Overview

overview

10

Static

static

URLScan

urlscan

10

http://links.bissspu...

windows7-x64

1

http://links.bissspu...

windows10-2004-x64

1

Analysis

  • max time kernel
    78s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220721-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-08-2022 08:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://links.bissspuxi.com/?ref=Iq8AABC-6kQITPs5p0rMbD8wPOK9CC0qAQAAAOYSiIKEAK8LC3zutVwvpC06tqVT5tUsdW8IaIyyi634VmJcg9J5BLibB-mbD3hdmUpNIsb4xxqq4NK5g3RNCkUKEtcFhHlxk7FNQcBwn07EyOI69A1jGCu6wfWd8Tbqd3UoqTEmTndy9puH5o3VqjEjaPkyfwnozl9HISy_xIRG9chx_P4xA22yu3vtM6qBhXY3y8Ayg9e2WLkDMPVOrPHlBgVJYtF-VEv0yek_n1662C4pt2xTMFFoosxuUR43X59lqIHnHAixdNUTw-uOUZLdUhidCrR5hiXnQ9SFAdp1MPmd3CwDDq1zEaVf11h2lg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://links.bissspuxi.com/?ref=Iq8AABC-6kQITPs5p0rMbD8wPOK9CC0qAQAAAOYSiIKEAK8LC3zutVwvpC06tqVT5tUsdW8IaIyyi634VmJcg9J5BLibB-mbD3hdmUpNIsb4xxqq4NK5g3RNCkUKEtcFhHlxk7FNQcBwn07EyOI69A1jGCu6wfWd8Tbqd3UoqTEmTndy9puH5o3VqjEjaPkyfwnozl9HISy_xIRG9chx_P4xA22yu3vtM6qBhXY3y8Ayg9e2WLkDMPVOrPHlBgVJYtF-VEv0yek_n1662C4pt2xTMFFoosxuUR43X59lqIHnHAixdNUTw-uOUZLdUhidCrR5hiXnQ9SFAdp1MPmd3CwDDq1zEaVf11h2lg
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1440 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2368

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    5e73aab8e9414a4f86ba309082fffd18

    SHA1

    7d820117aabda997625d8d0259d773cc4728df28

    SHA256

    66acaff9f0d8fe9aa5f6a2d559374fae83845f067897192a5144d24dac76867c

    SHA512

    84fc54bec41ae4d676e59d030aa40805e71da3bfd4b20f56491416e37854fa66d5d10a2e773479a8fe3221b8a76a49f05748f2b2da7db51ba22dc239b5e6242d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    6d339a3220150e29ed72f0571a55386f

    SHA1

    bf30946cc25eeef3ad6de44827eacf443104cab7

    SHA256

    7f827a9894162af9187f32ffcbdf4c7accb769427523b056909b3a9c2e483933

    SHA512

    aef317187d300d8842826964ef893441870d20d6726004c235eed3c5f1fa0bbe5b8738e461a263459924216f6af31c46cca87d7adaff4feaae95a6dcea5c5c79

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    772fa18ca7bae0e11f278773fdc9743e

    SHA1

    15feec6fe44febc062b197bfe47e3e018f00bcc7

    SHA256

    4cb5a06a42a486ad157e35f21abbb9373f2fa88b47ce9c697b7f257981a9d1e3

    SHA512

    b996c1f4938283ed9447805de1b883aaf41cb8cad3449a3bb6518f6c9549c70e26e190e21d0526f703826e887b76538496dc1491aa5a2e1a6ae82f85e224cb4a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    224B

    MD5

    3b9e560b27bc00c38243195725cc3778

    SHA1

    961b17d54836d87a0b9b07e8fd78b8f10c468266

    SHA256

    e5d602e0b5bdbb07c8c12146a94e6175ead3c06649767e63185076671767219a

    SHA512

    92375c08549ba7e8e583b81e0c014143b4af3546aa594141eb9b13e1e0202720c424b92740483984d089b7808072e0b716230d39bb55dbd0ad26d9eb12513fdf

    Download Submit