Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-10-2022 06:29

General

  • Target

    https://clt1488991.bmetrack.com/c/l?u=E666C4E&e=150DF82&c=16B85F&t=1&l=8DABE5D7&email=nJRsej4QjsOjaaV61Fx5VC1oDpgEbfiZ&seq=1#dmFuY291dmVyQG1hZS5ybw==

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://clt1488991.bmetrack.com/c/l?u=E666C4E&e=150DF82&c=16B85F&t=1&l=8DABE5D7&email=nJRsej4QjsOjaaV61Fx5VC1oDpgEbfiZ&seq=1#dmFuY291dmVyQG1hZS5ybw==
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4432 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4908

Network

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    fd70739fca5345a28f924f9102ae10ee

    SHA1

    6ce3f92183544f3bf52cb76364591589cb940a19

    SHA256

    f238404cc643efddef8ff430f128cdc8ec1513969eaac24b5e5bce81248a91e7

    SHA512

    a787d3a2bceeaed2f2a29f357df6ae17d5b9f66a3c561550d5f83c308ad26a1ddf876488151ff5e51ce93bfb9d0c7b8ca812d595e8d3ebdda7d805707ac1b278

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    ca2eb618e761df61b29d971567f18931

    SHA1

    062bdb5bca153cfb86a5e170951bd017d3e12ad9

    SHA256

    335d681c29f2c9de8fb2cdcbb71bb0225a5692363e21b2c6d3fba1e7fb476b8e

    SHA512

    7aab2e4887e2cafb20995efc872972a8e6ee452fc40a0b23d3cb3dc7b4155476f5060ab72cdcace0e5db3d1bad580d88ab25f1a7e80092a8275e2495acd9b948