Overview

overview

10

Static

static

8

URLScan

urlscan

https://ijazcottonn2...

windows10_x64

10

Analysis

  • max time kernel
    142s
  • max time network
    143s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    28-09-2021 08:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://ijazcottonn2.ijazapparel.com.pk/mail/updatedwebmails//#[email protected]

  • Sample

    210928-khcqgsbbe2

Score
10/10
dropboxphishing

Malware Config

Signatures

  • Detected dropbox phishing page
    phishingdropbox
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://ijazcottonn2.ijazapparel.com.pk/mail/updatedwebmails//#[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:636 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1016

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0255CEC2C51D081EFF40366512890989_1E64035CBD4E751E738355B4C7902EB7
    MD5

    e9961d0b99a7ba9414feb59160bfcc8f

    SHA1

    cb1ad89f066db24bbbe5f38875c3bb2167c67875

    SHA256

    906980a6a37d211f23e938224215eae4763cd20626f6a15f26f7b3f50b2fbd56

    SHA512

    56a544e05da05010acfd558e739bf7505aab714dc1167014c76c6894a91e307b2f26be63e3b1ac8a51dd0ca32bfccfed6d7324c3526f90d4102fc3c4f066d08c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    MD5

    b46c154e8efec2f59c87611b296e0a74

    SHA1

    e233454e72c9415394d4515087aafb9e655c4ce2

    SHA256

    2654e55dc5bb25ad19c5e8c115eaf44c40b1c4aace0d751abcc1c80c7d0c957a

    SHA512

    ca8ae218e063a8ee6d4302d2e9763ab0ed06e0cb3f194ee821070c01e9e48c1ede6aee1dabd2b5f025b0acc036862ce60abdb220735683a2ea7526572d1f3c4b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_EB89DAABC506211953B39386306B9944
    MD5

    2b815de34818bcbd67cf5e0c73f8ed95

    SHA1

    491eda180b1b99cfcc073bde1793458af9c0f45d

    SHA256

    300a91c6bf7ea2d2a08c76c31887068648cbfb68d484170a77e56c4047523d9a

    SHA512

    9df248f65856ebbd819b837f29db0268e0882adaffca8d82b5759323b734eef2de416801a57f9ce0c83ea94f81cb093a281750ee2269c340d7e621dbc50006f8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_862BA1770B2FEE013603D2FF9ABEAFDA
    MD5

    351c419a9d7fe90e693240e8e62877ee

    SHA1

    ebdd28772b839ec220fbbfe60e86f924c4a39698

    SHA256

    1cd46264bbc51e23a7beecdac96f99073c358e13c1904682496766ad400eac26

    SHA512

    237a8972420a47362e8357e4a88857ba9e5911bd4ff543439a9c6a8910e5321ce924ce80a60066cbd5a54376184ad31202494524fd726ac2dd3e8679c37759f6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    647b8d7bc982449272d66d17e09f119f

    SHA1

    fcee7e5a6ae28bbee3a7fe3ea22144b0c08f929e

    SHA256

    678a5f60df00580647a5434128825237050133fe3243aee397d68f4610e1b050

    SHA512

    21636b5a029afb2134b029db32f84a5ef0f143fbae4f377949a79cb0f453ac50dde473d1aab977d02724d7547b59d767ee03cf6f4de59deff0e81d3da90d5153

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_2DBE917624E9880FE0C7C5570D56E691
    MD5

    15e439224a6c33fda02710c6ed40147e

    SHA1

    7069dd0b21ce1ce86efbf3d988645028a9c8d371

    SHA256

    64fe3620eab8df722c57a26e59398fa5cb1a2a39e72da5f647037abc84d71d12

    SHA512

    bc95c9536f0fb80238a588c98d1077531f3f65b383f6e93697126b97908e752287d8aecdf2a2ab6b157d54eb2717ea5e294159325899752db3f403e65a708132

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    MD5

    de27664da1e04c94901fcc3880064613

    SHA1

    aeb52fc87f907dd40ae683c52cf3129d4b27e25a

    SHA256

    7e59ce8a2d7d1e1201e535a3175bfaf239b9f5da7be265c18c5ff1e1bc696282

    SHA512

    2d1e23a6cb1641bb1c393e404950a781cb20e5123c1e85bed129a02cc54b45e84ef49b54bd4a19a0dd48c66693fe119fd4f6b6733c71d34655d4ef67b760fa36

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0255CEC2C51D081EFF40366512890989_1E64035CBD4E751E738355B4C7902EB7
    MD5

    a5172072a8bc9f6daff4c07a34097aca

    SHA1

    e38940448cf00afe0b4b9f8c505e3ec7d264b1f4

    SHA256

    bd9a5cf467351d477262b989cea64ebe5ae7e3a2d1efcf6a006cfb8714e3c23c

    SHA512

    8242519726ea655e7d36ecacce824c2085451e44d33b0a6ac01965da90f2092c083df8a7743eb63d93d4a96d56c04ab444bfecec9c06f98bad7bc794b6505f1b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    MD5

    7144397380afb9c3a2985920f1f2a6e9

    SHA1

    ed5397333b56967f4b73334255c07173b818d83e

    SHA256

    0a8e0bd60bde2b84fc50bdccc510e1674977838f70c706bd9c8eda4802105ee8

    SHA512

    10623c98ed47ddc8a2101199c58b2ad61bc43706ce68aa26c57646f9f1e566826bbc5a93d7a2b0ebe64787463591d81591fc942816e0a8fd26637b5ac2dc85aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_EB89DAABC506211953B39386306B9944
    MD5

    5eac901ba747f79b593c6ebc8244d91d

    SHA1

    e54a18beec5c2aaf327816763b515cae8de4aadf

    SHA256

    faaefe6d7b50d6624293a31edc2f4c8e2a51d0e0900ca4c2d95a51517267ac20

    SHA512

    d5bb0f3cc6f39d629a514456a960261ccc4bf3d7923482d9ee6304e8a7a019b6686e00adf8072f27fabba2a8a89234d74e34ab0c9447c11d22fbe877d50c615b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_862BA1770B2FEE013603D2FF9ABEAFDA
    MD5

    eed387fd55190961a2fa230ad8a121d0

    SHA1

    79c71bb30fa4ca312d2330c8fdb323357ec575af

    SHA256

    6ac4ef55add75621bb4caf0bdef96de1351af8c68aca669438ceaa1a59ae9ee4

    SHA512

    936444853b1ce6a4eab1906247997794f74b6b0cd515d12c52a99ec684827e025150db018541fb62daf12c0c0c44439b13da489bda4fa0533918b8129639ed43

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    58be87c9086df4da62eee4365a929dab

    SHA1

    a0f03fcfb7dcffb1489677f19ea587a94bd891ca

    SHA256

    0590311e7d4af8475015837250f9ed40cea38bb0dee15b0f78543e69723d8ea6

    SHA512

    cf24e48634411bc0117ca581239eae40b773c801379f26f4ed49fbf50211fa9e363b95c7478a3002a6a46653f6d3ccf133abd69891aa0439280d60b0d00fd2b0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_2DBE917624E9880FE0C7C5570D56E691
    MD5

    addc1705ec2f8022df025dee89371ef4

    SHA1

    661bf900211191f54650a1c6fff19e98a11b6139

    SHA256

    3c9792f8816ca932a74cd3a7fa11d17b616666811f1d720e4c30ce656dd98b99

    SHA512

    6055920081e48fd4c4733b87aa659a403a8142ceffd7b0bb2807417a7406a450375068bbbfcd88969021237b22556cbbfd31739fab920a43101f3170d78ee339

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    MD5

    19b90294ff0c6b05a019335dede7c975

    SHA1

    9c68389256e6d086523c88b2dc2a5ec2b61fa734

    SHA256

    4a0c047ab58f7f263d1e640a3cd0ad1688f8e01bb175fd6b28d7d422b67ffe60

    SHA512

    ffc14682e077dc5ea90af215bada855d3dcd45114c4ac340ee8a977aa81a30eb1d97af66457789273324a0c8fd216ec0a6905c3b1a4233a371d78634631462a1

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\GH7N32JS.cookie
    MD5

    44d579c66372d017d5f3a97d891a365e

    SHA1

    cd1669e42d4b1a9346210e2e03d2c1f52dac5226

    SHA256

    0809569d4aba52d8df6ce61435709ded34713a9709de17e98efdc739e13a231d

    SHA512

    2c6af1cdb561fa748c025e9e3c2ef1d5893ce3ee2589109b825a47df3e510f25633eb8b67fe453c8d291bcd928046d5d667fb69095fa7632d4773f1147aab009

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\HUZF2AUU.cookie
    MD5

    967755992e6e0b080d49fbae871a73f4

    SHA1

    9f9295a8ea8510b3da2cec026f04750a462fe768

    SHA256

    e2d45df35d79ba77893120d5be725cda8d853eaf1b3d15b7acd7519b046ef54b

    SHA512

    cbdd5651bf07439dee16a31e3c17af7defefe44145b6bb8ffcd8bb03a9214589e0890d50d9f3dc7ce59758330f4e9258ef38c418b521a55d1987713d4f6e1dda

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\OBMPE6LF.cookie
    MD5

    3fe1099fcc6f05bdde84de6d770bf1e0

    SHA1

    44862a6f9c8baf5f6dfcbbaac6de38a7359f6909

    SHA256

    df8b10e188a71a0ec7c1cc0363b850be012d83852da7089dfb1fd4fb5d915b42

    SHA512

    f97b2d584a40358e3504263d7830064ff97d3956f125d058b67c0b0504d8c505ad0992b42d017178d28ced41cc40c495e5d47e3e5b762338bc61074a8d899e5f

    Download Submit
  • memory/636-114-0x00007FF8E45F0000-0x00007FF8E465B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1016-115-0x0000000000000000-mapping.dmp
    Download