Overview

overview

1

Static

static

URLScan

urlscan

1

https://www.gopusa.c...

windows10-1703-x64

1

Resubmissions

03-12-2022 11:44

221203-nv7m6sga35 10

03-12-2022 11:25

221203-njdkyseh59 1

Analysis

  • max time kernel
    118s
  • max time network
    149s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    03-12-2022 11:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.gopusa.com/non-binary-biden-nuclear-official-charged-with-stealing-womans-2-3k-luggage-at-airport/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.gopusa.com/non-binary-biden-nuclear-official-charged-with-stealing-womans-2-3k-luggage-at-airport/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3192

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    8ce5043f0586087e48c9f07b790306a5

    SHA1

    668cb4a62d13f5d35b9ad62c495c26cff9ca4eff

    SHA256

    2266d6e10bc485bf9ae6e71df2d00e05f9058f1983e10c02488ea2de5755c271

    SHA512

    b9486cd6998613615a91927207834801bde05e82c6753f44c8c7b280d660069af12c0613de5f2123966c9d1ec47bcae1e4c83452c86309cd5c9a15ce9d8f67fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_46F574BDF8F8E3AC29733131E4667BA4
    Filesize

    472B

    MD5

    1377c2956f6d4d989e6fafbe01600b49

    SHA1

    7a550dd67e42a8f1ba1468646af02691d0580345

    SHA256

    4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886

    SHA512

    0c559b1d2e6d1772aba8cc7a9dc8891522dc2df68558d4285ecaa87da4fabd81808f5ee8a599ceb7e26641029f7f9b3d27f33c2f42b0bd1f1a3fc5612083ed09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    Filesize

    1KB

    MD5

    b6b20fc041e2d18a5b1412ea197e75e5

    SHA1

    ca55c4566c5fe6317fbd11901ec9318bb0471100

    SHA256

    98f196ce388b7c3522e220caea4f4f54a1aad36a941a00a2192e7c0d08c6022b

    SHA512

    070ddfa9c09962cf0bb0bc656084dcbf487ba9d272d95990b96754669440d4273ae7a8006fb1ef906451a14ef17b31f03f0c82af8ffe93f6df8d0561cdd0b594

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    0ff2da8bfc83bec6bce38ba6a3f7bf58

    SHA1

    84c37df7bed08d69f040c289676735c49a9564eb

    SHA256

    91026f24711c435d99a44884c7239ed1265cd17c0259a6c5885f69e4309421ea

    SHA512

    78afdc44d7557b2f14444182085252e8456c91289511d6f2abfd1d7273d05baba9a94206d370add716b9fc30dc326a1a2e1c78f642e926759d962cf216c3a489

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9FF67FB3141440EED32363089565AE60_8DB596B9957E4DFDD69ACDB305306B95
    Filesize

    279B

    MD5

    b5936d197f43df03bb74d1c62a03731e

    SHA1

    e8072c338a22868836f2775a345561d9b4cc523e

    SHA256

    6962d5b1bed6e0a409bb999ac0a37b5823d7483e44561978031532c259e4269c

    SHA512

    477fd3ba89d6ace3be370e0168ab6a7d8e2d4be2431e0ee6d32e92a3e5a816b92dc2ac436a801ee33645bee11a42abb6f807deb5d0231713a7232aec5e297a92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    f569e1d183b84e8078dc456192127536

    SHA1

    30c537463eed902925300dd07a87d820a713753f

    SHA256

    287bc80237497eb8681dbf136a56cc3870dd5bd12d48051525a280ae62aab413

    SHA512

    49553b65a8e3fc0bf98c1bc02bae5b22188618d8edf8e88e4e25932105796956ae8301c63c487e0afe368ea39a4a2af07935a808f5fb53287ef9287bc73e1012

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    63e906f7db627d03a92f25a7dd03d31c

    SHA1

    4e95251938329b85ca6c6e1a2a83704a3abc55c4

    SHA256

    94f44f0285f280ee8fa37c0019e6b54776ab4994810e35a6bf754303866b016b

    SHA512

    19fe06af7c908fc9e6c97a04caf2a13e8fb27e2c7acddc3a5b8f55198c5fa6bfe7a64f6ea86cdf578c1c505f77c6fcae628ca3886ced3cd1884dbd00ebbf4036

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_46F574BDF8F8E3AC29733131E4667BA4
    Filesize

    402B

    MD5

    49fa011ba9d2140b890c5eb96c8e6c8a

    SHA1

    a290cfdbd1a8a210c09932af9470f1697060ceb5

    SHA256

    a6e5ddac955272031b69cb9025dc4721221ebfb3afd377553a2fd4ea1c977ab3

    SHA512

    616c717ace9d0bb82bf81be917d2fe9c0b2d8523102149316e1b4ff959a4ba0e869e7f32e7d94bc56986935c64290b653cb9a9db6d5600be33fe32e59894cf25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    Filesize

    438B

    MD5

    a7be10c3532771513edeadaec4bbd432

    SHA1

    b44ee6c1592d2263fa45d05474fbb461eea6a9b4

    SHA256

    8e428f99ee878ee75c84d40902638b34355f0c118548731c61e9a0c3bdfc4591

    SHA512

    5d8e81e7e917b48a6796fc039c104811cfe775a0ca63a35f76a53bc00515a6260868085b46fe39145eb80874c149dd1d3799851496895cecc69e95d06e65587a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    b44d3dfd084dfc34362b5e56abbb7745

    SHA1

    5e40aa74f75472309c0b50107f7f80d9433251da

    SHA256

    ee4b3eed0109ab26d81ded546d5ecb2a423c84b8f136e8fc86c6af725cd6382c

    SHA512

    982afda6492fd0da523719f96184bd7e4f99a0837f1569ca5a422cb030e2421e4002c5a9b1df5485e8851f64b40250c1d47d4bfc2e0718ca14fb5127827ca803

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9FF67FB3141440EED32363089565AE60_8DB596B9957E4DFDD69ACDB305306B95
    Filesize

    430B

    MD5

    3bad85159cf2d6c02074e508f37d05fd

    SHA1

    9a20b3944a3b7f57fab4adac41bf518a56081f0f

    SHA256

    1cfd4b108cad69e6dee1b494e0aa00e6987ac9db1ae8a5a23b6d6c359538beb0

    SHA512

    b11dd49882a3de2d8b86acc7cf301ff5cca6cced9a7a61d663db54939ccfd0def2fe3db2dbf3505068acec94565731725046f0ab381f2a11b77313db54378d57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    29fa594504baf29a149eea6a7108fabc

    SHA1

    a6ebbdacb7a3d812b16f560b7fe8ede9deff372a

    SHA256

    b7a9373c674f0fb546942a6bc14dd2a9fcfda699bace2ff8097cc4cf3a2568fb

    SHA512

    7a55e343fbcd56fd975cf019ae531a194bd17ab9b4c6a4de3a6bed601f0e6049b1ded226c6a2162834eef93c5477baaeb7d225d57ea0ca9785d1f738ea834bf1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\7NPAEDPH.cookie
    Filesize

    545B

    MD5

    8fcb25dd792a8d60459e13b680f4ff3b

    SHA1

    c137f6e1c6d2c46c10ff9ee8dd3aaf6a2e09cc31

    SHA256

    d393c1496839b9137868f4c9db73d1152af2ca7e86c1c5de86d5617f734f7035

    SHA512

    e5c5f4be82815225f1b998feaa48ccd579508ede69fe94d009ee33cba779fae53c3347d36dc14553fd163453c06ce5f7fdc1a66b483243261e31b5b2bc74c006

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\YMYVQID8.cookie
    Filesize

    545B

    MD5

    7d145d0d1f2f78d5507c7f0147bf0375

    SHA1

    d2a06a8e523fe186927b3698b9974382d4e2c92b

    SHA256

    39913959acaa14db111416a8233d15cde17a81bbd0d7309f85433366bdbb73be

    SHA512

    d83c60fede3bfc1b16bbacaf47b2defab3bc1dc61809387d5078dca722dce708b66ca2e6a8b399b306a46e33f02a9e29b1e2f2aeb0aa2510384ffb6281afb16d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\ZC4E91S3.cookie
    Filesize

    362B

    MD5

    9ac7ab85f299c8fc4bd1d8c7637cfea3

    SHA1

    70f7f286aaf079ece3c25caf6f15d0d1918217a9

    SHA256

    448eaae7c81a92d7debd95657695bb5aaa91bd8e1537261f613153c052e53b5c

    SHA512

    288948ddb8eb29d785f00bab1ce4a9ab10028aa34769cd8bff23ca377c0c1030a2761ed965b42872c4f1f5e2d7e5383f7fde5da1afded3c26a934966a43c2b97

    Download Submit