Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2024, 08:45

General

  • Target

    ɱ/77169.org˵.htm

  • Size

    4KB

  • MD5

    e3917c7f4410faf63e3bdcfff5c33e81

  • SHA1

    6848c2917ccc5e24578105ab31dcb23e451bcb10

  • SHA256

    a05f31f26ce57b9e2d9bb6b242731186374c2a0b11d1723af7e107f2dac51ba8

  • SHA512

    8b4fc3b9faa01722e49064f1f027f91860d0c7e6c8bffdcfe4465d6860857f0513784301902a10704684b8b706e9deddf0d39ad53db3f17ae09fee63eae7109f

  • SSDEEP

    96:m1OQF/fRA2RWhwM6wIm4yRgJ/Snq6kVUVTWn0M9tJexGTHwG6ak:mXF/JA0Vde4JJ4jW0MH4xG0G6

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ɱ\77169.org˵.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2792 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b093d5219652309fcd8a87b7a0722306

          SHA1

          ccf2d929be7f5404d570c9c053eda5594fae8b82

          SHA256

          19cba35b580a9db9a3fcc11ef4b69cf3978456c89acbf3ddb4f937cf4c077572

          SHA512

          8aaed628329bffa49c1bef9900a46af5e22b0fc67e3eeed917bfc63cd2c8961e56a65e2293edfa1c60f943451ec93b57242208903d72ff9f51ada09e0c43f716

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          067f2c8a8676f4f2ef4d169f0162dabb

          SHA1

          f8d86473d4aecfbd9a1261a0d2a6c591441b968d

          SHA256

          269761075b045235fc7b584a8dd56c3af7562a75058e1cce2f4c37928f97c3b8

          SHA512

          003d83a7b56bd85af0d1811e055feb5fc2d4fedbd19c8e14acbb2197e636e0c9b04236a4f34a6627c952ff120cc8389d60ff24d4a424b0870bfcb01582e575ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a26f8a409038600222b6dc71b39dab60

          SHA1

          0fce6e0d50bd6662f287b4c267703963a2017e95

          SHA256

          858bad754581ef4cd41530d4fab320138837541a8f19d82f68517a4ec691a251

          SHA512

          4b84a2c3d9be53a13aeae12a69f4672f501854e55d300ce8b386db8c8be0f19681f4d90b55b8d44f0f3b3f9b23c2284d3fcabdd5a917afdd808facb9b15d865c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          887a559b8233984d84c32564d9db8c3e

          SHA1

          e2f7bd95e75ec38cbbb44aa102fb45ba8b7cd44d

          SHA256

          7b79ee358d85cf975ea43d031a4938653f1b1b361a24d19dcdea36add2d5fe86

          SHA512

          a58d54f033af84b85f579db4a4d980ec5fd92a3401230a79dbacbc599b5af7dcc1614f6a26029d986c370c7547527967ae7252d14b1045019b029fbbd0cd450c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          49a1706b95f414550f047325e866441f

          SHA1

          70e454d4f736634b621fac4d46f62bdb0b5b6d9c

          SHA256

          13cd039beb9b79297c76500bda36cf5be5ac7cb249026aa0f8ad6d86e2b9ff75

          SHA512

          843c7397ff7f91a00ed4a9efe8038b49295a35246fc2006621a09e6291551d3dd65276d05786e6fadb405b6ded95579284a4e00651147fbe13095bffd0c09aa3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f4801ff53595a80da37ae1919c468adb

          SHA1

          8aadcd989fc383c8ecbc89c07ce917d260873997

          SHA256

          3e3263a3f9fe5f0c5e76f8f7f96cc2dbd42dba2da07f6f8901dcf78ac3878743

          SHA512

          6ddfd21b2ad11e18c84d9a69b848f50e722a9e8070829aa73f24e5813d89973fac75416d2004e992866877235ad16ea22204c249e943b87478bbd9bf8aa193bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4638e858824cf45c9fe566998dfe5a47

          SHA1

          3c018faa2ae51cfc796648b6bb3d46ff8d766fdf

          SHA256

          612c7a9bcfd3f6a1d91b6e28006733d2a11a96b3b068299532dc0c3e40ae08a0

          SHA512

          8e426de1d4ce8ef5b1b692c318c95f185f3571a13fb8ce9daf726fd42bef4561496a3578d6912df35dd6060f577e7b5a4b22730fb46f163c125a7d5d08b782db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66e13203c8e93cda8ca633dcf229511f

          SHA1

          ce72dfce7bf195bd7e2ee7a62f131a49f6ced753

          SHA256

          81ef1acce0969ebb0635e3a6711151f103ff4e661d900763f44b12350d4a6c96

          SHA512

          762903479f21f65def782050969e04f8615aa41becd40a3f3b211769bc139d8fc8d3b5855fe6a06f2a74dbf46e79dc7fe5324cbee3c4e3a7f7c44566cd4faad2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b861ea53ff580bc65bff3c2b767a6dea

          SHA1

          3cb52ca6307d78bd5c8a879226da762eb198eacf

          SHA256

          08ea41fcc2246f968fdcfae7919abe504636f96d686a07c667378fc6d5a7ff9a

          SHA512

          4bceb1f924d48951f1aa1cda4290e3f95a2907089bf1d0a53dfad69c9cce175b3b0e6dcd0f65499810260c95959980ebc6b8e806e3e10cd529e668e3d2140c8c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ee70ae09de7fc741150ca09fa4f3347f

          SHA1

          f53b41bad9c030c0d1dfce4ab73779ed81a7ff5a

          SHA256

          e4c46d43c90fb70f89030f26333794fb2bdad6e1cace6a4b401c60451abc4c73

          SHA512

          a450d43eaf86b6dec78eeaa8f11152141d835e9880ccca835aa33fdfa36a6a52f7096c217b4cacf5e3834c8596774e4d1b682e3807da085c60aca08ad6ecac69

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bbf0fdb8b5dc82dceb559b9c7d635bb7

          SHA1

          2889f78ffd2b5478b21dd4912d1a9a1db5d6499d

          SHA256

          6dc32408a63ef0e2f53719d39e358695108b1b0941174e4704548aa5297208d6

          SHA512

          a4f7152658df53aa8d3ff49f3712b238cc58f177f1695cc0e87f476d1a761e30f2360269c69228e9d5d1b43a28866b413b0baa773de24aa1e8fc021639451e7d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          512a8ad0d88ad1db7bd61e3f534d8d59

          SHA1

          bc6091ccdffd21104548b9dd2526fb0aefe01602

          SHA256

          1a3337176242511fd3cb2cb07dfc72e8454a91e6d929e5bd60ac0dc45775c586

          SHA512

          3c1dc6e4bf65da212a272f1e232a7ef193496e6b90fd3778d793caab4d405dd5e4bc81779bd2c5443961a5efa7af3d120e997aafcfb69ee0a3f8e1d0c6ab05ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          70162e3242c1599b5e34b46d6b475562

          SHA1

          22771d920f214996b486712020e2d3c8655f4abe

          SHA256

          0e6f3c3a84602223f91af8e45a5b0bb99c7bcecba1f30bd609c89c643b008bac

          SHA512

          bba7b9fe4f5aa749385c7ed3e174a724d8ab99675d1cd425e6467f68830795597d23d3bc3969ac5ec6efdf3ce5d2b52e347bd9d9b050371121122806d5873ad8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aa37ea8d992edda713079c1d32cc5f58

          SHA1

          6fd11cd5ef7a0776f065609a45fdc79121a7c804

          SHA256

          5b89c600dd3efb5d47aa7d7d3b850d618c6fee027b2846b2962b5100b8823a20

          SHA512

          2c7f56804f28ab06b58774f0a592b426d3ce4cfa52ac1ac97efdcd88c483623d71a4d27ee24818706787b051d3b8775c9227491cf9b208bc96a7e8d9715716a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6b5622549d82ae37ddeed265720be86f

          SHA1

          f2dc8798fb1b5b3139c95d13c1f120b28be63c38

          SHA256

          26282a8b8389a68b0226adacd6729461dfbe809ebaf5a7901a48833dacbfd61d

          SHA512

          80bb438cf86fe1a8fa106919b517c15eb2d1d5ea0adca40800b36f4bc4321f64bd78581799858e9cfea8bdcb5a54c7f0d2db923768521d0f09ec50ad1d803d9b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          53e885c6dd952da0169b5bc93e695da5

          SHA1

          68d64fc2831c2610fd19c7df0ebff55b1131a455

          SHA256

          24f894f67f7d8aca4701ec0ec6e3bd0ca52afb1dc24cea5bd8d014834e392a1b

          SHA512

          aff5dd27c7431f9b6d305598bcaaae7e68c8255f7f6a84b5eeeeb995106cb33e0a904537669c1f7668c731206576352ac3cb4f2dec8c3ae23856f8aecef36cb7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          93dfb7b748ab559ce4051cbe4674a03f

          SHA1

          9c47069a3a34a1efc06e289a7c4654f78186f669

          SHA256

          2ad2abc02cf7c65a3c0bb5731d9b657ed9ed14218562d0e2817a78e0ab0a4b5c

          SHA512

          064becfb4d6870e948fa73689edecf92d2e22e7fe95781af0ada551de691ed7ee450d8e92166ee090c07b9542b77d41d63510c8319b828cd188d602f99cd3539

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          15f9db3b4bfd3e4a9017cd4b40a9e7dc

          SHA1

          bda3cf3bf30d4ab794e47de7be94784dce9e2327

          SHA256

          8253de214ed19732ae861eaa5b81a13ce5c1308ff55ec210cc809e7093c058b3

          SHA512

          18e10592bd2f41244a351fc624fd8b33de69ab10910b4a74b51cba83c726ee5e7232ea5fe45c296f9c0fdd708c552a722296c34e81cee749f9a301b878f549c1

        • C:\Users\Admin\AppData\Local\Temp\Cab84FB.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar859B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b