Overview

overview

1

Static

static

URLScan

urlscan

https://latoken.bree...

windows10_x64

1

Analysis

  • max time kernel
    130s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    22-07-2021 06:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://latoken.breezy.hr/p/d41cfd7b4b6f01-developer-backend-payments-blockchain-integration

  • Sample

    210722-4t3wgvwx92

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://latoken.breezy.hr/p/d41cfd7b4b6f01-developer-backend-payments-blockchain-integration
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3984 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1492

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    4e64ee3a1f4c34f528e8de9b728dbca6

    SHA1

    9b27bb889cc2fe2fbb89c0c7c8aa16a841291499

    SHA256

    ec75d601fb9309c65a60ad6bd10b10c5927c77648d42de670003dc0b2693105b

    SHA512

    e23b06910c9009d254dba06b1fe8910d10fd0c11cf0ad22ebf21cf41765da0f51f9179eeb39ca7317cf3ccfcce01622914171ebb9e7c661373dbc92acf9676bf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    MD5

    7d8f0ed7f020d4d5fb9aee9518b818b3

    SHA1

    a45b0ce9a1b009479f1c4265c60a7369199b140d

    SHA256

    8297ea179b52fa1c991e8ce0b7778157b6517283fc6250f2e610fe557cd049dd

    SHA512

    3cb9bfb6b0a2c2a45e99cf5f7aa12ddde2f3ea004325896a3bede4bbe64fe99e7a217103355ce88c29482f45332e13c167533915b4fad1f64acfaa0448c2d71f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    MD5

    92f768be7b1ef9291a7474768ef2a258

    SHA1

    a2f3ad24a617f8247ae8f23e85cceab19c08b53a

    SHA256

    ae61db579f5fcf690984a6d8d32faf430e5f06ac160c6eb8fd9f8e3c369f24c1

    SHA512

    0aacce0486c51ab1bd1eb0feeafa3a3cb0bc377eb9386f16ec9eb68a8e86c083ac1f2d3b5bcf67fc4aed2b699389969c1cc9299752368ad2784899d37e5ca3df

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    MD5

    7b830824fbba23fef9666e8939e8b0e6

    SHA1

    07cad100721b73050a8392edb708db9c545f4d4f

    SHA256

    5e0a6f25fcca35b0dfb4c8850024defe0d15d78310744776816779fa7b9da0f7

    SHA512

    c987ac9e9dcb96e2e0dd12becd93bbf9ba69a1d7d61d521b8cc4947cfa2c3a1b32f84d0ba18fe73b76378e50884c693750573bd49b56cdd6e60850da2fb10acf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC5A820A001B41D68902E051F36A5282_7A36D5B6827EF38BD1112A49B37F2AA0
    MD5

    f5431b2c9ebefe4295fa055a950764f9

    SHA1

    70ab1c234054c121cc034b73957ce7393f94578d

    SHA256

    f799702d9bb3b15eb62f6f040c9d1b0dc874b9ba453133ae10341100cc3e03f5

    SHA512

    da32b908c68b62fd6b4755c8d896ea78463209c1be3eb97eb649a34e344ed54b0295b924fc50302400867e2604ea07787d5a313c4fbf7bd2a17a8b4e6b4c9249

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    f71248b55864263339ac436711b13c37

    SHA1

    39ab277f0f44861d605dde427b77dfe084facdeb

    SHA256

    c6368e0f66ec3f7686d3afd35dde06d64f9848c0ef11c58e4b5adfa412e4d306

    SHA512

    0762bddf751e6f2a488a8f511ae1efba190494ccd60afc6e1316a36cc755a3c3d2e75a8eca7b5feef58673963333a0f482b5aba9a52bdc7ccd2939c2d92bdeb2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    MD5

    19faf5d615e927c5b73171f39d714fd9

    SHA1

    df64ae7cbdabdd7894f242142be5aae4387fb43e

    SHA256

    053e2774baf8039dadc4a7c244a9b6c2d9319c3e54ce935603446f73b28706a5

    SHA512

    182301c5890245ff9c0ede0a7fdf70bf8daa3aba0eda48ab7f8453080d42b1b0703d90a324faa476d780de99d8b753511896acbd6b7825268f2b945cc891a38b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    MD5

    4973136d5b137a94493fcc6283e72dee

    SHA1

    4e6f9c29dc4ca35f81df93797b641e5028d5bc7f

    SHA256

    4359854b52f238a889da9563488680ba64500207db5dd343e2c958abeaa2cc42

    SHA512

    dd3328c27153e3ee1a114ca09f2f2216417e99d46bd93365e93fe9f17e2d7da1f9f33911e3be319aaf98e67cbbce844fc5b33999a6d4e90485dfba71179a8ec0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    MD5

    337d66ba32f188a250ace8b4f702cfbb

    SHA1

    d0bab51d8e73ef0f9298c4fc4a6beb0160158a56

    SHA256

    7e98dd89277018faaef8cd921665dc62787629265a65de856c1666cb46bde5e9

    SHA512

    37cec853329af1b65256740ab5ccc3b68a078b11118532403c4cb79089ac6adb294ba2f98d422ab1600efea9608d7bd9d9c72470b98467d50bd79479a692a21a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC5A820A001B41D68902E051F36A5282_7A36D5B6827EF38BD1112A49B37F2AA0
    MD5

    503d976e4e9099e0c9b3d6abce497c2c

    SHA1

    d1f601163564d17011eb100fd9e5df42f883d344

    SHA256

    98f61e2319552a82f54b06f3df1fcd5ddb20affe3c92c1a1d043020990ffc962

    SHA512

    8d3bef0601fd5d2d9a5b3ddf584d224981c064a1486272e2af4523b4175557df6cd72a03083229d12e80081a889d7bc9ab6109c93bc8e0f95747501b6ae81e02

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\1PYJC1BB.cookie
    MD5

    8d3e667d1e8d5455b0566782ce3103b0

    SHA1

    f181c5907910cff2db526bb0b85680e415113aaa

    SHA256

    9b20f75909a46e36d89341b10ab452fe194d32dbda46ac74cc2f46f89b8cb618

    SHA512

    2cc33b8309b6dc3568c7461ad9a16fc71d032ffd2c1fbaf6c6f3b54b7069540984ed675a4114fa37353fed89c82e3744ca0d2944db8eb341864d9a802f975c14

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\3KH0SXQB.cookie
    MD5

    c3593b3fdffe5d8d90f746902eacd0bc

    SHA1

    bececadd085de814346bf876dbed6b0bf68597e4

    SHA256

    5ab4c89045b181faf685c8c609152f70496152aa5e282b341e933d2e64ecbc41

    SHA512

    c24ff956c91289bba78867d6a54b701c45f6bba49c3e904415a62b3c76796f6a6843f9615f0dfba84fd3d0da075cfc104bd08595385180e9b092a9f24abd2776

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\LTBT4RIO.cookie
    MD5

    5d6a933cf4537b0b13ed9d277260ba24

    SHA1

    1fccd55bdefefa4fc21988e6deaa3c095a7f452d

    SHA256

    36b91060cd93142694593496ad84786ec9854342a41ce819ff5c32f1a754abdd

    SHA512

    cc9b72b93624d010876d731699067fc7612d783d94311ed52d3c6678bae1f18160bfbd9171a31504b821561cac4d4ccf6d375def99b4358d397b169c3aaf9006

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\TB845AGX.cookie
    MD5

    96bf2c0e0348291a3e1826a7864c8049

    SHA1

    684b4979ac3b0029ae72f73f149f66205264ec22

    SHA256

    c699cdba1b8ca66266a9933794ac95c2f43d718bc9301455dafb307e4f2d24f2

    SHA512

    89e537a534906c97639da22cf58cb812ce7229e7df2853b5732d636c8991444aed3bb9e6ae7a4073e4f3fd03f73bd831872cec192fc6a166f115ca80ea8fd01a

    Download Submit
  • memory/1492-115-0x0000000000000000-mapping.dmp
    Download
  • memory/3984-114-0x00007FFBB2E60000-0x00007FFBB2ECB000-memory.dmp
    Filesize

    428KB

    Download