Overview

overview

1

Static

static

URLScan

urlscan

1

https://androforever...

windows10-1703-x64

1

Analysis

  • max time kernel
    128s
  • max time network
    144s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-es
  • resource tags

    arch:x64arch:x86image:win10-20220901-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    12/01/2023, 17:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://androforever.com/fl-studio-windows/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://androforever.com/fl-studio-windows/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:5084

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          136419344d2462df5856efa6ccfbb7e4

          SHA1

          d9034d754c65cc630a0d6f0efccb17016be876e7

          SHA256

          fc47afb1aabecc69fff0c95ea3a8eaf493927a0de0e595dceb21aa64af36eece

          SHA512

          f1acaa79b4e977fd9399746edf7bea9108be6b8a51e9114b9a65969d3e71d6e2343e6b76a00e9e97587f843cab86a1c3dca8eb5215cfd33e3396beecd3810bf1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          c095652a90450f6e9ed5dbdcb1f7e807

          SHA1

          e751b539a52150785c0740d444aa759331b985aa

          SHA256

          7dc466e98f2432c283d67159d100a79c1440e6fd132a9b8aa493cc26f8ff1181

          SHA512

          aa00b805ac890c08dc5eb6cd2cd78385e1b0f4228f1ec1466bf6c203ba3359710539f78a11bca7421e55ad55e6eedafbcefbaecfe7345b56b4beffe6ff57875a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
          Filesize

          724B

          MD5

          c18c1ab84b27ba6cf9cd2e5ca8a96d62

          SHA1

          df6dc9e0b61be770d13df05ac149ed07c5f9210c

          SHA256

          c3535d9b617c8060aa4a80b708e2d017c1b344258b5f18d1b6889060c894ff2a

          SHA512

          cb84a250d7c37c1def8d34976326f4d90b4e5fc0dbefddec5958af85e67a07e77ca0bebe8bd8c3ab784b138eb2ee05004ebba20156e5e02186bd1dd1d92850e2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          c055a33863b7a0e6ffcad79453b3a20d

          SHA1

          4f2668cc4dddb969f118e32b3573086d18e1f7dd

          SHA256

          8c08b09fcddd3ddeb8a923d081057d4ba795e33d132b415328c4a916293bee3b

          SHA512

          afa446347203fd460f7bc1566f53a2dc3f587e2e7281a1a8819c890751bc68bd18e724f5f416e86f7a547d42c3a5e15136509dd46e1cb4ef7a14e85d79a168d6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          434B

          MD5

          81b8f13a9a15df146cd8a266a1df6c41

          SHA1

          5b560555e61f2df73172cffc8c5bfec7f7ea1adf

          SHA256

          c68ba5e428740b6d99e5d3fcf1885eec2bc550d26209d34920437e65ec0bdf22

          SHA512

          7815a5f655378556ee4578c0554f8257b934462e80c0af60cc5331ddd906baa00177701714702549569b65e3a824e5831dabe30d6df6977b751fe406a1ac55e1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
          Filesize

          392B

          MD5

          13f33deb2010d7bf0d8ffadc481f0d7b

          SHA1

          dac98d0e9bff1e3ee510fb877fc2bd58aa24fd64

          SHA256

          066c6f9344e619d92246f6a6edbeea2c8d2c5959fb3fe3945ff36b28bb74f040

          SHA512

          707dd83fd9a13b57d83ec21b43cb049d7af6fa93e323318be8cbc5bf89d0c517df3697b7049cb52a458f9dddc06edc276af47b859be60ae4b7b2238fa777c1df

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\265FNGNK.cookie
          Filesize

          1KB

          MD5

          404b80698f2ced4b656ec71aee041922

          SHA1

          ca8612ced091a7039f836f7837651cbdf9a15f99

          SHA256

          f57cef07a85a25f46a5c71c9c0140de3564fa270426e399d439289dc6acd709d

          SHA512

          1c6fc7b8d2fbdf73b3fdbb5c3f8846c46afb7bc46605173ccb5afcaf44c74f544896fda4dc78c9f4b4108ca59cd0de31039598b69575b621850215d1f0af5849

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\5YK1GCUH.cookie
          Filesize

          615B

          MD5

          a3fea2f37c21ca5f86e3350174e3a2a8

          SHA1

          d12ecd49dc96f219d8c5386b1bd62a54d5893e84

          SHA256

          50ee93b4104ff333985252938e55843b78a545c1a8d23c0d72cc2a64b79bf575

          SHA512

          742ed7b4da85e2d829ddf947798aa29a2c00510b72c5b5be9cfc0ee2b68fd250c465937cddb5c98e560b24e95bf811fccbacb3e23ba1239620784ae35cb65d69

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\6T5L83MD.cookie
          Filesize

          615B

          MD5

          442f87fd30393a60cdae2ee781557dca

          SHA1

          d374e0f16cf822cb678a90280c3cabf97aa88fb6

          SHA256

          718fafaa74eeff55f3dbe9883a747eedb8814a9c89cc8102c03ee3207c026b0a

          SHA512

          97e45a0bae74838e06252425891493033ce91b30b8dacdbde1d0fc7624ab65ff8db3218ed1dc69d594eddc0f31e8050ab434c0fc919832688c153fd2f3271893

          Download Submit