Overview

overview

10

Static

static

URLScan

urlscan

10

https://redirect-wai...

windows10_x64

1

Analysis

  • max time kernel
    122s
  • max time network
    146s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    03-01-2022 02:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://redirect-wait-services.blogspot.com/"

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://redirect-wait-services.blogspot.com/"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3328 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1984

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    MD5

    54e9306f95f32e50ccd58af19753d929

    SHA1

    eab9457321f34d4dcf7d4a0ac83edc9131bf7c57

    SHA256

    45f94dceb18a8f738a26da09ce4558995a4fe02b971882e8116fc9b59813bb72

    SHA512

    8711a4d866f21cdf4d4e6131ec4cfaf6821d0d22b90946be8b5a09ab868af0270a89bc326f03b858f0361a83c11a1531b894dfd1945e4812ba429a7558791f4f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\97EBCCE1665E9DD5B88457CAD3B73C98
    MD5

    5bff7e24fa153e62b2711c5314a0607c

    SHA1

    3574b8094de5b88055462db070207e3f73256db1

    SHA256

    df839a30e72a199ddfba2e72189a52288187c80633056c887633028129ccecd1

    SHA512

    2c345810c0fa981b3573efa019656dee3704e9999e9cd39a0ce18969e1ecae96519bb0263c622aff6e6998c3878d1e902f44dc88105b812e780776bb6c5f4f39

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    MD5

    94e92161644ef8ac74267fee2c9bf651

    SHA1

    dbba838fbe8838f7809869efb915586c03b8ef88

    SHA256

    3f37f35bdcd3cece7ab11669cc3998ca7ca0560e1e3a9b6c16b9af42b7af9c45

    SHA512

    02213e052804107ae2eb8fd955e3b984670133afa2af4187e82149dbb2918dede049da765a8d289154a6d0375bf2969cf15990671db485f95464be677318500c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\97EBCCE1665E9DD5B88457CAD3B73C98
    MD5

    b853bcdefc3270a094e8177469e66ee7

    SHA1

    157bc1d41016075145a8f6ad9c07023b0a4f9a9a

    SHA256

    86af9097e35483e39ff2dbedd38a15bcf339f5d2b6ea6d3ef262391bff23717b

    SHA512

    a21eb4f0a47b3de79fda8d877419218344edf1b4648b3686036cbf8193e62b7d1df6c8244535ca2d96e26587b42015a418fdf0625a63a60af98487f3a2a99481

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\HJNCJ973.cookie
    MD5

    95b2ddfde6818622f416dd55fba35217

    SHA1

    6199cf732c92c4589e9a56b8cad6fb3b66832460

    SHA256

    2adffb53ffd7e4d98a397fb9a0cf6a4303bfd8a338b4ac7cb585d271bb388375

    SHA512

    7c83c22f7e0a7789fa754934f792fc7c2c16aaca38307edbd4e5bf8b71ea025360e562439f0a2d4348511c6f0e132cf7ca2673e9aafbf01e536e22e2d89e1d70

    Download Submit
  • memory/1984-140-0x0000000000000000-mapping.dmp
    Download
  • memory/3328-145-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-150-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-124-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-125-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-127-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-128-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-129-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-131-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-132-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-134-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-135-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-136-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-137-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-138-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-122-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-141-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-142-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-144-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-115-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-147-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-149-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-123-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-151-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-155-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-156-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-157-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-163-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-164-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-165-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-166-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-167-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-168-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-169-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-173-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-175-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-178-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-179-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-121-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-120-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-119-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-117-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/3328-116-0x00007FFBF2320000-0x00007FFBF238B000-memory.dmp
    Filesize

    428KB

    Download