Overview

overview

10

Static

static

URLScan

urlscan

1

https://bafybeie6fk3...

windows10-1703-x64

10

Analysis

  • max time kernel
    32s
  • max time network
    36s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    01-12-2022 08:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://bafybeie6fk37534lwcjpemo7gjgwf32fezlbptijb2bix73bnczhbd5kqi.ipfs.w3s.link/cx.html

Score
10/10
phishing

Malware Config

Signatures

  • Detected phishing page
    phishing
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://bafybeie6fk37534lwcjpemo7gjgwf32fezlbptijb2bix73bnczhbd5kqi.ipfs.w3s.link/cx.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5012 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4848

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    Filesize

    1KB

    MD5

    2e29a05bd4812d93689aad3f431d0e3b

    SHA1

    86db8874a09952268bcd872de30526dc1c6f43e1

    SHA256

    03e994c938fa9de8676a5d344de52fddb9853b602fbb3b3c06ff07e225acff6e

    SHA512

    ec71ddcc311c83d2fcbd48008fc92060096611b914284ae180f289bd3f0c1e6dad12cf3ee177b73eda24ff75de469f75ec437069842523a263d39e45af30cd6e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9FF67FB3141440EED32363089565AE60_469BD2C551B4CC5289070EB844D142DC
    Filesize

    278B

    MD5

    425b0e6089edc1dce6fa9c07ccab555b

    SHA1

    a510a992b34a34e65110dd0842c05a53162f0bdb

    SHA256

    8cf33e596127eba4ff3f20e67824c41a71f1b7145bf0765df579511f94394cac

    SHA512

    cf5ee3ee628c7a53e182a70aa068a544c38be5efc65ab52c796bc2727d717982c8bbee5ac5017e6ec28bf268e9926802c7d7bd1bf46e52b137aeff53ed51206e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    Filesize

    438B

    MD5

    c46ba3744facda24579d134276f03036

    SHA1

    fac3f46df950bbcea21250b418af4f5c3866a9e2

    SHA256

    8d40de53c839b743f619b3eeac028d320319d2cf2080f170a8482fe94448eb68

    SHA512

    ca420034a5b2d0e41787e2b3ddd03f4ac8a03cb7db79bb18c85f6236022d8913552f9f37088cfb306e30abf2298c7df6b851e1a640274e546415c22110e504cc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9FF67FB3141440EED32363089565AE60_469BD2C551B4CC5289070EB844D142DC
    Filesize

    400B

    MD5

    8dd073b86d635ee7d80865d3b24ed350

    SHA1

    05609836c469f69c02e9114ebde462d40f2647d5

    SHA256

    1bc5f321fd8678c36505c9aff33ee101048f5d750860ae66bff66d0b214aef98

    SHA512

    734f7078d890155068cd99fa4c5b85151eb8d6325f289ed4fe4012d96ca09874303d88d3004ca47903daac3bceebfb7b3f1ecbd61d92b1da9f5254bbdc0f4021

    Download Submit