Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-11-2024 16:29

General

  • Target

    www.satnet.biz/www.satnet.biz.htm

  • Size

    8KB

  • MD5

    bbbc11fe2fb99945a31891db430aec4d

  • SHA1

    6ccac25da18165960595a7be1a6e38ccc9325a3b

  • SHA256

    c2f6115c0a32d861bb0b4feb7daec8bc796237617d2ade992bdd745a9f741a6e

  • SHA512

    831de84570511a363e3fae8c0fa61e0d30a56127e957f960a772c4b90d2ce1091f3a7187a82f7ba6b61e08ae735889e67df5dc82bc0fc61f4effaa803c863c0c

  • SSDEEP

    192:Dafy4TY5z5gnn8AkABN5Xf27Nuz0A0YC3yZvOZvbWN8e2+XnF:DafVTY5z5VAkABDWKUYKyRORb0j2+XnF

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\www.satnet.biz\www.satnet.biz.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65b5f3e9dcee545f2c8eda98d97ad941

    SHA1

    26b48fe132d1f072d6996e0c7a8ca237f68ff8b2

    SHA256

    e66201615f69043a2b76c2e5050ae6d85def2ea971be0784b67fb8955e1ad633

    SHA512

    c9fe921ba55022b89d9b1e2b3a4f60310a62d3c7dfff23edc70dc90f32498882e4ad6759f7e324a0782ed7c03c05904f6a9cafd3ff24aaf726ac097e6d47b9e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efa786b356ab5d68be1da252e7cc57ee

    SHA1

    af79f3921d4d49f448dbdc4c90abef51ee1f4237

    SHA256

    a2c7c18ca4f1e2527e8e1a83b77c3f418c359d61969bed66aa15ee2bba0ae976

    SHA512

    5bddd6f9a052be8f07e7ef994accef04f94d30a4fe440919dff9001428838a97f4b2b29eb3515d573ac1b7e3a6fd97e011f8b27d5a648938d79ec197649af2a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63deec8ddc37f2f0219d418945a1fdbd

    SHA1

    c9c387e6d997c4e4d474e9f2f37bcd0d712f8a2a

    SHA256

    22eb14777ea19550fbb562413cbd45e6456c7ea74fbc265d956c43e7ba647d1d

    SHA512

    063cef328350b63a85a3db94c8948629f9eac395a5f1d4c7c722bf4d01180d520f640e5df83f68786c0136f62043bb866eb0a819aec3410add77c9de07bacfab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbc8df56ac371570e1674fb12ea7d245

    SHA1

    10b4b3d4b0690989e9bcdbcca972ddaf020d0f79

    SHA256

    4c6e2856a6eff72b81cad5bc89fe56e791b7b46bce82a81fc1814b1549933f9f

    SHA512

    e9105459ed4281b04140c46dda91908d38036b1da1c6ca58ce5793e4ec6a529df6171e2609b15d312b8188d88e8370c02b473e412c872cf29029a4ff7db58414

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2888cc132e4144db898a0f087d7ea17c

    SHA1

    b4d0c99d4601c71917dd1c587f1bda884cf43d00

    SHA256

    852968ed2e5e760e6fd19e9c2e42fef9990215d8005f477858d618f7f34ac1c1

    SHA512

    17775b5e35d37824579bc6bbfa20910b1a37b8c9a6a2e4edd98b2c54b8ff838fe6faa22bb94a8b3b84bb3ce555d5e8230f04ec83c038e06bf1fab04f0a368abb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fe5bf63151475501295d07c47188427

    SHA1

    95920c7f8b37bd02e7ec91a63ea623ad2c63c3fc

    SHA256

    42714d646a0a5d4089fce68fa20a68d2b3bff9f4843a8efed8c0438ad5394f10

    SHA512

    e7a708d9c944515faa6c5d176cd882aa945ed64aa86a3fa8b0b705ed26c32a91101b851b0f45b2e9deb8e32733d4e19015822b8b57a3dee34c020983d1f7462f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f187d8b3e5aec5e15831275a05d7e52d

    SHA1

    88838926ddd964398b21beed3b08a5a03e9ee355

    SHA256

    7273234f1db059fe09dbd2caa537cb3713c21ce688217654763e33451d4db1b9

    SHA512

    29981d6e394733781b26b6b0b4ed3304c63da0c3e9516da9127361c090d57919795384618b92f4cfe488a68bab103c3a6f187518c7eb11dee024b33608be6af2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a2142e4a36ed3703db7e85a8e58aab1

    SHA1

    3ef901656b7a41ab75a480d12ca07eab9ceacc3e

    SHA256

    0bf9cb32a70efa8a546f16ba8e41401d51970d7fc0f48539cc524af7716b39a9

    SHA512

    d5f301617171172b55aaadb73ffea372edadce4501b73af5c38ec8c431316a2ac8c2dd908364490a0573bec9f33a622ca25056d099792c0145b5b7c7d9733106

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cddc1e82cc0aa1201a853e521bc82ce4

    SHA1

    7007f51dab9c8e4f2fe6771188719535bef6198d

    SHA256

    e1787b410b7006af7802925b180a5160ecfa6dea17dce3c570a9953aab5d0907

    SHA512

    e2a055fb8e42d302d0011893b83efbaa433b4a6ab564f980dd08ec081d6b9b9f22d24f034be37b9d4358066f855e56d0925fe036bdad27aa0f07ff7f086b6b58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51cf2a3793f3b242c3bffe609a7518e9

    SHA1

    0c4eb43552eb11739c4238b667d63bf0cc7354e6

    SHA256

    2932c6b34273f325a2ab453457e0dc122c2be0109d5663209f8f35ae2b2fcaa7

    SHA512

    75af092a31d4bf7bf0fb768d5939c4dd3bbc9cde4fce7f26750430cb994ddcde031a2a2dc1ff3a57b77b83a7078e091507956287b10c158525f27f1bd1d7a59b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfee8e1e4e4fc500eb97f21a6f1b669e

    SHA1

    20daf133209b6c778d7d64d288be4e7e401d3a51

    SHA256

    14b841faa7d140c2a9812cd0e44db26fc8f65053cac224841886092a3e074740

    SHA512

    09ea94db9a07c324e14509327a318f8649404559b7664f782bc333c46a9143609040b8d4d0d0e83ecbfbb0a1c2adb986529298589204357cb5c5cfff4705d937

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdb0de73878ec8cef217533b8da03406

    SHA1

    d5299462e04391aa11bdd8fce5477e1d9794911a

    SHA256

    b0dc5153a0ef9c6a4ccb6083ce09d972deea72e7cf172291f58fc46db10c64ef

    SHA512

    e526acb7bf0abbd0ebce5022380a615df9724d447c20c73fffc42a1b970f90dacadf40fb7e62fe9b370de26e068a888efac933567c6aa915222aa202b4c13e1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ac88a9bd6bceb2840879c81864c4a2e

    SHA1

    e05357d971583136f93c58093c74cab1aa4a3ae2

    SHA256

    76b9a7e5b5bf9c01f895e5efd70ea0504fd2bb09e767987a013bf89c0e1c514e

    SHA512

    280f8cdb6cc263a07ee2f7024c80717692ecb911dc1ce2adf0d05ed5636f6fec32d0a51138fcd1e8095d5c435cb87f441ddccb630d406aa67ccc1fc4b589397b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4889ecd8b9a956af5a197d965d3aee7e

    SHA1

    00bbb133428193b172c82b90d70f898f5c2d8847

    SHA256

    e320b049b632776cb7c44f411f34f92eaf4ea83ff99d612059851583da294250

    SHA512

    c467777146a4dc34fdbd43f180eed028a7d0c6e21ecf5d94083d7a8004311cd055cf8dd3b77c62350a3b27b081570378f36f492db35600c134ecbe9f5f79f774

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df806d4a362a3e5a3f32e2ab43625691

    SHA1

    8077184ab7ac007e424f5d0ac9eea03fcaf06bdf

    SHA256

    d4672668dd113255aaaa42262cf5b1e517ed78c0b6296e6798058ec92bcb6a9c

    SHA512

    9ba3c602ab25128a4bf6974b39e5a229ddcab69ee2fac1ece40c4b1ba69fb723ce33558c3ef5d1f7f6aa2d1308f7b19c72ce9dec09e1dacbd947a9985631e315

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d02cfd98ad2b667999aa3fbaebf9259

    SHA1

    c9d0cf0d007b19453dd3c1f945898cc1d1839cf5

    SHA256

    07270e1250534972decc5d4b4cd60b53d18a2e5fdf0df78e8298f4cea6962d11

    SHA512

    551eabdb79547bd56da2e18023eb97b666637226dc914172460735024b009b3eb379d538cdfe8344529f5c827eb2685918ee6d5189ca3481ca28608fce4a6626

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95d5943462965d4581a06feb974c942a

    SHA1

    8b77e46ef36626d5d2738f1118178868ca99f3d1

    SHA256

    5f5bda470b2301e25b388d41b047652f6b4f48ad2efca2e824db293c808ba6c1

    SHA512

    f1b4462402a641611c55b742739536a8b29710c7bce4f4e116273a2903f8f324ffd8b775efd4eeaa1a7e814e873d78ea17fea376237a39aadb6f5eb6385ecb68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    296854bd9441d5391ea41846ddb558fd

    SHA1

    4236cddeed68e7a5cac20889f09da88ca658c7d6

    SHA256

    80e40dd094aa28cd496c00aeee9c4d282811cf659b9d532c8ac3d1468d37cf6d

    SHA512

    059f869139cb7e1f50afea73f043e73caeb740e787d50e7e68dec5be492bc0ccd6b3a33d064fb21b203d9bd38054e46e1f7b082e5168af2bc8069de49686be8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f679e319799901f78b72f38ba09e12c

    SHA1

    409eec45db61474d4603e3330a1f67e89d7f2589

    SHA256

    349c64eb8e303c6e6ee82ec45822580a2e56481eea903fdf393061d3e38bf454

    SHA512

    e28c8caf4027d3428f5218b21f9f69810f4b1fd36374127e81329da78791d30ec7301822e6e280f9820be7705945eab54961da35e9726254f16eb7f1ef07f8b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9132c3d6a04e28798338f1d5093c4e2

    SHA1

    42a3887dc0b7b47243f03bd0a6012ebcb4ab25d4

    SHA256

    77666bb7aa4a9026c9908d82a9dabb50758f806aaecbe9d226ac58cd2966dca7

    SHA512

    b59288618e47696648deaaf029ebd60ebd081c64be51446131c1c9232f1e3e4952af774fe6f8adceb5e9cdd4d592b767b29beac70962181a6f1cb2244266a89f

  • C:\Users\Admin\AppData\Local\Temp\Cab5728.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5798.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b