Overview

overview

8

Static

static

8

URLScan

urlscan

http://indikit.net/n...

windows10_x64

1

Analysis

  • max time kernel
    132s
  • max time network
    142s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    19-10-2021 15:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://indikit.net/newsletter_add.php?sender-email=contact-usa@drillscan.com&sender-name=**F20Best*20Dating*20App!*20Click*20here:*20https:**Abit.ly*3FS75fm*zvo*20**E&hash=e83fff3e5b935e20615000d170de2fae

  • Sample

    211019-tawm3agbc8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 50 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://indikit.net/newsletter_add.php?sender-email=contact-usa@drillscan.com&sender-name=**F20Best*20Dating*20App!*20Click*20here:*20https:**Abit.ly*3FS75fm*zvo*20**E&hash=e83fff3e5b935e20615000d170de2fae
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3468

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\34CCDD33530DCBBF5A466EEE2A722384
    MD5

    524f476bf227b46fa9247943a2794e4e

    SHA1

    2a3dfd5073074ffa9b041d0909972c1e47612fe8

    SHA256

    82ba2c8807415a649544afbcc73dc614f3bdfe04e23bad2fb0aacd1ea081b756

    SHA512

    c9123fa3305749763b8f3f4691f969b6f503cb33fe317454e5ca88514c3a7ea0fa414a9f0d4b4877331de13e263d8279550690c5557f91ca8de6bb4cf5828a8e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    bcc1cc8e9989b87087d23e119f44f534

    SHA1

    5f1f9622769b1a11ea6a5a67af094b82d6052fd1

    SHA256

    b4bb217e52ab6f7ddab1ccafda702ac33f338dfc65eaaa955afdb1979f19ca46

    SHA512

    73e3befee1440cf382a23ab83f331f17ada79a72815c5f844336830857c385ead9883eb94bbe0cae9d910618d32964f61bb30650c7e367cea2e8e9bcf4f66552

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D
    MD5

    658412b644f0d9617bcaf0675ffdb98c

    SHA1

    a5b7995ed5bc00f3a4d5112a5adbea239ba3df95

    SHA256

    6e637ebd7d49db386426dec2803665341fb7568d99457bf9f93da7784b74a86c

    SHA512

    136b879d6a42cc5468b500ac99b36bf0a360987e289543ddcaa35d917b7dc3223e649b5143e1547a2e71773e1876298d36c8e68a3f69b3b63a1652821e3b9fab

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\34CCDD33530DCBBF5A466EEE2A722384
    MD5

    898439ad8fb3ea5e1afc1412020672e3

    SHA1

    fb6fbd4c5bf6389033c659d7405b120780756ac3

    SHA256

    088891fa598c861c8a77ef65e3b121951f826189a86dffe4c9a29616da55e5e7

    SHA512

    fe777e4de8d7d1e37f7043ded03f76e06063aa91e880a434012bee0c80c8fba6998f6cc17c90a2a17465ee95eb420f3ceb0ec5b7cdc95bcd8dc23b60f023c199

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    5194a77ff30081f2c1e6ce9c524d2ac8

    SHA1

    df565db0acc24406460e4f3b6c28a915c0713c1d

    SHA256

    3ef7e90ecd6bff265be3512cc7f70fbade1bf2554772655c61c6b3cb27fbf4b9

    SHA512

    410655a587a43f65f8fbab5761c3793360d7a4b36c955787cb50b034a584003e0f570d852e8c6d1fdfa0285df3db9d85db1b061260bd49865f5be5e5e2a2a276

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D
    MD5

    0368aee68bdb8e01e9395525260aee60

    SHA1

    9ebc6843dfa9e91c6be170a19f694aacbe6b629d

    SHA256

    fcaba0545d4db92faaccb6bf4c6df3f20d89614a4c5f8a8097604964523f759d

    SHA512

    7972e7842e76b746ca1445fdf2b3436ef83d194bf19728d13cddb76abbd17c690024b67f3d0de2d286adbaf1f8ebd63ac994b5ccab9947cb2b478834731f7361

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\G4F03D88.cookie
    MD5

    c6a55d63c34602ff6170e7fb95b40322

    SHA1

    d083b0f6c74063ede7178bf1b439f96d6552fdc9

    SHA256

    9780f1c3bf6ab2a22b2ec5dc6e9b19534f29a4d359d3b5a3f70577a973bcac7d

    SHA512

    8b7dec4084b4c1afd63f91da468a2fd8b6e5b815546597fd5b3f76e7d9f5127a57e0725e1cb846a84a81a6a947d5dccfd1d6d8ee4e471470577529f1d2caaf0e

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\XJXSDFL8.cookie
    MD5

    cfc90239990073e9a4c9f725359db995

    SHA1

    8db5afda29631b8827bd489d2d1e0fa354a4874a

    SHA256

    d4c76f62c1a20721c6371d6660019c3ede42d2df19eb83300c9ae1d5c4c0dc0c

    SHA512

    a8e0d58be12b9613289319ab6ce78e292c60dff7e832dab0b413f7a49cbae1cc50c9ab1b9d157092c684135e3bb7bb495dffc5166d5251962ac9c54413c8d419

    Download Submit
  • memory/2324-144-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-149-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-122-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-123-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-124-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-125-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-127-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-128-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-129-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-131-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-132-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-133-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-135-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-136-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-137-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-138-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-141-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-142-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-120-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-145-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-147-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-121-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-150-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-151-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-155-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-156-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-157-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-163-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-164-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-165-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-166-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-167-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-168-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-169-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-170-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-173-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-175-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-174-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-180-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-119-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-117-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-116-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2324-115-0x00007FFC1A230000-0x00007FFC1A29B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3468-140-0x0000000000000000-mapping.dmp
    Download