Overview

overview

10

Static

static

URLScan

urlscan

10

http://www.authupdas...

windows10_x64

1

Analysis

  • max time kernel
    120s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 15:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.authupdas.site.pro/

  • Sample

    211021-s61q8abdbr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.authupdas.site.pro/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2776 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3788

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\O16LG80S.cookie
    MD5

    e89501f7253a17ee8ddee7beb4528db2

    SHA1

    f48024c63d64884807e51eda944afcc01bf7ddaf

    SHA256

    41e3c1714f9ca76a4d45018070b7ed9806ad17609dcc7f031d277f63ea43cad2

    SHA512

    63d6455cf2b7350b601a06e9ea8b1725c0de95a3446e11bdad9da1bc9cdbcacde08acc1b2e93b55811a417bcce33494301eee641a0b4aba6e0a78fd8e3864fac

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\TXV8O2N5.cookie
    MD5

    869cabda61479f02f26fff7d05d0adbd

    SHA1

    2865e0175508228fddbca4913f30a49f482fc6bc

    SHA256

    5d9fa7a743da689adb20707169a2d263eaeb5baa4a33804b2c6eeaf85b221ef7

    SHA512

    d72c1dad27adb7504789da14c2ae108cc0a92365f0a55f667e21a9e0724adb502730020b7e1d7b55b609bfb16b8c318dd85be438d96a32f8d71f99f7f2e01eb9

    Download Submit
  • memory/2776-142-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-121-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-120-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-144-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-122-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-123-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-124-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-125-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-127-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-128-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-129-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-131-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-132-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-134-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-135-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-145-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-137-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-138-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-116-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-141-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-117-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-119-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-136-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-147-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-149-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-150-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-151-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-155-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-156-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-157-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-163-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-164-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-165-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-167-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-166-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-168-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-169-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-173-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-175-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-178-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-179-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2776-115-0x00007FFB28450000-0x00007FFB284BB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3788-140-0x0000000000000000-mapping.dmp
    Download