Overview

overview

5

Static

static

URLScan

urlscan

1

https://ambientcg.co...

windows10-1703-x64

1

https://ambientcg.co...

windows10-2004-x64

5

Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    10/01/2023, 00:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://ambientcg.com/view?id=Fabric029

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://ambientcg.com/view?id=Fabric029
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3316 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4732

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    Filesize

    1KB

    MD5

    3e35debf0ae93dfc7e0cfa289289e3e2

    SHA1

    47d5a04190a791b6cc028b3db4e1f8a7af3a356d

    SHA256

    b74ef679bb85066bbb25edd379f0e7495a18e4b251f7e936c5def7e6a4d9ad8e

    SHA512

    47b15623ac696f50ffb43a773c778f90aaa351310b650ca504d7dfd75a03819cbc5afe9a3e82bbfa95bdadd3aa907cfd70b3fe54df10397704b43d44eba208e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    bdf470191c4a6769b83735c86bc6d2ca

    SHA1

    dbea8d53edd104d2db101927fdbd8814f93c4dce

    SHA256

    898b176b737906173625a8fd4074c4cbff5fb0f3c21e1fd3dcc1cb5be6977b8d

    SHA512

    0e7590bc87ad090bfca8707fb1f4e69001b9d923983f64972499f4ae62281310d5cf72f7e8dd3d8c2e78ec2d7310a73c1d4ddff4b29eff0439161b7c8f56099d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9FF67FB3141440EED32363089565AE60_513964A37146CC2FB8BD62C170F8A09A
    Filesize

    279B

    MD5

    60019fb471359a9bee3fcd0b6f5765bd

    SHA1

    ad2527d3fa29279188c470db1f88195b14bdf75d

    SHA256

    52d730e734ec49f17558bb1bc2ba393834ca33864a0407fae6532706bd75c693

    SHA512

    8ab0206c95775553f7cf2907bd8902111ae6c8467da4d5832792ffa0e83efecc64521fa412c0891677bea4afd8ac821c9f9e5edf76d64558f5c5f29fa3819f1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
    Filesize

    438B

    MD5

    d85982b8664c55a3b71edd4d82dcedb8

    SHA1

    8cda2b1d31b18de9e5800d15fc2e7e20bfe816ac

    SHA256

    7dd8b5fc753f7759f2d9e504c4ee6779818b66e4ba8e4564306611075fc1da10

    SHA512

    05e7c5f20eb6c4b9f30dd2d54bdcdc5e9390488b0fd0ea03bcc9d5a60af2423de9454815dc088268b52f7c0123510a05fd1c221dcedca99fa048f12aca1323df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    a0ea86c9f923a2d841527f8d0ef6b6f7

    SHA1

    f3519c9e126e9af5b5dc7f5a186be465a79c1705

    SHA256

    1180d6b6397e23e7bb14606aa7f341d074689e29cdb29f11c0d73facb07ab70d

    SHA512

    3540f97bcb53220d4a6f328ad36b8892624b56a665f8e1d25010c8dd51bc9b72588957e1fa313f8c6839ed97ffc7c115cf581f75bfb021f24a567056c909b44e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9FF67FB3141440EED32363089565AE60_513964A37146CC2FB8BD62C170F8A09A
    Filesize

    438B

    MD5

    0663ab377255387620927fa58441a146

    SHA1

    cd39cc28ddc78053f3c6d3197379aa33a0e69331

    SHA256

    f24613edbd4da217f24c4368d396cd51bf5155333335d942d4a227cd5fb3fe79

    SHA512

    befe03c14f50b32f5fdaece1f9199c36afbe3bd3c79177260dbeaad2c923c4ab0f0a07d90997c6882c9ddbdeaa28111ebd18a7228f7bd0b9c9fded72353540de

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\9FV0QIKH.cookie
    Filesize

    615B

    MD5

    418fa6a1c97242aa4df4b73039b1bc4c

    SHA1

    230e2000c961231819086c2effcba78161db9673

    SHA256

    6de794be7ff7826ff53b412df6033a7310c4e9eb8ce06ec1404ca5323dc2290f

    SHA512

    28a82f5ae8c45ff144f466cde44af157b6c9d762be41a56e56f4db58d2ce0d750b8f3410d13d1479da18fabb4838392c237d43191af59f0a5f0211652192ec32

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\KTLIT4J8.cookie
    Filesize

    615B

    MD5

    e37c6d8a55d75d0d1da931bdbedfffeb

    SHA1

    3283db704f840e05e426e1494206c433f90fec31

    SHA256

    32ddd0847db0ada6f9fcf3287a530fb660f1416a75c560d89f42a16d1a7eec8c

    SHA512

    b6d8b6db7af011e6ded6f4db9b4265d38f6699a02b105ce058497f2f743eae78fccbed479054ee3b87c572961e7686c749044138db7e23912ba9ed38fee1d6b3

    Download Submit