Overview

overview

1

Static

static

URLScan

urlscan

https://www.flipsnac...

windows10_x64

1

Analysis

  • max time kernel
    68s
  • max time network
    156s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    21-07-2021 19:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.flipsnack.com/EEAE6C99E8C/new-flipbook/full-view.html

  • Sample

    210721-b1v5cwarg6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.flipsnack.com/EEAE6C99E8C/new-flipbook/full-view.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3724 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:1840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3724 CREDAT:148482 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1256

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    4e64ee3a1f4c34f528e8de9b728dbca6

    SHA1

    9b27bb889cc2fe2fbb89c0c7c8aa16a841291499

    SHA256

    ec75d601fb9309c65a60ad6bd10b10c5927c77648d42de670003dc0b2693105b

    SHA512

    e23b06910c9009d254dba06b1fe8910d10fd0c11cf0ad22ebf21cf41765da0f51f9179eeb39ca7317cf3ccfcce01622914171ebb9e7c661373dbc92acf9676bf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    MD5

    7d8f0ed7f020d4d5fb9aee9518b818b3

    SHA1

    a45b0ce9a1b009479f1c4265c60a7369199b140d

    SHA256

    8297ea179b52fa1c991e8ce0b7778157b6517283fc6250f2e610fe557cd049dd

    SHA512

    3cb9bfb6b0a2c2a45e99cf5f7aa12ddde2f3ea004325896a3bede4bbe64fe99e7a217103355ce88c29482f45332e13c167533915b4fad1f64acfaa0448c2d71f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    MD5

    b0309040cf1dc48aafae792f7567daa6

    SHA1

    a7ce8ab30ae5f4f0cdc0898167d8825581dcbb4c

    SHA256

    a2b5ad19ad4613470b5c635367adff66d1a6736b3ccd93210e6715071ea513cb

    SHA512

    0d51b4937da6dd11400a8e962afdab2cd5450a5584f4fb372a45a9e3ec8bdcf8de9dc4d299bd7344c6f26398854bdae5af0cae4531b1c48770678224920c9459

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    MD5

    7b830824fbba23fef9666e8939e8b0e6

    SHA1

    07cad100721b73050a8392edb708db9c545f4d4f

    SHA256

    5e0a6f25fcca35b0dfb4c8850024defe0d15d78310744776816779fa7b9da0f7

    SHA512

    c987ac9e9dcb96e2e0dd12becd93bbf9ba69a1d7d61d521b8cc4947cfa2c3a1b32f84d0ba18fe73b76378e50884c693750573bd49b56cdd6e60850da2fb10acf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CC197601BE0898B7B0FCC91FA15D8A69_EAFF2B43AD3DF231A512225A0F3E02E6
    MD5

    ba1540001bf2e95451645529da3ddb48

    SHA1

    73e9ea1b0cb1789e7fa24e54f2725636b74d6f26

    SHA256

    4ced130445a8359f40352f68253ce446c85f53e390097d3f4899e69986c3e5af

    SHA512

    3aa599ff48e443d200e5003b9055c966fe2b4177dba589c6f06c37d1c1b98d695e435b12a7b52399f7e02b2b3479bce4006fbb0e26d4740df8ac580ba179cc6b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
    MD5

    4f914d6a12b48374677859978d3def97

    SHA1

    d29a1ff9bc1fbf5c4c0cf3210c9aefe33fc8e5a5

    SHA256

    eb9ac8c88c0857b9588076073491eec79f4725aa32bc7af00c20ef31095d1d68

    SHA512

    ab9cc44820d05b5207d1210e189041f3df258346619f05ae1b058de8b358438095a09b0fed26fcf09d7d08caae353f680936ebe24fdc94c18411463d5ecfbe61

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC5A820A001B41D68902E051F36A5282_0CC02FF34506581DD9E99C7BC02EBDCA
    MD5

    0b8224226a301137e20bc2523ca5885a

    SHA1

    d17119b8d70cea0b926624e849b67d6301ca69ae

    SHA256

    c159b0d34b49b931a5a65e60786c92394b7e48e2627a9be56e5d56e974155bb9

    SHA512

    0f1215bc38a55cae66c9d047a62b792695c63fb4bea78b0aaa9ab467229df25ebb511193001c3adab4ca8f56225a8950b87b1e94dd9566294480c92c32d94d1c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    adb2030f34d5af3c0de98df2ecb62b5c

    SHA1

    5229d2b12c72ac57e5e838939e38d6f49b560bfa

    SHA256

    92cbf654bf44c5a5cb2026f5d123f5cbece58139541790b3aac9f01796e99fa4

    SHA512

    d1932edb1a242e2425bdfdb6a51bf49778a3132aa8a5e08f59534e067303907f938445cfdc3ecf3bfbd82dffa8b511457fc9565d39010bba4fc50814e5527ffe

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    MD5

    b6e4739abdeb7b893aebcf836c83b5ba

    SHA1

    3f225d56285c34e203a28c0f05e4667f57fc3a6a

    SHA256

    a32d4a44393d5903f038c0f9b90c2c95b3991a755981f37a7d900b6d48153189

    SHA512

    b00c902773841c316ccbac4cf8b1d6b94c50fa814eed6b78cf81ebe0fbd557c55423457c4ed8c0e0e83805dc74d5be2f646a2c28ab0839eabefb9245a6442d09

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    MD5

    a089b26e225e57cc4f023cb60df9bf0a

    SHA1

    690ebbe47f84ca7558d01ed1fb273ca0335c946e

    SHA256

    2ea7d373da1f8246df55197322d6282378379f15b3c2b86f97ee4b20bfe8274f

    SHA512

    ab0f591fd1110698cf7cab816940b77fdf53d233895bf04348456f21191209a73976a423f211ff02b19ccc63db33d8e59eb46677029e07987b625b57af233239

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    MD5

    e0625835bed4ef4bcb84bec6f82b9e85

    SHA1

    34556983a42589e9c8dde3a6bdea679e592d2c8d

    SHA256

    712d3e623e389fb3aabcc687cd6f29d705b27890600ae64a7b0ddf28a0aba13f

    SHA512

    f5633b4b070203c2039db846ed93a569e809ec6b742ca7126fa4ab3f7d6ee97fe0c5aad5e4d53e76e06d2d97a269c7a69c073fc01fd3b11d4a708230e3d35827

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CC197601BE0898B7B0FCC91FA15D8A69_EAFF2B43AD3DF231A512225A0F3E02E6
    MD5

    ed77b576a8793d7b91bc104e664267ad

    SHA1

    9757b40cd5a847511395f3acad7ed974ea43dffb

    SHA256

    616e79c0564089c236e8a46204f48ca29f41fae08a81a5b2fc77d0fec601417a

    SHA512

    9da0038ebbbaccb1996df20af34845e5c9a0ee88b78101bf9b454d1bd845a3722d4152d22a8ce14b952792d8f8f201e08fe32b963da7a7d9300cd36c84e30adc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
    MD5

    01cba16d974e7347294a9be38b3b8d36

    SHA1

    8bc4cee960553656fc063e7a2d626d3c7ece5a9a

    SHA256

    7394025109dfc910969a919126007d0f40e84e46da8bfc554177d19aa193d37e

    SHA512

    0fc2dc4dfafdeab8c1e75aba04fb823ec07becbed6496f2c88bf42f2f030b04c839282c1be116701e90225b6c3c0620ea59fd7393a040384c58d920f27d233db

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC5A820A001B41D68902E051F36A5282_0CC02FF34506581DD9E99C7BC02EBDCA
    MD5

    fb65534a79d372cba697733ae745f74f

    SHA1

    9e7e1ce91533ce410096e41c6bdf98ebd66cc791

    SHA256

    671960945c97ad942817c9fa8049f7c75e9fbc8bd1e864b601c746d07d69e8f2

    SHA512

    d89fe2fcb7ee058194897de5e15faf6b23353ad3f33e00fd54d3c50564564e45eb5dcc73ebb5d3436cc88a0f21fcacb14606159926407013488cc0729fe50331

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\NP2WOU9Z.cookie
    MD5

    8d76e71e07d72926b661de536ee9224c

    SHA1

    350a36c68710c7f5d9d50c3367016fb2293b327e

    SHA256

    c5335a794b66af94f5040c3b6bb9977f3141af496c096683ac1629ce7558d929

    SHA512

    5c909ad669808b25d59b6bef0246cfb1a979516da77f70ff70f8609ed4e66e265178dd49f96180d0fb449e8b67c9ba9a06e67ac6daa68da1cd56f3ea43d53362

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\UZ5AKK3V.cookie
    MD5

    7fdf8bb7d7697f95d2ae516ed780daa3

    SHA1

    450fd0c6f0ab4e17b43b372224c8b3bfc2f20791

    SHA256

    46b5d828424ee2157bdb755a822d9931c11fb695a6dfa04ce30eefcff22187ab

    SHA512

    a88c9b17074d6e3eb2f7899edf4ca5fc816d741aac4d69641332a5380aab78a61c579d34e8b50058046a19b98290ce88ab147bb80245a9097726385b1992b966

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\ZB03GKMS.cookie
    MD5

    7c658016eeb1813b2b2f1528ff7c59e8

    SHA1

    af6e23acb57cc47a3bf5077b46c91aba6f335d9e

    SHA256

    b669173b592f56b83fc3be919d91bc5493242db77c56e61864a36c3aa5dc636a

    SHA512

    7f0572844b628f02ada0873058e15c6db2ab2f88485224dece1cbe95aa74735f9755488cc5c35f3855e9674401f32bf6b5125cfeb5f7051d4325be1a2079cea1

    Download Submit
  • memory/1256-125-0x0000000000000000-mapping.dmp
    Download
  • memory/1840-115-0x0000000000000000-mapping.dmp
    Download
  • memory/3724-114-0x00007FFA5BE10000-0x00007FFA5BE7B000-memory.dmp
    Filesize

    428KB

    Download