Overview

overview

1

Static

static

URLScan

urlscan

http://Github.com/pi...

windows7_x64

1

http://Github.com/pi...

windows10_x64

1

http://Github.com/pi...

windows10-2004_x64

1

http://Github.com/pi...

windows11_x64

http://Github.com/pi...

android_x64

1

http://Github.com/pi...

android_x64

1

http://Github.com/pi...

android_x86

1

http://Github.com/pi...

macos_amd64

1

http://Github.com/pi...

linux_armhf

http://Github.com/pi...

linux_mips

http://Github.com/pi...

linux_mipsel

http://Github.com/pi...

linux_amd64

Analysis

  • max time kernel
    365s
  • max time network
    1587s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • submitted
    05-07-2022 10:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://Github.com/pixiedustattack

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://Github.com/pixiedustattack
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2620

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    831399867695e8e2e44f24eb7b73313c

    SHA1

    403e123384b3ba656e3e1cd3815dad4a1664b224

    SHA256

    833cb46e5f4be363e955f5f3fcd655f1e610d5e33b0ae6c83a714ebfc9723f8c

    SHA512

    17e637f6508aaa1589cde6e4d9e230b6dc02256c2bf1d0dddeea7958496b57582944e1d9fd17b323573f3214f73c99dbf4455cb7ba00075605a498749725ff16

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    b11324a5efdd2cf2021cb71a11413dc8

    SHA1

    74fcd7f87740c90ad0c793ea005c3e9aed52b536

    SHA256

    cb9928f0123a1af5e6dfcf843b7d63852347af65b17bb4b4c9fe450df0240295

    SHA512

    97e951fe3058d6c3804a2e672fb4c30cdabbac7728d8d4e4900f71b49caed8f83f2cfa95ac560b2e14768f02e018168f0e877d6e11bed2832ec6dadf55aa72c0

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\EIQ4TDPJ.cookie
    Filesize

    610B

    MD5

    2f9ebcd22956ee55ebbd3688e1697670

    SHA1

    42f5bfa009d954bd8f9d578a7b572556e7d4dc11

    SHA256

    ab299bafda321356062e154d437dde19cd9833596b8eaef2a2ce8a696b659e73

    SHA512

    a590b43d0deebedc0e7c1197a919d0296491d7988ef22e6d2ce388ba0d075af01c7974641ceb7647b0aa5fadff7fb3592395b33293a99b8b7500b0ac4a06b03f

    Download Submit