Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://www.office.c...

windows7-x64

5

https://www.office.c...

windows10-2004-x64

5

Analysis

  • max time kernel
    144s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2023 10:53

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://www.office.com/?auth=2&login_hint=nikita.chroesjtsjov@triaxknm.nl&from=AdminCenterEmail

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings ⋅ 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow ⋅ 1 IoCs
  • Suspicious use of SetWindowsHookEx ⋅ 6 IoCs
  • Suspicious use of WriteProcessMemory ⋅ 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.office.com/?auth=2&login_hint=nikita.chroesjtsjov@triaxknm.nl&from=AdminCenterEmail
    Modifies Internet Explorer settings
    Suspicious use of FindShellTrayWindow
    Suspicious use of SetWindowsHookEx
    Suspicious use of WriteProcessMemory
    PID:1468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1468 CREDAT:275457 /prefetch:2
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:580

Network

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Discovery

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation

                        Replay Monitor

                        00:00 00:00

                        Downloads

                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
                          Filesize

                          61KB

                          MD5

                          fc4666cbca561e864e7fdf883a9e6661

                          SHA1

                          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

                          SHA256

                          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

                          SHA512

                          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          ff56b6b9773f457dcf10a7f155d80a77

                          SHA1

                          0cbfa08454b65a06e1551738779be8bf3535736e

                          SHA256

                          a6ab34e3d90d63ca2e0a83a2ce2768df570adf1fddf32d3878b646475eeed65d

                          SHA512

                          4b1a251b34a3a758601b0bf6bbe4a117628f6644d3473b2f8abf85eb828dfa9cc424ec165fc309865b6b1d8a90b9a7cb114bd1668a483df5a693bb93849073d8

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          3d36f528075168c4ecc41a1be23bf521

                          SHA1

                          bbf8a9436c1a39ee215b54f49981fd6ba675bc2d

                          SHA256

                          f6aa13c50c6720c0fc1247a059bff0cc1907f44a8eb1ca2fdc5333f58038d49b

                          SHA512

                          8d150056033f399a23b36723c64ac04491628db7d814e0b96237b56177b438f629542c7db84f550f3586ae1f66f0488ba05f49c4c15679e838f262991bd5153b

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          ccd17648f452c5568059b770ac4403b8

                          SHA1

                          cbf1411a90d5ec2f3bd2f3bdb9ef604174282e65

                          SHA256

                          b95c61e73fc3956f6f1d2dee38a331d43a6152fadb96030c845b19c7cc1d3fba

                          SHA512

                          8190f9410d38073c96af8d4ee0894774220a839089f559fdfd0bd89b6f5e45ec6101d63dffca0f3ad7385ae60c587fc71b73ec22c6fc64aa1b67e9791a95ca64

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          a0353b65c10f2ac1ad73b8381f648e24

                          SHA1

                          0f8d065bbc800551f7707fdbdd2c005c529f41df

                          SHA256

                          2591a4119ff7ec5351deb6124d76c0d66bf72ce0ea11b7bbdbfa20855b8e2bdb

                          SHA512

                          d707804c7080861f13d7da4a551386bfbc18c131f6ffd5652413743e8319c6e923a102cb1f3773138b72817c02999ba44e24c49f4e60213aef61df299ef70902

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          d70025f7aed844c6cc18f98ca04abbc6

                          SHA1

                          84e1411cdbfd74d01f47a6648a5b0c423883350c

                          SHA256

                          02b7ea300f151ffcf3848b90aed13c121ff832299c594ce79cd1395d66c8ddec

                          SHA512

                          1974d4b74d3664ce44496eda48e9efb1cba741f903e95a300dac5718cb002b056d48a24b275c6759973a32751a35d39fe0a557b55b89f5526a9ec9753ef1d672

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          f50b84a60a1e4da22f097ce6fc5a716e

                          SHA1

                          29e43997b61b6812476590db037d0846d4f4b5bc

                          SHA256

                          5f679dedddf734ae4b4f3e9c14ca2d9f1073118eb508cea1333ce694ed5f7c5d

                          SHA512

                          1d03195a0eeca6e348df934456c4c7dbf56f956592db89b273347917695b105a59a7ef3a20be7b8674ac8bbcd31ebb905bac8d3458bd5c97f75d946e68cb8e9a

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          6554a0d061bad6237a58fba0b8fdac96

                          SHA1

                          3aecbc917fdb8c5eae4fee93dfe2ef1dfd372ffb

                          SHA256

                          f12af04671a2d5f65be3d64c6bdbc8a8021f8e2c66b5f40ddfcc07ca62f71fca

                          SHA512

                          edc20bfc7959478ea04b9d0693777545c7ef27468d32195cf7e0d19bb05d23f0bfeae92e17f2a44665f217011ec4ff06e25a4eff9580378e685eee832a6276cb

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          3ff02b46f3b310442f0e6c5c6b313d8f

                          SHA1

                          c868476a2c61c8fee8a670268334af459f1e5147

                          SHA256

                          dbab63e97a52d4da05602d38512bca26aa320cc40bf31d500169f8e66df146e2

                          SHA512

                          6bb92ac5cb05afaade624a442661eba1498465725f012abc0f65fc3898290c97e357ed380834b0bc6643a325635f58917eb84a28fd01efb9de169e5e3fea125d

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          eeaeae57107ce28d57d9da283ecb0133

                          SHA1

                          f58d175f7a8c68f1cd78e3925e9bfbae5659bb37

                          SHA256

                          d1c84238b0c646171229eab382eaab6106f476269fca12c3900e0be527ff7f0d

                          SHA512

                          e944ed8544ba4a3283bcf0d03564c38d7da8e0b46e4a10e5228b1697d333542a7180e88d91e135df6375665860e83de633f08900c3d2f8872089d858e2cbaf89

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          059404dc5e479eaf08572dbad65c7607

                          SHA1

                          5916147f26c8f4e23ed05f35f1215d7f2e0444d5

                          SHA256

                          40f4916f4dab50905d048b0c65bb364e421d0be2396e84f3bbb3e29160239360

                          SHA512

                          19dfc07004eb3dba62209a055a5ae03c9896dc2f18bd779c4e28cff21c2ee4cc72c8cddad4f66f458ae8cf2906cd8cabf16d7cdc570e07b107aa7ada24a22827

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          bc691f6f8837effa0a19c29be68c49d5

                          SHA1

                          63685314040a98f4834bf2758e9d61daa3802783

                          SHA256

                          12c098d7c68a9d59ff2ad2a3af433cf81082ddf78adacd52946e4c8853db2cc1

                          SHA512

                          0f0ead461d06f0031f4813c5cb29d09e340716adfe17ee5e2db14555a8995cc6e28577554fff5227de0734550d8b1c01e24975888745712fcee4d18a6f24a3a8

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          513e2e9209955ab30efd8402811f9618

                          SHA1

                          901dd01b53c9f4f5ca00ae7fd35f42fbe1991c66

                          SHA256

                          286aa5462939271b64c79f0684f273cdbaf1b835ebc1c2b083390ca813eda272

                          SHA512

                          00d2557405e03ed62f2e2b69ebf9eddb6ed9f23abf98e6d8ff9a59eaac78f10f26db7efabe28c1a16b953e4e43ed972e674cac1bdecf8070b450e619a6e69f52

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          22864bc591dbdd995b604944ce242850

                          SHA1

                          e75883e7912f546cbbad758411c4bdf4ed590255

                          SHA256

                          81131c7b1899dd2140e3249bc665bb6838daf4e26e5903feabff369ba47ab6cf

                          SHA512

                          68c056d02e60f9c403abe58a3c16f4e67c684d91f2b4b1fec6d7a0d39b5acf22b40f5660a00465cc8fbefcbe9abc4c8d0b9b46123525bc1d1abbf9118f09057b

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          f72b5ff11e103f58ae277989443a4680

                          SHA1

                          4864375fbe7839f4d5335e19d8284900c20a9007

                          SHA256

                          d8cc84f4101074e6c6ae506b0d5d58abf1eff38b1a2f89e16c1da434221f4908

                          SHA512

                          55421e28020b09dec54dd1e2c487c96a8d27f21691f6a9f6483c4910942134cc051222c374cc30fb37cad5af1225f26306d002c86aa382ca2628ce59a5592070

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          5c9a54079f85e0f5467a12d10a234348

                          SHA1

                          7229002812f8837f1304c32418f7f5482310bad9

                          SHA256

                          492bda42f2afeaf7cd435e9613cab08138b6a84c2e39fcd0f0e88d218ec42b88

                          SHA512

                          882625fea2762d9792e6aaa74faa594b382d12cf4766a36fcb678cedebefe468f35d3be9adbb49aed692d4fb23ada2144f2cb9d0f96e9d352cbdb9fb3de62d4d

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          9130fce6c34ce6502c7600d30870ca26

                          SHA1

                          00f022d3a66809c4db02e6e89192e3238c80fe5d

                          SHA256

                          e003333aa9a33b7c58d2f2138fbb6342a7a3345a371281507bbcbd9c180c0a7a

                          SHA512

                          4758971678e9f7c2842c8fa26944a376a6e91cb4e3ceaa9e53909580f71048ce91a242b067d645a339e1bcc95c38dee9a6ddb74bc861b350699afdaf6230d1da

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          3553bee9f84174aca300a688ca3172b4

                          SHA1

                          d74febb436b7fbaa04f3e03ecad0a07d1ded17fc

                          SHA256

                          4b5d0c803290d08d14d49f99a633e69e3f995f683fa68454340777cd8affe2a8

                          SHA512

                          e6e819617e50a6825269aed9aedfae5a9fe377b43559140d7f41e3d26098a67b163dddce063543eee12671eae8d8f139909ccfda3d7be6f7857fc2937a78c654

                          Download Submit
                        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                          Filesize

                          342B

                          MD5

                          f8a9864c5d5102fade2eb89a24a77358

                          SHA1

                          7c0799309b3fe3f5ee9b4ee12eebdd5399c9ef60

                          SHA256

                          ff7c177a409d3dba4b640da5ac526b442252225a32bacacc0dccb471de1a15a1

                          SHA512

                          846bd06f4efadab010ca52ba06302d74f1ad4a5f74d5392b3d77e6aca6babccc91bc41a58238fb68bfd6a4dc1ad475ab689e914cb2ac26e631842949fc39e79d

                          Download Submit
                        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t9o3c8r\imagestore.dat
                          Filesize

                          18KB

                          MD5

                          da7ea41a4ff23192713a3c98d3848195

                          SHA1

                          4ce5543709a28afc44fa9d64caad2142c4a78fb9

                          SHA256

                          d2923ad850e15ca50d87c667394f3ce8c357fade1101b7f537e5967a809bf865

                          SHA512

                          654eb23253b08f54a4b998d10972253969a6fa4229530425b2eb1820f465b17b7f6b7ba36b930df3351cc1dccd7698e5ac25f0835c1278aa846622d496f1be92

                          Download Submit
                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\7PSIXI0W.txt
                          Filesize

                          601B

                          MD5

                          c8c30a0bb63c10cb1d5eb1b14054fff0

                          SHA1

                          cd823ec75fb5850703d8a471037f4d8d7eef4ef1

                          SHA256

                          d7b9043622aa64a8d3be8289cf9fb17e4483ce1494531610f0bcd5bda950854b

                          SHA512

                          cd17611aeae59d56244b628125bc70d0bc911a8a585f5b6c2edbc8d6de85bfe332e4ab4c55bff59ce081ca23b26b229811650bab661699353c8f9f4bccb333f8

                          Download Submit