Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18-07-2024 13:18

General

  • Target

    email-html-2.html

  • Size

    2KB

  • MD5

    0551263ae55f7b3ba0b776a1a759cbb1

  • SHA1

    4aa41685b7b08f8c2569b0a4a1e20da629b57210

  • SHA256

    8e269bee75df1d6bed5a6d2e2c3e6eae6f9432d71a618b094a579abaca4e7e83

  • SHA512

    a838d1273c446f4b216bde0d075b21411bf0ebb0465bb6e5d4ddfcc10591f923c4afca36832263e3a64dbb954dc9badf86c535be6f9575b7328bd6da312257f1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bd4abf4e753a9752bec4b92ac490fb9

    SHA1

    221fd6fe51bcfc8d7d3f6a03ee70544039fdc92b

    SHA256

    0e2ffffea389dd6e427d54f84529d39ae8c3ae19df910350102414bbe3481bee

    SHA512

    16cd55a485a1383c46bde57d2b825e3be0752214a3ad5bd3e35d3fa669583c117404cedc330f8883d87567e61b99604acbbb988ea7bb29ae04e4a4e84a2e6dc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00d14651b0b2e9025762fb3e66f0fc3d

    SHA1

    3d5c703435d0dd52fd1956b4e443e06d4c40cb17

    SHA256

    fddec7856aec93702eb55712a26d28578e404a265b489c2a681812b16569a2ff

    SHA512

    c9bbb3593a7a7e15ba6e5dca3e26a80a157602007004bcd1de8e0862a6463a37b3f4b85908fcaa0a54d92c71f9b923e0968dabc63d6846323bc55cc6dbde232f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    faa84b95729f86480656080e803e29f8

    SHA1

    26cb4545e87b43b388a32a0d4e9a9a339a03cdcf

    SHA256

    f5d65ff10014a605c5ec071565076c22ecc2f4ef0bdc2c641461fb5fdfdd5263

    SHA512

    b79b6298e9adc8f6490406fa0760b507e38d8f5d19de30a693368d84ca5df3953b6055c63524f33d60ebd1ba7f574da9997b691fbffe60198f2a0ba39ee75b6d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b24c299ff1445d6218a5095bb1b1f7e0

    SHA1

    2c9ebb63194879dd093113b3b322b38fe0332c55

    SHA256

    0854dc2627a9e208f1f6a7782c0cf7f37d99fe0fe524d82d6fb068e535adf560

    SHA512

    fc0cc382ee831ea425c5969f0eafc1c3e7ab580d77876262642ee470c46771d2999d00d36e1b76ab374430355eb63d687c0c00bc20b6e7c6d562b2d14e14edf6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84aee513709b8f82658ff3ea2c034b80

    SHA1

    71d6b64f70b879772882816ab7808e2f6f50cf5e

    SHA256

    d7808d0994d0b6caa5fff0bca32ca7168376e54391594bcc55f4e5ca5ef255a3

    SHA512

    0bb928c242939626af782e226094f21b5b5f0cb789609323eb4c082167e2251c215ce24249a2a616172b75df69afb319b5bd83dabc9aef3e7cdb0b90c1457d40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec661546a9589f91461181599d3aeefc

    SHA1

    f4d9cdcf54b36d17c8ca7f792c79dbeaa3a201c4

    SHA256

    94184101bf98cf7b795cc00da656de6738ec372b47915b6160d36746983fe9ea

    SHA512

    821c9c7343a5aeccc198a12e6c82b73fd750e69e69c2f2a90adb02ad867ca10174474f21546d2d216085304913e9e836fca7db6ffa97a6a2a0db16c3605b0c78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b48ea1302b32bd68efc4da1957b3b52a

    SHA1

    c921198949b6db92b399adddac95a43954e06290

    SHA256

    cfe3efd03c19a5060fc0d06e5af91075dda00b383e6102d16cf7424b1c9b4448

    SHA512

    43426fc6ce4d497c970f7bd10fd13c60380e495dabd3abe1a6bfe8d609710318111a5624332f0483e5fa1022edae86f454c138357b5e95207c9f65d9399f3f49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b195eb480dba7431cd226c2d49de123d

    SHA1

    d410c06a5dbdf24013629c131d9d49b5c7a6c670

    SHA256

    afbd7d42a15a820d139a25146f4d8459ac58cd61e6e8371722e92a63cc6d3965

    SHA512

    094a88040bb9f777153f7eb01e8927a7e8b844cf2301f42776d9b3d10316ea939b1cad6ff676c71d81fc9c52d31c2b2f87d3e8d1298c393b3c75b256e112f055

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b7458d03497b40f3b274e1717ce11b5

    SHA1

    e8f8e08b8261697af1c31187607367e215f9382c

    SHA256

    b1be2ecaeb98ac024a1315cc51e5022d40a2629b85a4d5d741dd1d9b132d3fac

    SHA512

    22ffbbb136fda51d4148bd3226103865efa362c52004a4ef351a80497f9f32006bdad0a8ada467722b3587137899ea6424789b28dfd6b7ef79934c5a9955703d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfa60555600e74270479dea68a4b0b40

    SHA1

    9fb9f558640760ebce09666589c6c9ca592e4461

    SHA256

    4575308661ccd06018893489bde37ae751a4a27fd15a5b26a4992e9dfaf2569c

    SHA512

    c12d30288cc4f526dc363fb55be9a94adbf36886bfcfe718f59083601b89f3563b137c42ead76a7d8c70cccd8935a00548007465df258826dfc979de3c1fa1a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c3d09a880ade1a1ed21851185fb6006

    SHA1

    b55ab7724166a1454b781bc89882c7ca1bbb63ce

    SHA256

    d82baec370e2316559ce32782b1bbfc45d5463fa095a07a7376b5b8ae43d01c3

    SHA512

    cf3c51ea61f375281886f4a4caa77ced160999792ed0172306bc598bfe13273dd512bfe27ca2e4b804bbbb63b9bbe04c3d01f0400fc0b1e0ba3040c772b37240

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b57261763a9336ff116acded03434f0

    SHA1

    482d55f618dd6e8c51fdb442b6aa0966c07d94e1

    SHA256

    6122315e3f9184c494629ff23017998a96c7dc88928e069a9496ce89760de846

    SHA512

    951bbaeb418888ec18c33f09515dc780357a352843828fb730b56bea203328e46a841d2335ced40ff47ea1f906d15c228bec4ecf2d01127cc50858620cbc33cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e451fcb0f0ace0bb30feefbf68070e9

    SHA1

    65e04a9284ab426699c0543f88372acd0163965b

    SHA256

    2cdb28d72ceb39ac6635331f593b3288080f7073342d59b2e31022953aa4abf5

    SHA512

    3f83b9b7a43c261b4ee12589357030f27a0a113dc400ef9d10124523cccb76f291f6558bbd0e5944b2635a627fedd0ee54b586579fea2d7afdbc3ff6a6a334a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d3f5014d7071def3b2ea4e286f597a8

    SHA1

    b5f5655466568ac04ee47c94e2b0e641d78b9c29

    SHA256

    f7a5152d47e913906eaee06871503ca5c1b4e8b3ed7be94c9376054543fd6b68

    SHA512

    964b7503d12936d235d493bd66a6a6311324dde1faab3b4421c6c667365d02e9d21dc6787bb2d378ec96ed68d4aabdfec845c107c86d1e57311374ac7b656e81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2837345fc53d04d2a75109910fdd2f81

    SHA1

    566ab9ce3ef897b7477a9767a201d5a68b912822

    SHA256

    8bfa2dc324d2dc1d143c73c1d17b41f44452bcd3f9143568fb758b2842b19ad7

    SHA512

    45fe93072431571873d83c79c186d26b22f9452696c7fe2d124cf883bc7e42f53045defb133e5922b21030f3ae63eae5cc36a30665b80090596d20dbc59e691f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c06e816a7d9e4524c9a398cc3cd5aee1

    SHA1

    aed195a8f96a8ef35c6a6554daa2166d24163dbe

    SHA256

    1b246d147efc3b2703e22f6b747e2f6488b103effd657eae0d461b351864b4ed

    SHA512

    b56310508e04993ed66f6096c3230751bc0ecb6f9747c7e056bafb68dfabf130e12af47f10b14501c291cef72a67b9a1f108e99dfb876cd619132a34807506e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad4faaefd82ac934de4c5b655e29bcc2

    SHA1

    64e1c16a2ab0c3904242008425c1a057619b8516

    SHA256

    efc086b18a95d6211a85dd1d7b0c675bffca946e9ecc41eb238ed6dddc8487d8

    SHA512

    afb4b255d5a6bf897fbc8d89a28a4b69e8861fa67f89d6af0d2ee0d106b7af6d99aa4b42175ac430d4de0c67a0e076a58c94721ca876ee8dd4326d3722bcc1c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdd779dcb30297325b3b18aa2392095d

    SHA1

    89001548887221da6410d17c6f0bab485b9d5bcf

    SHA256

    42f8e3f2ac9a998fde8c40f4391f792a49df9bff065b0c67274ada8ab6b5a364

    SHA512

    de7a99088bfc0647205a7015ac19be28ef124fa198348e9b28c95cc3af1890539ca58dfe32b7859908b0b81b436a7f0f76516fb85046edf845195c7aa589f333

  • C:\Users\Admin\AppData\Local\Temp\CabF143.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF203.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b