c166c6e130a21baa4755a356403f0753

      SHA256

      644d3748225c4b402868bd8b39ba32fcb53e859305964a107214602f44608563

      SHA512

      9e5eeee33bdeabe6e5609a687b45d967305fd2586b9cf13f6109d5e59dc4aa3ca26320bcfbe53b1844ae4995925f75e82d20bcfc3ad855757f602dc0e6e4f263

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      35feef09157746bf9af4fa46dbc2a765

      SHA1

      3f93e2e133d1c795e12e6bcec0328b607b2df745

      SHA256

      ba54e3711948d1bc00b4afaf81badbdce24dadae84eba4085861c0509b262dd7

      SHA512

      9f161436897e20db40a52180b6d687422e688a23243fcec0038fd086859d7b52a86255bd27a04948e161eb1e652853c407b106e972ce3a90c37479b11a9ca189

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      05a3d2d6916cbb845b26b3662c06e563

      SHA1

      3e00034a9a6b6c59c6a9b306ff388fb268c2d3d4

      SHA256

      8f105c425f17238e3508f2511f3fd15b397efb3f3da246d7b5cedcb550968aad

      SHA512

      2cc0d30b29feb59e1c1fc5cbc83c3fcb159e71c829c4ae2418a5ea8f8f168181e4c6c0d55fe7599fac87f79a689d203ff0034ea13bf4779bd4caf46ba54bb63d

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      e1df38aaab17863a46d3c304398493fb

      SHA1

      de9245f1661a1f2d67e9a0de51017da8e5e8ee38

      SHA256

      e8e9ac2c783e6ee1f8b71a91e5babd247533a987f099fb31b5a453cc2ea8f4fb

      SHA512

      36867ccf418ac9b0b16a5240bb4b3a5c871b8499496533827080fd531fec46deef461a3e0f80e04332c45bf1a64097ddfef58e0a59b05aee5dbb42adda581a72

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      dfa5ecd5719e0ecffb2c609000036d06

      SHA1

      6409a4a6271d181a3e8f69699ec0ccb15373365b

      SHA256

      ad10bae3826b4aea23bf0b9722f8a0da391d16e39a1277d78d20ad9a23f6aaa4

      SHA512

      4ee3591bfd5c486d94e680ad036dc05ff6d7bfe19c863ba8ca03eb6e2d9af3b56d799cf69b83423f12fc653ad3b8877b988605b82fe956fccfa12ef52d9e22af

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      68321f3fe613398288a408bcd95db088

      SHA1

      75eeccd5f41f76e7db14a2e3c312623cc45a4c19

      SHA256

      4cbac3921a81bc43fd941e4151ba7957c14007e189b8238691292a7c59e45af2

      SHA512

      3f88b2c7dc924e8e490310dfd7b56c723e9a8092e4d54b69e09d5aa11aa420f10c9fa0b6e77823585cb30e5ed5f42d4abc409619ef4f8c3c6f2415cf39e5fc38

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

      Filesize

      342B

      MD5

      8300a2e9d0f0e277f025d519ad0b8693

      SHA1

      72a192788bf4763845c207ca5e877d94072cf955

      SHA256

      1d2664121c7b9b38552d5cd6101ea4c2bdf079f9b709827ef7885c961f3f54f3

      SHA512

      a6caef922f237074bf3114cd6c594c479ddd0ba6cbbfef2e3536eb84a4fdbc4aa5cb1e942cdc31b3539c92ad917280ac9aa73074b4f13da9cebc7df618ba1eea

    • C:\Users\Admin\AppData\Local\Temp\Tar5C3.tmp

      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b