Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18-07-2024 16:24

General

  • Target

    https://stopify.co/FS52VV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://stopify.co/FS52VV
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2864
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c5218da30d6547a0afbe0b092a331442

    SHA1

    0c83a035584201f112b8d8407d38d16c6ebe50f2

    SHA256

    81de5822b6726c232e14f7a60024acf9558996e7e3ab20d33d4ae2eb66305a3e

    SHA512

    e04db188077b0ed4fff6c1a600e614b2bfe506cb123f1236eab87443197092732a2e3dc483876d86451786689fd37c32b952cf34a96d85ccd0dd1707904a6d67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    398e5985276c7b91e5f537747f01e59b

    SHA1

    eb1a3351f8a3fa096d3f4022f274d3b4aef2dc62

    SHA256

    4d38212ce0358a1d5eb5748a5bbd772ec23afa81f086c7827ef0c10bb246f0f7

    SHA512

    2c529a318a995d0e7c317e082232a93d27c11870735e084507dce8b85f1d572a88affbf4018f0491fc5352cf4497f54a8d1d9a43cc07663a1c71d8668548d041

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    31ddd819e8222c3d53cd4262cf292c65

    SHA1

    f83611106fbc7d3ad4c671870bfee5d01e6fc400

    SHA256

    dd26bb413bddfa27c89c07ac10fb28845a129feccea027bee78e57d488f7fe4e

    SHA512

    5de13735b171d555be9de2ebb7e10a89f9f69b6bbe2e59670e467cc2eb08d6418b932bbeb9d1a1699691c09526104001f2e4cea076d3b04ae0feb52e2041dc75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0805ddc89637b4f28784b52cb3cd1d71

    SHA1

    a2807af2b46e23ed7e2b5180b4a7d8caf855005a

    SHA256

    cdf8dd835e6b4ca388f89c32443538c05e68acccbd8dba9c2199372d525ef36f

    SHA512

    d3363e6b1a8315a04ab00acaa996e535c5eea83d0595d52851f995521788924e88c6fa25fff26c09e9cf9a74ebf5bc554f735e00a664f57c777f44ed9435b3dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    06e89e7e4ee236cc25d223ea8b1934bc

    SHA1

    de08a4d404a2fab8ef8f8d37cf9201979df65de3

    SHA256

    c078386f17d5c73ede32bb5cc94241942643679a3de3cf6d6e361f04dbd87b2b

    SHA512

    60e0a2f229d6ada1580433556464bebc7f509f953e1053c9fb7beebd4db0d03ff8647d8e913a8f6e8b50b97deb2ecea979e27c43b9034c5964268bd62184c7ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ba4de21bbcfc363492e8b4a47ef85475

    SHA1

    d9ed39a94e59df4b63a60617a1cd423a57a1163a

    SHA256

    b847974cee83b30a39e3b6615667a8215380969dacda331d719b17965fc6aa51

    SHA512

    b3dd15936a82bdaa3e06ed99f31ab87f0540bd86001b04439d10ebc087c0f0c5cac4bdcc7a9dea77e475ca4efc005b18bda6b5487bc4bfa3c9c6ef84ebaf3001

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    74ffec5a70d575d81f043700bc4e488d

    SHA1

    a4f8bc2f6b7138a801f6514a628ce423beb6edf1

    SHA256

    d64b019d069aa15c42dfad750135e7bd2e20c6561e180006bba4b9a26db71f52

    SHA512

    bf8c608cc3d5abf229591df0cb99ebb5510d6e8b2a038a1ee10674f387c2f136712a140c45824cb7d31d8423461b542455b1f0041ec18d7af06d323576e17b28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    132b599722d77625faee8abaa07eeb07

    SHA1

    bcaad7421d5d99892a22d426f16fcbeda81b615f

    SHA256

    8bccd62218559f165d4c35c63536ab1620404d6fdee6e9040718996b8be02936

    SHA512

    cb1006b3dd1f12ecf9fa76336b542e76e7a45c4e365e65ca7bdd9c4a71c99bc306e93f6eef0a32f2fe57ed98cfcd9d2c655d51c8b696fc431485c7f8c60fcd1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    77bf63f843209045516b4bb788989680

    SHA1

    34d5159d979fa6633285f55c25d561b8fbd8a61f

    SHA256

    f5e3db2a0412062e493edd9c10d47e591051ff7c918c9fc30cab85dff64ab594

    SHA512

    439eaddb4b0c882c2effc7c80baa169de013fc8cf4b136bc6437ecfb40743c85c3048c92b89f1a8285a2ad8ca27885cd78e2ec8c6cd73531ffcfab9979d2afd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f4dcf949b44680fdf2aab5dbd849eba0

    SHA1

    9332f9b11edd781ed488b9d689335806f66278a3

    SHA256

    824e8bd6bf8064110aa4c5540a9e8da0f5d943de30e308ebee49f2ed702394fc

    SHA512

    07fbed449b8bbaafa26b426ae7835ea557a1f7d1434ba0658748e083006d760147cab8c2936c7e55b56d7c4a5d1e1c56e4fd249c4e5256a10d8e6e3d465e5dcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    dba37e25d4fea94aa478455b198d781f

    SHA1

    23115f9b25de4d706e7b28b91ced9504ea78cb96

    SHA256

    80daafd15b5a0642408d13eddca0239bed908c8fcb9e6f048616a2198ba94104

    SHA512

    5611fd0faf13d9d99eaa4755e12ab64c17b324419559c33f7396020caf0e060658210be24d702cf3df2b63be4342868b6fecc26c969755f8f1c9ab67ea533973

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6a293d0492c9dc0ed9b6561e6de78737

    SHA1

    53845d47432fbd2f3ddf50fe833e1ec23db08b79

    SHA256

    b073038b35b2f63c3c3b3d496863d465c4a087baa2f08d8c1f2f6a36ed6e979f

    SHA512

    c6505f7d8bbb72faa412042ab69d7b5279f23a83e842fa812fc10019749a9a32c7b36d99e3bc6f614fa19faf1c627eae5b263d09076b27f4546733ceb3173d52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3e5ac22e9f1793e6974c210b2167f031

    SHA1

    e4fe20751f2d80e93994b88192eb11e68da24767

    SHA256

    44518b33bc427f8bb1d7ca3bdad73bdfe97b3ee877344f369ea47012b8f4e45d

    SHA512

    1825395745d861b16b0fed0f0ebbfac4bac949fb29d1a257e868cfe5fbed0984ba4fb3089efada9fa743cf81f5957c07886a031dfbfb60877057a0feb51778b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d77ae88257bcfcafaa7cd68e41c4db5f

    SHA1

    5f2e1d7384411966cbef760dec14a9f6ef535be1

    SHA256

    4d61bccff9405b798f76687f9f54599fbf73361c68fab97503a1436b769ef019

    SHA512

    963b284a72a4f1c897bb023f8366c174dc63094d3d623e4ad4238cc4b1b03e6186095686c587826434c50126c06f4c86572659a048252126b0bc7475fe1f4ee8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    5a6891dff9f4b19e5e10d08dd28eff82

    SHA1

    3b54d55865ed2dcce08c91716226e90d5f3bcf01

    SHA256

    ccb982dfbf01b20a7e8a193a1b6dd86905e61fd6316f139e908bcbd95b4c9968

    SHA512

    43d3015509ce34a43340bd63f7407b85c10aa3bc7275a2a2168e4bcad5c0e286f550e5b904c2a2f8c81b7acbf981ee0094ac766ddc96d0c45a506d2c68d4e0d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d9b93fe7a190b1545810cc05cf32c474

    SHA1

    7d9bd89e50196468c20313871e3aa645e16a613a

    SHA256

    6901c77438589c170b797422da85dc0c6f69a82251dd3f54ad7babc8e821836d

    SHA512

    130f811acd8189b54dd37f4edd1024adf2fabacac8a94a8cda21c759e50230b7800c0c9f50b5471a04b3cf36e90474172456a4c9e167a2c576c8f852c327d2a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    81eb0bf039428ec32f78bda1ac4950ac

    SHA1

    dfae211a7e25358b43ff69d098c479c5b46630e8

    SHA256

    f158b3e3e2a9f856360115512109153298b0e3bcf32ca04fe2c0bc2d7b2c95fc

    SHA512

    e9a51c974a331b8d1ce44e35f13dc9fd1312f79b12a7732624ffc0c4c4eb52f838dc40df9e7dc7a2fce4fec09a3709321fa6b9b5cef5f22dc801c0e16424681e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3c9c7194a8b879ba8f873f31f105ccda

    SHA1

    f54e95d3f84ca372f163905e0bde220e96713895

    SHA256

    7751b262630c87a034d37fd561bc92bef96efa5c0a73312e9858e89353a8d3f4

    SHA512

    75005e4322d1958be733b5be12e18efdb6b7d0c2f08298b2915feefc7cf917589828204d5772b9338427a21254dee971180fa40cf4adde3d37f01fc5cb3bf169

  • C:\Users\Admin\AppData\Local\Temp\Cab871C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar872F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b