Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://tfb7fxvou6hv...

windows10-1703-x64

1

Analysis

  • max time kernel
    31s
  • max time network
    36s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    30-11-2022 16:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://tfb7fxvou6hvlew7xkkgz32zywlwjpkcj24un66m4abyblgru-ipfs-w3s-link.translate.goog/?_x_tr_hp=bafybeifix&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#ertijruitjh@dfgdf.com

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://tfb7fxvou6hvlew7xkkgz32zywlwjpkcj24un66m4abyblgru-ipfs-w3s-link.translate.goog/?_x_tr_hp=bafybeifix&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#ertijruitjh@dfgdf.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4548
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4548 CREDAT:82945 /prefetch:2
      2⤵
      • Checks processor information in registry
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2020

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    9ceaca4cb8ef58c136bc60ee56c3973c

    SHA1

    7f10267b56f9d43eaf808d52e468cd8cfc5782a5

    SHA256

    47239a8c36e103def8d29ddc41dd43e5e96b3e719df036e938296e2c960decb0

    SHA512

    3b76b46742ccce7ba1acef48007b317b4af3210275183b7f377ebdc38368271c599e384b233d125f5bf166fc6e4e47b109c363e2026db1ce68db749d4cb405b5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_7D0866F648887A7BB8C83FDD7893DE3B
    Filesize

    472B

    MD5

    8d5f53eac27302554bb029ae36aa283c

    SHA1

    2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa

    SHA256

    a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4

    SHA512

    451919bde1245da22e8e64f8d027b792330f1d3a407410d437691aad030aa68cf20cbc6ffb4d86fcaa8b9b16546aa577033a68c0da374588125a267dc8a63ece

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    f569e1d183b84e8078dc456192127536

    SHA1

    30c537463eed902925300dd07a87d820a713753f

    SHA256

    287bc80237497eb8681dbf136a56cc3870dd5bd12d48051525a280ae62aab413

    SHA512

    49553b65a8e3fc0bf98c1bc02bae5b22188618d8edf8e88e4e25932105796956ae8301c63c487e0afe368ea39a4a2af07935a808f5fb53287ef9287bc73e1012

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
    Filesize

    471B

    MD5

    6c84ab982b44868fab9bd9cb08e76b88

    SHA1

    238cddf556720f5ea7e30e2c1da69fb00a7b9ce6

    SHA256

    cb5f0ca9270b8c6ca217526228f4ef5d9539e2a5f7edcb7d731326407b2523ce

    SHA512

    3d38d9432ed1e9c30a9009af0a438ebc8236ac09599bec5b3cc0753eab9bb32764dbb4dbd643eb7dd0e5d34a98cbab9134834615d96085b4c5aa3c3f6af5f01a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_DD5E18651A85E635F184F73BE6D3DB70
    Filesize

    472B

    MD5

    146dac10a93604a686550631e14eefb9

    SHA1

    b4af601ce6d515d9ec124938ce626060e0d43099

    SHA256

    bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

    SHA512

    3650738b90df8b212f9380437417081bb911a605839b846aeaa7aef139bb010a54bddab4e61ed946bea230de7423965ff2c7d30e92e5618f5aa9e84da1f60e97

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    f4bd69e1be492858b0083e56df939361

    SHA1

    568c041472b2f42a01a2e5fdd187f6c76f044e75

    SHA256

    a0fe85a7e80f07f2c1782903dda859a8feb0ddfd20996d1ebc8b9afb89916b5d

    SHA512

    e4ae364385dfdb36e7db38aaeb379ff8c42c7022add019703e2e244ecf706ff5a142b97c7d6ebdaf1d14170998c26cbe970c5f93ced5f58a071fbebd180b0e9d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_7D0866F648887A7BB8C83FDD7893DE3B
    Filesize

    402B

    MD5

    ea56788a4edaf55d980c1a3da645c85b

    SHA1

    21f7b6792ee259ee91ca86d3b2951bfebced6596

    SHA256

    44885d3342f55960f031d35cd5efec9af97b0397804e75eb9e7892dc8d28d92f

    SHA512

    7bfd73ec8cfd7540388204f62a540a5ca8ac332af33fcce0dbd4fa075a39095172a15fee7c3229130cef7f6a2b7cc912395914d56417332b31eb4d614b7a3fbf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    79fcc671355d94f7f266353a69f5855c

    SHA1

    ab3b2bad9e0cbbda0ede4d18aa066a8e47baf067

    SHA256

    13256eb8d9efeb264c5da1dd518cbb0f4ad12b45f9e1753dc09054d656bb1f03

    SHA512

    3cd60df748722441afc58c7d14255bfb720fa425caf8d7dcb8a5b73c2a55da3a61cc503f7ece73160c2276d26b79b72d9e225611a3690841b84dd66f12016c53

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
    Filesize

    430B

    MD5

    e3def424a93b1e81385c1ecd35048bee

    SHA1

    e82f64ec9d66c973fc5381e89027c5e9b85dc05a

    SHA256

    c9284ec3450791e2030cd728e81cc52773cd95210a74e38c692957e054216905

    SHA512

    2d54722ef50f7be5098f7e9191bd02a71995af1b90549797c73cc73d9bcdf847f9e87645534275969d3f941749100c5ca9c79466178c2c3f55777a617f1668c8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_DD5E18651A85E635F184F73BE6D3DB70
    Filesize

    406B

    MD5

    c23941261e51cca1097a365fa1d81a33

    SHA1

    6854982a216f57eeba0255fad3d062cd333c2d0f

    SHA256

    c3d91f267700f5069f4b68d9ba9fcc19f63abe8299022648f6e52a89cbc08800

    SHA512

    3f4e9bf080cecb67b20dcce66f34cac1beaa71577cb0c63a03169aa3b638143ee35442ad284c78a5dca9ae87e909bd4ba83ff1af4f3a46ccd7f74021a19b0584

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\70W02UF3\favicons[1].htm
    Filesize

    329B

    MD5

    6191a3d213e506b1977ffb113b59bd6a

    SHA1

    c77fe2694887c8cf7816faa624e2c052683119a2

    SHA256

    d480bcd6dfb09a3886aa4853edfb910e38630c105d217a4df960fef12674a090

    SHA512

    99efa9388fab63995af1fef7a3dd8d66515c5d02f893f3786cc0cc593ad72d8d757b640621ecd7727049d0b2565e76ec80c4ca824aa5d3e49612795ce9b01f96

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\A414YZDP.cookie
    Filesize

    84B

    MD5

    b8173d6ad4c22bacf63b50307f0215e3

    SHA1

    e8eb67830ccf754cbf24fbcbf880053f08c39526

    SHA256

    0b559cfdbc52f561dea4aeb9061c46bfb4e27bc8e283d8256809955ef5fb6748

    SHA512

    3f08e462fad124fc0efca61c44a85a3988b27bdd1c43d63dffa56f6879c7c4ca4498228161eb1aefe6b4328828765a5e2c5bd2f2d3817f67d08050e036652618

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\G7F3R62M.cookie
    Filesize

    103B

    MD5

    cd967aa17bd00bca3be5f184b7b69a54

    SHA1

    89a7285fe3101a8e2f67e73813dae2643beaafd3

    SHA256

    f36a718cd0e88747277aa98f1f2632237174ab06da5d09be78c6cb26af5c2c74

    SHA512

    8a449cce270dfaac44996e27be09eb001724f02e6d6e0420fd877217d6d79b9d21243419043dd33ad50c84916919ef194521b10a640b042b304611bb8f9901ef

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\JI2R7OHK.cookie
    Filesize

    147B

    MD5

    728170a29ec848c7d23da6720a93d47a

    SHA1

    a765d49a8cab137e6a0097997cacc106491fc2ec

    SHA256

    3d193d33c8f39cf83c0cc0446d4a16e0c792abc6af505432b5c0f28a72318d28

    SHA512

    64f5cfb2ff2e53e130caaf2a8b3fdfb4d509633426035245b79995b0252ae076de9a346d76aead7bc30bbae5f0607620ab7f9eac16a5b3ef35246171932d77b5

    Download Submit