Overview

overview

10

Static

static

URLScan

urlscan

https://myaccount.go...

windows10_x64

10

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    03-11-2021 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://myaccount.google.com/brandaccounts/103493999932156461761/accept?dnm=true&token=MV8RiV2p55yTPjLJ-xeR258KdgUqaA

Score
10/10
googlephishing

Malware Config

Signatures

  • Detected google phishing page
    phishinggoogle
  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://myaccount.google.com/brandaccounts/103493999932156461761/accept?dnm=true&token=MV8RiV2p55yTPjLJ-xeR258KdgUqaA
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:2324

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    MD5

    2a276649c48c9798edf3c34e5ca4ac98

    SHA1

    673fb27211b89efc4ec796017a3787c887a5163c

    SHA256

    27c29537046db2b23b228ddebc1368e6df2a43dbfac8f90f90e094f8376a2dce

    SHA512

    516e00636025b2be73125275c2fed0d74b520b56fe4ae1a3d3fac3e035f7382428f17457c7aa3252342219fedf0b1f741da5a0d98376f8c1bcd4e55a7f84dd0d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    MD5

    64e9b8bb98e2303717538ce259bec57d

    SHA1

    2b07bf8e0d831da42760c54feff484635009c172

    SHA256

    76bd459ec8e467efc3e3fb94cb21b9c77a2aa73c9d4c0f3faf823677be756331

    SHA512

    8980af4a87a009f1ae165182d1edd4ccbd12b40a5890de5dbaea4dbf3aeb86edffd58b088b1e35e12d6b1197cc0db658a9392283583b3cb24a516ebc1f736c56

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    MD5

    43e9601e247bd9b9dabd6e685b4765de

    SHA1

    95950232b51796c486e0e86c52768a311727fa6d

    SHA256

    d2d5e18613ef5503784fad802b90764e67ee0fe614be66dcc01e11d636a86016

    SHA512

    fb2eb0abcffc75c8b34674faa3bbca4726f339f439e6ce127073caef2143ff3d075f3a5af47a97eb341401ae97bdde8a126fbcb1a904bbc8ecd989694c3222c4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    MD5

    9deff865fdd04ba0624b16bc08f136bd

    SHA1

    4518343d7b7773d35b2b2a62f903a6de5263f5b1

    SHA256

    4b7b9fde943b008fbe631e8f23ae16aa54f37e5d6ee31b333d631af55c3bb867

    SHA512

    80677410654fa7635f1ede57ffac8ea4b154b35b7d8decb2c6ba4b0576eedda6ada1b8b60df3abcb707c0d76346997f53e26dd2a007f3eb4cffebab8f879f78b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\3IRE8E9S.cookie
    MD5

    4fc106f0d6c06fbf2bbed64b9155b989

    SHA1

    d9343447db59fb65273ce35dfd12f2514fdc47d3

    SHA256

    a3c783f59e4354252695cec05a84d47a8af67789386ae95acce297f58ce057a5

    SHA512

    6e753d6968bc07dda0b69e3b80fa02e24aaece73976fe58776c258a522327ff2cb0538b957acf6f6fb0612ceb0744fdca93748d8f6b6ae23e6b0ee796ce73421

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\LWGY8BMN.cookie
    MD5

    e7f738bf933986bae38ea49a235d0a40

    SHA1

    c5412823b9b429d2faba37978066b4e6ab08a401

    SHA256

    5922f76ba84ce171ca38d955e4368c79a7cd984f1df326490f0c3524f9bc48ee

    SHA512

    41ec077160eebd501c3b30f5cb06417aacf384f8034edc58062079dbd5a5849f618271cc8250d9c124370996d5c219874f0689808c008bdd5b9a026fe842ebb6

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\T3Y5VF6Y.cookie
    MD5

    7e882c9c81f8f0688fe39a8e86f9c718

    SHA1

    b6ee12d81824de3df23ed2425bd1116377a6e630

    SHA256

    a19c9bd8dc7078260b91dc18243d38830a9fa08f7c5ef0ec5db9031621edf6ee

    SHA512

    f6170e48c474dc97abd5ee699636c0478e0f4579f36b66af359a65c8c35a9540d60e84e351d047374f16bf03d9092a602deefdf0f8c53d10cabc7f6035aa1014

    Download Submit
  • memory/2324-140-0x0000000000000000-mapping.dmp
    Download
  • memory/2720-142-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-150-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-121-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-122-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-123-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-124-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-125-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-127-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-128-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-129-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-132-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-131-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-133-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-135-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-136-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-137-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-138-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-141-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-119-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-144-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-145-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-147-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-149-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-120-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-151-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-155-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-156-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-157-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-163-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-164-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-165-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-166-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-167-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-168-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-170-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-171-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-117-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-175-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-176-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-174-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-181-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-182-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-183-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-184-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-116-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2720-115-0x00007FF82D740000-0x00007FF82D7AB000-memory.dmp
    Filesize

    428KB

    Download