Analysis

  • max time kernel
    118s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    22-11-2024 02:08

General

  • Target

    jre/Welcome.html

  • Size

    983B

  • MD5

    3cb773cb396842a7a43ad4868a23abe5

  • SHA1

    ace737f039535c817d867281190ca12f8b4d4b75

  • SHA256

    f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0

  • SHA512

    6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\jre\Welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f78a0f03de25afe52114cf72b8913b02

    SHA1

    542593d355990dbaabf65d2cb3a67c3ec079b716

    SHA256

    a7f3e564b0b12222ccb78049815a818b4ff59bc0c7fefdf79fb690bfa1936c4f

    SHA512

    68f416c475552960dfecd92d6264f7fdb184da0a192e5c28e77281434deda2e8bea0a13bfd68d2e5a5b0ab92042495c078d3587e1de7369567d52c345a50706f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ecfdb2874748ea6cb218db2d7db015d

    SHA1

    ad252c31c99604f07c908aca8cb79b5683dae88e

    SHA256

    1032067ed5457d0daca23293b4d154ff7a938fca1fbc3a5e08727f1d239a8012

    SHA512

    fcc592ea192a52fae33e7cfc63fe1bb6770700545c8b7f33b339308a7aca49e01571b08340831cabe9aa0a7f39732c65da195f8e8b00cf1245fb79334427917c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bee2340b85602d6c671e9adecc780fb9

    SHA1

    831a49799ededf973a5f76b50a02dbbb431b4b8d

    SHA256

    0e9b0e77cf086849f5aa4d418ee134f55d5c38cd593be7ce53794d8db7b20688

    SHA512

    981ec0e73f7a4f6d2f1d033b309bb0bf8df8d0f02d70dde01f6879d04e7fddcc75f73651b81192b58fbcf51d7419aff21aedc4898b3e2e9661f9ec63bdf05a11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    369bad1902581c0bcfce0282c8267cf8

    SHA1

    2457e8917d9028f8025ece957fff19d299ff0afa

    SHA256

    422ab3ec061ff1556f928cde6af55f3d4eb5c06efe69b98f1771411a8bd1e118

    SHA512

    dc4ec83534a1f5356d2c23c870c71002d921776a2207e533299ad2746f5e78a237b84bf12d3e699bd65f6b1bc333974c5f055e7f0eb9a1bb1bf09a27101a800b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    306de40448c2804d0afddf2c7c70e20b

    SHA1

    a1e168ac853ca35e4d7904f1e967b73b47a312ee

    SHA256

    d9a43e7ed76c6986041dbeee1dad7cc09ee37218037e34faabf87f447091e2b3

    SHA512

    b708afc9d9465afe323f45112ba1e62297539702bcd5eca2f8a66129a9fcaaa439eb594427a9e8289035daca6a66c5c07a65be377ff592913abae74627d3a6a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb982142a97c7ff8c83c965b089e16a7

    SHA1

    2c17cdf4e054fc4d7d1cbfea47b21ce788a3baae

    SHA256

    46c0c232266643e4ec6a6163226125ff743248fb73b982a8b9b1799d79e16d4d

    SHA512

    b7338844d0a66fbc15c2f2080cfb35d99466c1a0043d22b97d2a3f4e2146f92db2ee4149b9ac73e4915093c0ed1474389845dac50196fd40b82834238b3cf41d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c850caf959cc7459353aeb6846b76153

    SHA1

    16eb9caf35426c30f3afb1e7e86d94d179e26743

    SHA256

    995aca9d28b7df5c4896085e9aa40f7a829dd39fff0780cc1bce580cee4a6c68

    SHA512

    6674bbb1cd4e56e2d83edfab77af482f5d51901b4bf18b3bc67c19125b796cb8458875847d1cd662065541f3a9ef22fd10fff13119243b3bf0894e127d640499

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a60f91a8ab4b2c195413cbcbe808f11

    SHA1

    547f99c3a668d06a099c064b3c053b8cc941ae9c

    SHA256

    eb3a76f41cff17afcb318791df7da08362c003d25c165da96cc2080625b64edc

    SHA512

    2aa09182f33b25b75e6c3f5cdaa67ee936a0351ebfee8089e976fa2a314d4768b1cedd32bb3f4971883143770bf79236197c41d8a44a32c092c20f53ea604151

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be55891950c604b0b6f177b7f080edb8

    SHA1

    7ad54f7f28de18553789e675064c4a7d06966010

    SHA256

    529520bbb09c7e0b80300bfbf8ea4161514a69fdf9c16d2027a1934a09721087

    SHA512

    76cede33150150a0d6bdf4a006501ef08002cbc2d1ee2cc21aa29cd28fb623ce7e02b145d56ad8c12a4bb61b9bbfb55d9a2c9aea9f0cd2144148f35bef7bcbde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41a076f58a14009247b6a20a285ccc8e

    SHA1

    926236614ec3650da3229a9ab1ab47d385e4bdf6

    SHA256

    23a6dba53e0fd2d15d98f63925862e8b81d703af6e7cf823b1ad496917d7d396

    SHA512

    ba9f6a3dcfc52022ab598e005cae07c32d1c5a577634683f636f378b2c14aded37e69c4e360f1612b2b9d26bdf98806b8f8fc56686ffd7ba70ced656fe3de3d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    649cab2d8aab502b54db5e00ccc343e5

    SHA1

    f5b5309e2367f8f37934c03ac349cc858055701a

    SHA256

    500d9b0be045e1db548688b48ef59fa46e0a08c28fc7513fc095a04d15a0b51a

    SHA512

    24049e5aca7501242a8cf42e2cc4bea075e10561c60aa421883c96617c9caa5882e74c5ae37e6236593048986482ebe7cbbd7cee1e8af9d6599c6c6501ccca35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a296381b6cc8e8578b02dc4141731aa1

    SHA1

    98ea16333f2d0a81238c367127156b24c014b1a0

    SHA256

    0e5fceedfdb6a8a81892043900ee131284760832579392ad33673584a025b1bd

    SHA512

    c8353d40cf4afcb9779581599568031917da647ea6ba5a261f6d4ed5c6a5bfc4ab4df069cc455f20f5e1ca9206c8e10f327789da00798003af84d88dc321b3ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    686fc2724598f9fce822e873cf204bc7

    SHA1

    bf3d8c38465755ee81469246924289c7366b913b

    SHA256

    c4ede821f1ad63c1bd038bd913570ad95a7718f78b14f57ec55e0843098a53ec

    SHA512

    80cb86009d87f30cdc1c43f4ffe28c2147b7c4011cc17d2fa736b63efd0f6b33aa3564b775352a6a86f526d3c4123715e8ebf0bbb9f5b5e4614cb4d5452eecfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a94d6017341f11927656f2a097165a01

    SHA1

    cbdae25bbe8c23b5c889dccbee128d2b2bec8899

    SHA256

    65efafb64429fa1923492aab11d2c11711fb175582a1cbfe38b12d2d3e7a56cd

    SHA512

    21761fb799ec83342c51564a2e88ded7fde5fa066e51665f28e494cfeb9ab50be7ab549957fe00b1eb4ee3a126367758a7e776583c4e855753e629ec525b7835

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bcd4c7d414b1d08f97f76915a8f2e6f2

    SHA1

    d1ced44254cd9384863578230d808679d786e1d6

    SHA256

    230338108ddf990e297057895d0b1725b32a7813b6b58c6251aa256e76b0c578

    SHA512

    a3e9e35f1c7bda7d24c023b8db7edac8aa272ff67dccb4e4f5da0bae0c3592a0aa234fd3bf76e87bf75b449523ca5136c8a5e55fb59c5acd7671bd56acce2fbf

  • C:\Users\Admin\AppData\Local\Temp\CabD838.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD9E1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b