Overview

overview

1

Static

static

URLScan

urlscan

1

https://storage.goog...

windows7-x64

1

https://storage.goog...

windows10-2004-x64

1

Analysis

  • max time kernel
    73s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-12-2022 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://storage.googleapis.com/0068be3f1777eccfcdb17d23ffa2f0c6299f19d9c5ff0b02a02cd0eb7489/a82b53fbf553a5c97c1ba6d3bfb380744a645773dc80368e4d8f7cd0af88f76dc6e457#UXN4WmhjbHVaYXhVK0RXSWs0Qk1Ja0hkdTU1UlpHK1VIb0JBQTIrTUE4ZkZYejJmK01SMVdsbjBRSUIrYko3ZG9FVWt4MTBXOVU4RmRFRTRRQnN1UlJpS1hVdnNONVJia2RnV0hkOCtJN3M9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://storage.googleapis.com/0068be3f1777eccfcdb17d23ffa2f0c6299f19d9c5ff0b02a02cd0eb7489/a82b53fbf553a5c97c1ba6d3bfb380744a645773dc80368e4d8f7cd0af88f76dc6e457#UXN4WmhjbHVaYXhVK0RXSWs0Qk1Ja0hkdTU1UlpHK1VIb0JBQTIrTUE4ZkZYejJmK01SMVdsbjBRSUIrYko3ZG9FVWt4MTBXOVU4RmRFRTRRQnN1UlJpS1hVdnNONVJia2RnV0hkOCtJN3M9
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4652 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1932

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    b373d75a1062fd2158e3d68dab288e35

    SHA1

    e99d234b133ae945c8e272f2df62f774cbfa51a2

    SHA256

    a67e5caae4c6dae06ba77fc7116868376e2fffddabda276864e6b37b696502de

    SHA512

    c0b916b9766e8224cb7ad17db485de23325754cfa4e464b670fe8b4b61c95bcb60e12891bc46bc935c3ab4022deca3ddbfb57e321186dda3a5f21522d622ac0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    e53304040383b352751cf3728c67764b

    SHA1

    e80f9bcdfeba0dbcd7ab5a32da540fdcc1afdbfb

    SHA256

    9c9b8ea3ea5fdc5506fee440f4b797a2a68f6948401fdd85d70527d260cfdbd4

    SHA512

    51462d487735b8bd987c1fd0bb1418f0696f23e244e7adc134e0385f95a7a83be92cd6b752ca6bd7174e15b0abd5c15f5383563c134b9f5a765c262539dac37f

    Download Submit