Overview

overview

7

Static

static

URLScan

urlscan

1

http://mygove.com.au

windows10-1703-x64

1

http://mygove.com.au

windows7-x64

1

http://mygove.com.au

android-9-x86

7

http://mygove.com.au

android-10-x64

1

http://mygove.com.au

android-11-x64

1

Analysis

  • max time kernel
    115s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    22/11/2022, 00:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://mygove.com.au

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://mygove.com.au
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1132 CREDAT:209972 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1372

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    7d2e8ea72713a6da885ec4561f92c355

    SHA1

    32fa9d058d375a1291ed640905a61450716202b4

    SHA256

    bcc3298352ed9f2a262f5406e10c858dd9732c8bbcfcb57bb47808effa88e771

    SHA512

    1cfeb8d88c59f1ce27e282b81aaf2a724f921c468daf1de6bf23ecaa14d8967514c04f8ab950aa5e13a32aa21d9e27b6f6c0ad15bd9d9d1ad639e182b432acce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_46F574BDF8F8E3AC29733131E4667BA4
    Filesize

    472B

    MD5

    d5f44030ae728558d0102445d170b873

    SHA1

    a9c2e9ce4d20fe2e8a1656f4f457d9a7fe6ee20e

    SHA256

    72f2e03c205a810e0ee66b1ee52f2c32ad4d5e5f8b14c5f26810f281761abc0c

    SHA512

    2789092aeb07658bce3654e02b17813f7bdb90a1b21c62f9486972572b93c50c62910171067519ca14586037c361f6b2deb1b270c7d9bdf5a87eee7160a2ec00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    3dcf580a93972319e82cafbc047d34d5

    SHA1

    8528d2a1363e5de77dc3b1142850e51ead0f4b6b

    SHA256

    40810e31f1b69075c727e6d557f9614d5880112895ff6f4df1767e87ae5640d1

    SHA512

    98384be7218340f95dae88d1cb865f23a0b4e12855beb6e74a3752274c9b4c601e493864db777bca677a370d0a9dbffd68d94898a82014537f3a801cce839c42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    f569e1d183b84e8078dc456192127536

    SHA1

    30c537463eed902925300dd07a87d820a713753f

    SHA256

    287bc80237497eb8681dbf136a56cc3870dd5bd12d48051525a280ae62aab413

    SHA512

    49553b65a8e3fc0bf98c1bc02bae5b22188618d8edf8e88e4e25932105796956ae8301c63c487e0afe368ea39a4a2af07935a808f5fb53287ef9287bc73e1012

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_B49B51C2F61192D2C0D20E671D9EF51E
    Filesize

    472B

    MD5

    ff44194230f74713e085ee26358fbfd6

    SHA1

    825da24516932e9b0547989124bbdaf216b7d4ae

    SHA256

    88d2a59b12745340a399375d2c4b15d2904dcdd7fc86b15e205658f24ee6707a

    SHA512

    1b53fa74830aa99f93fe6122b6e511b001901ffbcd7eb68e3430f65e529824e060d7e6a79f720dd5a73ea681e6c6a95fb79b92a17dc9ef2917bfe579844437e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    7c4d85f3ba5510ed495a41aa68370444

    SHA1

    bf17df969dbd56c21c4f0b8d1020cb0adf953d91

    SHA256

    412b8c1998374fba1ee38239d49dcd6dc90acd769e23b53d48dc9bcb2e060485

    SHA512

    ac161aa23c283050ae954bc3ccc0f6bc2ddd1136b6a9bf629d8001419c03276e5d24441d6a2dc4b28feb8b50a911465896e456f0de4953dce575d51bbbb2ca97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_46F574BDF8F8E3AC29733131E4667BA4
    Filesize

    402B

    MD5

    ef2b97a016cfa8be0c095b9d7445f2f4

    SHA1

    82a74710fc1bf20fe6dbc6fbd9d22c191ccc7132

    SHA256

    c76ecdbc187cc9151aca66747f52b53b8287a6ea4dc211e35f62ed3cbf8454a4

    SHA512

    1c5d5a159b5c38c7db07ca1ee4f4d3d5b1fa017fc64e1e89d53bc0657db53fedea028346c6b784ad6fafdf8a97574f44d91c5cc60cc8bb6c14af5475c278a725

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    595e7aafd6523503d2e9cc7386ca6672

    SHA1

    d7c24fe1f63b188be2cbeea99dfa62ec171d69c7

    SHA256

    19d9d494cf184f03556aae938c08f020520e43dd672971b3a312309daf797787

    SHA512

    876e263fbd6ab610f1d35a9d97a433706cd062d75e1e888e1c8681c044b5eff71e297ea48781b8503cbeb2f954bf7beec1ed1ecdc4dbb72aeaf3bf52b4f65169

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d7dc71d8ab423b6ef9ff8fe348a50cd

    SHA1

    59200a1271049caec1a1303b1786493d19cf3afa

    SHA256

    2857aea91cb805f3a33268fb46adea892b338cf771e1503645ebf78263b1b8bf

    SHA512

    92a79883ea85bcbc8ff66616cd0ebdcacfc682c53ef6d3cade36e0b3ae1f78453c3bb2595b228ecc5995823de4892b31a985b20dc67709db95455c61651bb439

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    721aebb6c18e0e21d20ed9b891eb4125

    SHA1

    d1ae7966a48b7ea2c1abbca41032485dd7e36f03

    SHA256

    431519f48dc0b78d45c31a7033edf4d5baf3508f4aca03cb430907ebf6141367

    SHA512

    ac16236e57963e09158ca02ce3d8fbb65c4b9cea62c902d5cd744ce18921ddb2ee85da6e8993ac567b8223b8eea12f24554d34ebc6c8f12298713997841f61f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    ab241d01859b2c7eaad972477975570e

    SHA1

    4927a41929fc42f9456541896a3a5208c1410679

    SHA256

    1449d3396654dd85cd0391e448824b8e54fe48866eceabea199d0bdf182e532f

    SHA512

    b54bd0f085cdb09dd40129975f8d96aef9431b899a235edfecc0ac6ad3d11816f7df5b930fa2b83878c08e9f432dc9a184a6b264d6dd8fd5c58766b61fc3c7e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_B49B51C2F61192D2C0D20E671D9EF51E
    Filesize

    402B

    MD5

    cc856a2d6b1131ee4f9c345958f1cd73

    SHA1

    af0072a5221a032616ac7d90b856dfeb340d56c7

    SHA256

    6fd9f1548b93961bbc6139d69a0cc4dee909471be11802a94145b30fac96cf1b

    SHA512

    bc593a3dc81b2e8a84e247bfaf582731422e5f1f48a7daa9e0b80c26af318e3f3c8e6b37938b5f1ceb9801559194ed32c9d5a5b209412f3e6dda95f794e89b59

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\J3JSA7WV.txt
    Filesize

    608B

    MD5

    e06c39357ac492d099e5066edd0ce784

    SHA1

    61669afdf8b44151f397b2acea2cb02bbf60711e

    SHA256

    facd7e0ca3e59e205767c290dfd949b37a987f274faacc0dd970cb2ea5e36f24

    SHA512

    993880e3617fddd7473743d3ad5b01637ed91a02b99c90e6b21fa53db11487d1eb51eda6a799cd28bb8d23a8d01527d396421befd1e6f294af75a8169f8a2111

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\YK60NXWA.txt
    Filesize

    329B

    MD5

    bd64db60b10927a308cf80dcabe9a931

    SHA1

    e84c60e02f28ce128a5316352fd43fcf405eb536

    SHA256

    45d3fe3c18ef4fa8a58c162497eaf441549e5f04dd740f503b34744897dbc327

    SHA512

    1374b4a9cb2b821e3b211260b69ee297c151511b63fe3e6e3db71c199aaae405e636ad754b1839fb3b4a2a4a8c59f787cfe90f78bfce6e6c1a97069d1d8d011c

    Download Submit