Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 22:23

General

  • Target

    f1b7816b760f12ba96fc7060ae0938a89ffb1ecb5b0462d7c3e36f7db660a522N.html

  • Size

    21KB

  • MD5

    ec887f8e78d4ac79f842500d3947cc90

  • SHA1

    c92d2647ce273079fcb05fff6fab3b04ba51f8dd

  • SHA256

    f1b7816b760f12ba96fc7060ae0938a89ffb1ecb5b0462d7c3e36f7db660a522

  • SHA512

    946bd6802983c90386b890639ba96d20160e1313d76baf7f4d3586fa1feb8a059dbe3d2aa767c921865920a61a7d6b4c052c69c27332289af7dcc15f12461bda

  • SSDEEP

    384:CVRKT4UHqFNmV1qfDe3D8iRnsISB/o4VoxmyE/BGmGEe:CVRIdKFNmV8be3dtsISBD9Gqe

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f1b7816b760f12ba96fc7060ae0938a89ffb1ecb5b0462d7c3e36f7db660a522N.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:576

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    15bcdd646baa7125d1f017dedcf8d796

    SHA1

    7b0d699e889723b14992ed9dfa133b3656714506

    SHA256

    9943341c8ff131cb0150e20ab56edb1df469b76ad52dfaefbf89b97051558b58

    SHA512

    8b06f083d219710db7c5ff21d0bc37c19fd53813298a9066a1fe53124ebe9ad196df3489f875c48b7fb05ee8bea2027d8424cb42c7a833167e0b19be59a36ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47f4c6fa54cb15a5d76c688beff4c704

    SHA1

    63ae7be62e2fdee773e3e707a038b285ee001520

    SHA256

    9402dde4153d392bd203643f8d8405d1608722dc827e239064cf37193aeb6dc5

    SHA512

    441c9a67dae963e2e70c98ff518c65a2ccd9ffae033dfc4bacce2fc50bec97625f62b1ee1332e9f74fd76b120e351879c9bb41dc78a1b2dfec75f9c558f10faa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e922fe11d1cdd0ab8014ea5c84934fab

    SHA1

    e379eaa7d2872283459daa7e19719f913463a52c

    SHA256

    9b1f8423b6c489112aa309ae86c92a202b2184b07eedc3802bd270f446570cbf

    SHA512

    0f86b9b76317bc5d9ed11c08c9e023184f3f01679182a6f1f637f5c72c23715b48bcd5fb016bdd41543c577dd2d3ca0016550353c33fe03815dfd4de463411fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cb6343c711283815b3eab48ca4ef07f

    SHA1

    9a852a96c13cde66ed954fe04193a62adca1719b

    SHA256

    c54e757c3d1f4e24eaa01642057773bddb07ea4c84b65aa9c2e998a50c13c1a4

    SHA512

    237893b25d3e423e6b49b590fbb140464576404ec7ba236c58bf0f0a4a97818c6cef5461741f62bd251e7b0f677465f5e68af593f9498c203e1d37c830e8085c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d1084abd223c718da54290270ef76ab

    SHA1

    6e557296bb42311d37c85243e0adcb3cd6a61bf4

    SHA256

    959b88c15cc4146c8a44c01b3504e574fb25ce1965e019ed5b9cc182dfa09ee3

    SHA512

    99d8199cf2148ab1671c772fd62d4d66344af193a12fd924747f61c2187543691f8419a0a8938273329a606ee1e673ced6d0cd969416b446ab06220e4d600051

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee03ac3fb1ec8d060eb880d0a945ea7d

    SHA1

    893e1b3eea056731eb6dbdab5b7880a6a4b9b6e7

    SHA256

    7a2a8475f36606472824f1a3ff5375d9d189954680c810e3ceb800eb37487cb8

    SHA512

    076bac94c73500a05ae79ae0ce7673d36a0ce4f0588ed3211d47b7322e46085081d21d850b31f6b152ded0a59ba07dd4cd5c43f75bb610c1647659e378c25304

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    248bdbb2d85f9e9bf8ce57cdb4a4a298

    SHA1

    025c12c628d6a041c6f3cdb1181b0c8cb0b01e90

    SHA256

    9c28e1468527b7a4a670a79195024fdc7653c2481e579003cdd344bdfb9f2fb6

    SHA512

    7a3c88a6db1e52272a0da58d2f0a2a5381ad4023788fd51e7ebc8c8b48d10c4b8f706d05ac6b45ff35ff40abe95a9ce093cc5c5fce01ecfc59859b92d132b601

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a36f2ed68e6f9a3c9e71af42cd9ac698

    SHA1

    f62def014d4fe0c5b091b3d01f031f9fe37e58e7

    SHA256

    d97221b9e8dca38cd01457924e5c11e72bf5ae2ea2d1fd2edddc6dcd04897bc5

    SHA512

    5f8ca1b938e9d4f75645d39258d23bb15d6af98e14b5f2eefb05151d480c47fd8f14387454174ad9edbd63856a171303bbe4dc5e8f4d249f7582aab6add7e950

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc947080f8313085158f3beaf73b50a2

    SHA1

    c19f8d525cd925840021b8fe3dc1142eabac589d

    SHA256

    d5ade123aa759ad313ce7c7d23e996fa4bab65d3b03455e98749abeb1bb3e8ab

    SHA512

    723dc120cbc9987d3c760de98e97255618d0a35258290a10a56ed72791183a72bd44072dd5c3cec327fef431d104cbda9f7b6209439a92b966b91287aef022ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b81d3a3cbebe3bd8deea78f0d5d98492

    SHA1

    969b34cfa44ba686cc44741015e8bbbb2e84af46

    SHA256

    74916a61d341be4fbe3302af007accccf520a7d0f5395273a08de6bd939352f2

    SHA512

    bcc92b759c8dc699af586fa4ef97c90db7dac1be6da48dd4251fa2999d537336687dcfa93356aacc8abcd05a85b86d989733d826a68c4a4f2f4cbaf512d47ba9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dc6f1009b7b1bf359bee5872aaa2261

    SHA1

    d5eba38ad887c032b705b19930cdbb8de5c43bd1

    SHA256

    2f76ac791d6b0e1d4a28ecb26b34800f46117938dc1a7a68eb29f8c168c0d742

    SHA512

    6dcee53eb4dbe90eb9ee1f80a2a752693a31769b7148c91b2283de5d43794f9f7f6431eb595b65dd7a4c3136b10c6b69c7a23235f9f23b6cea5aaeafc5b47aa9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1286d1abeaef2201292becf535ce869b

    SHA1

    219d3d0677dd17cb6b9afe76800c721b43c17bfb

    SHA256

    993341b6f040aaddd9166162cb423af26b88bbb182c5bc0647c9e6c778cc42a0

    SHA512

    32583a6b2d65567a7fec74c6ac2019cc4a1473b67f5ed3803bb23eac23a54b0dc0e7e264fd407992c8faaeb0a21a5bed591288c7d25833a00df87206801c198a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    614b1e92a62992b587a769301ab6b9a4

    SHA1

    56fd85a14c3d3b3832390deb2c2a8a674f0802f5

    SHA256

    113a31c78124746bf989ebe725e798cd2dfa96a513982c70178a731cdafb1d9f

    SHA512

    5c8ff0298a8013beb36cff56199b6763be44917bc039bd961f96017140848792f23373346688368f57d0b2098b8afa1f5b041795a666beb3073a8d883b0e1390

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c73984b843cfede256ec1f23924ef0b6

    SHA1

    d267fb9fafea8c6a2f187fe69304f41797ec8eab

    SHA256

    caac21596abf48ac64f28bb3463a02cceb415a31b8b3354b096eab7aab9d4167

    SHA512

    66252f86b8e285b5a747de725cdf8597222b9380be6b8816bac1faab3ff5ba8276c79218bf9129ed5408ed483bb08eb7de470818733c0044c1e5bedfcb678df5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9c1fe756d1666caefc3ca3010957b0a

    SHA1

    6150370ec8ec3cf9f7d86e042dc1d292cbfe0502

    SHA256

    b65d6166e9105018ef92654cd1fa62d5be44ad996ebd6eba8a6e0869ae2f5b47

    SHA512

    0adcdbc66befef7f9e4994d1cc1570c18d80b617b90190b5eb897c6fb7d02e6218f4c3efee6ea114872bb2723133188f9775db828fe0378f5b6d396313aa72fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de08606e73484e49f14589512f95cd4d

    SHA1

    7be80b0385544448eb369cce5c3f6546edd4d3bd

    SHA256

    9aa1362310978881d4aac8c9c9ff7e6db5b50735efabfa3d33351533c5928312

    SHA512

    a4eb76ec1b28be7db11ae72e864c90cfa0f214ce2c71ad0e9ec9fdd4a9a386555dcf5b6dacdccd1aacb0c46b1581fcfa449db335ab73456c0e91da9de57cc0c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f98e20c7246a21a62b42e8e32e21766b

    SHA1

    a55dabdacd55762cf75dba0cbb9450f3f948f6f1

    SHA256

    15c59a0bdd96672953ce177903621c20216527dfb84573878b3e69c15af4b22e

    SHA512

    58a6c189b07b742b661747f987d3c6e8d634467f846d5d6fb0b80f7ffa220e4cd00605572a34c6e7f65c18e5c278c4f3813b6eb099413632e7a1dcd554b248dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ff5e502ab45b5bde500f368ccc3e98b

    SHA1

    abe3a2d2a2b9e8f176218d84b1f0f3a5d4eaf02e

    SHA256

    be59f646b4af51f79d0c48eff7366ed336a029ad2884b17b792a69d7b751020f

    SHA512

    94ec38de3f076bc9b3708fb484e993d9f490611d0deec7f647bb9dca509f44349d6f97ecb5e1d57192a311122fcc2cdd7b5ad3f61a80e958b15dc2f69d722562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae93bf4d249d77cf738488494a1170b0

    SHA1

    5c7ed3592755ac8b5c9776d5eb926ffef4e5d347

    SHA256

    9359fb5cb1573e974a62ed85d13e08e1fd34b0e834075d94c85ac2fb68c7691f

    SHA512

    e0a6fd50412b28890fb34bd40cb1f97e3b7ad664508dd9694f66704ae4ab71f64bda2368b6a32e1ade0480a9f92b73cae94b7189f16f836865f7b00bc8345715

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a9babc8cde3fff450b51922c566d610

    SHA1

    d8552290401df72dc1d776234e14c254fd93c943

    SHA256

    8b89f4905c76fee2b9cd936ec31b6046a6317afca5f7cf3f52bef843777ded38

    SHA512

    37db1ed320813d60841c73062c692ed0dbbe876cbb427da45898b88ede5c642183efd768686946776ccaa26a5e8c356730e6805f49a807ce132d3b7ea1b71ad1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    bf03c8e7563ebd09fa280d8801d88f04

    SHA1

    aa34707585499139ce98d2ffa6b0aab8d5d3f2e2

    SHA256

    4d5ca54d53a0d9bfbbc15e8badd420f44aa7a4d6fcff62fda1d8116d34d3aea3

    SHA512

    b6ecc4f5b4272eab9b360761ad7f297af96db0f8113aff1a3578b7bf7a8df0124b17f6ad7fdd72aa5f75363e43539d4b1744074200fadd97b091da1c1796d3d3

  • C:\Users\Admin\AppData\Local\Temp\CabDC1E.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarDC60.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b