Overview

overview

1

Static

static

URLScan

urlscan

1

http://eu.static.meg...

windows7-x64

1

http://eu.static.meg...

windows10-2004-x64

1

Analysis

  • max time kernel
    129s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2022, 20:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://eu.static.mega.co.nz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 51 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://eu.static.mega.co.nz
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1144
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:603149 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275492 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a49750cc15a127faeb5654eb4a48c99b

    SHA1

    8a127b5098b0eba12ca274c4f1669dd31c6b8d88

    SHA256

    d682a56f178e768efc09c927be89884d96a3430ad455bc9765a1fc50f8393342

    SHA512

    bed9ba541b920f11b4df4ca6394f346c1be6fc934a2c25d0e4102ce7e220762302032dca3aa4abacd87da5b54eff08522500a517f10d3a38a025c63f11db9dad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2d45f8cb3e82e8b56d02d52ce45d8ab

    SHA1

    a1cd376edca4cab778aa4211511f365fef725fa1

    SHA256

    7d30aa3ac4436b1d849ee99db1962cd4d2812906d9793ff608b5aaafa472600c

    SHA512

    2825719116921f537d4c162c1affb7c0c509aaf118b06dc009ed7cc21f0c0d1e606393b02671422d7d3d0bea834981a1b2d6a57cc49c0009ea5248035b169af8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f8a58103b62d33d674ddd611e10b6ce

    SHA1

    f6ae1f5d91ddee2da5ad85262f41c2103e3eb236

    SHA256

    ad1433474cc98d56aef1002cabadd3d7fdbd40bdf07175e8ba667534150c7b6a

    SHA512

    242dc3aa030e5aec5945d89df58005026baf24ffb40316465a176d1304ac38351220ea8c8adb80cacabf43577acfc43877384d07d5026114eca5136984c40703

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    056d3f25c5bfa7baa62c6d4de8eca502

    SHA1

    ea5f935652458e9647fde0620e298bd7bdab69c0

    SHA256

    1b6121d3e8643ed5bc79a2561fbe4fab9422e7fd1eb5329f1cff44f7e4151395

    SHA512

    f7a3d9baed5d4948a427faad2a9fc501807de4fe66464c919c81d2f3b9359d73c715492e3d2f783d96ac87f5e263e282e206d2933df763a33c6ea629a0e1bbc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94fb0d8a6d298ba9b697ed0ab5978af6

    SHA1

    a7c4bb6c85bf04e087bcb130a35bd4ee7ff34ccf

    SHA256

    8b9302790c3c4db915221e5799a6de2919f00d44ed23ccd165896b8c4102dab5

    SHA512

    13f619f07c7ece404c71642163945bed404a656cdadcf6a7b9749be2e58ee6b896c0999b5ae3e7fe49e6c1dcc448bcd3650f14e02ca8f2114d3bdec7a59944fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d02509c8d4a1f7713fa9a599045eb189

    SHA1

    60b784be211c1c0453e5a3087a6e4abe908a7179

    SHA256

    5818ee2b2552560b4aab90496b12df38c2d312181c0cd67f366d2ec342a3f1ec

    SHA512

    24a8d6c26004342c69c8b3e581c3ce371c6813254f26c82a88aef92532f0dffa28a754be5a21199d7decd7a5dbb66290dbbce463557ff04d64417dd556540979

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\mlf2v8h\imagestore.dat
    Filesize

    6KB

    MD5

    124a5e732589ae03df1040fe32ec0ede

    SHA1

    569c7819f90000ec3f9c15f873f94804144eecb9

    SHA256

    771345696ba282c0746d3bf45f9c1ab844624604bbe6602000237ed569179f64

    SHA512

    df50da8beccb05650ac4ad9994e2377308833c4a0df4df1669581257bd0bddf630f308a929d64b96c79bc510d892ce223b0c643aa3679205cbc8c1553ceaa9bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\mlf2v8h\imagestore.dat
    Filesize

    7KB

    MD5

    fbba8ac9095916fe81254088b0779315

    SHA1

    52ccab20c8301b2c3fbf9cdd932a0b12c17fac03

    SHA256

    237ad02ce0658d05281fd72df797401941801db549d51b894829d923ebbe0cf9

    SHA512

    9a9ebd61e046af56cadf544bf493bbae26bd959c400e394056618f9e28cfa27777360b86b5db0c62b51ee4e2c7b563d60cb6a236bbfa766f6dc2e4bf618f6ad6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\mlf2v8h\imagestore.dat
    Filesize

    24KB

    MD5

    fcc50e35366b07a45a6ef7181075340c

    SHA1

    e7c7ddf738ef2de3b8c306e8399dd9f1405d65af

    SHA256

    61856133bca23d6711ffe93315607009e7e00775abf438ad0cc9eaa31b46aac6

    SHA512

    7fb3183567788f12a053998ed58ed9e962f820b6ea21f2c35c65914f4e085c54f8aa378544985c76bcacc8f02d02166255fac27e88e0c56496ca01b6e2a24b6c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\06U01JXU.txt
    Filesize

    608B

    MD5

    373d6210ec712cfeea1fd33fe70cbf91

    SHA1

    e2b9a4950664f78622ac73bdef89fc367cc9cdac

    SHA256

    52a8bf1139c91e6a511e69b568cd8e7f756de8fbde4fc01b753ff81d2ef389a9

    SHA512

    3deaad92fb14a8fc21e9814fbb97c9e7d40dbc67f8e0b9fb850d7dadd8d64d40bcfad468dbb98020d8316fd5eb462368f6564c799b3b76566f872b7d983b8ba0

    Download Submit