Overview

overview

3

Static

static

URLScan

urlscan

1

https://gecorp.custh...

windows7-x64

1

https://gecorp.custh...

windows10-2004-x64

3

Analysis

  • max time kernel
    115s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 11:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://gecorp.custhelp.com/app/S2PSupplierSupport/customer_inquiry

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://gecorp.custhelp.com/app/S2PSupplierSupport/customer_inquiry
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1468

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    3dcf580a93972319e82cafbc047d34d5

    SHA1

    8528d2a1363e5de77dc3b1142850e51ead0f4b6b

    SHA256

    40810e31f1b69075c727e6d557f9614d5880112895ff6f4df1767e87ae5640d1

    SHA512

    98384be7218340f95dae88d1cb865f23a0b4e12855beb6e74a3752274c9b4c601e493864db777bca677a370d0a9dbffd68d94898a82014537f3a801cce839c42

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52a29e91da78ff84e0f3b16a925bf542

    SHA1

    934fd71304cacb6ceaa7cfa0e6eff7d20977fcd8

    SHA256

    3fdac45abc4529ceaf6fa80f639472f37fcd8ade92405b0b39a088015db4d476

    SHA512

    0a7acaa1da25bd315aec06e988eb9e0c65d7c74c170f2d69d5a78ccb4eddf70511d2bf49b00cd88c117dbb1c985de2eb4030174e48edcbbdab3028b5151c756d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2b3b2c76578a4c25161be8a40b278c5

    SHA1

    b33e704977508c1c4c99baf1023fd16e28b70eca

    SHA256

    9e0dca9e9a8f43e941286ca30863a295b137ad3e9ee322b54bb6dc24be1122bc

    SHA512

    a54de9b0cfbe3353f98667bc3b86ca96a15304ef210548ca0ec8dc7f7b1d49325f64d6eba5f841ba6ed28d8a24b667b53cdb479994800fb0db129eccb7b6952f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    cdd701fa5b08e00d9246277d84ded43f

    SHA1

    43b48e91969cb187a4f44b9050f16fc60e220b8a

    SHA256

    f293416153bb1c946bd72be6c5518a898e6c3fe9ff2be9ce8a17147030c2911c

    SHA512

    c2f7eece264665d82a693fa0c9e45a0eca0a1bc1048418b5cae65f573b9635183889b1f328061dbef72b0a02f33fb507981a94074fa82d9f8ebe34059f448d1b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lwrmjt1\imagestore.dat
    Filesize

    5KB

    MD5

    bdaa3a6b6d108d84f543472d9f44bae2

    SHA1

    8fb49de32a2ee5b40f1b7bdcc45bbbb8c39e6af9

    SHA256

    485959a41d0b3a7470f55b9ac5c6debed8c9fd16c48e8dba2d277f3b50dc967e

    SHA512

    18ad6beb2d87ade20e4a41199a58863805c1fb7b9000e81b0114ec0aa1bdcd6456a09c73116f9daa64495f10fe12daf2ff52fbdb0f290afa508a0a4b6bab6da8

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lwrmjt1\imagestore.dat
    Filesize

    6KB

    MD5

    acdcfbe34df4bdc42ac4caad82691f5f

    SHA1

    26b8261c6009f02e0d503043b631eb47891d1add

    SHA256

    6b0c911d6a4ae9852f91ede45919f574653c0340e99942445f536ded30c6315d

    SHA512

    e19bd579606fafea60b877dc1798d8394131813517c00cf5e5976422e3919b0f850d47e17fc3bc1a662c94030ba4dadd231e3951abce22a1c18bb413f3a01902

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\W9SRTWJT.txt
    Filesize

    608B

    MD5

    95403ad66763b6797693612287c45f80

    SHA1

    aa0893694aecf1a1b1456a9277ba0be3b87df72e

    SHA256

    b7358f32360b17c51de3ba84f2fb6b3595c39047d5d4a9a8a6837e8f72e58338

    SHA512

    e8bd4add04b1b197489e57e42a1e1999119e44eada9ed5be048882998464936cbc851b24a2441a51fe3c379d6fa0e6dc77df62dd740615513a01a7c5c35965e9

    Download Submit