Resubmissions

13-12-2024 20:04

241213-ytcrhszkhq 3

13-12-2024 19:58

241213-yp8cmaxqh1 10

13-12-2024 19:57

241213-ypg6fazkfr 4

13-12-2024 19:55

241213-ym6e9axqgz 3

Analysis

  • max time kernel
    1440s
  • max time network
    1441s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    13-12-2024 20:04

General

  • Target

    sample.html

  • Size

    8KB

  • MD5

    be3ab1d1fc19b664b3de254beb3086ef

  • SHA1

    e944fdcb2d62e379c71624fa6e2815afd3cf7fba

  • SHA256

    d94750830fcd3dadb1d2343135f5136042d63451712272a2d7c496d50940efaa

  • SHA512

    bb9ba4db70d7315c21ee1497178418f0a6cd3a27f406595621f0fee4643168c9dd806d5dc01178004cd498224e093778d17faea78be1f890e8580b1d23c5c3e4

  • SSDEEP

    192:PN2x2BpZge0zxfu/phJmw1fx+G4xrECBk1GVDSkXybwN:Axi0zxfaJpVlARGhwN

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2744 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b100789743c43086708fd12de6f35fdb

    SHA1

    8d12f7f76a3b1d4cfea6472972f64e57468c3f71

    SHA256

    3570763b2279f1d814d0d734dfeba6671bdeea4d0bce1a715bc9841bafc4e5a3

    SHA512

    56c8c19280316931dee373ba4a290890ffb5d38befc2870d77098a962d00fc34cec3f802dea46d9a187fe3ddd45c6d7de50810b3dbfe41a20df7366b35d96ce7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec0fe1101a83bed049838328b631a590

    SHA1

    1ae2fb055cbd97980b7db692fbe29e43773ee567

    SHA256

    6a3e710be1360d0a1bad014c82a3e8c9e753af0025e59fb0a41921f048eaa36c

    SHA512

    e572a42a122e6bad19cda776604d712cacf117b2aec197fcd807ab8f1c35ee3b7a3307f1e9e84ddc4a0a37f12945a6296e3106841c0168456a2a478154132420

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da8962cd3b42ea98641f1dd68c1a9bb4

    SHA1

    0aba899234612f8bc34cb7f5dd6da575ee6d6bf7

    SHA256

    f8ac6943add08b73566cd254876a88b1953380237d65d4f3fc73fb30a21710aa

    SHA512

    19c75982c5b0338bfc4272a2f717d6bc07b7947dfb528e43fe3b2e57152abd211b62e2005e16a10af8c16059e248571da94778b16574d0e3aebf6f7ec84b58ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c30e4bde832587cc66cb065f3f358af5

    SHA1

    e4b5e9069c0ef7ef193307a4a9d032ceacb33833

    SHA256

    9c13ed39f2ffbb25a0e6c178146b29568dcddb36638fb1c89965a71f8260b5fb

    SHA512

    8704492015ab18b863021de7f4b1668361b345ac484705be916b20d6213151902b48ff41e3466cb00e0454fad4e4e1417a234a8f3f862326c8a14e8e69218537

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc2bc7b8cac0732e0ad56b34512b21b0

    SHA1

    0ccd4f071256c67281303bda49a6be3ffe4bda1a

    SHA256

    1542f6f189409c0d65e61e3bf1f5fcb7a78f12351c7cd26264c39473eb057433

    SHA512

    762c4184c28e5392746756f7aaec452e477e4ea88fcf1e1e519a1df528d65a4704c69ba7a2967356459f24f1dc71b698aa042cd3cf344743720b0442a15e2c64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8547e4880a17791486c9f7a8e9a76037

    SHA1

    0e4facec36ce14e9d6e08022e5ab2276918ae5b7

    SHA256

    19c3e1460bb60d8e9be5570680961abd418d8584ca189fe9f904fb6e815ed582

    SHA512

    b3a30f90b15f3f406f18dcc67cb5f05b76cbb7fa9b03758fce1fdc2c806680b71f96526966cfa8226b6876ab81ab6ad1d2831da694d654858e68c90625656b30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dee183bd5eb6ffc766a207844fcc4108

    SHA1

    74ddfab9b364634c449523a69153b5ed3baa7e10

    SHA256

    a7e5438b615f19de324e844532f1f2823943842506655de92ff3160198226b19

    SHA512

    2f33117416d57c5b7831f94bbb2f9c818289e71273c08638dd7c61888fd1fde9d34bece57286187121528d0887107e48ca3852145724a44a5d951a5c1d183eee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71ecc962823d7aa95051d27d1fde8bf5

    SHA1

    ed69593f2c87d21565763d0220cd81ef354c5787

    SHA256

    1a72cd6e070d05c6faa9702d3b40c13209572b2325a55c63824d5952c328f5c5

    SHA512

    e0cb273706f65eb0365ec5321e499e2231816b3d9666e996d98813844ded0dfbb83d67d78c2d4a3dd2ab95cddebcd757e442b1834f240fd2b4ba38211d537290

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    439e881405f5e49b2d5b4484117d615a

    SHA1

    e2699e96c8fc9194e85ea615bce34c099cbc3fd0

    SHA256

    ced8708f2bca97c8a9eb2aa1516afabef5c6dac1276b2024e3d6bd9cf38d3080

    SHA512

    bfe19cdf3ce1edc864604e42f0b5bd9db902af6a42788d1e848be7d13fd22df2300a3fbfdd7e5d2280bf7fb4cd8a36eef9ae2dfe2916d3eb181be5221360b1f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd43687c28b423d42cafe40d282ff876

    SHA1

    bf93260ab0a5f1aceede6a2387678cf853d433e3

    SHA256

    e42302d11248548c784943c3b62d88f1e1188d6e5b0ff3dec8b6705aaafb5448

    SHA512

    e35580c7c6f82622a35b4bacbfaab7f18a739ecc335f14c0e5bfa3fb2325b6212bd34850b941625c70f18f3141d195ea4eba436aa0762edc316458c4c1ebd4a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c2317599daefc6a6ae3c5d2b4efefe5

    SHA1

    93b2114234afdb954592490ca75414575b28e4bf

    SHA256

    e3eb144ea8bbcd7d22b93354a63e7bf2a01367de5c62ae02f90d5a2c312bca98

    SHA512

    2871f8c9baad09132380a1877efb423d34dc1d762a630d67a2297bb06c6e1db223377968255c0041699c6e81b5bbe74806080f5553e8f4e91487200daae243b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    466991dadea384ad669a61af5a48ec8f

    SHA1

    c46613c932905db6e699ea3c74112fa716352f77

    SHA256

    061c914e39d2d80532d10bdbd7e01df10b1e31a8c8910e8f3ff8f4e34639ebc1

    SHA512

    df94fdf552e9f108161a6fb97bac229bd3be69f6756b5a0a9ce9e8068e29392408cce4403cc7449ff02740a411a19bd8b3260b5b9f7beeaa8fa39916915d0238

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5764df9da04b8adfd42d332991ba15e6

    SHA1

    f5ceaf45578946e51c4fbf2ac6f774516604168a

    SHA256

    f7a5d5d405aa923a32ca0c270c9938628a9716c1e55133a12518549938932439

    SHA512

    ae72e0ddfdfbc686a6dbe9a98e2e1741dc344344574a7fb13bf1ba2da8e6e7347d5f14f06f1ecaf61abb688017768c77b9d75c888a26f1ffe61c918620e2a252

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92c99f133fb6e055fc38d603a8495046

    SHA1

    6a4dfc0cea8b60651e47113aaced1812bfc759a1

    SHA256

    54dbfa12edc996beb90d309641c35b68c07c8ab3655094878e076e76aa0015b6

    SHA512

    df4034dc9d4002efac67776115626a0f7264598f34d6583a44f1dcbb3daaf2b1e5d3c533701a9818829cd0edb1c06914756ea5b469439e6a2ec64eb1cd070957

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39362d947aa847e9f2dfc2571a59c384

    SHA1

    8fe3f67dc5746e6a197a33e7854a11557682c2b8

    SHA256

    474c32e67766366fae0c78703716578a7fd1d70e96ce998449cc9838f3791a30

    SHA512

    9978f307e3767ae42ce9d8b8b34457658e11279030c2d7c8d293dc2868c57c451f2303c86acd9b18972289aca2d4dfd484fcc6f2b14bab00f5ca66679c5571d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    141fa800e31aac5fd3f8f68e7556a61e

    SHA1

    1abc2a3cd68d225991f252fd9a31742478caa472

    SHA256

    6a9ff1b69bdd5a617d2d6e53c8ff999abf8d56498c4d49c1cb4af8b3633da4dd

    SHA512

    fb5c00f01d12cb152909a5d1faecf43a6ff8e24682b3fb2cb8424fc7820e1ae0c0b1dc64d3dfbbe54029ea120038696bcbf1b81975fb4dabb27dff411153b7f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88f8bf29826f2e6b62c07744ef4fccb9

    SHA1

    659809ed657931450bd1366676b03bac2cf53267

    SHA256

    31471b18c3d19c0eb080ed28b5a57c047c43b186ce301c7ad89f0461b19ef0ad

    SHA512

    da4078d38b733073f607b6eed8e4bd9bd9e4004b6f707544c3fa051c190ea26fbaf9c507b8972880a584f2ce5affaec27ffdaddea42409bb448d88ec885af880

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    642c8d50d55d933379324c4c2e7d4223

    SHA1

    b6240c57d536912bf240bc4a648d08b8189db678

    SHA256

    f2ae87003d64b6dcecd8cf32f42d4096ed52e02d871a791293c93d63af14e183

    SHA512

    93479bee48e794978a486be153680ce9dc67dec5136178d666666055da5e64e72fa01dc026a87e65732b7a3ae7ba981e82255e2fc851d359ffaf1253487e3d03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d6034c565393c396bb3ba2980dccf27

    SHA1

    54cf6cb2c555b7c7cc3544e4e3cba5aa1a71e800

    SHA256

    f173f3afd672be25f1810d768898e1635d96abc90e40398f4785d4e7c72e0644

    SHA512

    9af39826041075b3822093dd3079e47033dd32dead149861dc4b490b49e6de40054b2813912ee14c870ad95bb9e7aa468868617d30b4f468cc5bb9a896e375eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d00ed2ab19c75af39c6a13f2a6b99b1

    SHA1

    353bcedb73466149f458920492ac83c10711a14b

    SHA256

    47668570a937bb94a1f13948a8e8a864eb5d51202efee3814facaf44365fd0d2

    SHA512

    b47ca2d4101499664ddbc3abc602fb27cfb3019ea2dee53dd62d6977e4581c2be50066749bce6ce7403f8f41e395a42a4ee4e4d96855fc11ba01fc9fb6b3a50c

  • C:\Users\Admin\AppData\Local\Temp\Cab9002.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9073.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b