Overview

overview

1

Static

static

URLScan

urlscan

1

https://i61.lanzoug....

windows7-x64

1

https://i61.lanzoug....

windows10-2004-x64

1

Analysis

  • max time kernel
    87s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2022, 22:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://i61.lanzoug.com/091404bb/2022/09/11/19da53b2fad10304c513524753dd497f.rar?st=DPxlD4wfuXBzqs-AQLKLHQ&e=1663102564&b=VOBZzwe_bWbpZmgLtB7EApFS9WuNQ_aAqcUSJcFAB_aXz4BNgtnBeBV51KiVeYD1lTnALJcrg29BCIDBl1jBi9TaVQoWWkHKVlsWSICJgc2AHY_c&fi=81464456&pid=73-228-166-9&up=2&mp=0&co=1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://i61.lanzoug.com/091404bb/2022/09/11/19da53b2fad10304c513524753dd497f.rar?st=DPxlD4wfuXBzqs-AQLKLHQ&e=1663102564&b=VOBZzwe_bWbpZmgLtB7EApFS9WuNQ_aAqcUSJcFAB_aXz4BNgtnBeBV51KiVeYD1lTnALJcrg29BCIDBl1jBi9TaVQoWWkHKVlsWSICJgc2AHY_c&fi=81464456&pid=73-228-166-9&up=2&mp=0&co=1
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1576 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:856

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          340B

          MD5

          26490b05e4de3023d48ad463322ff632

          SHA1

          54e64939025e89a10c6671a48b079a706efcb592

          SHA256

          9f5efccf0677d26690d088de77e939806e6a04a073ad8039513d3730448ff52a

          SHA512

          60b9f93525b097083452789ef8544860a4b455f29c067a483c956ea828f633e7d36d4037e93bae95f16c6c4bcb6d012761d06e71052702774cebb42c4121d51c

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\9MO1CC26.txt
          Filesize

          598B

          MD5

          755bd3b1efb73062e760fec09404cbc5

          SHA1

          1bb17df5212a33de94ed3d27a4b7953409ae7be4

          SHA256

          99f4f2b0f1e7460fb0cbaf70511b1146c773c1a724f31e9b27dfb6c31fb044e6

          SHA512

          14275b77244485f3c0e410ceadfa7da13ef80e2ad8e3fe09c584d6cb3f048f2c9974c31dd0f5d966bd1daf1434b1293b51bcc6f2991ea18f1ede8a8bd41c3c4a

          Download Submit