Overview

overview

10

Static

static

URLScan

urlscan

10

https://commentpatte...

windows10_x64

1

Analysis

  • max time kernel
    127s
  • max time network
    143s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    14-01-2021 10:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://commentpattern.com/

  • Sample

    210114-2a6w4kbjps

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://commentpattern.com/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4760 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3972

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_862BA1770B2FEE013603D2FF9ABEAFDA
    MD5

    24a07313624f427cb53db0d982e3b992

    SHA1

    589f641cdce080cece46fe42b9202f1a9800eaff

    SHA256

    beb51f30846230636c6b34fa99ac5aa6496a4b92fb35538088a2d71eec5820c6

    SHA512

    58ba2327f010079e3cef63bcdcf25c5338512c7bef12e2f66440498c79b23cd7a27e3f410ec67a2c4fd22f682df4e5596ad866a50a41000f385daa6e5dba9c3a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    1c719258028a30f4c5c4b9927bca78b5

    SHA1

    74876832f8b66db34beda49067d1cdcb54a809f8

    SHA256

    c6a5befebb221e5937f4985c5aee4897942e9469ab7e93a11b7d05c33cfc57a5

    SHA512

    0c2059b78f00f5dbac85f91e6661734e9de9726948edbaf1ce1224a3156203072c40f61e00c0c5bbb5cab937e7026e4e90446e941e2d504ebcf9b877ab28e493

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_2DBE917624E9880FE0C7C5570D56E691
    MD5

    0f60eee223595d0eae179362fe78462d

    SHA1

    a41f26f6a2cc521d5136e84e11355cb37c666004

    SHA256

    16c1708fa4cea45a733e3cbf765c29e8d18de81e2190e2906f153b4c59ab8c53

    SHA512

    f76fdfb7b866c5c19731e285e546e07f0175ba890cf1c37caef350fb0bebafe16098d1abeac70cd2126d072319a619441c30fc3f558f302a399f3b2193974263

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_862BA1770B2FEE013603D2FF9ABEAFDA
    MD5

    3304d6873b8ad850d151fb2c27b0b657

    SHA1

    d31a33c2661f5b21097fd7725d2431e833c7eb42

    SHA256

    fc09900f9817a2de1f348d80fed0ad447188bac4117d1e94f3c76eb473ca3abe

    SHA512

    ce6fa0b7f27c84e423d600de610989167b0bc55370eb5d1d8d551ccd945460d70774d22410ceda4470a5f176def93ba6475d4df19edd5a863ad715a1bc79bec2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    71fc9bbf5ba032f5a0700a9eaa5231ce

    SHA1

    383e860b92b4f186edcfa3abce824b3597402e4c

    SHA256

    1ea520eb76e72cf522fdbe378e88c1c2247305243e7259b8b616cf7b933df6fa

    SHA512

    ff1b2b251e0950ed5a88a4842a28b251a4830ea516ca09c15690139f5248c57ffa0db48bb49a4dcae5d81b99ee0516a8479762108ff4460219bad08649a21b4a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_2DBE917624E9880FE0C7C5570D56E691
    MD5

    e8fff4a4e5d76d5f6bfeaee793603cb6

    SHA1

    3812d2566dd2ad6b6f061c0a47f62eaedddb3cd2

    SHA256

    c8685452583df0a80ccaace3e9033f3fe92cb13155f9ea69477621ee5186a94b

    SHA512

    4159d4e1cb1da15242bdd919e88c8b9ee2557c7e3ba717836355848fa3eafdc97c46f0703eeafd1c232478a2182e11e7291016c35dbaf80d65a6608900743d02

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\ME3FIVFR.cookie
    MD5

    96e9583b039b0d84d77a5b62b804be84

    SHA1

    fb708298f3a42e70c1054b523bf1e0f54487712f

    SHA256

    bdde34c6e36fa4ba15efda819f5632501b4b4e05ea7faa781d2951a7c19cf903

    SHA512

    5b82be0fff2be09181f55f091a837f00c08a026a012794823b3c906a8b525a860e723241dffa7276839e48224c06ddd9fb7619a6f011e65174f45b01e0a3cbdf

    Download Submit
  • memory/3972-2-0x0000000000000000-mapping.dmp
    Download