Overview

overview

1

Static

static

URLScan

urlscan

1

http://www.tek-map.r...

windows7-x64

1

Analysis

  • max time kernel
    192s
  • max time network
    200s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 10:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.tek-map.ru/ads/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.tek-map.ru/ads/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1304

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a39c3a230e848d5a1beffc8cec43cf8b

    SHA1

    6a1350213183bc5daf143b056a68f0864686ac54

    SHA256

    b98ef9b16bcdd116e0256e1e41a0d87b3a6acb2d54e144bb7772d65dccad171e

    SHA512

    940021814de93e13bd4b001bd33c0b86a74c26917c2a145de6c6bed8563d8f1798a862f83fc64cfc3069d06fb720cebd817554845c421c217e8c90d1fd9bdddd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t9o3c8r\imagestore.dat
    Filesize

    2KB

    MD5

    e94511638a89e2a9eddb62fd838a8104

    SHA1

    beff0871d5a7bb6b58db132a8558c65ed33f8124

    SHA256

    9ac7edb9b1fe70ebf814441bc7806e1f89a06de402370eedd52cd9bf03c80311

    SHA512

    25e3980ddb23ab40d29355ecb136e3ade46dddcc90623f06fa01e1091cec7162a87dccee90141c5338469884ee48a468f24e42d17f21b79f13ba9b23d93ea9f0

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\B69MHJX4.txt
    Filesize

    601B

    MD5

    374a368a17075f82e2715d2027bb7674

    SHA1

    f2fe5c5b289b3a74ec79e95f3cfdc48939d85a3c

    SHA256

    d9e6136dc0a40bc37e48cfe0366161108d03057f05b51b053dab0158c8f0d6c4

    SHA512

    9fad3d80f51c19117b69979b7abc5ec20ec8a5dc9c6eac1a735bc8bceada531b072aaceda7f19825afafaa59fd6b6d6bc104b04aa487da392f9350965e43068a

    Download Submit