Analysis

  • max time kernel
    137s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:05

General

  • Target

    sample.html

  • Size

    218KB

  • MD5

    990f789724f223016f199e88551ab96d

  • SHA1

    818e1a2cd36986c364c711ca4b2e2fcb87275206

  • SHA256

    9b0183e199d76b00519b2898e4738777822f3ec1c3b1b78f1bc9cf5daba44dee

  • SHA512

    112017b08f1cb91c81d342fc66faece69112537322b65bf59762e162a482a40a250ca590f73a18de2e8d47c28a5d0a58792eb9e012b50c93758f73e8ec1db0a0

  • SSDEEP

    3072:S0GS3h58eibTyfkMY+BES09JXAnyrZalI+YQ:SPSx5Wb2sMYod+X3oI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1874e6bd9ce571a5fbfc3011ceb2aaf0

          SHA1

          b4eac2b3320614dd3058b41dbdca9ee9734893d6

          SHA256

          69b4cfe1410b3169023e2ad0f0e16d0f6675ea257ade7a55cbd0be72073ee121

          SHA512

          f3acda2ff5c1835181ee311c630a953da7b8e1b713b01fbd90914414fee86e4cf019dc0e011bb7ed750cfbd34ea10459483dda446e4e057403e505f01783c95d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c5e12d367ebd3c5855cd67aaca117a06

          SHA1

          b4f757ba97bd492fd4471140b86e978d407d4da4

          SHA256

          aeec22c8eb62ae20a5346bb5b684c3c7a29d3a37d65e6451d4568ef1a8c338f4

          SHA512

          6c346b72e074cb88bd2fd3273596fdfebe959f7f6be9efb0d95de641a5c81b5691ff9b344edd2a7994089975bb527bee05401ff1f9bbf63199945e27f54b5973

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          108d31d06780ee8554ff843ee20e8e49

          SHA1

          c0e689327932f727b0a6e0e66f86f7d66f7d604d

          SHA256

          8557232df20913c22fdcdefa201a7be0dadd1f55f6da23758ccce7b214478588

          SHA512

          d856f05f611f90501e5769feb39e1672cbe12522fd44056b9b2b6f21c20c3b76331f4de12b8cdd1c573854e0eefb767d3df412fb0be3aebc0474cac0e999f0c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e3e63eefe8f22adae3a39a8ceee20fd

          SHA1

          b4ffef9a88511adc1861528ba2fea21a9917427a

          SHA256

          f958b0120e843d3bec2cc8d296807fd9c1368642898d95ac3bb0d12333d5662f

          SHA512

          0cf3a7545441798b861e096ffa4c780ad9a97c8046e790c6b06e059be0da18b1b4a7eb6a17c6116172e35a22027a7ba7df9b4794438ae7a300daff2eb17b4604

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          083b3c466950ca9d07f522aba44f798b

          SHA1

          76de218ecc18a24f4e9d13c8404c531866351934

          SHA256

          5c726b9b858ee71f1f165341ce7242696f18f88ede96aaeab30b9d5d8689745d

          SHA512

          88d3313c2e8191653cb32b2c6d0150ef2508fc13db22ccfa6cc805372dbc2b364187c84fef4fdec931b4fa920e5ca26763e67e5f96579fce96ad3f0f67be6dfb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c3c1c32be5699e29564020da1704868b

          SHA1

          6ee0e7c1a180a0f4640b03122f8efb7de7416dfd

          SHA256

          c84f666898830df6b66145773f92e91552a543edfd19b46a29831a1266a69482

          SHA512

          5dc6d68f5de5596ccfad85dfbdf80d20332c68cd57244b4feb264495f538084ba26decd67db65ce6b649efed44007a786ff040067b77f30b437abb7ab3c5e308

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0183ce6920bee3071b1f8e1caf04e03c

          SHA1

          f36db05e6bcdc29e07a4b079d025c96a49db2976

          SHA256

          cecf7c059631a4f3913e1430d4748610a2fe3e2d1d29bb0e55af9eaed2fd143f

          SHA512

          7f22a9cf1be2bf7e0e1ba422684ca8a3acd723a28c85a5935a48ac5a138b31665ad56d3ba2af7c07377970d1a952f5ba4ab4deddb49945f38ffa327c5e0b7f66

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f7d631b723880f7b4c02ab391f9845a2

          SHA1

          c1fa7ef4c30cf6817a2f982242abd9dab5608bf4

          SHA256

          13979abadbe7dbeafc307fedb8f694a94f4aae6488341265eab5bb7f636b7e7d

          SHA512

          67a399fd98d74fcf28e31734732877c9685dcbab79a2181c5d1a26a866c320d9739e526219f54b21f0d975e9a02275a91e7d028ed9375b1756672c6289d18a29

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c6b367e553430652ecdb298600062b1b

          SHA1

          d8a6a20203d3238bc422ffcc0577abba61678a4e

          SHA256

          5030b4d8cc00d063339ff8b049d11e42525a4f25422c10455ebfd1793387c8f6

          SHA512

          664952fb45ab53382b6f95e2218560eeb986a67857090b9962bbcd52061e6bb6102698946e570537213e4b89c4c070a81092050b4e784e075f842499eb06b42d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cee15abaa97c6344b2996eb0ef73d52d

          SHA1

          03657d10b8c0944e06bab1ef237a934242ec9342

          SHA256

          929d3c2ad1a9568ea976e63131050f8955edefb191c2029e2bc5e71fa0c8281f

          SHA512

          57a391a202ef8736d9ea900a87d395988647a508f3fe9b1340d3b45a2b3de01cadf42d90573773747c8e61539f899122377e0d9b50c52516e1d41a95b8527fa0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e2464d5d1f9d4e0c233d0a967dbd25c5

          SHA1

          fd2998f4ef1e44fced52253c77deca27c2d8ef65

          SHA256

          1b0f59221e1d6c8c25c7aaa2db6141a1ed1bcbdbcbaad94a3c63cabe43c79a1b

          SHA512

          4931b79079855d8ede37072d5a8b7e3bc812e04b6768bff03f78c7d1bc24d5c006e1eddbcbfebf78cc3fba2fc046792cbcf78a5bdbfa0dff24665700e49d67d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          08a03f2b595bc6b597ac96ac64075619

          SHA1

          f112c4fa787c1cc11604b0c90a872ee9cef76876

          SHA256

          71f7ca24e6909200a0d312af2cf2183356e9015e4520ba6d57b1bc19217d7871

          SHA512

          aa78ad255c9f27bfebe75a94f9fdcab320f515ac739ae21661bf37c0286c7b21289240a97c95d396575c74dd0667e74879a2e3883ef1d13f2e64aebf4f056d47

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          daea15c13adee157e6e79cae2246a4a5

          SHA1

          d08cc2ef3629b0511a5d319b790622152d6ba081

          SHA256

          846d892269dcdf36d438bd258604ae081354e92edae80aeae6973f0de178a30e

          SHA512

          a8791ad6bed118ee2b120333998dd8bdf6bde26d64db288808cb95aa77930319bbaaaba658ad8d8f74dbd4635e6a3881de02afa124c649abc2aa4fef9d7233ba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eaca3945d4a0f95125d576c22268293a

          SHA1

          4d30c4c3ab1462250fb8a745f1e0dbef4a99a145

          SHA256

          d26da529138d6697ad5870ac2400d7f5ba4a598cbf818dd01aae4d8a3f6f1bcf

          SHA512

          896e9af5e41edb75e8ce70739bd1333dd9ea92860ac8c46ad2176f7f9a24cd7a88bcae845840cbedd01522ab3731aaa2c3a2d948177bd3ce755cfc35e2263c17

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          47797111da99a84865bd6b6359e841eb

          SHA1

          23e1edd033a6d4c0b2588e162fe693c0ef49fbc7

          SHA256

          35dcc78617e64c9a6a4968dcd67a591cf3f35c4d81270c873bf38ebbf9040409

          SHA512

          94c2aabefd33a0b2759f486c9e00af2ef9a239d336733b11e0b659497ae7d4e8df774473be3391f9799ab059f2b6337e412c20f0849d17d63b0fd635e9f04830

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9ac9b16c8f982d304fe50e4ebdc98e01

          SHA1

          bffc0202c06d43fcbbe8f3785f48a9b05d7bf131

          SHA256

          aa86511902ded90bdbcad39153283adcc402f9a6a89fe23377df6e4ec3af27a8

          SHA512

          b5b4a13d5738c5c44b46dbf31648604f4837d71dcc990442061c832e763c02c9bfca241aeec43ca9e8002b8c823d4347cc86527f24677d02a865ca2ed15832e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          56d828a268e6616a85bcdb18524e63f7

          SHA1

          57b122337795a8f746c9a0c0e4993b36391a16cd

          SHA256

          cbf7012c2074f6759050623f255d2526e6e808c92d7e08f833ac80ccbdb5687a

          SHA512

          13a0f4dcb56081b21b5be29fb430a2e4343c3c38891bb35cff4fc3bb356a415c8a9e3c503a032abe14c2826b7cd3df24fc230d179e65820ca9c82b418155b25d

        • C:\Users\Admin\AppData\Local\Temp\Cab5FBF.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar602F.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b