Overview

overview

10

Static

static

8

URLScan

urlscan

10

https://storageapi.f...

windows7-x64

10

https://storageapi.f...

windows10-2004-x64

1

Analysis

  • max time kernel
    61s
  • max time network
    65s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-11-2022 13:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://storageapi.fleek.co/3b2bb222-0921-4682-aa0a-980d13a63795-bucket/PV_Encode.htm#sales@khipu-networks.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://storageapi.fleek.co/3b2bb222-0921-4682-aa0a-980d13a63795-bucket/PV_Encode.htm#sales@khipu-networks.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4996
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4996 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3404

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    2385a464e17980d978246b6b59a60697

    SHA1

    ee57c16c00972abbea042066dbdd769fdb89571b

    SHA256

    88dabd9b9c2183dd69b01146358783b0dc0e24faf044331be565cfd26e1dee2a

    SHA512

    d85eaa2a9a0a4523eb87bd43bbe995d8658dce705024c316de12c9f9be0277ded1646a6667bd47eed337e2b790aab9760ddf2e501242c42f3d66f40c23042d2e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    a505739667320abb10ef3fc8cd4517f3

    SHA1

    a67f9d1c051680d693fc48e8908392063dfa88f5

    SHA256

    370ade6a5a64a4a85aa2482b9e6688637cf6b4459f11c96eb4514f0f79aeef37

    SHA512

    471dea6b877829a677d4d5edeaff9a1cbc7b3c406a3b5c277d50ec7bffbfb9f637356035910926ec00885a85735826d927c67b60fe60197ba6025092295f4406

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ckj4gk4\imagestore.dat
    Filesize

    8KB

    MD5

    4cb1ed67fd6136d3ae9aa9e96050bf16

    SHA1

    cb38174d0587b5f019499d8c1ea274c62f7231f5

    SHA256

    13f637a54c42cbbb2558336f25ba57946055a99c3f065ec314e16d22d0b27816

    SHA512

    d027604e0db2a7e6c823492197a40fbe7f1ac9777f0fa529889b5841547362350af54a00d7f344d4c3819c09359c96a589bfe87521cf562baf9b06ab1cc5f8ed

    Download Submit