Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2024 09:27

General

  • Target

    Monaco/Monaco.html

  • Size

    7KB

  • MD5

    2e5b06a68987dbff532ed8d72d63b553

  • SHA1

    c59bb21c6d91ef1d03255f73136149de85421174

  • SHA256

    eb270e94cd54a699c59af4367c6f0e46d0402dd9f2e946940bac4b33e7f04f18

  • SHA512

    648b4128b13fc7407d3a6fc99af7577422a783aade5090590bbe24502b248df4253d40c444932f1fe652e4b230ecfb2e86b3641c26801ab3c8e91f072230be52

  • SSDEEP

    192:wEod3Porv9MtAmQp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PoMBw5keghHwjt

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Monaco\Monaco.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee9cff24470fb7ed907f2b78c0669499

    SHA1

    d30212a8543acb7e640a9de9facbea1e5c66bfd8

    SHA256

    7082d92efaa896380260a23057736f4e6b5298d9cb2d44a3a942f400b64330b6

    SHA512

    07f6387d9afafb6af614728ea1158dd17a7f79252fd86029072d50df789ff30db6af8be3b9926eea144fa16a252c581e42ae5fee809c4891d384a05120cc2fe1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    676e2f995d26214fbb39cb08cadf4362

    SHA1

    78b7f5f907a860ae2dc5f282321b8ef89efe2983

    SHA256

    77e3ea51eae9e980b118b4d70caaea45631112a363afe3259869a2922250ab27

    SHA512

    8d437769ffde8597b442bf9add3c95e8c424775d75ec2da2c2452f8f5883fefe12db039971b1b9b698e8383b62ee7f939dda204c01a5d7a064a8d57d618a51e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e2e029dccd0c8017e56934ce4f9334e

    SHA1

    8d4922b07c4f4febd160fd10968261726bcdffcb

    SHA256

    2832765eae694248221cd38503e1d575dfe0944bac4f1692f3c95eaf7777e32e

    SHA512

    948c7875a8e1d646e271232fce07a0765c7c68cd4df934d2ad587fc4b880bf0a6145fdd3d8454edbc06ab8c6fffd0d1c7bb11d49fbc63450811ba0f09c672418

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2613e649095c5f57f4d42c72dd8e019d

    SHA1

    f0d7eefc7805563b16d321159e88cc8552ad306c

    SHA256

    e3ac45070e5f60e45342da331b0779179c36e31ac8ca49ac94f5165112566fd3

    SHA512

    af7b47acbdc7b143c4d5d506a8c4353b7d8bf7cb8713cbbb24a15469ab4a50549797762b0c0f496a51792e3394607fd49a60faa3b454401785b0202e00e25ed1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5e9694065e4acf3e1356a3dd795a44b

    SHA1

    ffaf2316b79a421d38ef28984a6c3f5f01826780

    SHA256

    bccf3fd57f3c3efac147746f382009ee4cb1e814e87b1c1a298c55bef9d43276

    SHA512

    1015101769ef4960731941760592a2e927be76a6947d0e9dee6c289acf595f6e301e610cfd4ad0bf4ee56740192ccf03a506cc77c15574780ace8ebc531c284f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74b909a97e85bad330706a1ce1f16106

    SHA1

    40b1d665e7d1a942405983f48d1040d5fe907456

    SHA256

    2d9d8a86b6e3c21bc49095dfc51f326051167e55385b93615cf702838d46875d

    SHA512

    da3328a12117eee7bec0729ed43e86acc2b6929b8ad77107da627fdbed950fb41c67f4a4882988e7092394fd3a793a2ec50a659ef7e3f07f5cb242607bd2dfa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e113bf67bbf6fbbf909c8d588a6eb249

    SHA1

    b94baf4d68dfa2fb57d6ab336ef3dc4237f2f432

    SHA256

    cd1f6edc8a8a1c525d7735e7f8f182a8147e75fcdf31f3e1d053e30c091997fc

    SHA512

    19cfaa4e601aa394e0fea9627a303dd2330c1698ab96509d9ea9cfa03983abc0e9db06faf7febfa355716681b25701f8c97112c55cf2fcbe1fb6c4d26a02e911

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e38131f5c29adfa320b428df61c11c1

    SHA1

    620587bc3386d01e72b7a6ca6d619b949fa78476

    SHA256

    6a63a2e85011e98df7d96c0821b3c546815b7ced77340d2ce11b2b9c79e6f0e8

    SHA512

    732421c44b5b80184765e2b46dfe10acfdd90737e07779a961d7710b9be31896363e9e02d7ffe932efc44b5b0e041144453c5b6b7a64e0d3dce10614db82a042

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e884791cafae2b97ce4ed575bd6edbd5

    SHA1

    6a43d0565d380eff95d2144f0cc1c01739463a58

    SHA256

    c1846065d1d68c97f395e5ffcf73d3860eb3f228e1db4841c3581298230bba4e

    SHA512

    16ad34d752d7b333f443b3a28f031dbb2dae17181fd3705bc256bd86b61a2bf173311ae2ee062464d6106728f0ad79b8715a008b6adbdc050678e5315112513e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7d28efe6227d98ae96fb4246598bc18

    SHA1

    bc3062ec65989a5b21ac1889be8e5a353a30dc2d

    SHA256

    bab6a29362426ba4f74516ed2164bee5abfdde7720dd7aa8366079a6cb1e978e

    SHA512

    a421969663a0cf66624f9d694ae26f2ada2f4052c5b340078a715566516cc4994881668c39732ee3dbdaa59e99d81cc1cba15ecdebe4a4d235ce94741729eb10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e16287b2a1ad0ddd9dcddb517a742d49

    SHA1

    64c8c4208fabea9a2b4f81b5c4ee2adc66f08b09

    SHA256

    0d809f8ee95a0f6580ded7982f4582cf50e4bef3259729962da7c208f527b7c4

    SHA512

    030ff1f69f368c205052286f30c9248378a94f441a8e897f327f01e397ff886b4683b813a62e8a42fe259440b5e77fed93e7e6ffa63662fcb834ddb07d64f2a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06187f9143b746ffbd6c8586a49b9d73

    SHA1

    55be84fd982a0abfac05bc2fa4a14738e1167172

    SHA256

    ac3a2c062a2eb88a4e9dd40acce0ff2957fb3103297b265925761278fb4d57f1

    SHA512

    f4da2aadb5db2d9d99bbe5fc9a5e862a444f947e0a2880e656abd17041e9b0149cf8bd4d05f03021f16b52e067730247ef224c0e383f029783a18cf6ca63f4b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bfc4f577da8c3951ab062fbb01446de

    SHA1

    13b2705c998d299c0f5f3bbe5c86685aabacc338

    SHA256

    f3580058856eafd3c882b9da385a24768430a464b993861b5ba49d85b30d1089

    SHA512

    40b06c1dc3299b3ac8e67cc58ff4e1987856e5edaa4d25747281360f48a48293fb573d34dcab576bc0282dfe245c86f841e95eeebce237a2119b9fc782bf4059

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e717df4288f7467203c9053abe51d91a

    SHA1

    0265d591feee4c092b78b55b5d6dd232d3293748

    SHA256

    08a70ef6be3fbd8728feac574973a5a63c788e4576261f1e9ded01558ee8a2f1

    SHA512

    694782a192b4b48730f3b984f90d56a6d74b6b21154afeac8ac67598ff864304b98d64a856ebf64db09f21742158167cd832c4d4a7172b84e21612221e7ef257

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d12593db9aa2f48773dcc4f933432d16

    SHA1

    a9fe16ce2f02b2f487ab047af678acf360b85de9

    SHA256

    c9a581f005c8ac8f0f37003bd03ce362872b05312d19c6b43805a162ff90fd47

    SHA512

    7d5bea85eacfb25e2a1cfebb532df664b9f37ab61dc6292f4f6f01fcdae390019acb009fc46090ab7fc6c98f85efe0059741f4a320c4e7dd0eb8bcbb769b2a0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df0fcf1685f0b35391aacf6e91a8bb17

    SHA1

    60d1baf4acb084384d2a8acf2568b490fc208371

    SHA256

    6195b7d324deddcff4252e927258d3a2cf372e6f47f6419ab37c1b22b3982f97

    SHA512

    dfccd40a33c3b12c2baeb568899e44c9a67070bc3f7baf3f873a17b00a9289211950e33d86be1cd73e2d92d4520bfd1247a9c429928533582834c0486a5b41c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2043399881818f727a77090450c25e8

    SHA1

    e8f9980c6b01085e1e37c47a8a586681f3ca6be8

    SHA256

    2ff31a7995a1630ae1090edbce2e05d019131a2c6639feaab87c3276dcefe063

    SHA512

    02364c200d480efc27b30d2660a076af3700a44c0ac4d7a9b7f75dcdfcd5c1a734192fc6d71111c5b03eeff053dfc3b8e58c3b30308628d059c571c691ed708a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7571d6f9c90a607ced7ab15704abe106

    SHA1

    b43a415971b3bf8d4f4f29b270a5d11da3c835e8

    SHA256

    4368d3cf7564e1f5e41e0b1f39dfc06072e0ade51ecfddda9b9af089c1b05749

    SHA512

    502d6e381e540291020f8a9010d015a32382ab0fa9bc4983890e4910a201793288e36c3c51ef0befad40dd322da3aa034f94becae94e90fa4a60635bc0bbbf59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c21701dc2f1267d8e984a88bf2034417

    SHA1

    66eaf3bd465d7f847d4927e69e26d7a1f6ce5c28

    SHA256

    a339ca19b24c028de6fd6497dded46e6482746882f42964efee7fffb01694148

    SHA512

    3ce01a0304284eb9e97b13305ba91e39004863fafab1c52230861df1f66fbc403fc6403414bf2fb1cf7fd612892c92f7127831f69affa314f66097b9854d6eeb

  • C:\Users\Admin\AppData\Local\Temp\CabCB4C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarCBFC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b