Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18-07-2024 16:24

General

  • Target

    https://stopify.co/FS52VV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://stopify.co/FS52VV
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e8633fccf4ff166e225471b9e5fbf05

    SHA1

    9188118fed6ba91be0f855a1494b81bdbc32b9fd

    SHA256

    e7b2e0f9ad0b85a25500aff7a81d69b997bf6d956ae8cd711c2acc5c4700b6d5

    SHA512

    66d584c9ae0ed1fe097fc68b95e2eb6965ca9e5927c79c0e3f002f2c364bac01e8173a720d4e52acccef83bf322c6c3f07ac875d59049551771f54ce5d6da82a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2e3bbcc8639ea4837a07e88b55e06eb

    SHA1

    121c81e28bb173c18f69577bfb267a2f9d81b8d6

    SHA256

    3e3c278dc1c6beae428affd79a46eba8f07678c65fd61930e39e0b70bba813e1

    SHA512

    81f87d9fd4022a6ae855c958fae1e73a7fa638389860ade3bba5f44c918f0fd6d5f18558680adaf9cf45ab4ec89f3dd5282075af394a27cdefde0fe8b5c4b38e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fefdc31bfb3659ba6775dd70c1c033d

    SHA1

    5ebb834a71ae8412ddda1ab2f8f268de42f0a128

    SHA256

    21980930c336256d836d15f100a580589fd5ba4719bcc652cfc678101218505c

    SHA512

    14e905b16212dc0427900d960a993d6033cfdc16eefafc5cea41dd418f93b5d7e1784e73074b09943eac91b36f0ae4e37e193094f14642b9518b89216769c1bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    913145f5fab46b1977ae4d94b67f4a06

    SHA1

    3fcec554eff881bf71689fce610d4f6a5ae15e96

    SHA256

    72d3689109282134ca19a7c9ef6a352794a4f4e2e10a505db1d2a0bb220944d5

    SHA512

    483d9200c2010c8791613b7bee7f2bd88b28adb1baa71055f7d2d7c5ebc612ae491561b7f978ed65720584b31bb7ae8adcc01ce9b7ee6e94784f2c080ccb32ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    777bc02ea92350076f59e55dd31ac019

    SHA1

    fbfecfbde5223048e3993f9b41d8447d7d24472e

    SHA256

    a4e5e0156de5a0e54d6ae7e90f9c335ae5f192bb8d1108160920efdcc9c36eb6

    SHA512

    0276da51bc87021623e598ccc498a1685995a48d68970d72bbbbed60eaea4f27c40014f3d68289dcda8c4e1c522835ec756aed90710fab901a72a81576620c45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4928e4fb48d379556c8f509b9207b10d

    SHA1

    2f43d16e462d79f108637009c862214a34f9182e

    SHA256

    f09f57b0d187872fceb857d470c65e8666b511c26a15eb8d301ce54572940879

    SHA512

    106d34c62721ce4fce49ca266e27dc8b8bda75e7c7300e6d9d57f7dac8ae38cdbe4d578b56f72d30355e7a86869c9356f07cd2767b3801af2db270a3e6d75f26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eaa1361986c4bc399d166842269e3113

    SHA1

    4a38917ceb0506eadd3bca9a1ed5b032c09f63d8

    SHA256

    74d9b86b23b2fff7bf14c15fd2edacb8e5b35eac35758d3576c568dfdd7ec6a2

    SHA512

    98311c5d6b2bd695ffb8bcd18a6632adb64997c1074b5f038f4a5e005ab8f0d1525511eb7a6ff03968dea14e8a835d3320364aa6b221ee06f6a0cc12572c02bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a193fadff8f712de526280d2e9a5ced

    SHA1

    a9fd2571f9bf2a7b298ca8a7ce741d2f57924db7

    SHA256

    ea54e4d0dee5c24fc145b71be87c3e29fb52be346f685d16d8a0c1590bb58743

    SHA512

    1cdcefee903e0bc3ddbb44cdd01893b27a736a6d7edaa5854029a3c343d61093b304d3bce8c298764023baacee9154dcf62de8ec845107ee535ec7917f2ed680

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf6f414b1985c1cb00237f6410bf6bdf

    SHA1

    35d30b90d2ead60dd5508cb06face9a9bada69f7

    SHA256

    4e282c9957429f1f37b276b47da9c0bc9c52afd1755d8eb1e51b565b5abc75b0

    SHA512

    9a0de15c04a9ebf0fd87db7126dc4d81b59ca600adb81815d1550e3598aa447978348dc242091e23c10a648ca3c14b7e9d14f4467bc0f118ccbe07520d56a927

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    caa240eca513485df4e01548c34ffdb4

    SHA1

    b1e3a0cbb19d1125aba8cf28aca29eb38c51f39a

    SHA256

    8b60acba33b847703b7a03018de5c122a0a70e249977f5f71812a7f7d20763e0

    SHA512

    e7ee69e89f5aa374a635b2945b0aa44cedcb7354549a80537bdb1d13c9253a63a6011776fd35de5931affeaaf0a76947acfcdcddc4858a0e43a6d5a743ce1aea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80ab8a2eac81f0811fe59d86d4c338f3

    SHA1

    ff11ca016ef33b5bde3c07c264c61a4bea768150

    SHA256

    3d86eca89e4316556a5a49f87124c8fe3357ffe908eaece2eef20cf2a1f5aa18

    SHA512

    dfada60b4ef7706b995ae1becce1966d956647c95ec5acd189b5ede9f180a3019546bfca61c62b78c7176c3e177fe574ef8bf2fec6880ac4c7b6bfa45b179493

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdf1f30aadc678b78af3e9163a71da75

    SHA1

    d848177dec950f3103213158a1509f4bbe8481c3

    SHA256

    6b762b5419dc09a5e7898986c5a6e384407b8621f8fc168ed2b72715b08ca495

    SHA512

    d17c8476b445baf5dcc4edf6991c2cdfb432c8aba1aeddd9210bd0bff1fb1b598f327d9671744f43e9c7d2b220468c9926640a5730c2cae1221cb1cdea91e8c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9c048ffe792d455f981211f7627f774

    SHA1

    f8a1b90da71c3b78451037afac0ea765c9961caf

    SHA256

    9390aa7fe538cec7b815f1c90d2e81faf767beb3ef8087e18d29a88c017f92f3

    SHA512

    6f429ec64a5ec4e6f051fe94bac50324f232c0f4e66cbe72a76d015127557608af07c8b368dd4429dc1046c8da0729320fb004026eaae9be35c448d1d6eeac5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b148bff7f4b23531ed5ebf2766a2638c

    SHA1

    5c1fdc26afbb440e0b498f9ec16181f8c9a4336b

    SHA256

    9ab4b11022edb2b2d82bc4c79daaab0e186dab7536d03bcd7787f90d433b9c01

    SHA512

    2e1806b54eb1cfb65e6a258e8f76506b8768f5e147fcc262b874f8f4b913b29685a69b210be07ed62f0c75470006763f9356b5556f6a9e1b5a5be1d2f15defce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ba4eb4e7839e13aceafc398278ed5b7

    SHA1

    724dff9ec7c9358850580176e3d72453986d92d9

    SHA256

    997010256eb23839e9ceb80953a0becdb4bf99b35559468d3deb98bc57ab64a5

    SHA512

    e8a4f6d496f7db3f1ab30e0dc1732f23ca16d791fedbd7846c974acafbeff48991f4b44ce1ed37fd85cce5780bff99ff04b58d492a147773cbe498c8ab0aaebc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b0fd02df45d93574b5784bec10cdca6

    SHA1

    360cac544d2904d4ac7e1f606b9bf613b74d2760

    SHA256

    8a5a5bebfc5b60f4acf213a4be2903b89150135afe420d1da4049b0d1084161d

    SHA512

    1d43d9216ee6994bd9fab33751c13847a26fe644944831e22fd60667f9ccc09a7f0976dafa7328b0817fc4dfb51b608fd23c1ffe319efd6972c46af4a119bee9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    545f56b68fc19bdf6c79178810804a17

    SHA1

    834b72a6ff6fc742808812d871753b87e06c4f26

    SHA256

    45f93e77d2ab34bad235d0d57a4e34c375bbe0b75558dcce77e6eb59ddfcf01a

    SHA512

    c063dfb21985083a8bb1d9220ab3e913c739a62be9410792f5d819170bc4ca76591d4eaa314dc9e6e29465003f7bd02eaf7ba17241a13c73a34ffad3816e1d6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34d52ec7821ef15b32079d5ad22ce361

    SHA1

    16ea239b189306239dcfb1cb5a34643960d4b321

    SHA256

    074adb949f6aebca2c71f4b051cdb8594c7ee052513d7dcc9f5f781e6ea20a0f

    SHA512

    9f1b7746b7afc75357c06c7219fdc13c3dad6e2475036ce803bb063d2d91702c62fa25f9fe22c8ee6385aa9ac20309596802540f6ca4ee5ac65bdcf13b1dc425

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d9d2d2a5e13e7dbbaf41de00e9f2190

    SHA1

    ff02e7d72b09d942af9c312de1c8c65a7cc765df

    SHA256

    88a4db8fa16a089c38404263be8ae03372000148f9635892b1fa2534da8d7eea

    SHA512

    cf44f884952d46542316d4dbe3a2b8131d950fdc64457128f0a2d6d1e7837eb09287cb314d566fa0268dd4fbd062cdc25056d6bc6c5cadcdd01799435422d8bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34c02545fabacc37d1c444267fa212d5

    SHA1

    86e30a3df0584f885286b394997d1ce55d88f555

    SHA256

    1a74ce968e4570a17653946d6ce5da309ac9164242dc78df1da61e49286f097e

    SHA512

    077346356712bb7564556687d4037e1f81934938b01d92c7055c894c93d38282f0c7b670de1261b9a4803fb9413448063d6077c901f761622fcf1d56c986f97e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d690a7ed9c1f633c5577d76e16d1e14

    SHA1

    26bb375dbf372351e69d3860c251a4872352ef7b

    SHA256

    fdc5228f8d5d2a35a93c6dc5e8366fb45056f6a56c538aefa357b94e5b09c6e5

    SHA512

    3b81f84107819c9c84b19feb378ef450ec8bbbe770998e1e4029f32a72134e8d6080b92db80f2d2adb2fec9c04f81c418b64fe67aacba8a184e1672830a089b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8660171a7330ace392f3cf9a963567c

    SHA1

    f3c12a8b9fa2c0f97bf62e094ad06e2440ed3d53

    SHA256

    e5ba98852b5a37b763012c4d3a222c20f03dadad4687f16f9cf42d914a82c7b2

    SHA512

    2938357d0b1702ea221a907482977fe25fcd8b9b485de824eda1f63af14be49caee5f6c21a1d56c66698d1a06ac12969a35e2f9eada4ed11506c6a5d9cc5d665

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3eb7859f2d45275e6925fc78f113e543

    SHA1

    865faf3035216f577ecf02f5349f3ac464510747

    SHA256

    14073bafa2663cacf93d32c860ff350784974d1aaf4b2c2ce5e914dc80b8bf14

    SHA512

    9d7af465b7e8e6a8cf089ecffa57a1686433169a1859c190e2842bad2fdc961177e39a3e7599bf223dd43671f1f49f7c4ded4bf2df6c876d7cc447d246c05010

  • C:\Users\Admin\AppData\Local\Temp\CabFB23.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFB35.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b