Overview

overview

1

Static

static

8

URLScan

urlscan

https://firebasestor...

windows10_x64

1

Analysis

  • max time kernel
    77s
  • max time network
    79s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    27-10-2021 00:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://firebasestorage.googleapis.com/v0/b/projects-f254c.appspot.com/o/index.html?alt=media&token=3d3d79a2-492c-4d9d-ae0f-f1deb533dd43#enquiries@mic.gov.to

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://firebasestorage.googleapis.com/v0/b/projects-f254c.appspot.com/o/index.html?alt=media&token=3d3d79a2-492c-4d9d-ae0f-f1deb533dd43#enquiries@mic.gov.to
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2828
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2828 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1304

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\BCGNQUSU.cookie
    MD5

    1939d1346d743088cfdd842053f159fc

    SHA1

    591f33192fada5830fdd23c26f39e209e0fe588e

    SHA256

    dd88c93faec45436ff9163e4bb51a903af22e2d7586cab554dbe1a05f6623c99

    SHA512

    69dd7c5b22899865b11f12a6e341cc2285130cf37372af5ebe84f5dc7e15df7c346d61406ecd16f5c77bf8caee95192bebebe10793004a218b34580c506c3b7e

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\BRK5MGMW.cookie
    MD5

    5ded4941aab8aa59a737b35a6be3fdde

    SHA1

    95f2f3c3e081622dfc417dde51de37581be6b145

    SHA256

    e93534bf0c62eaa1674047ac61d00890ee940ea41c9be5a5ec97591e4579c694

    SHA512

    909e84e313e881ebe26a3f734b10d0962a28745ea028679b00117e2605605fa31ff9494f532b24723067c1e0a461b37b2fc7ed83977f74919a5bd81e3c7387dd

    Download Submit
  • memory/1304-140-0x0000000000000000-mapping.dmp
    Download
  • memory/2828-127-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-168-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-122-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-121-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-123-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-124-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-141-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-115-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-128-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-129-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-131-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-132-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-133-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-135-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-136-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-137-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-138-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-144-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-125-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-120-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-119-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-145-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-147-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-149-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-150-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-151-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-155-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-156-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-157-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-163-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-164-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-165-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-166-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-167-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-142-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-169-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-170-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-174-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-117-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2828-116-0x00007FFA9D240000-0x00007FFA9D2AB000-memory.dmp
    Filesize

    428KB

    Download