Analysis
-
max time kernel
150s -
max time network
148s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
20-11-2021 21:47
General
-
Target
https://dlscord-store.club/welcome
Score
1/10
Malware Config
Signatures
-
Modifies Internet Explorer settings 1 TTPs 30 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://dlscord-store.club/welcome1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3716 CREDAT:82945 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\5RY3YMR5.cookieMD5
8511cbd6b0124aae06432ceff28f767d
SHA1b0d2cffa29c5ead6474f9bb6e68cbfeb5ce54a9d
SHA2568c425eb858a3cd6c4fb958409189cd5eb2658d3c4317f9aa503bec757be5fb49
SHA5121d83c76f2dbf7f1763695f48bbbf134090643f571ca29f090b23718ddd935ba4ddfd24653046df1149c55e555a489c6a813251c49bbed5d9b457f46979c2522e
-
memory/1164-143-0x0000000000000000-mapping.dmp
-
memory/3716-144-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-124-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-123-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-147-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-125-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-126-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-127-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-128-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-130-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-131-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-132-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-134-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-135-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-136-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-138-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-148-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-140-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-141-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-120-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-145-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-182-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-122-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-139-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-150-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-152-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-153-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-154-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-158-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-159-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-160-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-166-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-167-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-168-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-169-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-170-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-171-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-172-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-176-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-180-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-181-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-177-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-118-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB
-
memory/3716-119-0x00007FF9B8A30000-0x00007FF9B8A9B000-memory.dmpFilesize
428KB