Overview

overview

1

Static

static

URLScan

urlscan

1

https://krnl.place/d...

windows10-1703-x64

1

Analysis

  • max time kernel
    76s
  • max time network
    129s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    10/09/2022, 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://krnl.place/download.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 52 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://krnl.place/download.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2924

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    ec8ff3b1ded0246437b1472c69dd1811

    SHA1

    d813e874c2524e3a7da6c466c67854ad16800326

    SHA256

    e634c2d1ed20e0638c95597adf4c9d392ebab932d3353f18af1e4421f4bb9cab

    SHA512

    e967b804cbf2d6da30a532cbc62557d09bd236807790040c6bee5584a482dc09d724fc1d9ac0de6aa5b4e8b1fff72c8ab3206222cc2c95a91035754ac1257552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\347BF9EEFAFFED0325B354ECC3B23AEB
    Filesize

    503B

    MD5

    bd17760a1dd092e6d12fae63bbc5bad9

    SHA1

    53a2d76b6811c88a1c4383cacbcb559897be9d36

    SHA256

    0f672f1991274396919b2721b2c0685d377fc5314f69fbe5f389f274ed940283

    SHA512

    43b29039046963da033a1a052efb6e3425526dd7ab1fe32dacb90c1e9f5c9764b578ed9f0094b843b5da9777c97a3438a3c1ad93cb0425be2beba43894e3ece0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    2919e679e976f1c006fdd04312d84ded

    SHA1

    16f8a7215f8ce743662af69e51e81c0371831144

    SHA256

    a2ca304e1f27e5b7ae9a6d3ae137a1370f45356215a51ddd69960d75cb929aff

    SHA512

    1debbff84d607dfc2bc107e5e6e9012dc123bddc19f41a6bac50e8f1bbf7064dc4d55550cef7baacc719c7a3d5bb33162edb87fe6b8b0c0b03fc0c001e00b91b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    c2e1c3b1b9323c966290387daa3d7b06

    SHA1

    37832d855500865b56043080dc502522c223ebc9

    SHA256

    c2a0e3af51e5fa6e25d0ec140744b3099229d46cf02e8166aeb5f73222090816

    SHA512

    1e312817d18adabe7ba030d1aad8ed0b77105ec173d64e16bbcb593f7ed9f7e1cf0bca9ed8eb8cc557cf5505f290b4f1acd0aca1bbf5059c70e163888d15a385

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\347BF9EEFAFFED0325B354ECC3B23AEB
    Filesize

    552B

    MD5

    33492830139f7b1f86a31e2d568421b1

    SHA1

    bcd9b1c6bc79d917763a3c53217e1e68c4b08576

    SHA256

    e35d71d36d3fff02a70fc883f746482a3a2c04324073107eb4ab08ab6b63283c

    SHA512

    fe550b8b038e1d232bec44045269d91a5fc40d9774c11910aa505d98669ac0f26f30efd60f7cf4e2a145d97340659965370ed5f924e22d37da5aab1e0fc96cb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    c848a46c2db7061d2bc5b8d29d08af99

    SHA1

    4e32d17ccc3af01fba5b642ba398e206e3fca0cc

    SHA256

    6e3e3ca0b5ce57da970974c3aac228a70d99bb58ec7be5d5f4acbef75d4f6bfb

    SHA512

    d3e75c4b19a3ec201aa7774ea1c20ae456772e62edc2d73be6be9ab08c46e249337af0eec674a1920fe5973003b5acf63b2c943575d2661fd2051d4a691f37ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\RO9ZVRF4.cookie
    Filesize

    174B

    MD5

    06ce163a6765c085717a90fc3efd5d01

    SHA1

    6f3fb7bef9edcfcc63696c7ff6c028a1ff3cfc13

    SHA256

    f1da78cb686e68c5e5a7ea12e6833442332a85e3aa265cf6c684b7a5df3ff181

    SHA512

    b06606a36d41bd30a23d32097d5f87dcf2e01968252ff798108eb16b3816b9f6fc043949d56f8a43629af2225283cf90ddac88a01a3a92a05e6be40dec824fb7

    Download Submit