Overview

overview

10

Static

static

URLScan

urlscan

10

https://dlscord.org/...

windows10_x64

10

Resubmissions

18-07-2022 14:37

220718-ry4mgafgcp 1

05-10-2021 13:18

211005-qj6mvaabgl 10

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    05-10-2021 13:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://dlscord.org/airdrop/nitro

  • Sample

    211005-qj6mvaabgl

Score
10/10
phishing

Malware Config

Signatures

  • Detected phishing page
    phishing
  • Modifies Internet Explorer settings 1 TTPs 56 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://dlscord.org/airdrop/nitro
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1576 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1576 CREDAT:82947 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4000

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    MD5

    54e9306f95f32e50ccd58af19753d929

    SHA1

    eab9457321f34d4dcf7d4a0ac83edc9131bf7c57

    SHA256

    45f94dceb18a8f738a26da09ce4558995a4fe02b971882e8116fc9b59813bb72

    SHA512

    8711a4d866f21cdf4d4e6131ec4cfaf6821d0d22b90946be8b5a09ab868af0270a89bc326f03b858f0361a83c11a1531b894dfd1945e4812ba429a7558791f4f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    MD5

    68ed33a33777722790ece359cc9156de

    SHA1

    b17415b035ae8ed0381bc13ac029fe540902d55d

    SHA256

    d32116cbe3e5e0c92fbacebd2ef313f53be10467ab472b3a7abe2a39bb8170f1

    SHA512

    7442fb67b170dc3007b10eb25295c8ea0c0936b55e31009993a66e550fd7935be4d21882d11c2424ca380cfd9beec2a78fe556c6018d27e0560d628308758314

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    e64027b6bd9cb0655f7ac4d9354d78a1

    SHA1

    3a423294dc15027e91a97aa64ef63da18b5a3ae5

    SHA256

    22b8344fe9220b65a322c4700f62235d9d355d010e67c5bfadc141b715c607fe

    SHA512

    211987792895e0410985d59ba60e0c0fa41d031fb36061123da14480c5008685596ca15104d68d5ec7ae0363e21a02db51b2ec0d37fee9f2a7219d60cd095c24

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ADA8B54BE55873EAFE0123CBBAF17D71
    MD5

    e2aaf37d755f423217c6749a01281bed

    SHA1

    1ce6ac62564ccc6eb13a26de10f0938092f6f6ed

    SHA256

    9d8498e0721498046c6c01174ed275b14969989c6da97fcde93949862ae09199

    SHA512

    a94ddd28e6dc31bc33a58d338fefcb4e3db417b37f7580441e864227153ff2b9c4857cab32b919eb95f1b04c3be8a9c4ebb30ba9549f1a174ffce11f25d29955

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    MD5

    d996c6039556140014206b8b92336cbb

    SHA1

    b3206f72e8ae8cc17ca450472ed84f9b551242d1

    SHA256

    64b52832fcfc961d31cd58609bf77e7124c28645619fa398ff0a469217a6ac22

    SHA512

    75a0a67e8c8bf0548348e366e2b903dd75d9df6693131d690b7294a2501c5231116dd308f8a20a5e6e2762a7127e95e5b7e6fdc1415b9c4b3a933b8babff963e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    MD5

    6f5ad2fad23377dce72850b6d2e47f6f

    SHA1

    1c1952e5ab28584ee19a03d975f66b7c1485726d

    SHA256

    8d8ba785e1d67dc26eb17285b03dd74b390b1dc63cfdc1381f53153a74477397

    SHA512

    cf047049906c893f63049d8a3a167708f9351ebb2385b82aef7fc5286fff40870097d5152bbca806c92b5b60d77afb02cf2b19f17c4547543a0bd00c150d243f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    6462ece6f0bc8febb89eb6148db41462

    SHA1

    318546ae7884be8284b6e882c8eb01f1464acc9d

    SHA256

    e88995e5dc77e84baf2f9d608b4183e2a9c3adb9bf8badb881df846aeb77a599

    SHA512

    efe542981ad7cb8dca2acc3ea67100b44d8e8e5c5127acc102d11118e57262c396438751addf992a5d2d2cec933f3a9a783413effabcb0fee5eeaae414bc5245

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ADA8B54BE55873EAFE0123CBBAF17D71
    MD5

    8d747ff0cb0998deea3b32745d93f0d5

    SHA1

    2f56e8c66460d4900419ba2083dcf0cc9039d8a2

    SHA256

    19fde8c68bfcf5f5a0684ce8a3dd499f295c392ba3600f7f6204bbc430e45bd0

    SHA512

    1bd8a55ee22270d9c1768cfaf922e0d327577ca415f4ca62b12dc5a2b8a78f571fffeabde11b57e62e40b0deec4bb3dff55b011f253f383d1a71580c0192da93

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\9Q3EUXVN.cookie
    MD5

    831070531623b4339e3c0816b836401d

    SHA1

    52edc6acc8c8b6776c3a17a1d60654ad359b2b9c

    SHA256

    b2fc783850886e1440b782c7fcd1ff8ec8c84d9e869b64ea76d1f3e70f79c5bc

    SHA512

    31b8869a47d532a5f385f5bb269e6b4f269d3cd0b90146f09bc263fedfc55698830bf76abbf631e2ee5373f2a051c6cb8ce945355501440957df32d2e1d7368b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\GKHC81UM.cookie
    MD5

    5529bf804f4bef3de785c867ac51f44c

    SHA1

    cdf96ac3e7e6d6a9bd39cef991fd136d33a48024

    SHA256

    9bc7626a2fbbf1308e26d2faee417ea7d13236b6e4adf9047446b60d107db69b

    SHA512

    74998e49a46099e3efe1582898723512fdf84f8204fe3f5156cc05a9ae662f61ed9377037a2f1f9be4e4fbd317a4a767d1133a6e00ac580cedeb3cb06a64f5c4

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\TX3KPK4H.cookie
    MD5

    6fe7639e60d6ff0317abc1ee9662fa86

    SHA1

    9634a2658b6a05bac17ebb3dd63b596ce5602c1f

    SHA256

    efa0300a0db00b60a29a8d6f4d82239c99f4f82bdf5918e38113a5c368f88779

    SHA512

    a78faea10ffa415ec7f03fb2f880adc860635fbbcfeacb28b97e59acf639ba8a31105c19d43f4179b94e83f060e2d8321fff840d6b099b436dee45096bf38228

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\VAE1K7FC.cookie
    MD5

    92e4a1591f3ab4f3ef13c10d0938abc8

    SHA1

    db978273410f9f22a2fa3787775a23e9b35a1407

    SHA256

    95cd5f1cd5d9786214dfb95edbad35b08cbc6da536fe224e527e8e0f69459694

    SHA512

    d965b7fea808af15fb763942385771bf2d4464422c6b445506ff973dc0d5d0af08986a8ed3df5b79f824130df775eca3e2327487b5f09b5ff12de4094db8690a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\WCFM4AK9.cookie
    MD5

    e21ebeaf3882fe321959f8302191004d

    SHA1

    2272d7c6932da4b00680708ca569e84ee9ca9b73

    SHA256

    da0ad1f3d04984ec479872747b9062af6d8de2703fab89e20e406922f69a0cf1

    SHA512

    dc1408d4a86118a25f7e604ea89b4bf8c67660c89351f1f383666a004b1a7049650f782299d6bb863b501ca9d88419b34e407ba985df711f99a2fcb86520817b

    Download Submit
  • memory/1576-115-0x00007FFEC6500000-0x00007FFEC656B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2384-116-0x0000000000000000-mapping.dmp
    Download
  • memory/4000-119-0x0000000000000000-mapping.dmp
    Download