Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2024 21:53

General

  • Target

    Debug/Monaco/index.html

  • Size

    1KB

  • MD5

    b867a373e2082f0d800d1561eea8db21

  • SHA1

    251a4f39dd0266a6f3ebbb87c805ac2521617b5c

  • SHA256

    10b8551148fef60a1fa1c65f9ef38e4e8275ecf592b0ec6c873a41bbf37544ce

  • SHA512

    c500b6bf3062c8630408d1443360e21ac9e5928970d2f523d10d2838265fb4ff6381ba92af2c245de0f8a04385c19f0730a81392a15e611cc5797e460e9839af

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7becc1ba369c4dd3370d2c7203c9cb88

    SHA1

    5e4911528099b410583ad848eb9c592524791b1c

    SHA256

    0db8291bda3cc0157d3f6cd21c536019339aab97a7989ec58eeb1cbee914075b

    SHA512

    c06778c3704109852cb3d2add332c595ff1b95c008e086aec3e1d0cba73edc66c05ae85752804343a736a4c7086aabf89dcdf37ae15cca5e5eda5c88c3fa60c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ff4e9864acecb7dd59c01564b896c23

    SHA1

    20e8aeb5bc6282dd3b9b69c104a6ac3c64b89a24

    SHA256

    10476882b3e4afbb7ccd38deda42085d3b9c71e4deeda4b2b81dd2589eab5c97

    SHA512

    0d22a22290e4fb4f601f9a0bf9356c74bd5656040e25b5fe258d17ef6f9956f0ae7aec9742fd1a66629dacac2d69244d4bf6a777c7f19ad29efe7d1121f69c7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4f87b9b96ce16c171bf0a54c009f513

    SHA1

    be75b776ad00263e130bc2b6a8eda3f63af9d493

    SHA256

    47ccef526f4181b8801fd1f88a350736fb513627c69a8f5a6ec115954fd1c78f

    SHA512

    c78aa5ea637b2c7059e8042f6e086318e8b1f8c07ab5466d2eb56badc0da12b76b4f8ef7c7797693418ab0494e10a3708e2fd9aefc740b0459fcf4db0f46a1e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5691b59fc89c50090a966f9d823d47b9

    SHA1

    a104e809ebf96843945a4fb971a25537ceffe4dd

    SHA256

    128e035442b5a19b8145bf6f54a2a6c6c20ae75e8f7f47626009bcd8e22eeee8

    SHA512

    420a6f8e1dce38c3fefe7d1358aa4298b05f414d462361af320772f455e946adf709129c48ee33c3e27ec89c9ec96aad4d93c402431c64af11cdf89c844c9807

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e757c58900c3d4563c9d893018be4a9

    SHA1

    d2f0982c7669f2dda8f31148c4e61484b2f8cafe

    SHA256

    33f666e0579404a58d42a8dc41b6f7a7b951deecabbef3e53f149f6364f26655

    SHA512

    a9cc5df5b2ff8f631f61393ef64dd0b01c1e4ef0990d0bc999f8be8319c392addc8197932e5e07dc928587289ce769d80940c4c12813d5fbef804071eead6441

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3e0f2ade9d986d0bbb1b43e12cf7832

    SHA1

    b5987947d1c6cfb2c63290c0e38cb716a87832ab

    SHA256

    de1d547d0e6ca8b7cf90fd37833d5e85e133df835943262b56ea26ebb69363f7

    SHA512

    2def2136ef0491c5b0b42dbedde37112cfe1ad297a38593714c22772fb994495542406e32fe370274eaacf1fca008447afe8e9a1405add5fa40b3d5550207b8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05b11ca37244223fae1ebc28d0dfe546

    SHA1

    20b6d4957281b0bce46dfd0bedccf5f3117adae0

    SHA256

    95383dfbc98ef156ff6223e28480379dcc55ccfdca2cc9461180c6c693507027

    SHA512

    33ed882b791af182d12117b667d9a228f1c793ff34d9dbeec272bc6ef1d38ccf24f270dc6b256eb3d15aa2e418e70d9e505a0be7b0c638568e619da01f3ed727

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5ade2e39da8069e1818902e096b0bdf

    SHA1

    e34c4112de8844db87122d4b8767aa3ff0328dee

    SHA256

    4560c4248ef5be2888b44c7c6106e766454bfbc04cda7c63c28c5a1af97ae29c

    SHA512

    39feeaa0fcfc7140e4a9f94b24890a0783d2b4846a84819f2586b3dbb3ecc4aa63b3334e4c466c77ce3ea8dc307a282759efa5d19572f0b49ef1479bb025ef7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3f4237b5bc49fa534e0ce00d8cbd177

    SHA1

    aaef8cee24cfe1c97dee5f407fe9fcec343bf12d

    SHA256

    cd19b23140eda32b18555a17ac6893933794d794215499ea49c6a7b108d8a898

    SHA512

    cacc26d5b37059f9a5f6be1c6b8b027ee0f309d64bfc904038688f3c5292bd158400bb4fecfdac320c85850078ee1ce8118913696f8cbff1fd5701ae09c7ead2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0914e16eabd7578f340d0f9eaaeeff5f

    SHA1

    19e0200004a3dda572ef12322ee255a29371d99a

    SHA256

    26c222cfb8bb72cd68514c04000c292045720b76cf9c686ffb3460e8e7c0ef67

    SHA512

    9282ffd1f01cd3788dedd4337c47ff04fb634c6314daf5cc683e60761bbab833c5c6709ff67c951ae99bc2049a350f57ce3a00c78c57af4aefb9079b5905c561

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8fc39cc788a489c3dcc1272bf6d5f252

    SHA1

    919cd4b6a42605310bbaeaad1c94291f39fec8c3

    SHA256

    cba3ad26956db407ae9f03adb5207b14d8768ef37b78bf8b130da67350fb5896

    SHA512

    2d6e650d25f509ddceee8d8f7d161c5564dadcb380b2f4b2e5e1615df4f1e1df87f8e965b55ba163197287e78d96a4c562991d5f1519f4cb287f60cc8a4ab561

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67939b09c14425806de6418348d8fb6d

    SHA1

    d06dda24ff8577ded261d37c95d87752a63e5d25

    SHA256

    ac5986e8018fd98a17aea13c73d81a2464efe0c49a7d38bbbfbd424e07c6b6db

    SHA512

    403320f2fa7a2f5e5161e66193040b7bc206bcf3edc4c8082083f54531e20767e505132a4e8c2a0407eb6eefe00796c97498f52e8d81216abd0747fc781f71d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d6b8e2f53c635c8ffb652b930ce1381

    SHA1

    ce2a7d4f7ff2f304ecb1593e7a4a3342c3f36a69

    SHA256

    cccb164cd42e221419fed42705b02c4f5c158e1a094e3f975dd22c19bc886fe9

    SHA512

    0333805e6eeeacf36118d876585b5458b6fbd99d3d9c1ba14944de731a6c8361907c3a5caa28e91a978b395d0d7bd8fada0ae44edd3d15e1e5b6fac7f67ffeac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    552cc16c59e0615d396f8225ca92bf84

    SHA1

    2235aef46ab463967d453d3650b7fca5d9708803

    SHA256

    49ad44d7287038f48c3bc99d7be0db991469898f96a4ab923d3a30dc12580464

    SHA512

    5976b79afebf0c2806e269e3a45fb9f30597d459e0ceb8707ca9d338adca95f6750fd72e85b808df3147f30b1b600daf3e5537f47efd1d62fc8d40b3830c9fd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62cdc1fd56b99962c84e65a4f38eb155

    SHA1

    b52960b8865ed94280ce213a40fbb6ccf23b972c

    SHA256

    b7e0bf24e4fef75aabb30ea0a57073f6bd646f788c575c1d38f7f6aa49c2b1bf

    SHA512

    bb49472b657728c8c2836f5ae8a862f7d3deefa5ff550937882d64fb0bc36270bda56d1c345e22d039d61194ff2864876a397632d30855e6541cafba1359bf4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b87e6772e30ac1d576b95ff1acbd5626

    SHA1

    f4905afda2401d2d1ea436895f4dd1c5af88c7e4

    SHA256

    d30a9ba32069e2c1c09cd5115af801933a621a77663725f7b7de09ab4aa1be11

    SHA512

    eb3f12a0287b06edd372171262352ca8ff600efe57c37461d929a5f113772c73f0b7a701ea4053cf9878dc86c94e632f040a86e30e09a3f1d4e1b3e27e60da40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31745e56410a409bf64ff67ec3953984

    SHA1

    89bdca72fabaafb0a30f15b1ec35d5670b9324a6

    SHA256

    2b66d5fe20a38bb92314fb7f5a5fc515ef84a1567e435d757b59356fb2957279

    SHA512

    d194a03f621826ee1b3b63c2258ebf4030dd2fdbaa8297c2dd04e7885c5cd9b8e446432dd0b4a647cc76f33a5d4ce2b162338e2b8d5c322d127819c4654b2557

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2953627bc2d45a1bcc53d479c14c5d47

    SHA1

    facbb61ba07aeade31cfa028d7852b05bd2e82a8

    SHA256

    0795a26c06d3c49582c44568f7a6053337b7388793e0597e872a6d90d7bec636

    SHA512

    cd39a725714eedaedbd45fcfbc3b05d65a00ebb41e015489940e41960bb2745815d028a07269d40e30bbdc84b4f552abc58441b498d647b6b368e508ef6c56d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f898752432e89a7df031e83291f70247

    SHA1

    4c53cacf36f3c5427e25989e19a654df60382c7a

    SHA256

    725c6a8401179a25b1807b91bce373e6d919b353946a452c12a3a353909d4b36

    SHA512

    74aa50edc93f8c979ae6323855597fcac078bbdf4dcc00b1c804daf3ea1b23f7c1d3166c6bc9d5e80c716ec724e75b8ec78dd168cc6b982ba3af84dae15a006f

  • C:\Users\Admin\AppData\Local\Temp\CabCB4C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarCC0C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b