Overview

overview

10

Static

static

URLScan

urlscan

1

https://eu-central-1...

windows7-x64

1

https://eu-central-1...

windows10-2004-x64

10

Analysis

  • max time kernel
    83s
  • max time network
    87s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2022 14:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://eu-central-1.protection.sophos.com?d=grupoinfozonal.com&u=aHR0cHM6Ly9hdmVyYWdlLmdydXBvaW5mb3pvbmFsLmNvbS8=&i=NWFhYTY5YTU5OGUzMDgxMmRkNWE2ZjBk&t=NVp6T0Jwbzhjc2pJeHY4OVJjeGtUVlZxWEJ5UFFta05KcXQxclpGbG50ST0=&h=f9b5578954404939b6085331c38c9aad&s=AVNPUEhUT0NFTkNSWVBUSVazfxA_avjCvA4eUP289iF6ZArk9bjqEhkMtefd_Aen3gbrx8D1JP0Pm8Dgtvzi5g4sStqk2hQvgqgibB0RlVNF7X0xx5j77DX09ojSuGNluSqg8eiunanzUY5BqyuEk7g

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://eu-central-1.protection.sophos.com?d=grupoinfozonal.com&u=aHR0cHM6Ly9hdmVyYWdlLmdydXBvaW5mb3pvbmFsLmNvbS8=&i=NWFhYTY5YTU5OGUzMDgxMmRkNWE2ZjBk&t=NVp6T0Jwbzhjc2pJeHY4OVJjeGtUVlZxWEJ5UFFta05KcXQxclpGbG50ST0=&h=f9b5578954404939b6085331c38c9aad&s=AVNPUEhUT0NFTkNSWVBUSVazfxA_avjCvA4eUP289iF6ZArk9bjqEhkMtefd_Aen3gbrx8D1JP0Pm8Dgtvzi5g4sStqk2hQvgqgibB0RlVNF7X0xx5j77DX09ojSuGNluSqg8eiunanzUY5BqyuEk7g
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1676 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1844

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    3dcf580a93972319e82cafbc047d34d5

    SHA1

    8528d2a1363e5de77dc3b1142850e51ead0f4b6b

    SHA256

    40810e31f1b69075c727e6d557f9614d5880112895ff6f4df1767e87ae5640d1

    SHA512

    98384be7218340f95dae88d1cb865f23a0b4e12855beb6e74a3752274c9b4c601e493864db777bca677a370d0a9dbffd68d94898a82014537f3a801cce839c42

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ae5ca93a5080aca2271f6273aa95ca0

    SHA1

    2774a4710ce156f356f4ed1b5a18776d6876b5bd

    SHA256

    b485a55424e15db07782b3d1414a0142003f97ff559beb9c0835f68c5bd24b21

    SHA512

    b4443b4f21363696ad1dbd41dc3c215210700d8e7347bcfbdeb90ada11cb027004d04ee19fb1f69160af3902d5b48400613067a862579338013d037629c2e4de

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1befee8d24e2e1ccf2cb942e0d4fbabb

    SHA1

    90b6e36eba36f145a095c7ceb683bf4dc74ecd3b

    SHA256

    8307716fc1515c6c1e49fbd886acc1ffc950531f8607b7c15ed5b66d32eea539

    SHA512

    bcb9b2dc0ffce82feef6c4ce2f3f7a48b2fbe0c56da2d16722ac05fdaae6412178d45d3bc36ea86356e2ad41386d2d7faf01d14d46c5c88b80d02dd526827085

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d2772f8385df0233af4b7d33dd28d9de

    SHA1

    1ac8af3da60dfd43f95dfca56319dad46bd6b8e2

    SHA256

    5cf306aa5cf33ec153679af5f3f47b56a557fe7c1ed86675b6b59a929eb1bbde

    SHA512

    7bc0fbed1193561f71b70ab27acdcf8bd5c2894850844819761c0f52862bc6a177b7b1bf63456165e62cc97a9acd64a219f6930062aaa5b7aa0a6c2d8d4d4d21

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\KJ26VDWI.txt
    Filesize

    603B

    MD5

    f2b02164262ca1d959dffdd67e64f62a

    SHA1

    89a2a0d92e53150fd2b37bcf7ba4f89dd0b4f231

    SHA256

    cd39187989b9bb47a41eedc749d5c112c849d1568258f807cd2dd3a92f158025

    SHA512

    faaac5b161d206aa8a38a7fcea5dccd96606ff53b20b8e4139ef63bd98ad21ddb6a0313726971bbe7b90ae9023a9c3199ebfbce28478a266b5ed8ad8a98964e8

    Download Submit