Analysis

  • max time kernel
    126s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-12-2024 11:32

General

  • Target

    Transaction_Verification_carlos_menem_9K53H33EAI.html

  • Size

    3KB

  • MD5

    371ed12df6e7a0239274a284967dfe47

  • SHA1

    f1c81431c09e9e48bb760fe9ad046c06d4cb1c33

  • SHA256

    e0264bebc63bde415033955c80821c7b5f2a5797e428b0e532f763743e0fca07

  • SHA512

    219af96348ebe1aa607df05b523fb6bb63d3bc9ace719cc10cc50bc3220fb6600584d7cc10522f7be7fad601e1d217cb1330fac0d36ee7e3bb34e6ff28d714fd

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Transaction_Verification_carlos_menem_9K53H33EAI.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1120 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    4c99c061e321aaf1f1e9739ee1c29c75

    SHA1

    b7a60dda7b8cbae62666933b7e2382d2283f29ab

    SHA256

    8bbc64ca13b8ecdacf2583339b4fab0b04dc61414482071b4f1c661e868559ef

    SHA512

    3f8024742b9243a22892426dc3b996d1e972ed8c34e29df40604c183bed042fcc4a6f1cd9bd47a3d1b121cb9e668097a1e3818574d8b112102e879ff88d1160d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a23e99200b0216f3cc3155352e729eb

    SHA1

    4697dd8fc5bba1cd3fc1d5a5dfa0c9de0edd22f7

    SHA256

    add3ec651ca762a573022c287881ae20ecadcea5abdab4c04076de989043ce6c

    SHA512

    3d5496d83cf75c99c8257d553337408c3252e9ae7bad18cc193c4c538ce102058bf2b1cf4851b0ad287979a0404cb05ad770f7a18b0412fb0023e8efdff288c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49f824e3cfa544c71bf91bd80a082c9e

    SHA1

    b677e616f0c227361f3796b5dba3e8d348ba83b4

    SHA256

    a374a152c7646e132691ad5faca574a9b800e78061fa90e1ee577cd21335e734

    SHA512

    90dfc8df89367c7523270ae43fb61a75bae20834304c06b4f7b7b6713f1f91837370ba3bb6a4ae6bb540856d393f02a9b33d8120a3d04f9dcd325a270043c69c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc88dbc1f05d880bc9ef5d7756cf9129

    SHA1

    94edce53e58401ec30ad2efc9a9bc04a74562eac

    SHA256

    bff4b749f51774fcf8432b0333290ad644a37900daf70bb415c69729ba91bd2f

    SHA512

    9a8ba11131580dd6362cdef19351b3d8a08731b179d039baa4259adbc455248042086c8ffbe87de5f2bea876d0481b2d3cb9fd19b919ba11adde997a601d0130

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b6849ab3231529ee52a6e60b1ec0826

    SHA1

    4b820ed2ed97a2b63e450d31f31c13e566418bdc

    SHA256

    36cf9148d517b23d74f337c61618df767f27785d27f6b39deaa975431fb5fbc7

    SHA512

    d3f7ee4c834fbf04c6572c4fd93f4d1ee90393b330af5bda4f4ac58c0c1cea2e1c0d4a7161d241eb61a3be0c257572e7c08dbbf5f922c2b041f1597df8a34b1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b93cb1cb7023ea941cd26fc1c3fb61d

    SHA1

    e341fc0ae057a180ed0d1dec4e0af1e44512d9d3

    SHA256

    22762fca303297ac15b9cc76ab75d0e10d5ec35e3a0ec86c7f3c63a6dcbfe804

    SHA512

    3b5494009cda6c2b53470b466338d7c8873c56abbf5fd18cf83bb5aa4e791622334922de8fca3b552d4c5b03a785ae6380015596d852d6517342b75312f444ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0697af16cb4165f740f74a7f6025c444

    SHA1

    4b1952699a008bee0f2bca00d9a4c9c887022b9f

    SHA256

    37a61d048ca823310e6e055d911438cc22807dd98b0cc4633489c023413c5a58

    SHA512

    79e1a568ecae7d2934e705ea1cdf795424b9f17c6e36a7ff006f41d1b37b234ee41cfa23d7b951c06ccf118a42766e24dfdd9f73202d78a866bee1e18683d141

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de639c741c9aae79e962b6579f912c15

    SHA1

    16a348a52c152e6d2d34a6c3a84bdde42168d1e1

    SHA256

    49a2e934f3515173b6a5cb2be5f6d1eb2f62f2dd71ca4f8cdf73955f260e728f

    SHA512

    665b854a04131bafb72ca1ced364084c6d7672256d4ec41bff36cc2a00387446cc77a69827fb4e54d32c61068e8cdc247e082c58cb0f22c410c74c32c5f82c47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03f1f4f4e5ae7ee0d8e66d7388499778

    SHA1

    20710f437692924c65cb71389ec7202e03c91a4d

    SHA256

    d25b6e6bc632dc3080b50c37831f0a7f8cae1740873c48d7af3010020f0032ea

    SHA512

    d56d1ab42b750f36025653a19243ff85e5e8e5314d085ff3c64035b87d6805c5202773b1531d6c917349b90bdc59ed4be03a6eb15d84da682271b9a3f9082f17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd5c4ade37d80537c5d7c9df36f4335a

    SHA1

    25aae228482d03bcd4b8268294b016b6b9a46fe2

    SHA256

    9ffcd09fd721cb10f75ece83d20daebaac9904c1c4457bc1f0cf9c1ec5bd9601

    SHA512

    5dfca0c76df5378fb204a934681f80d931a5e7da3d78daa856ae4e4e30ab26616b59c77eed72d3804d69b6aa5d1d3549182da74797b49012dd4ef68c40710de4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07fab9715d7b6bd8ea164c5a9c5db723

    SHA1

    f6d21720f16f918985fa5773dc776f4ec46776aa

    SHA256

    c10ae5de86dd902cba1eba06b79bd21ae59b8210ecd068622fc2f8f4848ba9a3

    SHA512

    543a00cfd13e548380080ffdb64bd51f285bf1052a65dab4e996d08f7f2feb27f19f6cc05acb9241baf771f8ffbe273265109818ef132b38a965bd2362575f8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efe732f4cda880663ce04a2d7a0d5eb7

    SHA1

    37e2d6c3a999f7ff93ac4bcadb986b92b69b8c76

    SHA256

    8ff6506265231feaa86424391acd7d05625165a75c92b67c5dffa81cd3b08897

    SHA512

    71451a4672b5e3be510c2092c8fb2c30fdad10959388414e3289f31d0f96805f1252ee36f7c90c62ad1a3df05390135125a0f8a1418befc67403a819e68cbcf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7def535a8f662ef6d05c7e4a9c96aef4

    SHA1

    b18f541e515d2b83c11195d883f6b6ab25d5f62f

    SHA256

    2110d7494bb0c322240185e42255c7660e90607b9f5f6ab8914af92d48269299

    SHA512

    2a2b261a6de3474fe2d9be97551b80d68e9936a54c328ae092d778adc99b2c951ce9ee2addfc63b06fa9322e6b8fd1ea12ab32de9ad2ab1e95bb13951c9b4d81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df3d62a6f67f4f6dfdc830225d977a7c

    SHA1

    98321937fe2ad7780adde5c318e7f35bf01896fb

    SHA256

    ec4d31f889d389579379dfd6a6f604718652f4f375024b33f67036b99d8a1c0f

    SHA512

    6893394157bf5ee8ef0005dd8d07d59ca0df55acff438c813ee91abe21eed028ce031df3a85a28bcd223d79811cb16864acc0dff429413addc09f2da4fef961c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c5cb5b47cd3d4e9ad2e124c4949a51c

    SHA1

    40a1b430216b36f8e6c50836c3f8edb5f1c66bf2

    SHA256

    9d9d6a8a21584a5932ef676ce6ceaf8f5b77d4c5a28b00edec221f2990f9ae5f

    SHA512

    17980c5f9ab153209f561d92efced0d400ed4b5091473bc36f74affdd073ecf361bc4a87d1b51f8ec3d2ae218a07b9f91f285bd5c481c13b27af820423d5ba90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f8359f6d64edc1e4c802b882350ef07

    SHA1

    528d78641385137d3cc5b0e8bacd10d23dde6a5e

    SHA256

    cd26f8d05e579701c7a9a54bee7e21c0311fbec5e4112e05853a616aac69f6ac

    SHA512

    f8d689d12cc89ec3fd5a68e2a61edbedd99cd6cd5cd3abbf173fbe105b14762ccdbee64ea979e3cdf12c58f6c9891cfb01420460ff6b352ff6caaece0b2b159f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae5bfe0dfbb4a6bd83cf376747209944

    SHA1

    728ca42f99d992b1fdaa47326d034bf873dfc1dd

    SHA256

    7f6bd5c284c567530a0c5673ed54bcbffeaa5e3d873eaed4c4b440e8704248cd

    SHA512

    4aa4b12d1a38e61e158ebe8fe2d0189360e801e2273157c3553c8c2d4c0e3e564544118c9e6c4a43e43546527476c7f3ac9f10b5d09d1897777ed05295a9bd3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26f62dff875e984fa16eb4c219cb6469

    SHA1

    accaac6d0bb9c8ce5448b67de41ada65367afa1e

    SHA256

    493d275836e09d334730fc3a1505d4f294910b45d445690bc042c93592a8eb2b

    SHA512

    33458d826203a123bd10283bc7c6cf569e8d4baa540750cb5bd45a1794805bddacd844e32960acf582197e0807128f657e6fa023812fdde7756dfd089327ee48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03d18290eb3cebc506b1c5cbc08216c5

    SHA1

    d3cbaca2c54a3ff1bec65bd9ad185b9820b79e91

    SHA256

    3f624804d707d59ffcce06131bc233a57883d1064bbd3c2ccb68063f1b8f102a

    SHA512

    cc6a372fc3d537aa1372fffbf356667802803c5528c39247106d5fbc720911281b409eda73a27b72e9c2dab98e39bd90ee939c456ea1c18162e32bf7ef653de2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    831dd9ffbcf04350398542480faeddc8

    SHA1

    75be4b8cb10776e8af35e97345244c4505956c25

    SHA256

    d239c578f506f4a6e9b5927dc58e22b10d4b54df232321ceac6a92ea2e8db223

    SHA512

    bfa329718c9c63893a8b6814bbbd89c5c65acad6a5c7525caa2cc3586f88d5e610b32e40ad758b6ee9add489ade743ddcf6de2f00c7b92da318f73d01075398e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    1cb90d5bf166b17fd070fcdfea2c20bf

    SHA1

    8d52b9c241deb3b50577b88d3fd12f8427ad7ac8

    SHA256

    ab7470b8e7ac57f9113f6039f32ced288518f36d0ac1637e8398dd0743c7092d

    SHA512

    21b4104d6503c6e8865342c111d8b7905c85dfa7ba4a0b2a91eca4b3da1f16e6166218c57678497c49c010e950b629fb5ba3db139971a92cce5580b5232e00eb

  • C:\Users\Admin\AppData\Local\Temp\Cab6818.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar681A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b