Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13-07-2024 08:26

General

  • Target

    $PLUGINSDIR/app/index.html

  • Size

    20KB

  • MD5

    6d8c9edde0ce101ce0abd73be45c684a

  • SHA1

    ce6d94d2d1a7f4761438781affd3aa991018e4f5

  • SHA256

    f15c54f4ac4f55bcfa281b668220eb144e63b9de2292e970095a4dc566209682

  • SHA512

    06f35ece48e4e19174da18ecc5dcac3a7e4d7ffbb102c4859221c7c569027ca72e40c9ed945872bf4396bc02ced7ae46655c88e3ec40d0a2f2e3bd0fcec80203

  • SSDEEP

    192:DgNbdqnDNlPkZHmY74+/qmtRCtmK8W9I2gHHMlxh8B39LJ1Hab4OJgJnc5w/93gb:ENMO3aMOUnbCky05SN1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\app\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1624 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    fce0a938fca3feec8166f048926b3015

    SHA1

    5d628336832f6ba7a2bc40e1409e0471da87e818

    SHA256

    a97e3abb767204d7d4fb9d1e3e753422709696a58efac21afa87c496c648ee1f

    SHA512

    c82a831be859e274223d818e09681fd9db1a6fa13d36f651dffe4a40e2462f0103c89ebe4526bbd012c4d9792ea8d4a6c319e3bd363293a6116808eaae77675e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    859c23e4d32693a0901d3d59389c0abb

    SHA1

    5f2f2d066642e09ad255f72bc160dcc044f42e5e

    SHA256

    b4f3e5c1b80c8153241a4c6b97d9501d6997c9810d18e99ea314a0d51dd4fa29

    SHA512

    9bfae0b084ebd669bb365be204eed0cfd6a4cbccdb1142559823c3b4200a3d0a7ab312513543284553047645ba08e43fa731bcd5abc4b477fd63ac9985d67bd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e35cc99ba1dacf27b23c0b2fbe3fce7a

    SHA1

    d0f059008d0022b9d8272c57de5da256f48a2adc

    SHA256

    bda90cd5edda0339004f9eeb34942950c4597983951ac32c37deb8a2fe74dfe8

    SHA512

    7f356a14f58cccfa8cf8e230d339aa32086a99d3dad4c3ab4098b2a3ac76b28f55165dc2d75080548ecd6e8581639e66e9617dbb25895e4185629c216344f531

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4aa37474a27c5fc59bd60b0d4a93145

    SHA1

    e7dc770eae264090df4d6a07be0c44c5584fd1f5

    SHA256

    b0d644f8c2cc06e8d64c3ac28d8fd6343ae27f59c8908f0a1c18874a0f74cc1b

    SHA512

    7eea509ae0f2b7fcc70564c5dcc077adaa0b30baf9ff79862220bf046131623ab6219e75e388b40c79e6f0b76703a124485064f57dcdda0b99b73a501d99eaa2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cccdad18ceebc166e5908c5aa2badba6

    SHA1

    56987f55d58a2048aee10a45a7d5a925f1279de0

    SHA256

    ee40feddeba32e4b3f970e8d59da598116d0e05bde1e379778603b86f6423f1d

    SHA512

    f177621f1bd3d130b9c7d864a449c14e0625ecb6ba63d53b2aefde55fea4b49c935ea0f576f0f0492e42718f1ba15626ddd054c31219a19a62a6c4dfb8799851

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17cf8d0805aa5359e9eed949a43da0e8

    SHA1

    98724a93403cbe71425289924e11e5274be73a83

    SHA256

    39656ccd1ef36d6e9edd6746c7e51ad5af85a76cfaed86d7a2515b98fb2aa3a4

    SHA512

    68bc90fe1e1bc93b48d3580e69d565f694f649605fba564ce4421f6a8635cd53fb7427cf9bfb681c8463e12bf2e0e8bac12d0bb3f30c43e33bc0f84631c88fa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7597a790b0a18944d8e3a672bc1974b6

    SHA1

    de0be6dc99c9676051bbebce7c3cd2bc064d24de

    SHA256

    cf4eed7046f85c932fc3f595696cc2e8a0541ab024da378d4cdfa5e0949a5b20

    SHA512

    ef12aec481961cbd1f6fe19cefcd89c00c27700f2fe1566deea0be607c4dcba18f0ce33e42e165b773b5efbe90f475595bed026b2b47017fa44162d9c999efb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a41661388aec00f13c9f3b8dfd746d2c

    SHA1

    92c80a9df03d1d2c848b70aa0447d2267d5a0d7f

    SHA256

    6103dd246ff19c01c04d0ba82f899af0506b9d690af9661396367d5db0b90c6a

    SHA512

    e555bfa607cbe60013a1520e56f50034673d885a330e7b022bf3579fc742ea8f9a82c6f2fb75d00ff005a3091ee91ea26a3ce98db4237932a3eb6c5d6e69403c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c312d4e350db4781b5a0ee4f1431ec9f

    SHA1

    0a2cd72568ba9909e24f1260d7d47833a74cfe2d

    SHA256

    b883511d3fdb9355d83660d36bd013e733a9ab93b8ce16ab01720493bb65d6b6

    SHA512

    d43589ed2df76c43fd473b194cd85a09d4028c278f5c12826f81e749fad196e778c4c83daf5bdc01d0bf7507f0fc241837945fefebfc59a9913157d9dfc36e3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a8a34aa48141df276e2dc2abafae8f6

    SHA1

    ef0a4ee289972aac184ae702ebe67335f597db11

    SHA256

    05ec3574e939a0aa92fe0d89949c9ec78c368c7187c4ea2d888d8b58828e8aea

    SHA512

    715815325b4e17ac635799b500f20929ba76f5f835e2d737e79d135616939513124a9d7fc41c80b707a7830b548cd1e5fc6bbe14c979b5da90287ffe29419074

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    402272895435fc3199de365f90fc117a

    SHA1

    5f3df25d8a93ffb8a78b6a27ce4c56a182535e13

    SHA256

    7e865c625c2be4eebe194151abf42b4d14b3bdd21b4f3e629ce12d22fd93f464

    SHA512

    07d8c7f400f32be7249840675061d441854aca3652288434690c9adf371b7e54659fae5f5f3ee23aa71d93d2edceac0c7be4ec46435354b372d2c06975d6c600

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8730fe5a72b842740e67a9294d3a5239

    SHA1

    4875ca68bf9e3526517c1256b7fbc8231212a9f9

    SHA256

    c44208c2bda4196dbbe766713e1f415acc2465a489d1e42afe4c23dfc936f4d7

    SHA512

    aa075f1cdc23b55405ad5876282e2138e9baeff87aa696b025c503a0b9174d51d69d5ab3cd83b43fecbebf38f154dad9eede56eea074f5c82628191c7da54949

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dc8158ceb82588a5d24f89d1e477731

    SHA1

    280a771faaadc7459dfa4839a4d7c270360266ac

    SHA256

    0c0fb1a797d2e9e4e7b1423eebd94fdf06c097954a3a4f9b354cdb6a178e239f

    SHA512

    1879830d476206d824bf9786861b00906f51df8d1481001d99c4a7e1a7cc1126e9823783b849d14585c5b75a10c71292915bf650529eacb0668a379a974a1527

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    779f983fccc0dfe372fd8ff76d2b9023

    SHA1

    4faa7c083e94e0cc41de1761d22f52a604284128

    SHA256

    e4934f461bebbd0e8c0e1ae8115496035e035a64a5fa7c2b22e9fcac37cc35d9

    SHA512

    3c6f1efa0e8200deadf9ad05d25708abf07837d940043cd5bf23c804dbced8ac983a054ef02adc1e0e8648d6020a5f68468ae17f78c8f1a76d8395bdaa84d265

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    444ca577c88a86fd2c8e8313eeeeebac

    SHA1

    1b9114c21464d96f7142134b7e04c8658e168ef3

    SHA256

    8bfdce6e02c047438a1bf6345c81e32db4e3e564758e741fbb2e8e171fb90e22

    SHA512

    0459cd072e6bc7959abf2367a8c2a643627906a1c37d39342d4199e28bc941e9762d4606f44c052423a35aae116dc6fcbb37291dacd488b67a80e14175e184ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f73ccfcc27bc6bc34ab96acc6ff04fa7

    SHA1

    0ddbaaea102614d1f64c394751ffaf4fa2028dec

    SHA256

    4c2759b192fdb77318f9c924201c2381d89431ae27eb6e30466f31b233de608c

    SHA512

    bb5d2dff94234e932132f75c816610ddf8ff9a82574871c145ba5d75f35001e34715f9e266cf725bbc5c79524467b03578d8341f95497193370977a0fa145714

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ae9def566a1f8f14954327918c4f803

    SHA1

    177141cf4541d0a4edb73e2053f1712ea5040750

    SHA256

    cb9bb82b46cca0c5018ab12ef505fb7b72300d13f4d7a833eb41ab984e2be50f

    SHA512

    f7672d0a1f44c243ffb8755bc66c705409dd2ef1616efaf5d2e275d37f64e2484f3ec86b09c838ab18d3c601e1fdb30a8163a42047caae230e7882d304579ce5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71e3d118fd3bc5c1efb8b71d94b476e6

    SHA1

    820097c35a8504265ec5fda2bef590724fb71547

    SHA256

    05a3e08ca50b3fb73b74cd9b82beacc6f02fa47ba73ee963874d4dac7309dbc4

    SHA512

    7e01a9094ef81f307aadccbb226cc07eacc79cc35e8101b1a39c483f2c31fa1211c1a9803e0da0b484f737172d3fef350a6a5480b6860aee8ace51e5d270684f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    814eebdc7ae7a15dbf113fc7ceab2c87

    SHA1

    74609a2ce8bc4bc5c851d326b240653071726683

    SHA256

    7e4e978db0bc29617b91ae7e5eab88df8008471bf276fa990229181adbe6e6c3

    SHA512

    8ebf670386c6f4cb38339108ab9f97f35e16733c755ec2563a0b0f5f1a949b971ee3739072f1291a1d8b4dc059cdd82d71cd0fc887b4e62862c91427663cd8d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93fc101cfeb5cd0947aad11491ec790e

    SHA1

    6af027d72f43bc0bd8d0f2f35c5959fa36c02e73

    SHA256

    c55add81df1273f073f1f5b36892998f33fa381e724afd6d2bb0ef4d276179da

    SHA512

    0ee8ec7aace7e0d15fd803c3c0c7233c0a37712be1229b03c1319abdf0d92637821dcc02cd79620521da4b243912707996421c204ee237d01a16adc0a93c6b69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cfef6b4e37dd81145d568243d40bb1b

    SHA1

    8f273774d771a554479d375c06c41bec5c73872c

    SHA256

    534652c73edc0ed94b449e45ea556cf4bfddb872d47d96f273a05844fe72b451

    SHA512

    4e66c4cfeb50e33bcbd31ef8eb50e23be3335eb3762b641f2a58055a3b9a2824717bb460ac0d5c9bb373864b670f490af91a577d806553ae739174351a592043

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23bffad677cba9d32a92eaa1f92a1e72

    SHA1

    596cd3268694d7eb042cc78cf45694b5898ab929

    SHA256

    9e0b6a50ddf2031528bcbf45b6c9b69cdbadbe3743fab83527e5e26727dac756

    SHA512

    6a8cd52688a1d8a4b749904e0ef27e45faa115a494fc8b2149c34e8a5eaa059e63d6d2f40cdaec9ac108aa96606c1bd255695b6f616b9a0fff2d48d26a33d1d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32ecc0fc5222c317bec37d36770cb754

    SHA1

    500447987ea10399eb8063fc322278a59d6cf773

    SHA256

    3fd381c3f6023b877a480b377a6604d95166cb8decdcc46a7628d10cee4ed798

    SHA512

    e913f5d4612216216507a81eae52739c12c8f346c748f5579ae46f5fbef2bad686ce9ff23a383ada8e94c584d98edcc7d2849659e7e89f9a20a4c375dca4aeed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fe4651ba0715d9697ced57b2c379aee

    SHA1

    6e829457f83b6f602fe5de7064c13076b4b8b650

    SHA256

    cfd50fddab6bbccc4921beeeb7e6f3123ad047d71b90bb095953270fe135191b

    SHA512

    dce1b09639cff8fc96eb8690e41336fe158b390a960e97b29d646650f646144d820b8885f8e8502aaac3b553988203b5f40c6b43e2357af3e550ba80281ab0af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86a3f717f79adf413f4fe2bf76404de9

    SHA1

    c404e88963bc8336b7391650526a5ad015b0ccb2

    SHA256

    a52fd242bad579e8bcfd86d853cfb1946c61501b4a054da520d927dbcb729b4e

    SHA512

    32a988f25696ddddfdb26e26c7fe0509bd4ae2c614181474ac1791ba9cc69b1144955fed703a97fc2f57f31599e067093b588409b9d90e53b0a3129f400dcfc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c036d24a7757a2f7e1eacf72c6de1435

    SHA1

    2873567d0408605cd171401d80be5d5ebbf7c13f

    SHA256

    00052bbb616984f07ddba48156592d4a12c874e5ad0a63063f1b9008cd4e7305

    SHA512

    5244ea08fd72d9b92be91c13a0b7841de035381bf1398460f275705bfdf480db61ba1a13038b2c3a669453967f726a7fa858d3e97a7e8ae3aadb61bcccd472b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e085268ef1c259f46bc667f9c345ed05

    SHA1

    9ece7dc4f230c23ce59693ca2b407eb6f350e34b

    SHA256

    479529059b9e725bb5fa101fad8d20805407fba2ad16bec3be56b7a56c3a8384

    SHA512

    0be7f5f7f4179031bfa1cd41c1ba2adca2e7f7d12b3cd49bb5c772ded92bf0562acb50c058bacfe3f187680442de09258c87095bc5357c866c882c5b74673925

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4a87fb8722cbb4785f0768877072b67

    SHA1

    47f85eebe9f371522181fcb4675cea19925723ee

    SHA256

    be2dedf20a99ff5922719053aa59966598d91daf881a7c56224935290194ad4c

    SHA512

    474a53376718c0268940d782cb27326e98f0af03b5eded141aaa79a8ad521884ed452cb85f2a299e43fc98ef1aa796c2da35232ea253d6938bca66c1414a5944

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1883237c3d2d310bb5825628e94ee1c3

    SHA1

    45a7b755bc55bec83275e3b1e5609e3cfd6e3341

    SHA256

    4fe6f4d3218b2ce376e4d8fe5209c700130597c210e0e7a5aac027f42d69412d

    SHA512

    056b69a1625c0f060f389ac082be2661bf153b83f0bf83c2e003c4e1edabe5804b7293f6afc7377130832094c9cca18b3e4ae264cb8a5b91fd41457b76406ef3

  • C:\Users\Admin\AppData\Local\Temp\Cab3A92.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3B60.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b