Overview

overview

10

Static

static

URLScan

urlscan

10

https://owaverify.co...

windows10_x64

1

Resubmissions

28-09-2021 10:13

210928-l9ff5abee8 10

Analysis

  • max time kernel
    50s
  • max time network
    53s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    28-09-2021 10:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://owaverify.com/owa/i.html

  • Sample

    210928-l9ff5abee8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://owaverify.com/owa/i.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:636 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1012

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
    MD5

    d1341abb55190c7f52e3a3e4d5574e42

    SHA1

    533caf5e3c4a74aee3314a271c41a0077e36ad4b

    SHA256

    7889dda057a5b6d4b07332b3c2eeb12383388420aca0b70b4ed31ce6567cdc63

    SHA512

    f77a417385e91e5086126974e4634700a47ddd33eab1c00f4aaf73051840a1427b14b061c80e2ea68d3ce624f9f08832596e1333adfac9029d3b582a69f3372d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    7d0c6bc661659858a4aecbf79e7c2c9c

    SHA1

    67e3791ec51fcf1cf7fa8ff3d404266b3f9b4301

    SHA256

    92b4114b5c423fda069592f6675fed5947280306bb67165572926b7cbfb694c6

    SHA512

    9560a8d0f1f1573ddef839bdcea8c5ed8c7b1095fd430cf4915ea1e3a2c916f51c150da5991ec9a99c73a806a4ec2c412699f28e6a8e8d9bd9cc6c0e73ae9228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    MD5

    5c06d62ce6be7dd74bd1a54e46a44d0c

    SHA1

    48371c40c6076bb69a96fe82a8ac7d39d3f03ec1

    SHA256

    8a542f3d0b90919c44d721fdb054715e2d007dabe976f24c060bcb288e7d9b1a

    SHA512

    853c495c6dc3b0a08a2d34e9d659be5efa2b11e886cea1e683d44645649cf0d8929717960f4b3923ccc86270d4bf3f17aaad53fabac9f3833ae2ad73deb31bcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8AB7D56A803041713F4567888F06670
    MD5

    4a45b5d0209eab20d6368b605e7fa853

    SHA1

    389bdeba3b66718add4fbea332bf9a91a52339f9

    SHA256

    b9e1be43a976c4201b61b9d9c8adf0c3b5d2c82a205a187a755070504de16b15

    SHA512

    fc89f63e598074b0d922beeace1e326116be3de75fee49c64f565ee3476205f8cc4690d97c6fa1ec206e539731fbb5e81a34b6f5b4bddaafa3aee8c92cc9aa34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
    MD5

    b60767df45ade2dc00380cddf2019b17

    SHA1

    837f3ed994e4a45fcb5d4cab56a95b995c29af49

    SHA256

    aa20add882c33966e0ecdd8518198341982e3aea4a1f3da3ba8395e1f6122097

    SHA512

    22956184231d4442b69a8956b289dc2f2fd8eb2bbcc0031f651d09f6070e4221a6ebd7cbab47f6ca8129c6c07fd70658f450db71fc0709e9accf9397bf5b66a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    3363e361a1cf570fb72aa2643712b6eb

    SHA1

    18a080dde15c08dfd826f85ff7cdc7f0ca4ff542

    SHA256

    49ed930b53db3a55339ae85613e61f6a72561742b6ede3365166edfb5f244233

    SHA512

    ebd379b59e0dbc39c794352d760215fecb0599db4a20abb3a93836e3bf3da7b9a540f14f4215f6dd3b8faef52a6fc66238fafff5338e73a2fcff8041a2251780

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    MD5

    0cdd45ae504b034544061193f76f05c1

    SHA1

    7db15bf5bbf79649b5d730b6d6766b04e5caf749

    SHA256

    5453f649195b193cc543d2c438e7febef3cb507ef2f266f055abd47df6a95518

    SHA512

    4d5acd83f15b779f38ac82c0a1e0232df536f71e0956e715d0e83bdbfaa710bc905e322174388703fc0ab7a42051ff9723245de03c0babb7566fa08ce5688465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8AB7D56A803041713F4567888F06670
    MD5

    50c25e19fe1111e32e447d84f236e85f

    SHA1

    866b008caa6193697135391381dcb616d5411516

    SHA256

    244c4981c024e463ed66ff0dc2198aaade8c5e3baafe25695ca3f776ac21c5e4

    SHA512

    15aca0a4d7200cf58a2b6d9c87ce99a774172fbfe7dfe340778ce84e8fc6ccca31cd483f90644b24d0585dc8b621281d80f1414af73943d2f64659d41bb38f89

    Download Submit

  • memory/636-114-0x00007FFBB3760000-0x00007FFBB37CB000-memory.dmp

    Filesize

    428KB

    Download

  • memory/1012-115-0x0000000000000000-mapping.dmp

    Download