Overview

overview

10

Static

static

URLScan

urlscan

10

https://casasabina.r...

windows10_x64

1

Analysis

  • max time kernel
    117s
  • max time network
    145s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    18-10-2021 07:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://casasabina.roncesvalles.es/teleo

  • Sample

    211018-h4r17adbg3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://casasabina.roncesvalles.es/teleo
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2248

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B
    MD5

    5cc6e33fd4dcbc80c2e7993115e4c7a3

    SHA1

    6a402ea5ff7ed4fc2ff73c88dc2dea7a5ddc2778

    SHA256

    77257322c43457cb50084df35a415bdc8d6f0abd2c9e9ff414ca4ce4de25754b

    SHA512

    07b868834055fb46fa5476c0d81c642a02c6403a4c4079815f9701e668c39ecd4dd9735b57fd2964e6ae3a66568b92d8fd1667dab332b8b680f2e5f9bff194d3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    6cc161dfa552b32b57ffb217c3c4e718

    SHA1

    a0a9a1d6c6815cf9e7148386659b99630c0a6c59

    SHA256

    0f2f73b237fc7b973f14aa1b9407d2a3cf90b78223e6a219b0dc1e784761352a

    SHA512

    98887974d9c9f39d981cb90abaf7cc07cc8a97249dfa6c3ae4015042053ef9563fe7231816b6d7a0b6c9ae26870a539961576344114b76356ef93fd98c568ff9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    MD5

    cdc7886f2e1293fd583eb76529d6bf91

    SHA1

    cf497bae7d69af8e6c604f40255bc1625504090e

    SHA256

    8d3d13a5a5bbeefdde6dc5d81e2663e982d418037cc5a16bd59be81a5157df8a

    SHA512

    ff7e44f67bd2c1d7e0840f6be444e6fd0a08b3fb5668d2c5f7cd0437b7011348551bc65781b797d7df3027d08d34508a9de46443fa471d6706555667a8869380

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B
    MD5

    0fa7c533853829a3c84b5e30fb8b2af5

    SHA1

    25f3309ff1890843621125b5b08b26249638c598

    SHA256

    5725830abfa9889608039894776ff5c02077c2568227be351f9babde883dd55b

    SHA512

    4efe5f5e8038b9314213da5501275f3e121a368a9adf989427a148f3707728e9ac94eaefc759886fc57ac1eba3b74d1648ef4fdbba4628a19a12103a9b0e4771

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    28a8ca44d507d3d7cfed5b1aa98891cc

    SHA1

    3d0722a5f58a43ca8305cdd82a4aafd512bc02ae

    SHA256

    dc1bc2dd2a90375c123c25b8d0f5d4f3c9a34518c4ce7815f3f450b84da6551d

    SHA512

    9a849e41a1b60fe676ec5e635f3add9f1cea7c9a57cbc6809984f18267ab87903b3b5c4c287bca7ddc12ce528495ec78405eb3dc9fbac0ea177d3b89bfb31ae0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    MD5

    3c38937cc8c2a6237acd50864e9444c2

    SHA1

    6d2ab52221d197e8c5ca0ad0995e29e34bcb6785

    SHA256

    05552f3a9de932f6d51331fbf8f90cdca26e21be3dbcf9f44289141767364aed

    SHA512

    2412c0ebca88441e6d5194c26b647518226f3a2f1a4afa3cc7ff14c9ce536ba15267f2c704842dfa13d21ffbd8877873e19daaadf3c53457647769e12b1a3255

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\2CQO9K2K.cookie
    MD5

    62c074b0aebccf7a4e3a86fddf48b27b

    SHA1

    0c9ab2b4d3b254a1c2a8c7825b75f5596a534d4c

    SHA256

    9df2ef94146c68e7a41acbd4b164da61b6e4d75d7a225dd27d886f18185e043e

    SHA512

    62b344751f9ac32b55101a2f5ec7c491deb65a9b6f2ffa0a408d8796db5618188cffb174504d1b417d7c326b511d36a2f6944e4c326832d8e12f0096d7cb1e3a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\3Z3ED7AE.cookie
    MD5

    41b7937fbb520fd31520a014bfc8b9eb

    SHA1

    719c86e1e94902f5c949855d04c242f12d4df758

    SHA256

    e2d6f89ead2f23485f1196ba3de9014a008538f4771dfc8bfbed484455f9fe2e

    SHA512

    0e593e18d996f3a56d0a2b44cf55660a1e0f9eeefd916f11913be0d2ee7252cf1aed6269012bb0e65942b85b14c53f157f140404ed4b4192c2b79604d3b4a90a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\FBWDN8JH.cookie
    MD5

    19ec1789e19548be153ff5cf6477b95d

    SHA1

    843905540783f609f63a0e9bb6742c2628e61a26

    SHA256

    244ac90db8d9c5b83b70064b467fc65fcb87ef6cb470c6e84c64ea198e212ff7

    SHA512

    522e7cf09db40537b53bc1e625110f380e42590ca31fba180ca0773ea8d920695a131169977a07264caa2b12464cb42baf7aa2bb53f9df9830d49250dfbb603d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\GWTKXH22.cookie
    MD5

    0e13928c4743f957d8b330d8b525952a

    SHA1

    4f0b0b326b17170e7938e16fe23a6bfd35bce002

    SHA256

    217f614914efb92a090aa00f72ae41bf05a85005531cddb47b937e79e4ee347a

    SHA512

    f2daada673e49b2a92c753932051eb9e0bf2db0df2b9a22430ffb0aa2427f6a82152a1c4aa6fb9f479fe7078ff8fb50866d5543caacafea92f0e649fbb95cbeb

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\T157N80X.cookie
    MD5

    0945b283a735dd14967d778ef5f6b854

    SHA1

    05b303e0b1ff5db191beeeadb2d0c1c4882e3320

    SHA256

    18796bb21436d2ec7778ca4b3b3330826a78eb139309f9c3fb7d3fe96b5f9eee

    SHA512

    d059bde45485a58492d95d95470f48f587e11f4065971edc0b07dbcca1d9e77f03c377208f67206e4022cbe863bd96de9c4f9a5a304dc70d2c7e8e9edeb0b372

    Download Submit
  • memory/2248-140-0x0000000000000000-mapping.dmp
    Download
  • memory/2324-149-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-164-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-131-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-133-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-135-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-136-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-137-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-138-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-129-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-141-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-142-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-144-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-145-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-147-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-115-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-150-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-151-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-155-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-156-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-157-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-163-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-132-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-165-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-166-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-167-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-168-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-169-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-171-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-128-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-127-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-177-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-181-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-180-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-125-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-124-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-123-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-122-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-121-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-120-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-119-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-117-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-116-0x00007FFC1A2C0000-0x00007FFC1A32B000-memory.dmp
    Filesize

    428KB

    Download