Analysis

  • max time kernel
    119s
  • max time network
    67s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 11:06

General

  • Target

    65725e203c0e69bf610279ef4491a09edf77590746358dcb1bbee5d4f5d0d9e6N.html

  • Size

    286KB

  • MD5

    a1c72f5b36bda5ebde672b96738f37c0

  • SHA1

    1f23bc8fd8f8f166fadb5eba77cabd2b955ee6d0

  • SHA256

    65725e203c0e69bf610279ef4491a09edf77590746358dcb1bbee5d4f5d0d9e6

  • SHA512

    7ccc24950f9c698ea1191507efba932d1af964874cfcfb967630795548cb387206b5fa837b0b18fac65e6fb546448bd9a40aa0892263b135e8563cb5fa721d6d

  • SSDEEP

    3072:ETDBX8YLQ9BPDTUm9KJHodBylBQFgtYOnBlrP1NXpSq4zjU29:ETB8YL2PfUm9KJHodByI

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65725e203c0e69bf610279ef4491a09edf77590746358dcb1bbee5d4f5d0d9e6N.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

          Filesize

          854B

          MD5

          e935bc5762068caf3e24a2683b1b8a88

          SHA1

          82b70eb774c0756837fe8d7acbfeec05ecbf5463

          SHA256

          a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

          SHA512

          bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          1KB

          MD5

          1d87ec6a5930d1f072f2bf2e3eb3d9ae

          SHA1

          e357e88be34c86249ffa934366c2bc2461ae7398

          SHA256

          e356c5aac765bc4863adec1d51b1bca02a96da1050e49e07d96e176ea09e1a85

          SHA512

          894d78430ff6616d4f1758ecdc16fd1f5b4ed66a00f2287272f9b913d9a3858b0c3d52d8b70f334ef8a80662439c331213951963e0ddb81d5487f781c271115b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_D9127F9BB4C9955D58AD28496EF9AD71

          Filesize

          471B

          MD5

          f71e435881a607e82bce17b0958f7e23

          SHA1

          1b5a9fed22ea82dad1e3f9b2d95e5a4dcc51bf97

          SHA256

          e34a7116f9587ef0837356aee4319fe8a855a6a3fe66c98545b26c195b589e09

          SHA512

          a6e12dce1d840543828abaebd49e1d430d9f5fd4f602c0460d13c688240e84fee75ecb933d7c02a7badf346d1907b730d19c57cfffd50b3ca02355b67256db77

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

          Filesize

          170B

          MD5

          6c766e0bc33c7f1e46c57077267b89b9

          SHA1

          48c1dc1196095c9354327d213002af86aacbf70f

          SHA256

          ceb6c9abb2eda3e46f6dfc176c037cda9c2c4898edf3fabef166ab8cd5da25c1

          SHA512

          33edeff1bb668f215c134ebc4ed69016682cce5161c03360b26540a44c102e451a897af63db6c399fee64b436f140051d7e5120e202014f126bf7591aeafbbba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          410B

          MD5

          f37c7c0750113e0f5e9693c2e27bec0e

          SHA1

          c6b42c7af72ac2fbd5d1c3aa89fe3e4a34acb13b

          SHA256

          b3cebd91157792721deb0ab52ab03afe28973fe89b489faefbf4413461e3e587

          SHA512

          81d7c8f7ae2ef4bcab93078991a3bf441e603f78b633bbb5e7ddbe361527657de66a25b47021ddd406ccada1cc021a515bb51de28f133d6aee325a87397ad226

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          cd6e2062b53efcfd8688c37b16c5d337

          SHA1

          2585844d9d7e80380b55281172149dd6518332e1

          SHA256

          83678fe1be49cbbfa7009ba0ac9aceeecc3301e1cea429d4c1d4fd71ae77d395

          SHA512

          e1fef76953bc12553b6d25e4c3c5c228ab442b1d734e275ba5c1e0b1c20c38a4d857b0c2ba7de9bbddd19b35acccebf795c1bbd41037d5e9c53e87827230aa77

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6767fb66ebcfe46d7ee04897d68a0eb2

          SHA1

          963f645c61fa5463e54f78db6a761f0c7245b5d3

          SHA256

          3c1959c1b912acb1cdfacb7a783fa5f251320f2fc29ab5994e780bfa12819387

          SHA512

          592c17a9c37c7a56586c892733df27ebfa5c0b7ef1b4f0a2b451fb9c153c8ddfbfafbd859a6fdb21531e2fc79b692ab6ae98c335f3be96fe505d8563bbe516cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6baaacab4102304b77076617160c8207

          SHA1

          2503c87d423ee5a516b5b70206a100c07341c28d

          SHA256

          4de03f6261f8a6c7da686f8af3184bcd057fd53c3b6e145b1b7a0ed88393e953

          SHA512

          2fad7f2bf87a89cea1bf41b0e3ae7361b20416500430be9e20a76985d4ef226205df45893b1ac8db995890def00ab018083e82801d10f5a791c0ee2d1b64aca3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9c5037083bf733ce2519236aaa1a84ae

          SHA1

          e543984202aff679ae3512a5d3a06bd9056cedb4

          SHA256

          7c9bc24e8673efedeecad7c82c4a5e7ee288eab0e2ff627308370f1ed9dc3e47

          SHA512

          bf760e649f0d1ba3e61cf414a2b7f0947fade3545f4b3d40ebb82e38de6eb93faf9b0f5fed880fc42df6e770af32e047d19c19bf498829a1dc79f3e21c2734b8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3b3b7c117f8c422b8835112a961c0267

          SHA1

          2ca8b2eb2fd900afab2ecf9827c2f57f727a5846

          SHA256

          b5669640b09cbebb960677debd8e7ec0af65be91a5c8fe86957b7aeebbeca3c4

          SHA512

          686945f291dda852e35034c0b9b0b8510f689b61156aaba974945fee653c9a7b302cb08a0c1bf2e9f83ff71320b495aef34c6b31609fb4ce80a2265d69cc19dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          037cf828ef23f207fdd1153256e12a0d

          SHA1

          481f9ab18464ac6db4e3b0f5a1af21926aa0541c

          SHA256

          2a06c99ee67773812ee9b9fa1f44e430e53c349aa5d8bfac250f0a4b8fe1cadd

          SHA512

          80d63b0bb7accaf922e7499a73103e05becd62d9fe437c97ede28dac5bbad01a4122852803ea968fd0c099fc7e51992ec246e32dd4e7cd12123fd30b67961a02

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          394eef29a46f1ea1dacf64e17539b9df

          SHA1

          e808c4290504d65218d04d5353d49095d87372d6

          SHA256

          467d4e7bbee706423ca1b09ca76be253d0356b21969f3c0f12075270cd6f3ae6

          SHA512

          cb316cacc7030ea71201fdbb71c7d7608842642e5faca3c682d6f00a42d7eb2d20f67de3ff6ee39219e874ea56decd192dde8199e5fd33e36f0577d1f645f762

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          960663a5fdf643ad75f769b08991245b

          SHA1

          1828f0e3814ba3686cf89a7f93e64a291ab46ea5

          SHA256

          8d94946f20fb5a0079f0edbab4b33e1cd83186dbf3be99669e2cad32568e8c46

          SHA512

          a1cd03177f4190b640d1a6142d7491cd4d82c1ab57559ca2a7bce7327335ab43db3fb723b8bb1a6949462371cfbd8092ccb4313241145148c77e0e548fa82eeb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c6511e0bc1eb451bf4341d67d0887094

          SHA1

          cf676405ce9be14f665edfa026995e8a9af49764

          SHA256

          e6fe5ef52bfe7b0015a62c9443dbda94de1764246a93a81772322ef8e4378a3a

          SHA512

          3e73d03445159f9ffcb9c33c093256aafa708e390e26f94186345aff447fee4a2946b6a589cdc23857550a1d2d3c00ea7f4400cec50c5bba386124ee5ad5d13e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc5dc580eaf535e06de9d5d7a100e68a

          SHA1

          881e51fc69db4e6bc8a35006cecebed66d6cac2d

          SHA256

          c509d7515eb768ef884db65f039d016e5efbd70fffbb6012be70abe5170f0f9a

          SHA512

          548d1cbb56da5777f1fdc0e629b14a2a4d703c18fb977c37a152e07e5d95a778c280da2156fe22b5174a1d616801c6f2ef8ea6107fed42794d8b0c82cea8e613

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          16854f4940b9d1543838551f8cf49a92

          SHA1

          e147b137bc3806948e5453cb7769682c8a5630a3

          SHA256

          d0f5a1e72dc7f7a362af047b2634712694eaaa113663960c55a9ab4ec60f9799

          SHA512

          af3dfcd90dafdda3eb576078b4e5f0895d1cc341b53501b49fc57a883e3c4e6d04b4ac6aa0f83aa4ebd03b1049845de793e2d2b4e4847f9d56326df6b29a89d5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0fc09b0205c774dfd09ee6c23c422c54

          SHA1

          a650b554157b5e6e241ee05d94255f83c496c0a1

          SHA256

          7a7c3055eb56975a32386f65ecbbac8fee5d9bc57b11c80e632fbaa8afaa8c42

          SHA512

          e8ba5eaf18a33acb73712ef363279235809b09bc7b77eb3bd5e07948c39afd87d406c3aaddffd2900fd8974a3e47bcafc2e38656f26697378eadf775f6eaf9b8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ace0516f8b07c66c3f99c2de3721700b

          SHA1

          a25378a3e961a0b087db3ba0bd258a07da907b7b

          SHA256

          7373c7e2a3e88788342f7cc965040663e82f622cae67152e44c18e519e5418dc

          SHA512

          59c15a7cdad2ba37975f41fe85606470bcecc1e0e95cf00d06232d17eb27d3beb8d1b23aa84adf49dbb11ea2840429979b282b73dc2530b1bc74735306b8ba13

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d82350711047c4c12d65cd86ff048630

          SHA1

          abde90ba142adcc8ab4d4cd66dd4aa4babcb9ee2

          SHA256

          6b4196c32c0217d271a73c04edd5be89bf25f142e3f18b22897e6cdafb7972d3

          SHA512

          57fe23cea698848bf8fe630a56a8c35f73b3fa71c896986faf67dc07108efb52673cbacf54e8f8a75f5bac74b644dea8cd3e890f2ab7d6fdffe5fded9ac14741

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ef053ecbd0481091c423e0debd2d1e74

          SHA1

          5be52d0a3710f32e61465da0b60e29063ac28a50

          SHA256

          950db804db7f60244410a251ac372fa1f2c81d2dded531a42db938ab133c8a64

          SHA512

          7778e6afdcd4baa3d67828af276ff0bda603133cb4941ccb26efc10a9b6f379c002d738ddcf262a82bfdb1c516dc5c5f8f8fc0cbf46e50317fe4bf7871068cb6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7e926e6212183747c9d8742f3d4ee41b

          SHA1

          c2d2ca8ace2d495e8439ab7defe0836817fe4c94

          SHA256

          9121dd517916119300db46285147b34bee73f965656e6c4313f0a7c5874f86c7

          SHA512

          454fb8539013d86aafaddd4962c3c5b343035346570e97942d728b98f164f1857c716d13557f057bd274462c9fdb3527f280b71455044f101a170ceaf309b8f2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0957572d3927e099756dfe0669fcba77

          SHA1

          5dab7320c4a30ae94651d3f20022a456e844c294

          SHA256

          2d007989c063ee4588bd82b70f30867b4117f36b209ee78998d0a3cd13b3189c

          SHA512

          2393848a2602c23dd7fcdaa3a8903a0b594f99c43ee2760264da5cfae922ec60e8ff64230ef05e77a4dfebde0698f5b99bcdbcbfcfcb137eb7582ed7b6446f6c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          388841a6a5484ce8e0c94fe6f89d4ee2

          SHA1

          d04292cc0ec7bb3b5ba7c5c124d44f84d655a757

          SHA256

          5ba6693e1bca48ce279fba99440f6a04d7610781bfa3c6bb4a94fd5d41328683

          SHA512

          81c517a2709fce080bb4318b1345b5f72ca707f8c533215d594debb4e7c24bd6136e5523f8e1119c756d181453da9ab878ac46ecdb507b2e21e3027e39892ecf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66dc320d2c5f0ebf825d9efdf88cf0b7

          SHA1

          45b1c608d664d6f5005d283b2032cb5ddd6fd2ec

          SHA256

          f3895e2054890e84e5338e10e33e88df9bd0f122c2e4fad7493460bfb5d50e70

          SHA512

          8bc5aec46ae82b5a1a6dc7016eb9559bdb432469cd88e1800b961d71a1143a93403c5eb9e72f900d7c7866d09ae3a02fecd0fdd90f31d12848423cd8adb8cf6f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          80f51e5d5e7727aa8dc167160768fab5

          SHA1

          61068a56afcc287062c197b1a445d981795c193c

          SHA256

          dc7366de759f9062489cbe54c1fe44a655a5b9254ca0430daad5f750c73fa80c

          SHA512

          cdd32369ad7d1ebc0eeb4155019f6af85a3f9fe260a5c1d17ff6c34934e81d852e5d9b41085109c24412fc9a7784f0147675d4f49a5c18376d6cfc0a7084c65c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          83013fbb09bc6b79a63584776b0dc9b1

          SHA1

          cf7a6e2a536f4a6495ca8959bea01d37e865e776

          SHA256

          5fe5d64cb5e3eb2f5b9e7225b48cdaf59c946aa779c985313f221a24b3e71377

          SHA512

          fc19469f335727cc30addcbda2ea0868c03f83a4f2032a847314cf162d7311aeed3dc810f5c5306baeb12d35e45023783979ef6a8add9b1412c1f9a0e2911bbd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          e2d950f6d1b482ac6dcc2354867ffe6c

          SHA1

          daa77b6b7fe87ef5df5b7991e937a92dbe16ccff

          SHA256

          89ec15879c22cbe795cdd9b6ab5f0135f558609eb22d4c0bc8d73d9fdeee0c2e

          SHA512

          96b1607f66aeb4e1e652b3780cf2223bcd5e1d97c70834799d3533d8aa7f5c840a666ab7379fa6bd37ed0de3607c8016946122f76cbcf5b29ae42e84e70ce95e

        • C:\Users\Admin\AppData\Local\Temp\Cab7199.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarA44E.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b