Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2024 08:32

General

  • Target

    XNU43cVR3a3I2aGxmU05KdFl5cDZBZGhaa2VLODQxMmphb05tNWVzSEdUcWNOeHpFRGRGamw5akFyVDFpaWFHSW5SUnJzeVpzVzY.html

  • Size

    485B

  • MD5

    2c42775b2a328c445b7122b571378437

  • SHA1

    1c0efd0b31bc40aa0bcf66ea226a708e1df98b70

  • SHA256

    01a432b43b929122a2c355002baf21a439b54020a72bf041b481053e3af0138b

  • SHA512

    83c8de2d7061ef37140d671a32082494cdc28808b93e97350c0d0a5bac9479f21aa95d1bfe26caad5a31ba68cab4cc598f1f7924ebc1f27bd8cbce4a96860704

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\XNU43cVR3a3I2aGxmU05KdFl5cDZBZGhaa2VLODQxMmphb05tNWVzSEdUcWNOeHpFRGRGamw5akFyVDFpaWFHSW5SUnJzeVpzVzY.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c5c67ced8a5ce97b01df7c8b52b6f29

    SHA1

    c1bdd336530b6a1a661076057bbfba34e3e14307

    SHA256

    eb2b8a14d4dc8fe8e58b8d5dfd685917c4deaa0017a952aa33f54b61cb0fe680

    SHA512

    7131242c58ca41c737c60041099d0f3a09cca62edb7a040d8319eeceed8fa579f44d6817891489fda026bcf9f0756d099d8705c77c219974b0d091cd643f3d42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4f9d2802d9c66a3235fc6c8507e97b0

    SHA1

    e8750120a2f0750c187197be7f4e4ac74cb8f030

    SHA256

    e95cfb80496ff4b67674ab6f388b6cf7e2d64dc96bebe147d3568d290fdba468

    SHA512

    4bb76f3f72a3ae087d4f73a0f58a5a58af37058557d8624eac12382af11acecdf0ac1a78611daa8dc0e824a5057bc1ee3553fd348aeae6bebcf9425ce612a607

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ca6c6be7a9d26610e3520a6c568fbb0

    SHA1

    6f5d54a5dc6eaa12ea77e53c6a45d6bfb0b62500

    SHA256

    acd6c115f8cb03073088e897ceb31150eedb94cc280cd5b0f18dd773bdb9088a

    SHA512

    f31eb4e8b71e1dbcc8a9300ceab3b4152c617a8f04a6560283e2f97d5630a3b877bfa5b17bbfd803ce3d1eb31e2249da9c12bf6e251ef8aae084d151c6bb6d8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b3b87b9719831a58031d5e1466aa03f

    SHA1

    87baff97564a2f91e901799e93e4cdf2424555b1

    SHA256

    8c6f8f31fb3b8d6ee4d4822afdcef277f6a3ee4234173eb65dcad228c95f3503

    SHA512

    b0602de430cde00964808cbd4adb787427b1e27d7512237cbfcaa1aae3c46435ba1157edef6fc1e61c1806a90bfe853004ddd58a0366f34ebe8408c5cc4695ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63ba34ff24038b5ed860a763f0912080

    SHA1

    2bbd8a70fa8f2273d09bc54a640412384dcb743f

    SHA256

    b10fa5a94da677a974db1cb384b27e1ccab9c19c3f674cd455bddcfb54773542

    SHA512

    ed89e344f264cbbd6541244c1ee0bd891f0903b2966f2b1ee3449e86afaf57fa0be794c329b85fd0b4c4ff24d4fa9277bc6666d5e26e6ce2f40618d1d7609d25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab003d2caf949237b2963dd17d922a04

    SHA1

    c2f32a24073478d1b87567661cb7b4f4624ded56

    SHA256

    28d3c3278ecbd586b8eebf893071b3e605c4922f11045283dcf03147ab89b4a1

    SHA512

    cd8450d1399c1d4535df530eb7972d998f74dc8b6f012964732501341dd10772f4d31c0b13e4103e73ccbbc279ae146325394248c32f40e9409cf338500561fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4159051ae2d8d68081d3346ec6bed0aa

    SHA1

    d67530a29066e64f6bfd88a6c630fc2f104813ff

    SHA256

    c6506f7f332ba9e8f2d7906e0ee11c9bf9585df31f906c446023993dc0f47948

    SHA512

    ca8ca9eaf66c8532d35f5f182aac0335903ff49134924bd6437f5c4c9920d85cece170a776cae5aaaede777f48085f98f2edf976a29134fb12935494ba6f43ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3bdc0fd50e47ee1099cccb64db1ee6c

    SHA1

    09371e7729d50434dbd9d907ff2abbef38531cea

    SHA256

    ba23aedee6e818a147e5a2ca94d734870fd5dce0195d66335dd4930846bac3ad

    SHA512

    379c45a2c2bd75c37e0f51a8086f17790eb5a3ed62e040ba6c84bbd40a8b7572c0d6ccfd2599be25d5ed317d4b009029ea7e942e50378e313990ce948ca382f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1271f5854ef4c75bfd41b8f198b952e0

    SHA1

    2735417b4e3af1ab2948ca006dabef1417357688

    SHA256

    f450ca1a94c824e375eecc2591fb139e0b874a55659107ec51b6c6c99dafd2c2

    SHA512

    ceee7145ee22962d4ad4c386d8c7f3c7f2b77ffcff9fe94e5de8446dc5ec5fa13ec6f0153c70e095253a0c653efc77b76cb0d3cbce2df9ddd22f414ec4238e65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e36ec1aaa4553b65f507f1a05c92b50d

    SHA1

    903eb26ed8f49c700530418820244ef0fcc25fc8

    SHA256

    bc1c1935eaefa6f7086b97927d10bc4abc476e7e099a5eeffaea8841158600fa

    SHA512

    3cf311ba9bac566d91b8358fe764a162b61ebe4b7a7d9721c5bf56c017723ec6172eeee18000a271c7043d6e85cdfb4233811f8964ea358307ef578de1a1914b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8aade032d0debff8c1b59d5fff634afc

    SHA1

    015be5902c6435375f77f4067d80d51b0b916d5a

    SHA256

    f1ef2783eae032bccffb3e7df5805b50d7c491576a9a76ac9730b248b2b927ea

    SHA512

    08c622cb866e8129644d60460205e87c2068b806bdb48b342b8b000a0cd00542ed6e068a1df9212fe6aae17440db0ce457faa783bb5eeed0dd1991cd99673934

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4107b2699953f635f0844e345f01fad

    SHA1

    8efcf93b2cc187b28087793452aa69671139205b

    SHA256

    76a27542eba526e9a67637aa96a7ddedeae62c457df993918a1807325c499439

    SHA512

    b0397fe9a0fba1f3fd1ace9dbce2c1b0f4ac8f3703499115ad9e7dae707eae8944383ceb7d33c505a7eaa05960e6463fb219b66ded1e67a34d95d228168569a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63242717327c1d0a40de32e547afe6bf

    SHA1

    bd675ea9b9636485c2781cb21a6e17c7bb1c0c36

    SHA256

    4764f2d57f30d47e6924f79d664bec85fd34dc855de3777c14a5939c00c65cb8

    SHA512

    7be7340dcf5f994ec9f6a7d96f5a8ca10a94482e7eb842dcc2acb85e83339ac604c5c7a67512d70bee3414ef53351dab5a66a5e9e210f6645eb8d2cd65d69016

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8af4e2286da15d920a4c315ca41603c7

    SHA1

    1c8ff4d85c6a34b8aa185dec1796a4194494a450

    SHA256

    8e33561e5e0019ebf1ba3ef719f3d36af852e75a4558c7a7341d3157319daeb8

    SHA512

    23c2a30e63be97b438439ea334e07a1e279afa8471b9756a239ad70638f421e2e35382f2bd07d334fcbda616c86ed58c9d4c066c550e8af4c5c48a0324026109

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    370dbfbf7b767b8dbc3a82d6d98410bc

    SHA1

    067f7381f6b91d2e09729eb0b19e6cac0f017e5b

    SHA256

    f1b0a6beb5b929979e9510cc693394ad9d8e88727a61c45ee2c07c152af150bc

    SHA512

    246a4e83b09472014ab2043f305c86baf8f292377a848c1553aab79080cc531459f5e99b45f602bc73375928d1486b86589d6573795253a72f04320eec9c2ae4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3ce94d30da62a801f44d22d26b8d514

    SHA1

    c0f12cd84390df9096d983fdaf47119272c501d4

    SHA256

    1bec9747b52c7dfe2dfaf0453fee857131dd8813be088dc0a67523256e8490bb

    SHA512

    71ee212834501596879ed0b735241f43a105edf001c143446a44d1cc4960807a65270e41910eddd66a8847ad7eeb0d0d139d6e3160a58e831e00d449019bc7f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d22f65f811f893e9d04b1e8b044e728d

    SHA1

    5134f4076f1a4655bd5bbee07644c85144645faa

    SHA256

    d914d0ca5a156b2706a4afcb01bb019e756f181df796aabe1c8ec3c5921dc589

    SHA512

    9af37585ea5241ec23fb1b208425d1b5d56ffeb79098b778f579222897137a4340cf0c29aa2ecda15a71e486da86ee4d1703eaf117d063d677ece2853ad5ab95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f477c57822500feef4e2a1f1952a4559

    SHA1

    1835e27946f4877d26d9466871627625aa93da72

    SHA256

    9c2e50f46c3bd92d43ccd357e666f55c9c2b396aef0f0807e05bae320809da83

    SHA512

    d87a7ceb8dd43fcf02797bce44e50866d954bebc92fea3cea4f02fa45f324bc5d100306c506c973218555a833648250f4b73f15e1997d7892fd3e0caa3784e01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    036127224bea224faec89476b1264433

    SHA1

    368f3b092a29e83f8d8ec2b93cb9fa62734cb3a5

    SHA256

    63d38f240189e0e7596d70753016b6c9a9434722fb75c8cdf965a22d158f0732

    SHA512

    6ab80a635581947418092dd01d617f56d7f931d795cca922ed60405a8788a4d6316ad53197c404a35a55470fa54b49b94a7f5c080b56156dcf636dd7d3cfd2c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a11571fe1a2b3e2723daa091577be04

    SHA1

    58cc18c05fbf5742df04102c2a7a297ae63f8f5b

    SHA256

    f86ef8ebcb63bb08b3b9ca37a111cba64ed2792196d2bb196da78de823e5513c

    SHA512

    63ae487b20b79b7d0e6c659a471aafbf4b701d34cb07e607ab6513cebc10d6333e589cca5f90660bcc426a1dbb80bac7a81c925675e3fbe2d13a02b4152cb128

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d750458b8aaa7c317fa53abaf8f03939

    SHA1

    82d89383c95e95bb6ba24354fab7c98fbc1b974e

    SHA256

    07f56888adf5d5ce56f3900204587d43d2dfa0414e2577de564442352a23faaf

    SHA512

    09b76ded2e666d43cbb7d4165046f66bffbe86313911c0bbbfd8801b8c0bd7e7d46af9d008b2f7dddc0d152fe5a528650a139d874bf7c84ada51875974555314

  • C:\Users\Admin\AppData\Local\Temp\Cab2A9C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2B8D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b