Analysis

  • max time kernel
    120s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 21:38

General

  • Target

    index.html

  • Size

    16KB

  • MD5

    7359baf2816e9ea45c34df81cccccdd7

  • SHA1

    502ec15091c051802207d9add2e72b87b15116ef

  • SHA256

    aff38217133c0896e0efd1f081c58a2b07559cd3757d567e5213284276915936

  • SHA512

    1dce53e70d44a567464862dcd3ea9276248e84cd5b1b72ecdab0864385b8466c389f3511d137b9af66a64fba680bd6f92b8410e151c0b5a4e28df3d0cfccb18a

  • SSDEEP

    384:EuovOXS/gsdAsXsBsos4sEsBsZsXsYs8szsmsususKsmVsbnvUmrsis87sasPs/:8vOXS/gs2sXsBsos4sEsBsZsXsYs8szA

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27663b2d4de7fc19db022d30fe9f61bd

    SHA1

    36e08cba8075d34be4b7eb6b8ebafcd472928e2b

    SHA256

    1a92ad192f6ac07f294f05035fe41a8f71ea1851f2daa85f4d1a19697b598078

    SHA512

    0d1860663fb4a72c8a9f4c7912a88c834284299d2c941e3baa7d4530567eb797154ec50835d7b8df16c1ab2cee8bc225b2adbec671b8133fe6f3d278457304ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20625e55f0687c1b29032333980aeee8

    SHA1

    97b294f3b73fedd5af3b4f2d1fddb3ef5e63b093

    SHA256

    a481bcaf14a7759d197072e1ac79e45895b326d914155c5560cf6a9d3d10dc78

    SHA512

    a85b1462a814e35e44ca622220fde483ecf4d345aaab9ab04e107a12f8c4b4b553cac19ea85ecdd8a2351e6bef7403891491fd43745645088bf81aba3e5d3f70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3483c832543bd4eebbbbddeb0b2ee49d

    SHA1

    95e944a20ae2d1ee76e30a8b14bd86acf5493507

    SHA256

    fd12881bf1a98167b038ddbe509aae369a51a276922515dd675a84b1a27de9d4

    SHA512

    676eea356079d286e193e78722f99ce6bdeddf5c1daf687af695c9619b13358588a978c5c0d8c2c1df1910059433add056ef670e3994846032aa29d817c9305c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3e3cf8b05bcb9f4535969a4447d4987

    SHA1

    c870badc696a49db43dd161dcbf676ac9907fdf6

    SHA256

    593ee36cf10b77389a384f7783639776af85587b51c5f44ddad11fbc1a432c3f

    SHA512

    e8b0eb29626942256f813b40cd4a202ef604e51a97a2993d5fbd804450fa7c8a81a46d59a7db71a1a04d35ef3a38a6117134c420564a10c03468ae6ea9fb6779

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd8f50db1606060a6424662ac1ab3e5b

    SHA1

    c595005ef19e61455b745141eb7f581ccc26729d

    SHA256

    47a41254fb150f200bf1593569b2c27150a3bcaf9e6cf7dd54341a19f69b2438

    SHA512

    5db9b33f267c2b0d8cacd8f632087d59db2a9e04014d736ef70577d75e2eccca753bfd04fb652833d4f437239402aed890129ed8b0cddca7d5779c754ae30aa4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e632cd8b525e64ba7cfccdf9e3d8eb98

    SHA1

    2b07a4c9e4a358b71df5f1d38d40bd58aa589e10

    SHA256

    fc0f7847567c9fc057edab017d573042a68746f16f3ed0efb61a28aa8a6e7020

    SHA512

    2f7b25b91e7bd8a5600af08da12fde3c169fd29203460ad891f81b37c587a0076695ac741b4c0e1a934cd555ca1ce492900577f98b3a45dae5a616245006e23d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7cd0fdb46463352a88956990c0f54af

    SHA1

    3b2251bbf9a67f92ade931aa858445a3f1bc34e6

    SHA256

    3d6af690ad78149c61c8f8f7fe687b3834d551118b44c4094c5644a374144a80

    SHA512

    10cc69788d27550dcfc1d95f61dee0f403b470bfda91928154124709375d37da79cdcbd47a776a1c464f1b7c7b87bc80adc4e30cc295005722c9216ded84f024

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb3b2a3602bdc5e34d60ae6ae7d2ed66

    SHA1

    d6589fa89a4bd63f777f5d3a116961889ae1011f

    SHA256

    c4ce1415f770680ce56ee0aafcbe75235b3d0096f3a47270f9d833914d1fdf80

    SHA512

    febedf192a423eb21fdaed101a16c7a09bfb42b724128e7709f950ab22ba4a23b85224a6c47b75aab3ac89d83141ae4191d2fdd498314328e27471b47d6dfee1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f97f3b10d8df6f8922ad2c533195750a

    SHA1

    a7e7f44df4d0d5e0d627951e5002a4aef94fb32c

    SHA256

    7fdb2ffa9313fce20756ba3adb63fb200c46ca6379aa916a02546b0a0f73c64d

    SHA512

    3db9138609e91871078c59a1ba0a43ae2e92d8eadd93d95da969a0c3d97aada7fd8422891033d080c783ed2aca6efe5a982496c40a8c25598a0aa14ecd61c9af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a8b404d947b48dd8928f5f933574ecd

    SHA1

    a84d84e5b77e23ea4d87ee8b9f9c25e817059db9

    SHA256

    9a064dbf4cd73d7ff3d24eef05a41ecdd2f2b402cf92173fc6f8056455e60ce1

    SHA512

    471c53ae1d76a6eee23430a9796f437494a0679191fbe00369c0eda9232bacecae6c5988b7555460072ca0331a5e984879e45de14c4917dcb03ad7a7bf98112c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9a51467851b2e37655d9d99ea244547

    SHA1

    41f65618cc1febfd6738e2747712e9000929689c

    SHA256

    158c284bfca346a53f648073f66e0366fd183116fe169f8bdbffe1fda12ee7d3

    SHA512

    f683c4fe1136d756ac2ecb382bbdeb87ff43f7d46466f460bf7fbc2c6a95642fa3cfa778fe6a6f340a2d80cc99a5f878b195f00b327f6db362a74e6f4214ff45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28fefa38d30a294cf749d58200dc9246

    SHA1

    8041e2e73b5d3791d2faf2d2fba57d1dd8da537d

    SHA256

    1e8ec488991007023eab822b0d6d77cc65613c1dd26fde4c83070654d32bb528

    SHA512

    a30337df355980ac657dd9012be98223f39b6b76a5150d7f64e4dc8743e784840ad9a2ba4e7689aec668b821f07830121e6bcc315d16044be031a2236edc8cf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13860806fa231933a7947b25926364ec

    SHA1

    c57d10d428aeab0f44354643cea8a2af6fe31d22

    SHA256

    80b9d91c4930c526183e2f0dc18f9f160ad268d99a210e6f0e6091d360008218

    SHA512

    1a9516c0dab027cd62566f243506d5c0e3cd72cb3d6a8e9de334fe337b023a3bc495970c9202201744ff2af8090100da0ba80ae189bad6979078615b7232292b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af4ed15b8d7f5302813f4f7227aed9c8

    SHA1

    4a0403f22b5c90952e344c0f9c207e84705acb4e

    SHA256

    f25a1bf72f364acca4abc03139706927cbccbe3e969e881e5db7720e595fd94e

    SHA512

    9b098fa5a0b9e21a184bff8b25828a3f79d5e331a2eef291332c6bed51087b6f76b239eccd6596e70380c832bfeb228d91eaf2c67e56ea25adecd1771c2efa99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18a89fdcfc7606d5830e0c35cc199d0d

    SHA1

    63b73a2963487af06623e37a6689f9b2fd399531

    SHA256

    72e5bec3a5ac3abfcfdf275c6de716271410690c128553f56d2122c4d620defa

    SHA512

    51a8094d419eb1b0e5652e8f6f6e3bec6f8acf7c657c7b0729c35441e4f93ba642c0a294b4f858b419bec9d41b926d0e4bea8ec3d1aded5fde5e6b88f61dd70a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9459d4b64cd71cf382520831e46a63b

    SHA1

    d993fed2f2cf540cd0c2f76ead9b5e99a675ae7a

    SHA256

    4d39a55bced2fd31cd1e6dc457d592a625e0e70f4d630a983f58e62ebd0930c0

    SHA512

    1919083806037d423f4d54588cffb72d7226077d3dab8302d64fbb1d71a750562c1ec78bfe0c02f05622b8fbf6e3ec17f389a78254463b9e61aa56fad68d6e65

  • C:\Users\Admin\AppData\Local\Temp\CabB09C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB18A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b