Overview

overview

1

Static

static

URLScan

urlscan

1

http://Automotion.io...

windows7-x64

1

http://Automotion.io...

windows10-1703-x64

1

http://Automotion.io...

windows10-2004-x64

1

http://Automotion.io...

windows11-21h2-x64

http://Automotion.io...

android-10-x64

1

http://Automotion.io...

android-11-x64

1

http://Automotion.io...

android-9-x86

1

http://Automotion.io...

macos-10.15-amd64

1

http://Automotion.io...

debian-9-armhf

http://Automotion.io...

debian-9-mips

http://Automotion.io...

debian-9-mipsel

http://Automotion.io...

ubuntu-18.04-amd64

Analysis

  • max time kernel
    317s
  • max time network
    1607s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • resource tags

    arch:x64arch:x86image:win10-20220414-enlocale:en-usos:windows10-1703-x64system
  • submitted
    11-08-2022 23:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://Automotion.io/team

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://Automotion.io/team
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    a96cf43a18e41a5813004bbff1c75cd9

    SHA1

    8c7de2e2dc64f38abfffaf839bd1f23fae175ae5

    SHA256

    8f748149620ef743fa23694045643e6cc456361ceb9d1283ba8be217a74e03b8

    SHA512

    a9e7b84eecb37221188d7fadf1da4ef5dcb86eafc41b2bbc19c6f818293243013e4fb3fcec1318c5d249f65b5bab0b74548e8f3ce5baf7468f66c10cc69dbee6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\84AFE219AEC53B0C9251F5E19EF019BD_2C9D5E6D83DF507CBE6C15521D5D3562
    Filesize

    1KB

    MD5

    58a65c47bd82612e98b4f665714e7ed0

    SHA1

    0915a6798e542ee2d784a4635e922e5ad9e065fa

    SHA256

    020ef3f27bd0d478648089e493fa13885d613d9b38f1b3294d176cee3d986af9

    SHA512

    2485bed4a6a5d931ee0946e1193ff1eb32a930e92494edcc71bf539d71b502913c87dcd7cb8cbcff0c953c9fe332d9f70d4c5823795f266fdbfc15416c04105e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC2602F5489CFE3E69F81C6328A4C17C_849A9AE095E451B9FFDF6A58F3A98E26
    Filesize

    1KB

    MD5

    85c02a3c067b855e4bef7d76e979f371

    SHA1

    366064a786ad228372c46a51ad5d28e20d279bfc

    SHA256

    5373ab9aa8745a448600ffa5506b38072b879a9cb3e01ac7bd0b293e079c1d39

    SHA512

    df719fd5a28596bc0d041ff731c65a36b403da7b9f3e6289d8678168effd5aaeeb1511ffaf0a9852667840c46da959a682a16f04a32a7885a422602ec1a5c8aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    9fc8bb8636846311d52e44a0bd09de9d

    SHA1

    aa8472e4d51dbd8e7c3b8968a8866dac6d300ad9

    SHA256

    8a8a0088b2c49a05f632a63ba6b2f2a6364cb90681220ecb127afd2f85d1262e

    SHA512

    257812238db4271acd5b56322dfd157ce2c8791589d988d32dc2b95189e6bc2a0cd47d8773fd7ed53508b6387c4c82c68dcd677d05d1bcb9a58186d572d5e7ad

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\84AFE219AEC53B0C9251F5E19EF019BD_2C9D5E6D83DF507CBE6C15521D5D3562
    Filesize

    466B

    MD5

    6fac7e60d9f25ce8c18b382d431ea56e

    SHA1

    1645403177a7dc53e8a24aad6067e705715644e3

    SHA256

    b69e2854954b549d7f3867d33d7925042a570c7668a36e64731cfbae02475447

    SHA512

    90bf39ac557d72afcfbd1d88f786fe9de8a56fd2afa12448d3a3e294158f97840a7f3f935bf28e05f3eff5fb1dac22f87ddeb866c44d3aa579a5a3c191fbf5e3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC2602F5489CFE3E69F81C6328A4C17C_849A9AE095E451B9FFDF6A58F3A98E26
    Filesize

    470B

    MD5

    bb7347cbf8f6e2f8a7d783636451f5bd

    SHA1

    a981a95a06dfebf2b475d4e2ae211fd8d1ec34d3

    SHA256

    094744b203aaa78232d974f109b2eefb7b934ac36821dd83aabef6e562027c8a

    SHA512

    5b852e26314820fac9d7db3a5196e7609d288a6a380af2b1bb90db4bef3aca09b83a28472985c8d07f40d2ad84005fa74980eb9fe983d9496811be727eb44050

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\939TDORU.cookie
    Filesize

    615B

    MD5

    123289c0453901ebecc012879a5fbecf

    SHA1

    2904f1f4e018e26a9aa18c4b0189020d8d929505

    SHA256

    55e225cc112292ac669b4faf82929250ce6ff27fadf2a76e23232c06627fe864

    SHA512

    62fd3d3dae3a733342ca01e6de822196c77d08bf4e1f4907014686e7e9b0c95f6b3b7f13cd2cc6acb45640ba3aee80baaf58105b977c455ef31460f61c385b75

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\TVQ9S1SV.cookie
    Filesize

    615B

    MD5

    573d3f18361d9fd329285cae63c3c5d6

    SHA1

    b0920f47891431927ea5d6a79d2c6087b7a4c30b

    SHA256

    507a859cf78d16ab2fca997820be0f7f384c3b43f53bae1c06b81ba893feb244

    SHA512

    d32dcce960d9a2755a132175affd6f83a22dcca00868c04b4db3540547bb42434673aabdfe2724c0459a1797228acc4f0db7e16cd2f1272dbc70f8b0011dad92

    Download Submit