Analysis
-
max time kernel
119s -
max time network
134s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
13-10-2021 12:22
General
-
Target
https://firebasestorage.googleapis.com/v0/b/r32zw1.appspot.com/o/5%2Fdsfghjk.html?alt=media&token=7b0335d2-e77e-4849-b6b4-fd8e3462db9e#test@test.com
-
Sample
211013-pkdssaebb7
Score
1/10
Malware Config
Signatures
-
Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
-
Modifies Internet Explorer settings 1 TTPs 32 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://firebasestorage.googleapis.com/v0/b/r32zw1.appspot.com/o/5%2Fdsfghjk.html?alt=media&token=7b0335d2-e77e-4849-b6b4-fd8e3462db9e#test@test.com1⤵
- Modifies Internet Explorer Phishing Filter
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:82945 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\R3NJ074S.cookieMD5
8c436319c816e3d6ab514006eb2c4c97
SHA1c3e1e0239aeb38fc9809ec030c581a2aec33fa99
SHA256eebdfaee214f15169d13dc5b6ba9f17e41f3dba9b2e802cf6c5c92dbb9b1cc81
SHA512e9eecc4ad203d6f781fd4ef8b660c5ab8d9a5fb87c3373182173abea2549e9e480e664275604cf011a78ea2a8824a2d3e6ae2d9af3f0787e4e1a6daaf5b2c29f
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\RN0DEL5E.cookieMD5
33e8162c7ef77995ebc3504c4047e403
SHA13945e13403e1ffa56260cebe22f715a9d70aec7e
SHA25657c4e43fa3f3da32b759890d150db30b7b2000c65f2c5c5f4629209712b364b5
SHA512c177567b13f4efe08c7536d8d8d18aa3dce25fb067c9f99c2f81f725f9cc66ad7ed937e37f476beb98b2cddfa9f49cd73afa04e544ae494ba2fa31f1de310067
-
memory/2136-156-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-125-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-120-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-142-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-123-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-145-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-124-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-144-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-127-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-128-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-129-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-131-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-132-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-134-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-135-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-136-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-137-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-138-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-116-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-141-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-121-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-119-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-122-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-147-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-149-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-150-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-151-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-155-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-115-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-157-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-163-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-164-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-165-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-167-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-166-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-168-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-169-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-170-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-174-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/2136-117-0x00007FFA80410000-0x00007FFA8047B000-memory.dmpFilesize
428KB
-
memory/3136-140-0x0000000000000000-mapping.dmp