Resubmissions

28-06-2024 12:23

240628-pknb8ayhjg 10

28-06-2024 11:33

240628-nnw8vszejj 1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2024 11:33

General

  • Target

    .html

  • Size

    2KB

  • MD5

    7cdc8f61fb1fc3883598588051cdbe0a

  • SHA1

    92e76e7557196531dbdf862421178ecaf4e248e2

  • SHA256

    6e6856c0003a452f331ac9f2c7d73c28ca0d1924763b43544dfa1a65cc92b68d

  • SHA512

    0a74b11895cc550b98c0ae6b89afc1eb564920bc519ecbdc75a985d485f876f8ffa86afae021c1569c7767c6d4362a3e7acb4df3d373ffaf2bbe872c4d158309

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a912d523f7ec2f85093194472198301

    SHA1

    9e6a239b398833adc812d26dc73da3a9d1a22635

    SHA256

    6f27eaf2ef96ad1e30c80963995310fac82af9189ed56cab5c337febd7f71a73

    SHA512

    dcb148218e6c73ab70d33a063394b9b2650a1f5b5ccd34f98684bf880f6545c77ac4fc854368179f06b54639f0cccfbf3e7d5c371225fbbeda9bf769d664d096

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a98ac29a7062e59ee715a2d7fcb8fb61

    SHA1

    56190f2226a593bfe54855e111b32b2f400661ff

    SHA256

    a7dfe032f1c38de82187079e46fba7e67bb887dee5e0f7dcd85556f610cc6163

    SHA512

    d75af97df13fbdb84ee86c6647a72785cc99d0c19e42a1c2021828aecdc6b41ba0eb2b1187aa3c1fd814686b72fa4a90f51848a831fa696f361c3d062156c3df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    885eb6c6dea136adfc52ef009ffb9b77

    SHA1

    f42d50be16774585d53d437d58f472c8317e364b

    SHA256

    16acfd40820ba7b570c56ad5781586ae4b056e0a1f2fdbe6abd42aac6a0650b4

    SHA512

    c34227bb03f1daacc9ac7f0d2bc12f16156554f19f0d120bdb737e2c955733af20de8db88074971f65d87b8451341f2ef73337647187e37a3a29bd01faf9d3c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    848010a7d3c4ebba32bf3f166cdf2af5

    SHA1

    d36b20a528e4efe573f4ae9fc1794b1a4860894a

    SHA256

    3691ad812174ec6620326af9922e1073bb9a35a2e270a56be25e6038e9466117

    SHA512

    a21553b201aec0b4ac06bc68bb1f458120c187abd993e24ea8b227ab71c8edb8ecc9621c59fb94dee64e7c61518bdfd5d6c41cb9df6c3a22a9cd23faf768f84f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02e6786a91d44fec64d91ba39ac6bef1

    SHA1

    d4ffddcda587af50ca370fec746d7d6ba5cb96e7

    SHA256

    03ac37b3d0f9257aae0cf549e1789a4a12cff0c0312155132aca43e900de713b

    SHA512

    abbfaa6269c91274157a9dff9b3ae6289ce0b07943e08db14f436f47f3047282b281527be54dcb6851ae6ae2e7b72eb99dd11a44b8ab1a03ed11865a4665e19d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    480626ffa394598d3a6fffe9f4d4bd91

    SHA1

    ab8b82306b7a50febf4f8c015c2c5023583d8bb5

    SHA256

    8abe7219ad15195c08c3c855465f66e32365ad120c1190d104761b63467ed129

    SHA512

    67c26c67a041b37b9d10a50674d7e32d4cd8881b32484ea7d0d456c930b17278beb39eac02f4059a75f6a7fac2647459484db5e308e5e8def10c5b24a2b17b01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    293589d41870e0f3961379d768742480

    SHA1

    204d3f757a788bc8a13ed9623270e60095d6b7c4

    SHA256

    246615b5059ef99c520d7e57a097975f4d7c8c28292bdfcc8bf4ffa64fbe18b7

    SHA512

    cedadc99a4932096464757c7c4cd7d0a668c2e8c5e72efba6a6ee4dd7eec6af22d3d5b4deec07e9d237cb96babf201f52f8a644dacec90ac02879ae324a8c0e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b03619c853b594df885f75554dd4e466

    SHA1

    0445761c5b9eecda7c81811fcb7f9d235038c27b

    SHA256

    8b34cdfb006611bf4ac936bf586d6ac5a6f195479155ca1733ae7d8ed2e594ec

    SHA512

    edde6910c695fc644556aa029876f1e5c1f8c409246a45ffe7159d042ae2d20e17409f0531d58acf1b7862f74a12b8a24388917c06eca04ab495f43ab2665b03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    198e6acdb4e6dd0ab8a2764dea956142

    SHA1

    af4097f098c8d85d592e5ac9751bbba7aeb9fc9b

    SHA256

    6b71b0a058685dfecb4752078c9e41b542a7c330d804cd7733720f6493f493cd

    SHA512

    f4a0dd1c6e8f05dfd9266781fedb85c0f6c567542dee55b59d7677a55b7eea2588b47f4e762b6707ababc99d763da3823f4f5e9c199e77afdbe5f3e0dec99086

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36deb3985795033c05b775e30a1ec2a3

    SHA1

    bcae26cdb513c4d2c237a1eac7099b6e4d4efbdb

    SHA256

    03097fee32eeac584e446406dc52d326032497bbe7b90afd59e1231ccb3a143c

    SHA512

    d0c3259e00e3544d448c311126c283808e88943e4da8bf90433d25a36a6aeb90511d6757cc8dc70c68ae0ad0a42483835b0037655edced41efa3f2d373962eeb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1eaa27daf0160af99f5d16283000717

    SHA1

    801c26df1d17e48008863391819d934c99ae3c4b

    SHA256

    7442f9ab0a65139f2138c88b6298f9550d0727cfa3521e616aa082a843279bb4

    SHA512

    fadacfe13fa59d62840045c80da1fb0174bb78a3726748f7745f9bc42ab04821232745b81cc42e9c3d1614f4a6ef1279f44d6140b174d69ef4ea307940cf99c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a5b037a1e80e9a1184877ff1b891359

    SHA1

    8ea9dbb4c84a7a2ac8c17edcbbcd6a3e76f3d854

    SHA256

    3a0c15d55fe6eaf60d89fecf74fbc2b19d34706fd1fdb45b9269bba2059b52ad

    SHA512

    3a593ec8f3b4cc438aa29b38cdce54d37e001c7f3cefa246230cc664343acf6430b54e2d0a7ff976c81d61b74b7b2b856c1cdfd1ec5f77a80ead60d02aa7ad87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    624c6566e04abb777ea009b2597d3bde

    SHA1

    a87fdcceb3ad69a75579a23280b66729a3ee114e

    SHA256

    400afeaf1a4f3ce9c6075e3a19745bab3f61b14bb1570a0ee28a5882d80c2729

    SHA512

    a3317b580dc1f2d8afb2dd9677b4a38fdaefe470b789e53f85a20a94484d6f7c36851a687a2dffab7d38695c709d6154445f8e65b8c79de8588f5fc3a7f20db7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d00aba45af437bc68a0ca990ece8f5a2

    SHA1

    2a74e9b53d25bd0cc6a12c41de5f6935a61f3e92

    SHA256

    d34ec8d3d12842887daf1c3a2980aa162f4db2d9866e9159565bfe06f013f285

    SHA512

    a68512a6fc460cf42270138a7ac835d7161394b6090dcaee6826ca57ebd0a58f22234d2740aed581a4076b4e291a2f20de78d31aca8e21484e55c4fd07c347a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63878ba87f3c7dd0b6ed4424aff7de64

    SHA1

    0f08914391e029f5701b93059829b53beab1b01d

    SHA256

    08b04d5b4b67d5961217aea47ed9158c21117841c5dcffb6902d24c259041651

    SHA512

    c0cbd9842f7f925509500969ac6f18a0b7d72457314dfbec086e7b2693b1a5a50b170c4b6a79794d508b4593d3da20bfad654d13332da3a2e97a5260fe13f746

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d77db749dc85e8a19be02cecc514f9c8

    SHA1

    0bd8c84d06f3c7f1d6f57b567d0fc505a6207814

    SHA256

    5e4b795537b96b728714e774dbf47fe686ea68091ba6de2e688394ba4f735168

    SHA512

    7c4beb92759f193def27799eb055ee76601cf5a41abd6e34033e5c32fb2f838996ddd39e4cfcb6d827e945c5be9600be31a05e808a788a1ef68258d4b594fae1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c361975db37eb2a8e6f8f89ec36e6d31

    SHA1

    2108dffbd15eb0cb5704e19fa60378a925b4c9fa

    SHA256

    2aba587a7450a5b0032d2ec5c25d239724a47c813bd9a5de42eb12c6b281a0ce

    SHA512

    309dff4213fc82cc19b44cf56ac5e7261da097062627ce7c86a9366db7e0927bc2926c99af7f770a8b6c6c2187d7ef4810e2fa7612d5aec33ee71cbe055364c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    919e63148d0566f60ed8840f1de014c6

    SHA1

    701b92e5fb06b3296280d04684c3a58ab4b32364

    SHA256

    916a1df2afab11f36b11e73cb614c69a3c40fc69b466ad59f1c67d01d3c1256d

    SHA512

    983879aac6998e03ea2465eb40ca3399f565c515f37269122a64e8e00aafb973a05782ba40a52d8e3e51a634e5fb776d2a6e8034e3c947ba3cefa63d733e34dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6380715244fa4c8349467f73460ab9d9

    SHA1

    12a68dd516638a438c60a550f403ae444cbe1a36

    SHA256

    f6b2b353065815781e0a47d495e30f5e9373a30065f2da424f2bca7307742957

    SHA512

    4546039e254224663ee202cd7e9a31c83e02abb83538925b961c9a23da508dc533d5ca1a0b7484c78395ab76ed296535480b5f04a3a341b65b3908b37c7a9aef

  • C:\Users\Admin\AppData\Local\Temp\Cab2E61.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2F45.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b