Overview

overview

1

Static

static

URLScan

urlscan

1

http://www.pcacceler...

windows7-x64

1

http://www.pcacceler...

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02/11/2022, 21:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.pcacceleratepro.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.pcacceleratepro.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:1389580 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1504

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    3dcf580a93972319e82cafbc047d34d5

    SHA1

    8528d2a1363e5de77dc3b1142850e51ead0f4b6b

    SHA256

    40810e31f1b69075c727e6d557f9614d5880112895ff6f4df1767e87ae5640d1

    SHA512

    98384be7218340f95dae88d1cb865f23a0b4e12855beb6e74a3752274c9b4c601e493864db777bca677a370d0a9dbffd68d94898a82014537f3a801cce839c42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90b359ce37b630ef6b13109e89e7829a

    SHA1

    4d19eb63b63332a196c5ad80aec9780188769132

    SHA256

    3c8394f989d764911d8fcd789581a0583e2397f4338356dbbf6bd2fd0cb86254

    SHA512

    e1391eb35b819f03a675d0deb64015e8ebcf7ee8f4b0749932f4a90478e2fb07d02e2d983cc00e975a35ef8d2a818656ead1d90533125529bcad58e527f66319

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\tcz8fqz\imagestore.dat
    Filesize

    8KB

    MD5

    9f45cc3609776112986d8008fe6639c5

    SHA1

    fe2698f611a1896fbba04eb30dff47e030112227

    SHA256

    74879f42c8c5d9a1ae2baa2e1d63e835a26650c953afa409651ae1c89cdc55db

    SHA512

    a6ca3081022511ba5e24e57ce79de9a229dad756102e6939cd5debb44f644c22a15fb30187551c90d4ad5136b417fd2e41118d9656cad8104da7740343623d94

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\tcz8fqz\imagestore.dat
    Filesize

    12KB

    MD5

    8abcde823932f78f675b6106e25db922

    SHA1

    265e1e01b35e9ea7f6c36eba09519add8904156f

    SHA256

    78619eb449917ad17ba344942c2f2df93eeef71b7aea7ee041d35d5452d5212a

    SHA512

    10da32381fd6a0bc9b17dfae45eddfa285e6df20e01280916b0ac9a8f5d9a1e1465189cd37204aae0484ec7ded17e600f5a6a3ef74280b78371dda5dc14993af

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CASMTSF8\favicon[2].ico
    Filesize

    4KB

    MD5

    6d42c0bdfe1119036983147a4d36b5bf

    SHA1

    e650b68fbd276b798115d27726a7d4a6422937da

    SHA256

    e0e194b4d4d854f25270c3c5923be3d3d50aab11fa453e8d64c8fa58bd916eba

    SHA512

    6d00ba56334319c930090fe05157fa946218ce3796ca0713573da1faa54967de17464e4e0da0829f7f5274308511e530c92ee4cbfbce83b3078bbe9cbf27cbbd

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\NPZUJFRM.txt
    Filesize

    603B

    MD5

    6d72edcc8c18dfa64ec6cb3d06217270

    SHA1

    6db4121c34b4fab1e82d7e929ac0f5a3da8d4913

    SHA256

    da48be68582f22195851e12c5409943923c2b435b0ce09310abac4cc0aebdf5b

    SHA512

    8ab96ee90a959aa83ad1bed7ceb72aaf6b46fddb210df3847aa48fa77fd056d1d272413c2255f46a8df074335063c707567108e6da63779d1ba1768721009959

    Download Submit