Overview

overview

10

Static

static

URLScan

urlscan

10

https://getmagic.app...

windows10_x64

1

Analysis

  • max time kernel
    137s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    10-11-2021 11:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://getmagic.app/cH5OQApRN0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://getmagic.app/cH5OQApRN0
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4052 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4356

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    MD5

    a3a51beba3baaa024cbf1ccb2544c876

    SHA1

    d13fa1ce0789aac629dd76c879fe5bee9756f8dd

    SHA256

    df55558d080900eb3b6e31dcaa57e6dbdc92c9a915dda9cc1755d1bf26075e6f

    SHA512

    3066cc490bfd4df4163aab78f1faa77470c9dc2f9cd07e779f57183bf3c8361b67b65497838764b8646c4652591fb518434baa0542e5b9e340f792666c352898

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    MD5

    52a20f937e0f4d5ff0a9be1305630b08

    SHA1

    523a7fbae22ce452337851ab659ea7194a934c3b

    SHA256

    a5f8eac7a685fefe064e3bd71f6c0003d171046b66ce3dcc08d4fae0eec39f36

    SHA512

    07d1b9dcc272e1349efae40e5cc329e89d22adbabbd546c77e5d9a33b811e38b5e356ce03f5e65615470ad3f720042b657211c199beb401bda2234a2cacdcd21

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\JPZ4TINO.cookie
    MD5

    b89dbbc5fcfb8420a2fa7ab33b596bf9

    SHA1

    ef768d6f329a514d4c3b53dbe6f88378ac240201

    SHA256

    775d026827d4cfa63b68f5e97069b583d3d03ad3f24c60226e6aacf6968a19f2

    SHA512

    89d943ffe1344a751ad6eb6af374ded64e1158716c500df86df13f0af6d649f40a4e20436f13a9c876adba1cebd85e0bdc72731475b1f456a51ad65ec35c8883

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\K76C155V.cookie
    MD5

    ded497f6a6e65a12f3f02176e3925574

    SHA1

    86e35a1dede032d22c2047c709a950b2f325411d

    SHA256

    c11f2fbca60fc79a7a1482af52c9a665eed143c6d90520cc2bf61982b58666f3

    SHA512

    d38ceb2653ed21da9edcdf2a9c576e394633a0d259e3705f78ae429c1fa1e3dbb75025e2825640e1039894345f55764e97bdc5a2711499729894cfdc024d4cd3

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\PTJ885SM.cookie
    MD5

    d9452153cd449ac756013c9f71cb246a

    SHA1

    72c9bf76aba4294fb7dae1ab534879e56067eec6

    SHA256

    630fa4aedf2a0c57fa0a6add730588dede4bc7582048e1008e02e2b860e5c05b

    SHA512

    e6ec8c46624ab8f4c8bd47171e13c94b2f5aa352384c5c91fb43a6c6f91aecacc8277c39a753af4a43958304a5866a788948d7601e152de79bc4bbb09b9b6d38

    Download Submit
  • memory/4052-145-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-124-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-123-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-150-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-125-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-127-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-128-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-129-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-131-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-132-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-147-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-134-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-149-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-137-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-138-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-116-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-141-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-142-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-144-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-115-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-133-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-122-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-136-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-151-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-155-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-156-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-157-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-163-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-164-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-165-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-166-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-167-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-168-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-169-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-121-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-174-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-175-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-178-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-179-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-180-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-120-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-119-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4052-117-0x00007FFF30D00000-0x00007FFF30D6B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/4356-140-0x0000000000000000-mapping.dmp
    Download