Overview

overview

7

Static

static

URLScan

urlscan

1

http://mygove.com.au

windows10-1703-x64

1

http://mygove.com.au

windows7-x64

1

http://mygove.com.au

android-9-x86

7

http://mygove.com.au

android-10-x64

1

http://mygove.com.au

android-11-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    22/11/2022, 00:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://mygove.com.au

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://mygove.com.au
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4944
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4944 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:380

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    cb295ed32b0acd9eac87bcc961fb315a

    SHA1

    a580f2d38c9d1611e25b6aaa3d79b54eb34d3ebe

    SHA256

    980abeaa872503211925db8acf8bdcdff0bc3c6deb2182fd698f6a444d2625be

    SHA512

    974f48bdfb8ea90a49cfa25cacc98c9a145702f4e4967dd6ffddd5eaee6144189499682e80b342708e04f812006314b04e5715492170d0f63c7b0530e9cd399a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    706cdeca666a4909a1cce79e0fa3ff0c

    SHA1

    f580f107401eea319f374865a6a24aad5225fc5a

    SHA256

    5e1732b54e67fb3060a7aa386efbd3f81c8b9c0c39c6df003db5aef1294f873a

    SHA512

    a2daf9ddc2419af134fd529b28151b914e3b06fe50ebc913ab8929609d47aee85738f1ff4fa52c4df79a664795ef81ccf07faaa0e8274dd525c86432971c03f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\A0CE96SW.cookie
    Filesize

    121B

    MD5

    e3b3e26dce31b9996dc956182e0858e5

    SHA1

    4da77f41794db43476a93dff8c9fe8e040ef8a3c

    SHA256

    c0ce16fe3007ba07745d13c23bf3975041b8a3e6be732897e52a4bcf8554f3df

    SHA512

    7f44c6a272d033cb7bde64a592a7f72cf749b5d11cee20d23aed40311d85792af1a5a4e736c16e6ae884d973119978742ac24bf346451ae45ba681c2f41bddee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\JK7UMFQM.cookie
    Filesize

    88B

    MD5

    beeb8d8bcf049c2e9cce820d1c66d8ad

    SHA1

    a150addfcd4e4487768a2d5fe8ecf398a07b9d7a

    SHA256

    d38b7d6a00a4cc2a0a9e32c02b28879f7adf1f8e5cc1228ee23cdc7f3eb15e45

    SHA512

    0c829441ade41af5d5aa91bf7c6b2f0bd60ca0506ae5f93cfc7d7ee6f6f311bb53098fb67f2b6ddc2db78e41e2405544145fbfe4189ab67c8ab7e6a952b30ce2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\M0C7ZOJT.cookie
    Filesize

    604B

    MD5

    7f4264cd7ac2431926b2b586ed9ed4bd

    SHA1

    7007fd06b3615ac139d153fcf441867c3bef6d21

    SHA256

    742b1e08064504d62002d6e69037c2a63549ce7e64565a2aee99ef786f2de1dd

    SHA512

    eb5f879b09d9b6f9f9dc0839dd31e0a118840d26f1c6983f1a961fa0be777406dffb5f2bbeaffb54c5ca01c31369411846e13873f7e04923e43a3cdbae16c45c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\PVB0HHXO.cookie
    Filesize

    605B

    MD5

    519be3a4ae05e9f029acfce791170961

    SHA1

    1c986bcad83707113c236b4fbd825350268636ec

    SHA256

    5c6e16694ea00cecc398d07958f0d43cc265e302ad9c316dddb49eae214ac638

    SHA512

    6642cbf9dbab266bf5fb648c0977b44c1b96cd190a6c8c3c9add6a55000ab3fb446e8e992bec08a4d587430bbf6f825c07936ace50088963e5b498b9ff4f4f7b

    Download Submit