Overview

overview

8

Static

static

8

URLScan

urlscan

https://institutotra...

windows10_x64

1

Resubmissions

04-11-2021 18:41

211104-xb7cqsedfk 8

04-11-2021 18:37

211104-w9tc4ahcf4 8

Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    04-11-2021 18:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://institutotrasplantecapilar.com/wp_includess/srotummmm/clementdondscar/vloandiscoo/[email protected]

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://institutotrasplantecapilar.com/wp_includess/srotummmm/clementdondscar/vloandiscoo/[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4064

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    MD5

    54e9306f95f32e50ccd58af19753d929

    SHA1

    eab9457321f34d4dcf7d4a0ac83edc9131bf7c57

    SHA256

    45f94dceb18a8f738a26da09ce4558995a4fe02b971882e8116fc9b59813bb72

    SHA512

    8711a4d866f21cdf4d4e6131ec4cfaf6821d0d22b90946be8b5a09ab868af0270a89bc326f03b858f0361a83c11a1531b894dfd1945e4812ba429a7558791f4f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    MD5

    09fb003154ad1618e4bcd28deb3b27ab

    SHA1

    df3419f3a46e3848cac6877c5046b98b3ad14c3f

    SHA256

    71e83af8bab42123f743ae127c3e76585fc0ebeb94628d8f8d0fa7c44d0b4ae4

    SHA512

    0387aa4f517e51f2d549ff2027a36ecf6a1841f5e6eba5d32f5bd567c7c1a5dd75f7a2b8a31ea6544b56434c6194b89987f3ebfb574bc16d66b47b80f5277b86

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1BA3P8U7\logo[1].png
    MD5

    4f4d7b75b014adb01168d73e92e42e96

    SHA1

    69939f37f12fda183d1dee49f88babcb7a6bc115

    SHA256

    39a3fdb214d89ccb143210ffd8b48badbda7e6d53feaec2b0b3185d569890e2e

    SHA512

    f583684c9520b41532a6767e43b6f70d5afa4c62c69350388e47c38b7c287d121f91704bbd68d0faf0febb2865f21f8874725ddcc51d82b9f6f689bb445cd547

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\RT5AHH46.cookie
    MD5

    1df175db4eb8fe1c1c0827f7d2fea65e

    SHA1

    0525402c10ef2e69fa74d30e28ceab41cd9bb056

    SHA256

    6bda54bd433ec5ea2db68bf504f060b8d8341ab350c1c929482b7eead356ea76

    SHA512

    c25e5ef3b332ac8f65a4bfa964fc2a00d72ffd7ede9764dfeeb4214a85681a7d9c422d970f6588ddf1e180b3b17823c5d0b42e5ea77e5ab67d0ffe0bb1d6530f

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\U15EXE5N.cookie
    MD5

    19a0617557ca816e08affcd69254dba0

    SHA1

    06645f5007f3c1ed9d451fb0db41dc3edb3048c1

    SHA256

    504d931ac19f69c4d50b2cd6320d7955dd6c8242dd2135fce134055c6fdcd174

    SHA512

    acd0ae06f8a52bb70af967bf5b3b6ad89e83d5fc50451c598ce0a494d2c654f5b0fc64b27c02b991f96663224cbaf8a30cb7fa8d7a131b0a97e7ca7bb81538a2

    Download Submit
  • memory/2740-141-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-179-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-119-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-145-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-121-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-122-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-123-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-124-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-125-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-127-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-128-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-129-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-131-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-132-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-134-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-135-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-136-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-149-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-138-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-116-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-142-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-144-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-120-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-117-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-137-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-150-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-151-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-155-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-156-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-157-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-163-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-164-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-165-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-166-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-167-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-168-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-169-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-170-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-171-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-115-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-173-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-176-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-177-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2740-147-0x00007FFB41010000-0x00007FFB4107B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4064-140-0x0000000000000000-mapping.dmp
    Download