Analysis

  • max time kernel
    137s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    10-08-2024 19:44

General

  • Target

    page3.html

  • Size

    2KB

  • MD5

    8d0955a1112c3d07d10dff3eadf3c68e

  • SHA1

    5f1c94e1596efccc3b40de911e2a9eac574815bc

  • SHA256

    b9a5fcd0fef626a1aa31476e3702ebfe15405128c0c014a5819fde3784bef4df

  • SHA512

    f472e2bc89817655725c38ed3e403017af72d6bfe228d2c1dc7c46a672cdbd40eda14bf67bd01a2b35282b2259133285b7710e74751bdd38a9f5313c62ed6dde

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\page3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d046fdcc791b20c93be03bc938a1cf19

    SHA1

    da940a3f4c711128c213519335e9654c064bc5ea

    SHA256

    f2f7fd51a298b82aedeb999e08b5bdad94dbaa269f31f7e2341310a91534199f

    SHA512

    393570e28fc75a6e76e0972e3407f7d93e53d7beeef84e05b2a03cca075102ace4120520170d2489193c58c76e1cc951a1c6bfed9a4cce35079ba46b10d3a6c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    663c1390e7e71d0d18d65e2e8b4275c4

    SHA1

    d1720250322ee5ccee1f12c46ad3821e46354eb8

    SHA256

    b32d93e9b0c02e3909619c28c3518efe23142fb5dace63c8df85a41b7ab54b88

    SHA512

    a1f1d778c3645fe76fafbe8f97dbc311ad0331d9019baaab56e81e01e57e6a53a2db8f61614048d26950d599cb3733f7f3bfa57edd09046d3f50d89e42bee743

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4cfc83aff70bd3d047457662da1d0b7

    SHA1

    c701a7b063fe2c0a7a764737ab5ff3aeb61254ea

    SHA256

    405e2ac9fde1c073c11c9b69324f56ce990e7b01e17080e5ad300e36e24bfab0

    SHA512

    8eb1f22486059b723f7e46ceff0eb260ff7bd9ce8d63f4e1d21300b2ba62b15e54772e13be7f6b00d7e5a3bfb3adce1e34b8007ae941e0c5bce7a4073a7180c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5e913d73f1b73d57e9bceb19d910b90

    SHA1

    f2c41e93c817fa99d76c46eb6dc99f398e130f28

    SHA256

    6ac2caae0c38ee6eaf0f4656ffc0d814e52ac960dda08cd5c77d394142825c40

    SHA512

    effad6cb7027422c804a14147bc22bf298ed50378dc4ef003a1dd5245b6afbd87d807949ff3c9cddc84059ca0e224dc6ec79b1d1bfed448dbb3a647bfb096cf6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf3a26fcaf42f7521a8ab30a3f0d98fb

    SHA1

    d61db76f3569d2ece5ded8b210aa6b2f51290be2

    SHA256

    3bcc895278b013441509d223b87aeb676c7109f5c6ce81132bbe240485a8a6e4

    SHA512

    a503bd5f8d5dc5f1a57fad188e32a50bf087dfd37d8516eb6231f1b063e434526a2e5308ba393969e927dd7c1a1a4bc40b4b0d6305a6b84ac7e5611962306fe2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b59fbd8bc34d39c4b914a3237158ca42

    SHA1

    08bcaa9ff103f4ead6773a6a19b1b8941ad0140b

    SHA256

    56d7d859e6641ca198ba73bcbae2b27168938d7e8a9f4805a61141dc9a1fcc5d

    SHA512

    2c8e991ab83c9110ed7c4ea75af47b5300f4577469c83502a76aa829219b7740ce711748aea3da3f36bbcaf4e2c426a641b53a90103d3a70c3cc440128f1415f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ec09637bc5dc1ae6f0e796ad7a784d2

    SHA1

    064bb8dc28d3772b267de50226aafb3d5d23d13e

    SHA256

    bcf18c77964b04e26aa10e4c8c871e6828fab060e352af3c66ae7517dfd82232

    SHA512

    56a4b6cd574e7435ec2c5f73367dab5cce7cbee952be0e68560703eca980800cdd78a0ceded978adfb678773babd3f0a021ce1d56fdb827e7803703f43da2684

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f022151c319d142e204028fe034fb84c

    SHA1

    da3d34d95d56a734e2837cde9c529a22bfdd6d42

    SHA256

    7ef00daa9b4033a7fa14abb1d1277e6baac3fbecaaecd97790bf25828e5a9758

    SHA512

    da7f1a4b913708200e928cc7bac2caa87a5bf01ea4450fc92b96b8d9562f5d57909825535ff424948956b40584b5894b842db92a686631f5ef62c78a42d6ab6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90a992b003bc3ba496ae9752dc1aa3e0

    SHA1

    719a236303e99368c18e1ceabd4a5650e397bc16

    SHA256

    2b5e7d72cf1b0e6cec288a2071e6eb09916be528034a6d0510c7e139fed1ed2e

    SHA512

    f830006403e56d7ffb4abab36feb856b3964d75bb05219570883780c468ff8aabeb203408479cdd67cd075a94779f11d52a2aef3539732714b6957b1c7141e9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66fa6b61fa6875b7d60f680a17e7c517

    SHA1

    03ad273362c09f6860a9014fe316dcd4f1d54ff6

    SHA256

    243efe60c0cd7a9d41030bbff948176b59f7d28474b4b88b6467ea65b4ae2a5d

    SHA512

    be48f263023d6b5dd95b9b528694362ab83b7dcade33a24f01d3a3a532681a8e10eb6ded1cf946c6561e9a34cb39986e54be14f134e8f9192d7f4c5b7abc9282

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fa5f43c32aa15995245b51711b39b27

    SHA1

    cc7a090f495c79a4e510b141e69cf06d85138ece

    SHA256

    2dfd95102665450bce4f36b94e7154273842a4de7f402b99e44bac0aa1fc99c5

    SHA512

    df5bcc63d932a3b66bb1565f3c1819640f7d7bdec501501a1a6cc56eee0eca4118b1a89ab342701602ec474359e24d7d9da587f45f604d96161e7546f053ed13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd87f7eff11b5fb88149ad9e6becc930

    SHA1

    dc82e35cdad47efeecd4089222d6bc12fd1ec53f

    SHA256

    92bd57564517c1000dbb0803a8b3a2439d88065c7eb448b09ffd4db84e14ed43

    SHA512

    3fa614d4c8a77b51eeacfa260abefb1961bff418bf40ab5231c46689cccfef667ba3790ed0b7a159633eda94400a094b5f0bf95f53fd30e5d60cff1f0ed5a106

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4397c6ef6d699cb040fcd0efba1b5a6e

    SHA1

    561662578cf35208f5ca4223510137693df72361

    SHA256

    258a4a08dad8dde6857df644677041cdab7e611d70eaceed57dfeb449ea92e52

    SHA512

    75d9125023a0a070bfc52b4fae87925193c2ce9050093169bb9fdd8d3ae76ca556a0b351d79954151fe326b385cdb02d97ecd5631bdff1ab3f1840662c42f4b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1683066e50eee01d2f127ddebb6d895

    SHA1

    768337263e0a6b2c562be75a6e1e14da2e1c1706

    SHA256

    38825d4201e83bbd7e4bc555d4d8a9b4b145c893e1b4ad19d1f05b1503f6ab87

    SHA512

    3b12980af075e841bd50d0d58aed160cb9ecf691494a4e2544caeada5bd692264d4d18cef8c36c9c8721930fb3ae2802124081eff2399fc6f3ac4cd8d8ff1640

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc374b8e8299a8717e8c199118846e88

    SHA1

    6f6a27d7a273feb2173182132ade1b2c326b081c

    SHA256

    61c8b61c36ec598b1321a2b75961c6e2f773033994d5ab61da413d43bd8174a6

    SHA512

    e9c244f2768b16dcff07126dde9f67916968284e1fe74d967fadef273c41d53ef458644d463195b55e250392d100a091439759ea5c12d847bc8801ad5f1a1b90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1abb8e1df0594eed55592d880af2590

    SHA1

    8f4fa7626b66adee2a6f99186d7fa13d8d01a36d

    SHA256

    e781fe59fb34631e7e7e522d734e7532adf6ee1ba7c6f9f78b0df10ff7ee3c79

    SHA512

    96215dc350d649a438e138a81ce3e372cce08c3f64bf7bf1b48cedd33f7b3c0613dd424867fc5024aee41944d14e79c17902f1b5844c07a5cdb17344a7ba297d

  • C:\Users\Admin\AppData\Local\Temp\CabD52C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD60A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b