Analysis

  • max time kernel
    136s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-09-2024 02:02

General

  • Target

    sample.html

  • Size

    220KB

  • MD5

    a68501a2ee34f26d87e7b3a827632d09

  • SHA1

    819112b1c9047154ff500719d2f10c307cb6831b

  • SHA256

    32048f1a1e97dee0382a8cd7af6293341b804f4726e7c2f918b6e0be5a873b8d

  • SHA512

    544fa41d15a7cfd875343df15ecccd08ba2abfdcf602a38e9c35b156a0c690596819c8e343007ee97e193b14e25300de00f37d1b00097398719dc5a5f277e57b

  • SSDEEP

    3072:SeCl6tl80QDdyfkMY+BES09JXAnyrZalI+YQ:SerK0sMYod+X3oI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2b5ab94ec6270d26708e07395d84ada

    SHA1

    c3aaf5d9f32ddc05ce7d15e29e63b1b6f8dcdd8b

    SHA256

    3117345035b5a351fc85d1eaeafe650431652883d4240e93c9555efb6b19a980

    SHA512

    070a609f40a3d3f8eceb21d229d9213d21202e1ee95cbb53bedfd4f67f9178cae2506037ab43eac70809a34a5f7a2e9bfa880be0fe0efe09d4bc98b4e1856cee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6b242feee4edb08faa0e686d64a4eb6

    SHA1

    5a903d9992f2a57169f939083c331b81773de575

    SHA256

    4272aad732456491dd32344fc7e56e280a74d24f717e74a643be7bc8ea77cd43

    SHA512

    c3646d2ffd4ff285a06285d6eeb66b5cfcb266fd3a31932d51b0c8a6fdc1211c2481dd4feb2ce5587bc9379c7f2e615352dccf91b52447d358729f93d6a1b667

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c692c22168ed0dfe513f25afbefeaab9

    SHA1

    75c464390c158ff2068df22866a7384e8e596d7a

    SHA256

    a530e08be489212e3f9e37a93dc62392c5f8ac19842f3ac3dc0775748d3ea61d

    SHA512

    26fcb348430c0d848a413d54c7ac90386f826aa21460b58ac091a0a3e69ea3d9e5fa43af122142c5b4c30df06019cd12bb0d8ba30021985cdf0bd4c928bb1061

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb2e25cce956731f065e77ad1c08d58d

    SHA1

    7adc7c1cb7e88da1487514202671b29a8a249b5a

    SHA256

    2e50676c4931ba5a343c3d31237a6d05ee318907840063e487c7f48b1ee23df8

    SHA512

    6804cc34b971f2f16a622c36ecd39996d72124885fda658733343b77df658c1a92b106ccc78868f4d123308a1e3d69631c74f5c68b6b547827432dd887176ee3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    148a6298bf74727b73ecb112bf84193b

    SHA1

    3434f11e3cc3b466006765b1b94f4b89047d6c1c

    SHA256

    62cbf0d1ddf8b9aacbec2c58da72d46bbd843465750f5463a44dfb6b86648fee

    SHA512

    7f577395703fba1104cc215ebefaacd2552571bbd52c014a9a77c00dc001951df5c1d4e9a9049b70455e8b1c53a0fa4bbdec58762132908d976541cde2a52c07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab86433a8ed228f20a80245dba6b6815

    SHA1

    b6b9bb0d28c8d096dbd7eca4c5fabcc7f56f23c2

    SHA256

    7b4f7ffcf9fcd4910c1362164bb3387956e7062630d94c392597a9528f0492bc

    SHA512

    3f94f45bfd0826c8e82bf88a6fe9c518da18f5a2e67ab76d67d3c709264824894c459980901192e9acf0419c91b45def08e437d610ea1271ede1e1eb6acf7134

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b01a3aff118cee5ef0fa298915ecc838

    SHA1

    a06c11440908a2cfceb01f182cbdbf88547d3d98

    SHA256

    635684acdf0f8d0a068f51ecf25d53e083e5f75420a02bdae456686d629158e6

    SHA512

    69c551ec17554f19088db46ddb05e34bb8962c24663655a3c712db785c6bb5531770cedf7362ab7283786de366a36c800a13307a47362d2b2ddd580b82d8019c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1743b42617bdf4aa8ace1c13b54daa99

    SHA1

    e640acc0ca86a6f426eedd58c864171a3660e191

    SHA256

    e5ebe680d20d185b3705236f76dd63f4454731f04eecf99d5ea59d52f173c28d

    SHA512

    5e03f649d448ea1354f3c9b9d8c09a7f0d8b2e8ed72319e4e179590ce0c4a85b874a37d4a960d2138bad96a4321dcad1e8054a98f72c599b5b64f45263c7a317

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d41641a6087934063ab4c34bb2750f2a

    SHA1

    11acd24efe044429c56f1d20bbc0e9f0d4a387bf

    SHA256

    2f983f177d16e30715addb569ccb7699110f77358fb86da92a1e7300f2d59a02

    SHA512

    fdf66d3c4b012aaf6f77f78c6b6200a71910c1e3feceda2958f0a4a79eb22adb18d46c5616d7a0251c26f0a1b87346b188319b47edb68462a0ef29b66b034306

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30ea266a10041c59f5b96d08eade39e3

    SHA1

    198a1b4b59a5b1ad322af2693526d7734135d764

    SHA256

    df58c4f36311d15763414379cb1cbfb533879d382d73270d27271247c149c10e

    SHA512

    e0b45a16fe5a0f3cc9e4f10361846aafcdef984fa0214c496b65edb0d16054df6c5bd87fc620fced7c1a6bc6826efab2ffab0f60c12dfc41c7e89426c235a7b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9e31197bc93912fa9b0e5bd996df9b1

    SHA1

    0d68c12f8354a1e8fef15abc449b4f5444c5132f

    SHA256

    9517e72dd50516595a329f23a74c952081095c7802e06865fe36e4da5a14c1f9

    SHA512

    720ae0e625754d2ffb5ee96f633081d63b2e0199295616830f5260719e20fd34e663eb515325e272c3b08c47ebd65aaa95458c5846bf4081a3db85488880cce0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e649c2ce17602d1565bb0d2dbc702b2

    SHA1

    c9857c8ec26a72147af9e53731ed57d172510983

    SHA256

    a4ad9ba5e3a71fd9483bb4530b5f10a69ce400364c1c6a762e782a1df046ebc2

    SHA512

    55066f517879803b62c67331935f24e888f698809def23c1d8557f0efb08a0edb606e21e8ab8098e47b0dcb761083f80d7296c4e7a26538469e53c5475d62aa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3015d719b3c211bd4211415a7c42e75

    SHA1

    5552aabadc08272df6cd7f15e101dff38ceb268e

    SHA256

    bd015d197013b4058e9da2318b1d89cc8b892b748f14b9ca890f51b4d7e52a6a

    SHA512

    e5227e93d42ba5e3624a160b17abe41ba5ae57a59fc2636f34085a8ab94fcf86fe7554aa7d5939ea7e9eacbdc39a6d4c61627848239a4277afab834b3afb8f8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b234c1d47744432a09f25af8f38f9c5

    SHA1

    b998a393bb1949df94b46707533b4ae3d4496388

    SHA256

    75be9eb37d5ecae64228a66f3639f3c55895e9ed3452ff1f18e16d505a50304d

    SHA512

    83c348f4fd9262c3801d9c139be89db7f11dbe819d80b5366976472730f7cafc0738e94d4956994ece31f69dfbc0f93fc7788044f86f1f6432b1cb54640cf02f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d90395fbcc574df711696ede7022ef4

    SHA1

    54879ce451cf9a98836a5acb40838d0e4ba816da

    SHA256

    0bdfd29fedea523e590d3f17a4175cd71be0e91a8f3ad9e3675fea9974451874

    SHA512

    7e0ceca00a0c2aacada8b5d168b535b0bdb29734c4c5eaa90a50f8ba5ef87217ea341fad2e4edb2547d4d250e76c7095a2b1738d4cc6051ef033853520204d88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1833c41cac6dc564f1ef9e7d208249c6

    SHA1

    e283e473cc482007d1edce3621bb7a45fcdbf5fe

    SHA256

    62e9bb4ae9316317142ffac83bd4461086e12461999712c62248b6d0b01d121b

    SHA512

    9b319e9321a67882b938d57a595c6eafa40d40095d97c5418f5308974cd5adf235cb04aa0c49ba7e743c70ad11abdb6e4e62664f3e8e7a427b2334e1837ebb84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb7e084efc070870126af0e8b5ac8637

    SHA1

    6f75f5c370e7b89f08037e9e29c018d1bc917d88

    SHA256

    3f65e569517de7cef771334b335e492006e08c18ac660f3382015c6070ade02d

    SHA512

    fed7c2eb2ffc74998fa24b0d1e3942759ad1285a04947d0ed48ef605529260b57794a51270c924b0888bd26c28c233215ba074164c9c13231a7b4ace78a1b553

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e911d549ded9460f663801253bcf0cc9

    SHA1

    457013eb25229443d108c8f5b420501a6c9adf56

    SHA256

    34b9c593c5e858cd424bd255a2dbd48512a48c43f1f9ae75a169fba83e6c489a

    SHA512

    11bfc79b27643f68c41f7767f51ad1667cbad5fd4bc9fecc3b7cba708f95ba7918d03ed5be9659f29429265e6016b4b0b7d0cf06118288b0fe8f5a2bf5e2b25a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    470f402efaa5cc0daff796563a635194

    SHA1

    dc8af0d4f15a049dc7b6857255bd7b675c1284fa

    SHA256

    eb3957073df9fd916394d860abe3faaebc29415fa045ff0c01fd15d8cd4fac17

    SHA512

    35f20eb946e27b012568139eb20d6a934b527730a4c66449e872079acf763160ac4c8f7d2131687283456895acc51b466c44ee89f1daf7ad4d7339643074ed86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f61a240e21c5549f4f39eb47e0333079

    SHA1

    edbda05a0ffe4ad11acd4d0c602ee063f86b433a

    SHA256

    d0e876f579e9c1fe48717c12b87d2e7baae20bfb9897c0a4b91e5a491711f75f

    SHA512

    f620c760ef664862f2eb66d4bccb9c15025cd47fbbd928de8707ea9ca2ed826ff93e28ec7f3570d50743b1aaccf1bb9f19a484903364a1505efdbc4a1dcbc048

  • C:\Users\Admin\AppData\Local\Temp\CabC2F3.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarC354.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b