Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • submitted
    22-11-2024 05:53

General

  • Target

    x64/Templates/TemplateCorreoCliente.htm

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\x64\Templates\TemplateCorreoCliente.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:340 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2568

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d624c518aa1844ef207d54b919295cd

    SHA1

    cf66d4a72922596f625e00c4046f06ecac9063b8

    SHA256

    80c6427e0d7e21b8670e94039e017e1a37baf140bdc7e137a87043917ccc61bd

    SHA512

    36235833f7dd63bace02470b474bd266f1552016eebe1f749e6814cd6f6a1a5402ff6a64d07a6612c63e2f693bbe67d3b989376922a244cfa1b4742606344a67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    874195d3dfc393c0c3b857b5b95d8641

    SHA1

    41a22d3d57ed8dd4c87cedba8f7c34977b7d9767

    SHA256

    b8a564bb27a4e6a7fb1cd4d9c845912dd499a1de32dc719b6340777e3d4c132e

    SHA512

    2b768c529b18cf20c11657a32d63a14fd7f416f0c1741353f13eadfcdebe2e62f8e1ad60d14367c7c9d147f6187f70420cf615796ca16a0df5891b289c589db6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7995857c938356e7e97b64fcb8686036

    SHA1

    8431918668fe17fe17d5196028bfa93bc680a689

    SHA256

    4759c2b07eb18a0ef53d5733f58adf5bf2125a1f0d4c891e3a4f287dd0597271

    SHA512

    5fc349bda81f842145a589ff247a186f4b2ae5eba2206665f8ae0027a5b64fa79bf8b2eb359e1a8cac8d20bffa1a65374aad5e8abeb3036217ed6dc43a801a28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b1173cbd0969d34c3a7f8b692fd7465

    SHA1

    c06834eda1e41348797f4242c173a781e31e08e0

    SHA256

    84c8becc462c822a7b5d60ae6e62945fecc072c2a2856ba93b6931020249d7fa

    SHA512

    9e52a578acc0222c9d792bb793e8ad4ccc6949a6364cbc6198eb581de60d6da32527cffce553164a321cecf6cc6ee0df0ea9248d4af663ce17288ddca29cd2dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc0bcb20c5ecb007f02069334352c5e7

    SHA1

    3495d5b29c9a84f1c22ad1c17ec625f18be30bcd

    SHA256

    46ef90b444199302b1f9050584d3295c5b45f23571e0ea9c8677b0a8421ab406

    SHA512

    e42b72b4d10966c31eb0aef4b439c4f16ba914833c28a67b75677b42766b7dac02c7cea146efd06b6ba7427cb6ef5eca4df093ee7b35acfdea2d10cef4cab40e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4154610a43dcb09d18112009768ed0ab

    SHA1

    a0fda16464d94297c66d6111bc49fcc55ea46b8f

    SHA256

    a5e51cccaf42351d5b5a4a1370b00d27c22a049a778941ebffd0360fbef11a90

    SHA512

    37130d97083226e42b954010ac89dd6cd63fd0af2e9a0d4adddcccb1a55f4f6e305399c2adc932046ce99947dea3a5d78529b16f0438729f7c252fbb7841c5dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5e2fb6ad19af66c695ed3442acb2258

    SHA1

    cfb58d39209e6e5099df85208d94e1c381d27574

    SHA256

    f5afd64d49d636c308b8c8488d86e1ea48df310fa06089e0c7453b76bdc91088

    SHA512

    7fd0057d0e46af44d23ccd9b173771fcf753a45d367b22228b71162ae7bf9b48af3cce8804c6c666c7bc2d591728c1097d62c97c21199265ee5ba442c89b84bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c529e47ea4fb5d14be30582d0f6ac641

    SHA1

    bc63f82504509334ad3307b306c8f70fcee86adb

    SHA256

    df64e51f79dea6a5806572ae1fed9e7045d0bc0c7f87387eeae341e615f96b2a

    SHA512

    ea088208ebe0474370846682367acf8aac9530b9ff3869a3167c768cb8c70f748c138ac2d61634f2ad9e4dc9938fc5d8875fc86a094829119c1fe7cb7abf3a86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    095ff5342f0381578cc2bc20f1b11cb5

    SHA1

    9b1d582c70c72959a8dcf370978b908144c26e7a

    SHA256

    08d3aee837b485584a259419af362bd60a6fde643ac4e7eba404a2e5716d10ca

    SHA512

    03cbbe6554945444d2e756743dc35cae1c3d9c6ead02bb138fd3fd0df74f9c0556fffd5d46740a9e971ab6e324a9a98cafbbad7c6ade1d765c52f525c19a9576

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6757c5f7ff90df748742ab7d177d5cf

    SHA1

    b285b4a849634bdd0eb14b11ae9a2154796206d3

    SHA256

    f99e98acaa940029cad7e980b54a2cec2055e424c822cc0c6ca12bd8c6be2ee3

    SHA512

    de192dafeac820d9159a365d2d138d1c932f858906cedfa92ea03b54bbfee689dc10c7d81ef71f4f9c283c90180ae4d3a3c5f4b2ff551279f79d429bbb8d133a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51f727b90c8c57034340520607fbec70

    SHA1

    47775dcd7eef2a5c7fee6dac0a6143f6de8686e3

    SHA256

    1cd0a94e1cfe3818631643a3b255d16206716d8b7a3169fafeba5302bfc78748

    SHA512

    3e0277b7adc2c06d48163ff159e45b358647ba0d80cf94918abed5e3a160484b09aebf39f210b3f0c8a6c88cbfc7784b406134adf1dbd82737f16d2da0399b9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32793e1443082881f6e856a110c53373

    SHA1

    79f14d771ef7074305792296d3139c66726609ca

    SHA256

    0aa1693850eaa96f9d3e7526fc5886294d9bc4fc95dad9d423e11f956631d6c2

    SHA512

    f3d9581c924ca47b7fb2d92e9242abeb5d93627714092b22ad3f2242264ee4fef9adfc08d568ee9fc631ad06be01915c48a269b47cdea2b585978d0fa29d625f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcb59f94ee36a922d35e8be9a0662e79

    SHA1

    779516eb5d55b351a66e9a681ac9761a9d30d481

    SHA256

    76d1981bbf497d17b8824525ade6a034bf66cddf9bf4ce13f38ddcac66895f90

    SHA512

    45b496867b15d36c35343ef609acad290d0813f86fe5ed800fb8f7dfe607951c1b935bdd2d1a92184e301fc1fa61c2e6830be73022b22000450841507f1d22ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aed4927d9b60a71976deea9c193ba9da

    SHA1

    52669df3248804cd7d0d981d9f0cf1c0fbc18073

    SHA256

    374264c94da25fe13aa83dcea84dceb6e74a247773c25384638e566627579c6e

    SHA512

    fee1764d037d99a3913d85f50dcfdd75f0d1773ab5aa33bcf8cada959cd61351b9124ee2a2f74ccfa3b2394d012a29acc634167fe5bc0c9053bb1cbec2c8d7f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1aa4ccaed0eb1403b868e4e812e46b6f

    SHA1

    cbf00eb214b0558db775663da187619aba2b42ef

    SHA256

    26b5a59eb7e9d8e93bb62e39c39ee9e5d17b211018f7077ee9aa5452545859a7

    SHA512

    acb91ea5e7f092b98d7cddcda31297b73b791700fa48b1d57aa45ee733257a96a51055d776450bd642abde9c479ff830a77cb31b932d9c0e824bf64c8c27cdff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f7acb7e3e7b8aabd4487ec4e7e3e98a

    SHA1

    60067bfbed49a48b1ece3ee2726dd4b4e454fd29

    SHA256

    b8c49e077fcec86d17d4d98664c3d4c220cfe020b7e399fdc2847021bde5a423

    SHA512

    a36d37e93541e0f137220caeef0fcd6bfa1aef4e0367c723bff9ae740d5622bfc9c6ae1eae2a5f3f50c9df3424ff65ead8459d1661cf27db8516ac2f20520aa2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5057d550ca97aa485005d6984adf432

    SHA1

    3e97719fe24271a4fe826099a43b42a5ed7c5ab4

    SHA256

    a8f2948d150bd54db93f1d01254cd11f8d98fd891b57858bbfa879c05039d89b

    SHA512

    31fdf1c7df8f13a4abd717b12674e7f4556a57e6390f1c336f8963e1915bc6e9abfbb0c34c6447e3c39754c63f91bbfd6100e09c8ed92f2bd336588e2c128d94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    140f537d5614644a6f47b2d0d9feffd1

    SHA1

    1343f610a4ad04999d64acfa27a075aec702fb4b

    SHA256

    33ce10b8dc60f98e78917c948c2e6c6165cf5b0dcc7ccc2040dd078a4a75f51c

    SHA512

    b45aa530f687acbcf3165b97756328511b0595e1d6ea7677f680a484564526cec23ab93ed4f145aa0d678bbbd7eda1ae78b2151b3c0ca5da945f2a10af09da14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    641b8a37582ba1a26daae3f6dce45032

    SHA1

    3b11a6a2060b644e9d58fa53f395e8ac88f65036

    SHA256

    7b8414010eb6b064b0ad241f00cff96e1d6bd8c71c387a9f5faf9b7593cf4f9b

    SHA512

    0897d8962610770e1264d9a62dca20b1f10d505169af94388dcb224c90ac6c9b3abd869dc5f3dbd8e1f6cba673371069d3a2ccf6bcbf8709ca1c7e66bb1015c7

  • C:\Users\Admin\AppData\Local\Temp\CabE774.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE843.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b