Overview

overview

10

Static

static

8

URLScan

urlscan

10

https://ojsazmedy42h...

windows10_x64

1

Analysis

  • max time kernel
    120s
  • max time network
    145s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    09-11-2021 09:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://ojsazmedy42hkts.wpedufxcloud.com/OJSAZMEDY/QmVybmFyZEdvZW1hbkBuZWRhbC5ubA==

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://ojsazmedy42hkts.wpedufxcloud.com/OJSAZMEDY/QmVybmFyZEdvZW1hbkBuZWRhbC5ubA==
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1776 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4308

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    1c3ed22c003b0e1724a802f750244f60

    SHA1

    c83f95230ea4d3ac58c4f5d5a7504b0f5eedf0ad

    SHA256

    f24de6edda835df45daadcce85ecfeaa1f5a363a16faeff1c16ae55ec57dcb6b

    SHA512

    7f9f0395307b63d4bda636b132533f5e62b36bfa78ff0850c5ba0a2ebe3f426b0a18232993a35bfe9166d9f86d2dfe2ad6429fc864265a0bdf6d4f1f25d26297

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    6d45ac1972c2e1a8dad595c6958aab8a

    SHA1

    b4c27763c9af1d0eede9b59942b510e771504313

    SHA256

    13f7a943fbea6ba1cf9be72c51be1fce3098796e8ee43f15098f77228bd04fe4

    SHA512

    5e39a6b9048c01da75d1fdd253870668190f5b1ae43e2b8a4b8fd39a26c14d00398a1e44499e7d4e7f6569b76c2d7a390475529f49692532278fea3a2a75e144

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\77VUOQIP.cookie
    MD5

    44760d237922d41f494754466c72eee5

    SHA1

    35c16f7119083e246eaa7a3ff08ed86bedc1d48f

    SHA256

    7a67f66756e152ff756f9d87690997de9bac71793a0342f101f73383d42034e8

    SHA512

    275a53212e71ebf6acf01ba122490a20ebdf1c5fbea9ec9274f7be00aa683543f5b1b68c9ea740e8f0674911afd03dae0f36713fc00082d47edaccaa71caa836

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\HHSXEWTD.cookie
    MD5

    bbf134aa14fff2adfc2dd75f9fc5c3b5

    SHA1

    75feb7b30fd8bb2e7a6091052eb6a57b3daecef0

    SHA256

    ff8a357adbf682d28678fd75a09f51809cdd979e614e949ec8b4b89f35e3d539

    SHA512

    a1c7fa37e643443bcf71c5c18c3660036cc282df6c217aa156a5bfe7b878e4b81d7b59da9d75e28039e34d6654627d1e5f2693c9f15f7f821d7ed584fef43681

    Download Submit
  • memory/1776-148-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-127-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-125-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-150-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-126-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-128-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-130-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-131-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-132-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-134-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-118-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-136-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-152-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-139-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-140-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-141-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-119-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-144-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-145-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-147-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-135-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-124-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-138-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-153-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-154-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-158-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-159-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-160-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-166-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-167-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-168-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-170-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-169-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-171-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-172-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-176-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-177-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-180-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-181-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-182-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-123-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-122-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/1776-120-0x00007FFAAFFE0000-0x00007FFAB004B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4308-143-0x0000000000000000-mapping.dmp
    Download