Overview

overview

10

Static

static

URLScan

urlscan

1

https://143894913.co...

windows10-1703-x64

10

Resubmissions

08-08-2022 19:45

220808-ygp63sfcck 10

08-08-2022 19:37

220808-ybtbjsfbdn 10

08-08-2022 19:31

220808-x8wx9sfbaj 10

Analysis

  • max time kernel
    131s
  • max time network
    143s
  • platform
    windows10-1703_x64
  • resource
    win10-20220722-en
  • resource tags

    arch:x64arch:x86image:win10-20220722-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08-08-2022 19:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://143894913.coreaquatech.com/905100119/aHR0cHM6Ly9lbnF1aXJlLWFzay5vbmxpbmUvP2VtYWlsPXRrZWVsZXJAbWF5ZXJicm93bi5jb20=

Score
10/10
microsoftphishingproduct:outlook

Malware Config

Signatures

  • Detected microsoft outlook phishing page
    phishingmicrosoftproduct:outlook
  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://143894913.coreaquatech.com/905100119/aHR0cHM6Ly9lbnF1aXJlLWFzay5vbmxpbmUvP2VtYWlsPXRrZWVsZXJAbWF5ZXJicm93bi5jb20=
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2032

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_862BA1770B2FEE013603D2FF9ABEAFDA
    Filesize

    2KB

    MD5

    6cf23519714c1ab2d228fd6e431ad404

    SHA1

    52537a97641464bedc6c511474d21ebcc34a72fa

    SHA256

    001b8c75cda979a0be5ab90b5b6a136026280c76aac85ab709505a209369e94a

    SHA512

    fc0f9bb1b86ffbff1629bea3a4acf25936d1df02303f4959bf9662de12210f0b5661ed91688961754592293c9f1d37c8105b41ae7db9efc4c340191ba7772ccc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    8dfd85844afff09c7939a35740e93719

    SHA1

    f2af0421c3277b4ec80ef0e401a943cea070178d

    SHA256

    e4752b407ce324c230f737937148d7b222f7a0f38ac469fee0e6b8aeffb81ab2

    SHA512

    bb2e9e0542a12ed487b5274627faf1e7a0b4c539ea8dc56554e9ebd4bcc9ec194928ab39c1f97df8f9e124b282380dd31e39b8784fec09c090f6f9ca74192190

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_2DBE917624E9880FE0C7C5570D56E691
    Filesize

    1KB

    MD5

    b3680416bb6ed1dcf449116d6d39b623

    SHA1

    fb831dd627b165c209ef5feb387747f12b93e9cf

    SHA256

    2c83746c0ab13ad8a33be91ad1c4933084bf68c94c9a258a5786278ba119b323

    SHA512

    e5699abe1b0bd36b02866b12c82b52b15641826078552684d31effc499b13099076d943da808f54fa5f2422f951aa6cb264617fd37d5bf2480882481d868d6ba

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_862BA1770B2FEE013603D2FF9ABEAFDA
    Filesize

    396B

    MD5

    01c62c56311e17ad7b85f20e0a0009f0

    SHA1

    056580b0ae831cb2fdced33ce803e2c123a551b4

    SHA256

    218c578625a0613a7aaa4a23f8a10b050c685bb94adcfdfbbb25f6ba9f526b3c

    SHA512

    71c3199f4a9a530894a0562ea384acaa9cf84c0ef0cc963a8b5536d1f98bb400833dda2a37761612075b74201ba78966aa9415bf25f9e21f02f097378b673fc0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    249d2e0517c9f8fc2b231199ca40fbe7

    SHA1

    1c55b6a7eac481358dc08dbb3be16829cbd92a91

    SHA256

    0fc439f6c7511eabc14546d4e666ccd50bb4f5e1368c27fcd533676709575e8a

    SHA512

    5ce55b838b88368b1cbeedf8ed59921ea524f4278dde5f1a499b47052b94381e52e4a2f611a78e650cfb94ff6be30c4cdbeb7a32e821403928868930fb157f58

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_2DBE917624E9880FE0C7C5570D56E691
    Filesize

    400B

    MD5

    37e85d259a3a90a4a0ae23c396ba4eb3

    SHA1

    0924efe2fa7f769d09b506340e95639f0eee4950

    SHA256

    5ee52515f1909285534d07b1c5a694b4581ab5bdf791e6c22e4e33a2eb0e126c

    SHA512

    cd5852f32adf11a9a5ce238f3324f85d6a8cd6cc9f78c6e87fb7b47155ed82c5555669665e1cf314f8d8c3c18ea6924248460eed9005b60a8efb1ddb1463c51c

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\EA6239F2.cookie
    Filesize

    605B

    MD5

    d03a509a341bec9ee56f15be4d4d6cc0

    SHA1

    16807c78f0362ee2d78e8da5af69a9aa42eeab33

    SHA256

    0d5a5651e7012f04c7b30be8e688c6a58fa7cc9d1aaf47c83ff5e7431ceb0d67

    SHA512

    274d758e2687bf56c974b45f6fc965517c307ab8a300da25fc7b4874689634c79c9457cd1b41a71ab295f85aeaa079ecec63de6c94f7d830d6ef0036d110358a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\X3OXH6GM.cookie
    Filesize

    604B

    MD5

    ebf7153e7a72f10f7530f537bc7c19b1

    SHA1

    119db30475e33420217db599175a5ad3f6c3cc34

    SHA256

    38a392f9d8fdbacf8aefdc2cddc94301b18460af9337811ac7c0d03b298920c2

    SHA512

    4d00681c38d2a6018e05085bbcaa3b6ed98f47f2e642a883586bd4d48bd63ff2d987f6ae2bd36cb59bb0c83874181ef2a23a2cf8977a05fb7ed2199bdca71f82

    Download Submit