Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27-09-2024 14:14

General

  • Target

    404-13.htm

  • Size

    1KB

  • MD5

    0267ef0118f917681a00b350c9e6911f

  • SHA1

    314e8f5329983d234959a4f7e94736d99d039d12

  • SHA256

    7bad2da380f6fa6f9aebdea5a0350d377086cc68a04b92b68b32b0b272719e92

  • SHA512

    2b4eab9fef989f1d325546b1deaa9a40f1a421e619bc9cbb757abf20ba8e7b7ff236fda375b40983f3b7a6fac2a04b6b803bf8e0d0e1d5558a171eea14000a88

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\404-13.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1364 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59e01ab9b5e89dc4ca4c85615e30a026

    SHA1

    fbe25738eace307fc65244a18decd307195030b4

    SHA256

    b7f9f298a3d013b16590e805a7f839bbf64ad109e0295d70b0e01ef42bd56fce

    SHA512

    2b2b49edfdb3051bc5057c904ea971cf60696e1b77d264caf94655a882d66534a9584cbd8036fc7afa1c0ef76306e40c244a371d01e1f7aa5f3766f5ed8fbcac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f3fc0bccb870b9424d0256a89092483

    SHA1

    09c343a7a699eb36c6ea95b2a2be0958cce9b1e1

    SHA256

    38bc7efda3123ea01aa525155f7e2ff4c594758e3ed60f5bfcc1f40423ff6198

    SHA512

    dec13bba8f08f5e03dc8819eb6427e4c932c0366ea63bfc342819a981c4367ef9363987fce394a019436fdb7647132cbd9636261272f57be24e6174e00e8c75e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9d64ba943d85e41964b31e5a145b362

    SHA1

    310040d90d98098a4e3b6820c1a3d98df54240fd

    SHA256

    ef67c7de00c403b80e9b82411b0e8e005b8c83254e2462fcf99e7f7c29f61073

    SHA512

    5b39e30a7245d43024f01795ed95c9cd1064f1719c2abd444b900a84f4e2a94eddb6a510df260487a7f056ee8297ca751fed04d846a141b4c972d2de7d91fa06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c1c80af0384a0d2b2e9807669c4a0de

    SHA1

    f25e3b122dde39f724b06113616005832b20230f

    SHA256

    9e586232d540a43c35a4a1038734236a106a3bf23ee835015a8b06451c89b38d

    SHA512

    349ea1f3759cbfddf2c337cd1e822e41b91c4518ff07b34842e1bd09e8679dd253cd7ffdb34502171f8f82cf576dcad1f22e105e34c04129375cae1d2614ed37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5e9e0d66d6e204ccc29a7fefd86271e

    SHA1

    a1f45e0f41873c90cd560f4ad7013d629bafa81c

    SHA256

    14147a61d01a7d8003a5398463f4ba3e555ac8489faed60ff8d5379d1eb2aa59

    SHA512

    d855f04abde3da8724a0666f77c8d7eaf8e8778e22ffaca44a3efb9eb385ade55e8d19a34605a26ba43d110f6f8f28f01431b7d3bf43178d2ea624b42c2ad5ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    498d69ef30a89c100b94275664210354

    SHA1

    5299ddf2304876c05db2a48e721a563232358a0e

    SHA256

    fa44cccf32553a1e28656bd0e2c796a0b42c8d7d75b096f281a3a45dd9167b4b

    SHA512

    4bc5979a0099b4836fbe275850b11dd1878249bea00f6afcfb792c1cdecc244e820efec937140447c0c2f8e8666d8cb5aec230ebcd354e92944128555dd152bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15896b9af64f5fc7f8751aba17f4fc0d

    SHA1

    1d5d648a343404089454a656c9fdf8e535f1ec77

    SHA256

    3bba8f0f6c68f00219b96eaf18569aa032e8fad8d504a5cc8f906615434a4c46

    SHA512

    88e5d1e464a0cbd93a189f043c036bd42fc423adfbf96e65437e7bf3070f2b5c7f7e08c885516af78f262b899277f185c1dbc03d126e07319a33296e2cd8af4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e9735b5420fee572d0087bccb9bdfa4

    SHA1

    5df3bb69fbc215bf1dd8488bfe22805678a41694

    SHA256

    03b5534f313c93a84be90ebc48e010f5e1eca7fbd67ce0443f656e45f4a54caa

    SHA512

    2052d53122a39b0e94c50e43bf381d97f22f698ebf0041ea4927556382f954f45ca6754222a6baf5c0d3e9460c64e2fbf5c9cb952ab1c9800388be6f3a03da74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e34392e17ba7905a68be6a5badd998e2

    SHA1

    170c7e922019f9dc0005df1c8189b36cce07d933

    SHA256

    a8342a7daf5cff63aa5e52ae8491a1517f33df9c8ba6b7c5bb50e8dc17973dfe

    SHA512

    14b7b285ec5ba9170942cb5bf240947e0848a4bc40a8fa709f5f60e954d19f057c4bf8149c7fd456b7edecdbb8d10efd0faea109532079f3b71afb0d93a9ecfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5078f1cc7552676e48f1159c526c3d8c

    SHA1

    836b1fad1a31617792d0c84b4b11eeab1c031f28

    SHA256

    c3fb0da869fbdfacecde239c1bf68ac451386be60c4829f479adcfaeafcd7f6b

    SHA512

    03591f35d5bd6748f13492e3c6d43286c32dafd789da9643922c46739198aaf56daf9fdc1675d6bd6347674626991313be0ed4849014ecc31382c6364eac8f59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e08ca7dbb0768eddfb9ef8ef6543ffc9

    SHA1

    8fd58e65290138d4f0c8452d7b2a0faaf4fb4676

    SHA256

    73585a4a88ad37e07c2892124aeef50a33dc74978e3cbb6435c8ef0a29e018ab

    SHA512

    1f9f9d680e7657a417975ddc5455459bfc991292a8308c1c2ca6f0fe54ab17990f06078fca2d499e41167c04b54dad699444b6d287aec4a93ae4ba0c0d422de2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a66632b3b7ab7e6c59c7a031b19415d7

    SHA1

    87550e6706cdea5d2b1a29aeb4c0c49e28b720ff

    SHA256

    30fae7b5bc88a7b30128aaf15cd2962bceca422e56d43ccbdb0898b794b4cb30

    SHA512

    e0d15b866677f3a76468c7e9352d95f1f6884c3273c703eed2708647890c7ba9689513a99862d0df348cfbd0894db2717a4833b949c58bd8635cc580c79e4af0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7258ce95dcd6a360b00f648dbf6b83e4

    SHA1

    15c67551699eb2535215f275ba5167e91d9cf553

    SHA256

    a6c8cb6e96713344fda59547f902aeb4866ef8f02c4b2a2b1650ca97a5b7de14

    SHA512

    aebf5a7dfcfe691533ddaf2acc38826ddd4f01c6e8976ad3b598b96716fc0b0b8d1b1cd79f738c72ae44dac4623d74a785389190695aca16bc2560013434f27b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c42cf28d7c78eefd000c34ef92940598

    SHA1

    3807e7c424594842d362fcf1c260e53074d0d9ac

    SHA256

    552a98dc18cacd238accb5db0661441c46ac41e623500fb1d9da17221bd223a4

    SHA512

    22af022ad0ffcadb667155095058fd93203fc53dce409fb151588fd64d4b691a4ceef6f530ef4c1ef1bfb92ae386a5a6324fcc9f667c5017d8cb8816afda22f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7e010937fe08271c5ce1f8103ab831d

    SHA1

    ef29c87d9fd1ee39939ddd18b611fadef45ccb0c

    SHA256

    e70e06815ede86190f1761bb22c850db91010aa0fb50ce5554759d647eab8829

    SHA512

    9ea7cfbb148d94e50015bec80523b702278f54671c1c493e5762dea2b5c4597962ddc270fffb3b7fe81ddddb7677aaa83b2349076d735947c6b66242aafc7197

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cd85c2d6026359d2e77dd33f1870d5d

    SHA1

    efa4c4763b6f23cb3e13f142cc62a9e4538ba699

    SHA256

    ff39e0429580e2d838b0299f214a91ab8fb95097257205a8a56e76f4b4c4e054

    SHA512

    f20fca34aa85151f6f05c0d0d5ac0dc59ee6382a2d204e45970400cf5f366ad94df7673938ece795179b10a907303b4e8addb9dabefa6fd6a26e1e2d3f98b5bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b3ef75e2f19217b4dd47db955352814

    SHA1

    f687464595394292d793a9da261b7bf88fff5969

    SHA256

    ed34d59157082e855ffea5a1082527cf89f845801972723757e2bc56a1656940

    SHA512

    483f67bd0fd99da652332b949354bbc4a7fb953d9beb42243aa833c559c2b25711143277d3249a0e9f5b14d99185466135e9f81e9da0e7bd7b103b763522cfa1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a75ea575f466e8ba6804e9c2f99340d4

    SHA1

    abda109ae8c7acd72f8c7ae03603b66071e59dd1

    SHA256

    e430036f570e9b3ec924e0eea86751bf96d94b544b6c1821ef87a916725f5fbc

    SHA512

    7415642bc488284417076c541fa6785e2bf717b0604f89ec6c503703d77f3dc495a24275ded65907e856316b0b1b527163914dc15a2004651275e33c7b6d6156

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87b27dc63b4f4b5db8cb4b5db396d8b6

    SHA1

    da55c27b07e0a180e8c28d949a660d44bcda1dee

    SHA256

    efd3c5dddb545bfef6f2bddf141693df31fe89beeb433f7b5b82f7c324cc3b8b

    SHA512

    422906ef111cbf66708723c1cea3eda27f1f81fa9596acb7b6ba0b3b8241ad60821fd482cf06164a756da061c9e4489f41f8d16347fc1cbdcae8f0e28f0c15fc

  • C:\Users\Admin\AppData\Local\Temp\Cab5C75.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5D43.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b