Overview

overview

10

Static

static

URLScan

urlscan

https://www.flanco.r...

windows10_x64

10

Analysis

  • max time kernel
    147s
  • max time network
    139s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    05-11-2021 08:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.flanco.ro/

Score
10/10
phishing

Malware Config

Signatures

  • Detected phishing page
    phishing
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 22 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.flanco.ro/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2412

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_502ADD31E55C4167423134F3AA882499
    MD5

    a68e87319412ebca5f9acf6d0f0b875c

    SHA1

    91f2491061a17b7aab221908e3e0abc493c85127

    SHA256

    30f254fc4d585e19cc1795584c16fafebee8ae1f5709459c836e353cba6808e3

    SHA512

    42596849c93b8bf73c1750e7a72b3e509015f92b3b02339d8bd91fb533c1ec515e35e6ef94ba64d13982c1c91716ac570778675e3430d349f78da6e49d647991

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    MD5

    b079027ffdc869ba29724fa8ca2fda93

    SHA1

    aa3e091940a607a2ee1979c5132f0dc8f0667ca8

    SHA256

    7d6e49e1fbd8c424ac1b77719241b47fd7d0ff39c0405b139c9990bd6001b070

    SHA512

    98c828bb4e995d41c82c86b68296cdc7db603d3e269060d7ec15abfa737fb6e0d22ea802bfd1659e63f3292cf7b64779c81bec2135f1026308e4683fa96ad38a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_502ADD31E55C4167423134F3AA882499
    MD5

    b37d3c4fa2a64fbb842d99913d833023

    SHA1

    e0256afa8a64ae92933a7b7d6c26e8af07b70544

    SHA256

    90a03d1370a3ef5e2b44540ff272efced58b2702d987f8fd2befb8806d987ed4

    SHA512

    f6556a2d85658794f12478839da81a24683c95f56018eae0be49a8e82582924b7abddc00bc60aed48e7cf152b3950d78a72bd381d006b4c73b1a26b64ba21a21

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    MD5

    00e022e408a6dc996946ef03107fdad7

    SHA1

    298d0e9e3a55d77ebfb3d5e40790b54534da6d36

    SHA256

    dfd9ffa9223562156a7651f80ab54a595c27c0b2907cc246210bb38be8b5908b

    SHA512

    6fff17856e7deaec4ef667a4fd8bbe4605bddbe505678c9f51bd4b8457276ca43ad61eacbeb47b6f2ba2fe1838de0252997d68cc5d53acdd14373aa8f7109884

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\5OT13VWK.cookie
    MD5

    f72b8e0bd014deb6b6e59d8bb80f8683

    SHA1

    51fb64ffb3bd6a6229d85b50f403efcedb17836c

    SHA256

    a327a7f29922c14f2b7559a4ffb0c6e826516c5ad77764e51cfeceb25b58ebd5

    SHA512

    23c5d6be20d1bf7687c7cea3b5b500d3b7db51ed83007c66963b896436624be63937e5c56a808c85a75e8bc6440c61d737793ebff029fd35b565c1024f1ce69a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\8TJO8V3H.cookie
    MD5

    3d6ffc721d5a06da74eb11fa941a1bc0

    SHA1

    61bec2a15542a38be7daeff45bda02f2f7688fa2

    SHA256

    38631edd4c0d361277e30de9d932efa938c09de0784a5f91298af4ee34bcafdb

    SHA512

    df85de6d4c5e68e945729ae3eba39c85c4527b27b588947931561d7bcfd533effdd457b12cbb5634d3863e86adf5e9a6a505e76f70c94d0a1421c044795e88e7

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\S624UU9N.cookie
    MD5

    727f4d34b40aa8c25f029b2433d0c3c1

    SHA1

    4d9685f2a1f688973fde60596c2fecd397f7e626

    SHA256

    523a1901cc50b02f575a9a498c47f86e699ec2269c32e2dc48f778557fb58178

    SHA512

    2ae69904550870fcff9f8d05a97512d919e09a0a1e8100eaaa541512e42164f101d2d7aedbb73974c841fc75d98e88da7be0e9141955fa80773cc4c8b478b386

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\W178TW1F.cookie
    MD5

    fd1ff0cd9552a8c9af30de4c5c40c977

    SHA1

    53add32226efe015cb1d4290cbdb0d89c01605b7

    SHA256

    9286ce7926393daa772c36912fddfb70bc09fc685d73720e0ab4a006795c094d

    SHA512

    6e11818d5a4563ec702f6982de780cce1c5978b37e9a6b02c79703e6356a654abf1322ea43406dc182661eeba39adbb0ef7e7181d4e2a9d428c75df68a7d4435

    Download Submit
  • memory/2412-143-0x0000000000000000-mapping.dmp
    Download
  • memory/2716-141-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-152-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-125-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-127-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-126-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-128-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-130-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-131-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-132-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-134-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-136-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-137-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-138-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-139-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-140-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-123-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-144-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-145-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-147-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-148-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-150-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-124-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-153-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-154-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-158-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-159-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-160-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-166-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-167-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-168-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-169-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-170-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-171-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-172-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-176-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-180-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-122-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-120-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-119-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-118-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-183-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2716-184-0x00007FFEF91D0000-0x00007FFEF923B000-memory.dmp
    Filesize

    428KB

    Download