Overview

overview

10

Static

static

URLScan

urlscan

https://daugiametes....

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    142s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    17-10-2021 07:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://daugiametes.lt/sena/tmp/

  • Sample

    211017-jc5nmscea5

Score
10/10
facebookphishing

Malware Config

Signatures

  • Detected facebook phishing page
    phishingfacebook
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://daugiametes.lt/sena/tmp/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3512 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4496

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    MD5

    be4c0f8ec52c6027732929c8a31cb6f8

    SHA1

    e587ef26b5cac474e3115c8f757753e35e7a2b9d

    SHA256

    ad487f3a2bb88a1bb1d121dac1435b05c03809d489ac08f0bd108558935d7b59

    SHA512

    13425192f5673cd0a8ef24bb94a90d3801b32e53d05511f4b434c6e804b62962fa0a5c35bf27df966553a93f02ccee6211d996591d46375252fc4e40d60f5c94

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    MD5

    b3c7ff967d3de9f465be9168c875476b

    SHA1

    a56afc34e0653e93df01d78071dcc83c1ca8fc3c

    SHA256

    0a8386be5a6b66f6bce3d01a29413b48bd8e294fc698f4055ebbb4dfd7c1f90d

    SHA512

    becdd51bb6be5650ccb07b4dbb6278c585d246517ee24bffeca7ed630ff3e115a1602cf7c7a0c89440af1be76425a4bf616f715eb86c66df765e283b08c93467

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1BA3P8U7\tmp[1].htm
    MD5

    8b0d4f2302367e59dce368f14cfe2197

    SHA1

    e3762c9f53fd335689d7fa02ee90557968c6bc46

    SHA256

    5d63185b1e7cbb08c029e269e4055210e68ba98c6e2a04f1646a49cc4c0ea887

    SHA512

    27c5e9f3282cfc5c6b141f7b798458222a8f702ee9a174a3292028588a1a7b0040435f7c15b93f73bf6cf9a9d7cc216522480e84c105d0c673e224a3e7685dde

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\D2QUO1K1.cookie
    MD5

    917ab5a1734710addf8c626c2cfecc77

    SHA1

    ccfc5f87ba3b31c94ded1b8c19eda2154cd726a8

    SHA256

    0c9bd23e88d727dedcba7875078d4fb7c2c3783fbcca2e4c61674322c0fcbc7a

    SHA512

    143bee195b3eefa2d9c2f8c62307d3d0e3818be87a39f66998ec42fd6cd8b7fc8ea96f7fd242475f5ffdeafaacbb38df17fc153f681ea58a8d37d72b03c8c04b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\E7FXLZWF.cookie
    MD5

    1a69231ecc979996733b87c4691d4842

    SHA1

    3c4fb5e59634b428ec33f90f1e27e9e2981039df

    SHA256

    8a8e1a267d85560613730a8c1a6ec53c2926743f5065ecdbe6eb949c0c3caf6c

    SHA512

    44aa14330fe2533264ddd27f81931dea61566a71f4e1161e6b1098c020413e4e4d850f169bfa188eb2446f89e507a8922bcacd086ea24897f91e98186179e9cc

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\QSPO52R4.cookie
    MD5

    4e4dffb74a265b231d5f22071de98e53

    SHA1

    f4b25ccadc8540d50cdfec8b11efe914d09555e8

    SHA256

    f6b328d30d009f3839fcd5fb495671a9c53a8d18707b2637e547a516331a54bb

    SHA512

    7d43352673bd496e29761d25a0e21d1ee1dfd836585d16d4939e2cc278a3f85413420c07151bfac5f97dbb3e1fafa829d051873e8baecae0d651af63e6412ff1

    Download Submit
  • memory/3512-144-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-150-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-124-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-125-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-127-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-128-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-129-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-131-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-132-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-133-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-135-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-136-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-137-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-138-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-116-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-141-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-142-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-145-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-115-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-147-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-149-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-123-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-151-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-155-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-156-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-157-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-163-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-164-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-165-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-166-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-167-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-122-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-169-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-170-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-174-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-121-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-177-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-180-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-181-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-120-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-119-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3512-117-0x00007FFE54BE0000-0x00007FFE54C4B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4496-140-0x0000000000000000-mapping.dmp
    Download