Analysis

  • max time kernel
    1558s
  • max time network
    1560s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18-07-2024 01:38

General

  • Target

    https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    294318cada3fb6c6efc6822f4b8db99c

    SHA1

    325bca63dae8f60e7c458b3e50df11ab54a22992

    SHA256

    7df7e1b27718e3effef76039218a57c062e97790eeec8787ee20c183c1f5e46d

    SHA512

    3482a2d3005d79219b3a7523e2b696c65409c37d96253ce66ce2b3fde4e4c671c4099e37daa7a28372b24e2baf261c2679278d73b6b9f53cf4608d8763c8cb05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74be67e0cd6b5e999c8305dd85584336

    SHA1

    ba7be5c95fdea2add2717f1ed922d187c44a9ebf

    SHA256

    99fc79f853658e9000f16faa8b64911b9d896702a25627512b79e05561b6764b

    SHA512

    1b7225d8b4a799556b26503c897975440f580ddaa63bdf31c579cffda2c7096773bc5bdc14e1213502df02ec168f4a344909647255ab5ab32a301185abd80ec3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    753bff1bbb819c860981b30b9a82b073

    SHA1

    1cf699c9ac3c5a134f5d3acecd94ee8864075f06

    SHA256

    ecb72b43631a05af11bb09b16a17b92f56ff73069aeb7a6fb9c79d14a70fbb39

    SHA512

    a1a795c567e7d5bf9557fb77c2be23481fa1a28271e7d36335e3ad032adc25467dcfa3e071cbd6f9c0c956c9792fa40db0bfbcfd2b22ff76418cd4cd7bc48159

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31a5c06fc4301e5c5ca348769cf331da

    SHA1

    6509bef85034c89a061e93de8d8be4df5ed90981

    SHA256

    5130327ea55878a83bf1e5de605990d113c53f2bac07841a65a8ff041059c099

    SHA512

    d840d44acdea9e9b5762fc7a017d3c44459ec442340ab7de09701105a3edebf64323dba5345ec48cac1178f3143c57ff09a8966a1036da631ba3a0e612ff065d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f15b86ecddd994c792d65988a7b3cc64

    SHA1

    bea7a9937ac78ce23380922343708a056a2b9784

    SHA256

    088c1ca9f89c3a81ee30f49f91587a13c2644df9dae1aa0064997966483b7d5e

    SHA512

    ee29d8958f8c716bb7719bb8949b3241daa14834d520d3e317b7da0935168d95801be2aafdff5fc2c82f5de2a03f5cbdb7084ec6f27c5afdca2ee34d2142672f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a2aa1f2f5cd1ca61fbf2e62436954c4

    SHA1

    2bc5e6f40d61ee6ac5a397a7b092ac896aa48d10

    SHA256

    83d5e39a6e434ae5e4d04d6d638f70d3796df4ea1cc39870771811a3d4fafdaa

    SHA512

    b9d2b8901cad3336fad40d9198f3e42934e76ac0bae3b29bbf9a993e20eb1dfbd9b4e02a0173bad503fa2cdddfe9805442da23af82a83b4a6415f43000a9ee2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62aa1bf5ca6c995a60d26ccf383c7859

    SHA1

    d65c1bcec20ccb322ce93af8359ff0b865966503

    SHA256

    d286a7848903355d97f7821cf15c11d30ed1c10f59b1190576c7d9dae51b4361

    SHA512

    b9af47db39a8460a04c3fc5a7e0f7afedefef4e042a56a3cf115429c5b6c6a138182bad4f62d01333a9c7d9f63598717ba535f22e3da81e42daf5a9afcd6f593

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    140d1515943c284fa41545310f134bed

    SHA1

    69345909475aa68f2916638994f35d22864a2503

    SHA256

    a9819fd9350a6870f2967acd1d7bc09e8ea9470094adf219596fd20f4c298e27

    SHA512

    769c0757ca2fdb6c7bfd8f65319fdcddf99cffdb9d85ff68c2d6657a0a084026c6b8ff320231015ecd519828cfd448a7a94a1ae37f7e544edaffcdad8d43145b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83394660a0c7a5525a0538eea0462598

    SHA1

    a6524436e25961e8d07d1d166951cfe99c6d0fe8

    SHA256

    7e412c7e0788a3fd938ca5b1aaa6b6d06e13467a9073a2fdd3fe89197a44ed0c

    SHA512

    a463ca985fca97664c030530c642025d03c7406618cb1f98a7c844a93ba3b43a32693514a531fa35a6cf3f6700364b84d59d514ed9b244be0d1b171d1df1b0e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fab48ea52aae8c6d68f0df562488fb1

    SHA1

    839e57825f66a79a7d55ff3b9b0d707ed78c9ddc

    SHA256

    4c78c84dcb5ae79a794a9c31df6b1b45972d9d7ef30b4ffab797e133e6925f3e

    SHA512

    aa22095f783e3fdf43efb3374c272a5a7804a9b1d41618d848b981cb39260f38714606ead400322f540696d986ddfc652578d45a1cc43bc6fe0d6d5e7cf47181

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b83e7fd9683f1f2b45b54c1b8a54e490

    SHA1

    d859ef80e4e17b1dbbac72f787d48cdf111834fb

    SHA256

    c4da9929d4c35ef26f05df4fafea8a73f79dc3912837811f1a57ade32f57deef

    SHA512

    728ef09c2baa294dd4c11c30e85550a8ff84dd14dadd0ade5d68829c697478e20b6160a0376e83b667e83bc0406595ef5a4c83ba38be7a87124ed203837005f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9dc24940d2774d0f5193f8a214ffb555

    SHA1

    28635d1c88f53ecfb91eb4f245918a6e758d1ca3

    SHA256

    779f14e995d02ff5c93ee5932e7900215be752611107cde457dfebf2e07068ec

    SHA512

    292eced77a96e45daf86d8baefd5e1cbe2d9965e644f9d4e9f319839c4b96349c9d1829a3d9be20f84fea86161e3a95c6d43f2adcc776021a0b71af71e01b6e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5dc2eb6ef68e4b8ba0bc71082301dc0b

    SHA1

    ac826b0082e9d43c076aec7491d4600858f75edf

    SHA256

    796a8df65d78a58976419e4f2a08f123e96239f0b4cd4beba8ff32851a3738f5

    SHA512

    ad5f81b46faf281235cec771e177a68dfb76a489a5ff85aee205860bcda3f0e3e822d925f5e1113dc0f7daf3d766687098d07a19363d33f125d552c4ae24b8ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5986f4a7f53998e110f759b045857f32

    SHA1

    a457d07639d705e06e93ba5710a01c4d07d2e615

    SHA256

    024a39d655ba74b162ec70dea5cefd6068099fb262f300a6c9ae01f228b18760

    SHA512

    732951f8212a4fa448674550224f66fd45f593376e1e5da969a9adcf3ff52ecd88bbcb7d75d559cc3555b67dde56c04e646850e59a30fd346d549be8427ebc65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    799c0a63e6adb5b40eb999d894543bb9

    SHA1

    730bfaa7cf75256008b06437620e428aa36fb211

    SHA256

    5cb083720d1d93bb64a7031cf5bcb7b9aa0f6fc163fdfbc4d775ae0acdd78a89

    SHA512

    3e4c236c97a6d89d5bb65e565b2afe63bc92ade0c3687a040c4826d197d8308cc538c75903be011bc14fb0af5fed04e544f633a511133acb598c4919665621db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f187cefb51da783a7b84d4d8cd4c322

    SHA1

    d7bb4ccb543977c07525eeedbb092076f585ea0f

    SHA256

    3758962ad4eebea38d02063b512a9cc4bbc7dc207078dba5e5acc4eff5b8af95

    SHA512

    6e60e57621e42438d06aa8df346ec6d46cf6cdbd43ca0648d3008936a9d503705f95384c16558545ec6bfba735307069a1d8296ea1303b66658f663d9d11dcd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25e325d9b028cf69e5414ff0ae822944

    SHA1

    05f3821600e2cfecf0736fd65229916571a03d00

    SHA256

    0237ebbd9a3703a2e015aea2e18d5056320649d943069777ad20d593a0bb377b

    SHA512

    6197bbfa9e162cad93a158fddd4bccf5851253d12f3e38c6aa9e4ec834a5b9ff42f7a8266f2fdfb75f0e5158e99235f8096d7e12c89250228ac9b1e34dfaecaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b298e836cf50171ef5fe1b02294ea20

    SHA1

    10cadb00a949c752f98958ed3c0e2df4dbeb9e7b

    SHA256

    b59993c8ad927efca7e225117cdec388296cbe2c6bfd37b42625e7e5d85ab8e2

    SHA512

    b148d5cbccceefe8c5d6b1bbde2add7b6debe71ac33188472928f11a75a0e8db1ddd0f2e3b3afe0e60fe616a2760d99b39fca7fcf6d7fd9b21dddfa57e6a7ac0

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\c2sxdb0\imagestore.dat

    Filesize

    4KB

    MD5

    6bd912a7f1c4c6ac8a52f6f932337a02

    SHA1

    f541bc004e77133f91137552968a91b38e31a40f

    SHA256

    8f91e1d835881f07776ea7de5418dc1c5d911eef88384cb10a98bcd1716a0c83

    SHA512

    0c9edcc124695b6e8586f989fe9d8a5de35c7e0017ccb12a2f8a8a07f7a80d4709de938764e075ab0bf9ac32f20e335f0deb235a0bb8e82842fb9e5b14fc459f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\favicon[1].ico

    Filesize

    4KB

    MD5

    1ba2ae710d927f13d483fd5d1e548c9b

    SHA1

    c0605efed936ee2600284e6480521d06fa64f872

    SHA256

    db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

    SHA512

    f933cd352eaba92f509b3863353ddfefadfada26a4152ecdc4727d450bbf35e7b10fb3038fe8db340d5c63d74e608c1560ec84d0f6ffc8ccd940c9e0d7533544

  • C:\Users\Admin\AppData\Local\Temp\CabBEDF.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarBEE0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b