Overview

overview

8

Static

static

8

URLScan

urlscan

https://mundukide.or...

windows10_x64

1

Analysis

  • max time kernel
    135s
  • max time network
    141s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    27-09-2021 11:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://mundukide.org/KtbxLthNQrsXfxrXShBPjqFPbVdcHQdckg/AAQkADRmMmM1NGMwLWI4YjYtNDFiZi05OTY4LTVlNDBmZmQ3NGQzMAAQAGDRSI3qWItHnpOAVzJeXnk.php?enterprise=email@email.com

  • Sample

    210927-nkdbksgffm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 57 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://mundukide.org/KtbxLthNQrsXfxrXShBPjqFPbVdcHQdckg/AAQkADRmMmM1NGMwLWI4YjYtNDFiZi05OTY4LTVlNDBmZmQ3NGQzMAAQAGDRSI3qWItHnpOAVzJeXnk.php?enterprise=email@email.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1832
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1832 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3088

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    647b8d7bc982449272d66d17e09f119f

    SHA1

    fcee7e5a6ae28bbee3a7fe3ea22144b0c08f929e

    SHA256

    678a5f60df00580647a5434128825237050133fe3243aee397d68f4610e1b050

    SHA512

    21636b5a029afb2134b029db32f84a5ef0f143fbae4f377949a79cb0f453ac50dde473d1aab977d02724d7547b59d767ee03cf6f4de59deff0e81d3da90d5153

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    5eb49cb1b753d1cd0dbae02f1b753052

    SHA1

    fb69e05224222d8a472062202ab1abee7542e785

    SHA256

    feae9eba0e880fd7a80c22dbcea29c0f25f149997b35aef9d338a5b1541327b1

    SHA512

    58682274579f82142ba5e13513426e467504534358b433d1b636212d00d170019c2488a47935c56081d82e2680ec2e01b8d4bbbf6d3a9b5c5bf48b151696fd31

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\EF8BEUBE.cookie
    MD5

    6b94e19af597c3a4131ccc1bb5981219

    SHA1

    6f3e1326e89f7506a6feadfedf590b9589a199c5

    SHA256

    56a8546edf75ab788661f041ef9abee1f50216d49a5685e2790542689ef71f51

    SHA512

    94d494b6697559861702fa44575cf729d41f85a5d2112501e3041ea56ec35debf72456f9bdfbf348e392a90107c7bf3855cd3881595bfc9af2be2e4775fc1458

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\UFYK9B7T.cookie
    MD5

    df05365ea73df0e3a17a13c28cbd7495

    SHA1

    c091f8a38755e965b7288b003fc392fc5da355fc

    SHA256

    422553964697f01129a3cbf8c25e5acf89c4c4c7b5205f660b8d8430f0fbe7be

    SHA512

    65854fcfe301030898b4909b2e58d046be8dbeb0a70539d05ab134f8435876e3cb256b1180d1db54ac29e010218009535200514d2970803160df188b38cae9bd

    Download Submit
  • memory/1832-114-0x00007FFE0EAB0000-0x00007FFE0EB1B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3088-115-0x0000000000000000-mapping.dmp
    Download