Analysis

  • max time kernel
    1561s
  • max time network
    1561s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 00:46

General

  • Target

    https://grabify.link/K2VN2B

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://grabify.link/K2VN2B
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2420

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd3bfe1df5a3e2b32699f00c511fd8b6

    SHA1

    7f7734fd745998d26800d3d5e6f6a36056b828f1

    SHA256

    accd2a4a32651ca5162a8100086bda0dfa514ddd9747a4e259c60c6dfd4773ce

    SHA512

    3fc71bcd5d4711def50feb052228eeba39ce88dd1562a504e2cf7b18bc82e139ab5f2d8e8248c4aa94761dd5582155eca2e9ce622bac5c821b070f796c803597

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94063234551ca6f6564fcc6e69062b36

    SHA1

    7e65cd9e837bcfeae4d65ecfc86479a653c4eb65

    SHA256

    8ecd30037fd5db3c44e6d720a1ddd2d0cca8a6b0b8169c2dbd6a7c2545206e80

    SHA512

    b9efe45f91faa926d3471afb3f75c4201a44e8199a73d150b81f22dcb653f068756f45e5021ac25c14178b1bf1b9b38bc0583eeb157ecd996c26bf0393ebb558

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8a129a19427308e0f587651512ad1c2

    SHA1

    4a23b1587acfbcd4395e77c406ab739d4a576e09

    SHA256

    97654e15121d04d71545303939af0cd846bb2b13e79f77d574c830107e3d24b5

    SHA512

    a2fd591396530b4a9558dd4b9520d6ba29552ffe8a782c7c5503545888d9a31d95695038225e7f71099742a1a5655062a3eee5cbf0a70ebc77eff33f64864891

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3abb2a90370b33ed60e954a46453e641

    SHA1

    ba4f84edf62a1acd187586da2f2b120672140ea4

    SHA256

    1575edf4c2c97141722638ede471515e30c5e28b2e6d14d0954020cbe35c8ef2

    SHA512

    a984b669d1952dce26113d1d8b964a7685c640f5064fbbde0aebbf5178c30da3606e0f980b040d284d74e8e1f8caaf8ed070b74be4c08c6e11902dd70b1146b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    885a3661726c41961d6e36da33b71887

    SHA1

    23ad18178784b9ae8abad5e988318812d0415d80

    SHA256

    395f8ba5c92cdb76d65a526a9dafea94350a3d0f98a05eacb0630b06ebf1e951

    SHA512

    8a2ec1feb64e9815d9d8ea60ef02d77fba061db63e0ff5e6ebb17e4211e3bc113235ae40fbd3fc5ad2aa228c93144b68619c3eea8ef0a36501f84e819d3a5492

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e20de5b2373f9319e761d07547c0d53

    SHA1

    ea6f64d09a4ff48f3f24f111bc871056127c519e

    SHA256

    77225851bf37617487c2a8a817b574b44ffa222016de221a60465e366105e060

    SHA512

    b71759d3ab84dfacff4df785540742785716f49e5a432d045d8bdb8af2d5cd13174475775e8030399cd9e0431375f4a45d9b118f9849b40b494720e04c4a032d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be8bc2b2a70925c78bbc92e7cdf83040

    SHA1

    2e6c497787d0c23f5453961ce3e5f49f75391181

    SHA256

    57169a7bd71115767ed83341a3248663d454e0d0368f741b5704dc70f010e351

    SHA512

    00389f79e015397b7d3745f2d993d50803c57af0ca80a72e7d4b02f0c804c13dfb18faa1d362dca3cd0cbcd5b522c025740cb96c2589aefe90efbc27d5f0f96b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c9b6ad4c05f65a321d0c74f4fd36e1e

    SHA1

    c5a2fa5f7a80c9929abaddc46f0afdafe45b7dd8

    SHA256

    f657771c14c932fdb60845c34de9de937d7671b737c1a5a57d73076adcb64638

    SHA512

    ab5f8599c793aee488baccff4edbb3f54a3e88c71ad2c1e895696ae744f3ed4fc0821ba8d01fe1ebe4a8c28a28b7d1b16d4585c89b1ef7fd328246867491e75b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    981b99c7745cd13d98d125304e2e7eb8

    SHA1

    a2032079f511432fda5118a6b6af07226da5af47

    SHA256

    8507b17bbf0b5a9f5e1e21941febf718e098c8f69e180aeeff904b6d7b6be8de

    SHA512

    fef84e395f17bd854556a2221c9ee58ef56fc4e0a5639c84c07e03a2301bb8bfffb0d56f50d5eec5693abe00494cc0353a53d338897330b57c3b6c09f3e42b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8dd01031d46eced2e1f42b10b6c7a19b

    SHA1

    a87d227ce5dc33fc1c70ba5be6f6c6694d2a95d2

    SHA256

    d59f0431aca1f9d496b1547de63a4050b7b3fe522a67dccc1f8fd42b9f329142

    SHA512

    76481fd08c5be0a7241af2078993822a027c65e550a791d46d4e9d10215d589b6cd44ed1da404eb80dc1868c47d69d8fafdd782ec5785bc6710ed12ac61268ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1df9cd4d347aab52ead1a13cc038c845

    SHA1

    857eca0ffccc00646ab168d774cbdd70d12523a3

    SHA256

    55114e00f62dccb4d6bfe54981c25ffac04fd0d2894f0b719dbc9a5618172316

    SHA512

    8962ac9a3bee6abf70fc3317a1684011e8d769a4a6331fae64ab08dd1ac45c7e6fcda81e002643c68cd9d9e01999a400acb83418f37909caaf11c23e2456f7fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07119e8d62a29cdf34be161722e282b7

    SHA1

    11e3b6f7ae3876417e3fd72780a87aea53f9c09b

    SHA256

    7a4cece76383adc4bb1b5b3bf36b347284cb32cca01f7aefb3d9d5d2bbe34b6a

    SHA512

    9df5ac59c69c6e3289e7ad057817943f540917c328d1ae58b84959d066bfa20076bd75abf288e1caa2be4959b5016b36e88a7fb1ca7cc2c4a4f33e333aaf7c77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe8dd80144b3f62e420ad19dd257e6c3

    SHA1

    9e2738dac85663bdf8998045dcb28235e84cc502

    SHA256

    1beae8c5c24cf6707338d04fe91eb6b1efc7741e07cfc71b45b10c77a9505cf7

    SHA512

    0b6363eb070710dd507984b2fb2ecbb2bd6ad625e144f51b84f3023eb9d01fe502407a9928a8a037ae6345f72099cddfc45dd96e87c3eedbb3aa1473ac73ddbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c1c6bf41218f26e4fb3891459923539

    SHA1

    78be89e509493d905c43fe9d1af4d79703fbdc28

    SHA256

    f74712a7aaf1fd8ec946fefc9dae2a5a5812f9ce4e39a5343e2fd11a5c1e2b99

    SHA512

    6a4aaca4fddc8bf9617f89e1680e804976592aa7fdcb11a6fb0876ca7a4bfb9b9c6324cca5e444e254040be4d1f1829dafd5fecd2bd754fb114b065972047197

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    876d7befb2d2eb17fb6931fdfcbb8f7e

    SHA1

    d0f740efdd8ca3de12dc02dd244c0bfc8a86af9c

    SHA256

    469785c2723172827e70ae3525e75077d0869d15b3c62770f98403ea22d75f5f

    SHA512

    1de6c24fcd3db23917570806500a2af872f1f05bec39f495997027c57352a7a289b4276b1b13f6ccf4a74d1f12befe026948091e8b7b0f91b219cff77d8ac474

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    651e3a4db2860e570b7e56b9b722ca21

    SHA1

    20bb307307dfddfaf0f2a17c58cc7622bbc61207

    SHA256

    6f345f4fd5c226d88c7d0bca4e4618a86c42b78f906e7deb625203a2f01bc68e

    SHA512

    cb4f84dd0f38a973d5ef0487d5069f3fbc691d57980cd98ada00826b819e5bbdecea857aca567060bc7551f5c591280186daeb96f0c6805738ecdcb28795581e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbfe208e46ecd6f45bb9e4ee55cc82d7

    SHA1

    9e7a598b71dd987457b0cee89b9d271ca03b3e07

    SHA256

    2d0973c005c21c5d4b5fdd325064243ec558c9b889de09e5880a04caeefe2ccb

    SHA512

    267cff1daae334b6d16459751b03c7a50c6d8140733438627e799bc346dd617de857d2001605125d49f3edcb1adafe3889aeebd0758d7ae31cdcbcb74a9ac7bc

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\p6d9oj1\imagestore.dat

    Filesize

    1KB

    MD5

    e88c9d44c84f6aab1b1af082b23db46d

    SHA1

    0aca6e918902526468495a69cdec00cc6b47968e

    SHA256

    3e1eb39437e2f604b02d153fcf32a670efdf15c4fd85d2eb0d7f18da9fe8a540

    SHA512

    4a038cea0a4c9e93b7410441233ae492d58bd558df7357203d181d5f559a2e5654554e4ac2962fd243beccaadf7999915c6727f7d6ffb552f4bc2778e275d10a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQ7VMQEC\favicon[1].ico

    Filesize

    1KB

    MD5

    f2a495d85735b9a0ac65deb19c129985

    SHA1

    f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

    SHA256

    8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

    SHA512

    6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

  • C:\Users\Admin\AppData\Local\Temp\CabFE4F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFE50.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b