Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://goodyear.pet...

windows7-x64

1

https://goodyear.pet...

windows10-2004-x64

5

Analysis

  • max time kernel
    96s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20220715-en
  • resource tags

    arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system
  • submitted
    04-08-2022 06:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://goodyear.petchseeg.com/?e=bmlra2lfdmVybWVsaXNAZ29vZHllYXIuY29t

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://goodyear.petchseeg.com/?e=bmlra2lfdmVybWVsaXNAZ29vZHllYXIuY29t
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1096 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1668

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_711ED44619924BA6DC33E69F97E7FF63
    Filesize

    1KB

    MD5

    1373d0c10451574ecc57c83379ea3fd6

    SHA1

    537badffa83c7cb5d1eef45158d89c2c363c04cb

    SHA256

    e79f535977c6131ae3fdf952422c3b3f777c456d002486170bba7d5bb190d75b

    SHA512

    f798880e5dfd6625c78ad21c6f25e7e0a51552bd3cb64d0baba050a65eebc7651e1ef04748d5edc25da2ba23bc72a436ddda277b65091c85b16208f2b4c069e9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_711ED44619924BA6DC33E69F97E7FF63
    Filesize

    434B

    MD5

    e740593e2b2c9c5c4b61e79c812b1f1a

    SHA1

    242808da1b21cd957baa529e2fe26b35f1d1e878

    SHA256

    86747ca3235c1bbb177b1808d1a8a21987d6e9909e98609ee88bbb99ea8af625

    SHA512

    28c4d5f6ef6465598e0d98bddfdc4069c4f558637d62bbe53b2ea3136ea12d4197ac17c94439a563add09c8bdd5b31c5a2e4832d2a85009606ea8409efe33235

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    340B

    MD5

    0c920d463bb3492be553b904b4233b6f

    SHA1

    dda19ce8ea3f5b5a91bed1dd6990a870847246e5

    SHA256

    c8055cf2e406da583363f937098a561a18c51b19fe20a316290917e6e09f07f0

    SHA512

    dc090f1a4f08b2eb58f454e09bf2f3aadaa5ef08a1db1981b32c5883f69484e1378c1162a2ee0c3376ff1d0d9bbd847d41c5befdb4e611abf6157145f3f8ab61

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\3uhj3kn\imagestore.dat
    Filesize

    8KB

    MD5

    7da3ac6a122f6092daae1ae442f4637a

    SHA1

    0669aabbe8152d0fc5b0404795da9dbd46f5fc7e

    SHA256

    9d9867813978c63cbc051ccf4fbe0bafc2ada86c9a2813485aaca82ee2fe0b0e

    SHA512

    8ade336ed903fb6fbc8ba66ecbebe6224601155b779052715b35429b4fa94c553c97e32ff12fd5914c7937ff23186454a8e552a00f3b85d352eafa022ff641f3

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\3uhj3kn\imagestore.dat
    Filesize

    14KB

    MD5

    90fac459b713f20f28b802de88255679

    SHA1

    9b9f65a178c1f9fe80c82e6481f97f7a337bb75e

    SHA256

    da36b68a46a611d32b34df9b5cb1bef680f3b4cfa896cb7c34e474bce74f4b8e

    SHA512

    54c414322c3a71f5e49d7a9d9ed7fb858c5b3f81457c263134af0ece9c5bfaf8dcb9d96eecaa19d91dd03b6d282a74b51e832cb0ff7580713d4cbaf51e49aba5

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0VKQL0VD.txt
    Filesize

    606B

    MD5

    cf3c9b16d754f1fdc2a0c08481bbb0d0

    SHA1

    5806c47992bf119c420ea007ae16f20c56265d86

    SHA256

    f1a7ba41404cadad4cb5154e7a7b0762294ec2490ffbba46edacdacc128525a2

    SHA512

    ade3fd0af5495866bf52115f15c0bb2ac0e15ec9043ffd746f3fc20c8dd903c17665131af002968e284b1fa44c0c561edac497abeb589b4b205819fdad065b20

    Download Submit