Overview

overview

10

Static

static

URLScan

urlscan

10

https://app.adjust.c...

windows7-x64

1

https://app.adjust.c...

windows10-2004-x64

10

Analysis

  • max time kernel
    66s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26-09-2022 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://app.adjust.com/p5uxikm_4ebmerv?campaign=Daily&adgroup=BE_CCM_Daily_Newsletter_Android&creative=BENL_CCM_Daily_Newsletter_Android&redirect=https://adx%E2%80%8B.g%E2%80%8B.doubleclick.net//pcs/view%3Fxai%3DAKAOjsvSc_HvuQdRvX1aSoLPMgMMy-T8xM65Y_09AIvG1ApfApuPo9FtYnF9W2EEqi6GwE47pf6Th4xg4FDvHaAKOPaQtQr4xJKBJ08mjD4W7LwmVigyiXIBwAQ9Ga5qLY2ORq_WeFgyIWJSATEw4kSs6iyyE2VnWoVF9g8X4brSZg-d2kHwxDG0kckzm_IBbsku6Nh62dAZfWL-lHrXgRphSSKKd6Y1I4VMYqP0oHOKcOJeyFNW4nOJQAXibQCw0CJ4E55vFlHRK6xhA7WDmVjY1LQsVW9a7ArJ_CC7RxC6OkK7Rw%26sig%3DCg0ArKJSzPyCsO5VugncEAE%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Flogin-authn30h959ip91mh3udrkx0qkl95faaabrh7v6s329lp2wf1.website%E2%80%8B.yandexcloud%E2%80%8B.net%[email protected]

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://app.adjust.com/p5uxikm_4ebmerv?campaign=Daily&adgroup=BE_CCM_Daily_Newsletter_Android&creative=BENL_CCM_Daily_Newsletter_Android&redirect=https://adx%E2%80%8B.g%E2%80%8B.doubleclick.net//pcs/view%3Fxai%3DAKAOjsvSc_HvuQdRvX1aSoLPMgMMy-T8xM65Y_09AIvG1ApfApuPo9FtYnF9W2EEqi6GwE47pf6Th4xg4FDvHaAKOPaQtQr4xJKBJ08mjD4W7LwmVigyiXIBwAQ9Ga5qLY2ORq_WeFgyIWJSATEw4kSs6iyyE2VnWoVF9g8X4brSZg-d2kHwxDG0kckzm_IBbsku6Nh62dAZfWL-lHrXgRphSSKKd6Y1I4VMYqP0oHOKcOJeyFNW4nOJQAXibQCw0CJ4E55vFlHRK6xhA7WDmVjY1LQsVW9a7ArJ_CC7RxC6OkK7Rw%26sig%3DCg0ArKJSzPyCsO5VugncEAE%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Flogin-authn30h959ip91mh3udrkx0qkl95faaabrh7v6s329lp2wf1.website%E2%80%8B.yandexcloud%E2%80%8B.net%[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1708 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1692

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6dc69194beffe3f05ec281379dbc6073

    SHA1

    7f38ed960b0fb3b2cec159ca5fb2f263f13a27f7

    SHA256

    6ac22bbc6d016ad73e599eea6aac1d207bf3f35e5f5a1f2c5ac8ac870365287a

    SHA512

    33633e05d2d7f994c62195f80523091c88cddd22804197e99e6dba9525150db40147c07fce6906b9f79b373809d1107666f875163e1ceb08e1ce90725dde9fb1

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\O5RB581J.txt
    Filesize

    603B

    MD5

    ac2b4e62f45791470d23be5d3c2fbb8a

    SHA1

    27990d765b93e8378b5f4f67fef0e4dd101dab54

    SHA256

    7c2ec86c089e441c074887200c67e9da48127855ae69c9958d34a2c3fc24ba93

    SHA512

    788ee470928f836f9d15f2c8eca2f7ad5c1a16fa7723ce3338ad28895bcf66079ec5070d5b83fde570746866726ed54e4563ea885853386ff4d212d9605c004f

    Download Submit