Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    21-11-2024 19:10

General

  • Target

    jre/Welcome.html

  • Size

    983B

  • MD5

    3cb773cb396842a7a43ad4868a23abe5

  • SHA1

    ace737f039535c817d867281190ca12f8b4d4b75

  • SHA256

    f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0

  • SHA512

    6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\jre\Welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:756 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c2e19df0deeb70e6a20b11fb1aa38a7

    SHA1

    451ca5810c0d6a19af641d6d67eeef7ac381c999

    SHA256

    90a2e95dbff06f665065860a2a1384644b7d575446b030a818d8690262491a1c

    SHA512

    8f1fee873fd7f5da93c7993cdc60ad41f767d95dd928706fc7abef154ee00e0aae6561efcfe2f2578bbd90382de88a5aff6545452010fb2cd3320e33260e6b66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4898c94e6935af085679b31eb16cce13

    SHA1

    ab1e0cb4a634f56afb8b38219cb9756428f3542e

    SHA256

    3fc35845d9094514b7f31264894ca82177cb564da98575e5e11c4c1dce031148

    SHA512

    656d078b97dc86d11f833228f56eaa458ba374f2444fa5d8d73c40f82ad0b0d0ad60c6d2f1bd3f06c3b7db386f9636d41c1d870ef67a76cc991fe3703e308c36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7afaba98c29a5d07abd6b6c09b5b864f

    SHA1

    2e709949f87073929887a379fb7bff4d4e62eb8d

    SHA256

    fdcd49d0d3b6486416c3c2e06732f2c73795b48181865cd65e89f8ce29644041

    SHA512

    10e7d13f153494b968f60a4f09c7b79f6675005062c3b1670f09cf54463df1e8b438dfac5818d03cd1ab39256376b74eea00965429a000ef937b447639418383

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4983df20f3fed74f2a7742a3a26bcce6

    SHA1

    c78a3f30ca90338fe1f6b4723606d4cb5e318124

    SHA256

    4e538568b5862d6d2f4523edc331f7f49b4099e0f64488fb8459763169ddcdab

    SHA512

    9c8ce4e6c1a295c0b92687b9cb592642dba853208022e2c235fa90c5b3542f52562f331e76778cf1d37348b2321c45c28b2523e0736fcabcadf16892c76d14f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    330cd50aad5b69ae6af65c07b9a3bf50

    SHA1

    dae8761d8344ec6bfdafe07c6b0ca9d23b81f23f

    SHA256

    93dec2ef45ebc87e772c433dbf0a78b5061ba9804c51f28ebc1539a5d90dd234

    SHA512

    62d617b2c1a02cb42ffee6004d5f3c4eed9cfbe223813b92d0b0fd9f7a8bd8d075a7b72e42fb23c49b696876c7d26a8a5e529cc009c4b14dfea45c73c305f85f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f0c724204f3da8d4a3924c61dfdf527

    SHA1

    d84f60d14cd4ae27ab1f3d3c074b53cecd631d11

    SHA256

    1e87c54898e4d9f91996f0c44435752b7add7e78a62112516f8523c6fe13f225

    SHA512

    603ebb0d4a21395871ea0a85f89d023ef95abeab1baf04b5709bf7abce388c0df557de20112b2109f190b3c0337c7086fbef4539e998fe80c34403ad0903d791

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9395904668be4a08d60d1c4cd6505da

    SHA1

    af915fa5c5f31b868fc0d3973c2f5f77fcc97588

    SHA256

    ad0af74ee922484d762681cd13d59f1108a4b6e04bead0e253b970c7cc7cd334

    SHA512

    0c84362de181a872f91b345084b02bffb0721a5f2886a60bd3038dd6c63063b42c575639e0a90450509f5c290492a2a71f868b3d4900e412b37be529a9011b63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8b5afc0054eef9b4c3fc9260ae6a31f

    SHA1

    f29e9332a37f6f33c4a3e8a04f6d423cbc308d34

    SHA256

    61c93d5a60ce358b34197310149bb7b99d013f249d8f0d68c259758329ce3ba7

    SHA512

    cfe99665f3a8f25452c339e7c81989160a548b23d49127ed9fefb647be2a7f8e6f5966f894654bf128c7f55aed950c9c689d0f61add4ed0719e7696142d4e2c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29faa76519123dd9cbb226aac3297374

    SHA1

    90f6f427b8424884234ac68e7057da880cece759

    SHA256

    39087962ecfd853af6bc242fd2b0383d26b09a7546b75af9143f0989df4475b5

    SHA512

    c1ecd37967369291519378333c99b6a7bc90e2109afe43684345efcdcd53edd512e22e115bfd2dc9c3d3f56931267908091064e4f7672d653281d905a84703e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60110632a618ef0b77dcfdb47331078f

    SHA1

    ac3fc028ba2cb0e5caae555646875f833cbc624e

    SHA256

    7586220f9eda0f2cd556aceed73024d1c3ca14d1f15ac400fcb3619e6769a9d3

    SHA512

    d5bd2dfe64e2b5115c53355fa616f87596b325fe33d5ac42a2e9cf837d86ff5387cf683d6c630861c0e1ff6803969012156f3dcc8b6f8b6968b249869e5df577

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acef09b53a3a61dd0ed2092f27f44368

    SHA1

    3b89ec8bcf6a026f41bba14dea197a7a0f1fffd5

    SHA256

    b2faae3b184d0b6857a403f1d32f5aee5dbad74d2b5367f9e104a4523921d125

    SHA512

    4cd749df54c2d93bdec2f12626882b370c6f099950afb3182f05b0b47aae86a517b1d442e51e58bdc0d50d8d4e4165c9c4af5a7910b927d69473251ccc8ffdb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3fdea9be3daefdb3ac56b1c23dbc3ac

    SHA1

    4bb20dc7d410af5c85419d1aba7de2bc7447f95a

    SHA256

    ab3354f6f4725a6b7a52272a16a47dab01f53939591bbf286d650281e5e36e30

    SHA512

    0bf6baf482e7e3e7f0a684c6ccc255341c9ab09ef5be3dacf1214798519abf456838baaca4cc59300d86138202da8feec39d765beb178b3a6cc7c022fe582708

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67ee3787c7ba5d32bda5adc04a883d6d

    SHA1

    6ddc54edec0a7d4d2a77ba373fda0cc3b5a7074f

    SHA256

    be63d85e4bcd9f31f84f1f683b20b0b9950c5b05a99e6161fbbcad00eecd0221

    SHA512

    4b8e91dc57436755ca7ee7952d8a156bcae130c5ea65ae06a83ff749393195fb17157a61b9340097a6bd88e21835b74a539e38ebde2ad5129a4253289fb907ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd00e5e0958d68164e3d8c0ad4aea531

    SHA1

    a8bf65096e1d02d672343f93a2e4ba23006e7e55

    SHA256

    054b0292674ec2acf7edb05c6e1ad2d806065421c94cd76e3fe4fa54e22afcba

    SHA512

    05108a1e8f5a8d28739ab64a58930612b0580ec43b6735201e04f650c91f9d1b4d4a881a7293570fd2d3b17c74e1b1f6f003c39c71a5a1d3492e20e202189681

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    271e8c6a6dcd3a82f7150f474a524241

    SHA1

    c5c7d3753ec13bf9e26bffd8c7bf2706ec4d2927

    SHA256

    5eb6078ed000485684f0610ad34198f90bd109f6700af016c6cc3553a2dcf12e

    SHA512

    ed261da01b7038f122292737aed98ba50befb5e3faa8840a5fa68b4783ebefe70a44708cb7da818a4edab060fc7cbeef05bc44df31af2f43534b4ce30999f3f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34ec24c61c83fcc57fa2ebc43c6772d9

    SHA1

    bb90540f9768af52c5f61fd0927c529421264c0a

    SHA256

    f0b9f0c2276a8467b7ad856b996b75dc513827b1247c02f5e0f76e81ced2d52a

    SHA512

    620de3681df249a1ac290a075802f33ec0ccac4b5820a6fb86dc0d7e7f96f853d0b03519abfd3fd7ac789971a36e975df458da75cad5f2d8d85efc451148c2ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b8c25fd0213f42a8a4e41b91d34485d

    SHA1

    a6fc4a6aad79219502ddccbda400fc5da01f14c8

    SHA256

    01e1ddd2959590c858e34cff3c3fad17e6324e22c92547da4dc9995f1c721f1e

    SHA512

    80c52aafea1936d49c7725dc2a5103ba8aa96c59d73bf66dc7a570687fc2f63e21261adfb996d5f1962fb93deba2190491f9a25d770f44c50ec27db92f17a8cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46bdb606c27f1c74cc11c51c5445fab7

    SHA1

    013dd185f730ee1f3b9d86292ca6b4dbb05fe4fa

    SHA256

    98fb1a9ba4e6df79aa30221d1e1514b3867a6870e9d9a7718a2d0363f820766d

    SHA512

    b522eea1fe12d2550c63d547589b95267a3c3d4ac892392d8c97b5cc912e4ac7dd23bc7637639c84736cb4dc7cd0992167b3e9ceed2ff6617c78a26347022216

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    757c5b906d90ac2323e3fdfb7af6e56e

    SHA1

    c3366b6df2c8948044472fca271deb5c63e3bc3d

    SHA256

    e92fd39bc409375fff6b27c4a01945f73bcc563c52a4746433a7be7034a72cd5

    SHA512

    3849b3318b8500d954dc663053fa3c4dbe26ccb8f244e76b67986d95a0dede2f8aa2bcc8dc4010e99af73b474524fbfa4fd6e2bcb765a299227d007813cf2f05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e3394bb28eaf0958008421bb159a354

    SHA1

    795dae5ba9dea71ec421262605040f8907a039e8

    SHA256

    d086c8e764e68fd677a014a8b63acd79245e455beeb5cb9b2ef94bd49c3a90de

    SHA512

    4221ad0b06d589291397c96e776a83b1094e192f8e934d6ccb7abf6ae3757590c8b3fecb5b0547f66774d40e3e65c4fb30563861a77cad3614300c970b12c7f4

  • C:\Users\Admin\AppData\Local\Temp\Cab11BE.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar12BC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b