Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://www.office.c...

windows7-x64

5

https://www.office.c...

windows10-2004-x64

5

Analysis

  • max time kernel
    144s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2023 10:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.office.com/?auth=2&login_hint=nikita.chroesjtsjov@triaxknm.nl&from=AdminCenterEmail

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.office.com/?auth=2&login_hint=nikita.chroesjtsjov@triaxknm.nl&from=AdminCenterEmail
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:580

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff56b6b9773f457dcf10a7f155d80a77

    SHA1

    0cbfa08454b65a06e1551738779be8bf3535736e

    SHA256

    a6ab34e3d90d63ca2e0a83a2ce2768df570adf1fddf32d3878b646475eeed65d

    SHA512

    4b1a251b34a3a758601b0bf6bbe4a117628f6644d3473b2f8abf85eb828dfa9cc424ec165fc309865b6b1d8a90b9a7cb114bd1668a483df5a693bb93849073d8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d36f528075168c4ecc41a1be23bf521

    SHA1

    bbf8a9436c1a39ee215b54f49981fd6ba675bc2d

    SHA256

    f6aa13c50c6720c0fc1247a059bff0cc1907f44a8eb1ca2fdc5333f58038d49b

    SHA512

    8d150056033f399a23b36723c64ac04491628db7d814e0b96237b56177b438f629542c7db84f550f3586ae1f66f0488ba05f49c4c15679e838f262991bd5153b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccd17648f452c5568059b770ac4403b8

    SHA1

    cbf1411a90d5ec2f3bd2f3bdb9ef604174282e65

    SHA256

    b95c61e73fc3956f6f1d2dee38a331d43a6152fadb96030c845b19c7cc1d3fba

    SHA512

    8190f9410d38073c96af8d4ee0894774220a839089f559fdfd0bd89b6f5e45ec6101d63dffca0f3ad7385ae60c587fc71b73ec22c6fc64aa1b67e9791a95ca64

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0353b65c10f2ac1ad73b8381f648e24

    SHA1

    0f8d065bbc800551f7707fdbdd2c005c529f41df

    SHA256

    2591a4119ff7ec5351deb6124d76c0d66bf72ce0ea11b7bbdbfa20855b8e2bdb

    SHA512

    d707804c7080861f13d7da4a551386bfbc18c131f6ffd5652413743e8319c6e923a102cb1f3773138b72817c02999ba44e24c49f4e60213aef61df299ef70902

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d70025f7aed844c6cc18f98ca04abbc6

    SHA1

    84e1411cdbfd74d01f47a6648a5b0c423883350c

    SHA256

    02b7ea300f151ffcf3848b90aed13c121ff832299c594ce79cd1395d66c8ddec

    SHA512

    1974d4b74d3664ce44496eda48e9efb1cba741f903e95a300dac5718cb002b056d48a24b275c6759973a32751a35d39fe0a557b55b89f5526a9ec9753ef1d672

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f50b84a60a1e4da22f097ce6fc5a716e

    SHA1

    29e43997b61b6812476590db037d0846d4f4b5bc

    SHA256

    5f679dedddf734ae4b4f3e9c14ca2d9f1073118eb508cea1333ce694ed5f7c5d

    SHA512

    1d03195a0eeca6e348df934456c4c7dbf56f956592db89b273347917695b105a59a7ef3a20be7b8674ac8bbcd31ebb905bac8d3458bd5c97f75d946e68cb8e9a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6554a0d061bad6237a58fba0b8fdac96

    SHA1

    3aecbc917fdb8c5eae4fee93dfe2ef1dfd372ffb

    SHA256

    f12af04671a2d5f65be3d64c6bdbc8a8021f8e2c66b5f40ddfcc07ca62f71fca

    SHA512

    edc20bfc7959478ea04b9d0693777545c7ef27468d32195cf7e0d19bb05d23f0bfeae92e17f2a44665f217011ec4ff06e25a4eff9580378e685eee832a6276cb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ff02b46f3b310442f0e6c5c6b313d8f

    SHA1

    c868476a2c61c8fee8a670268334af459f1e5147

    SHA256

    dbab63e97a52d4da05602d38512bca26aa320cc40bf31d500169f8e66df146e2

    SHA512

    6bb92ac5cb05afaade624a442661eba1498465725f012abc0f65fc3898290c97e357ed380834b0bc6643a325635f58917eb84a28fd01efb9de169e5e3fea125d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eeaeae57107ce28d57d9da283ecb0133

    SHA1

    f58d175f7a8c68f1cd78e3925e9bfbae5659bb37

    SHA256

    d1c84238b0c646171229eab382eaab6106f476269fca12c3900e0be527ff7f0d

    SHA512

    e944ed8544ba4a3283bcf0d03564c38d7da8e0b46e4a10e5228b1697d333542a7180e88d91e135df6375665860e83de633f08900c3d2f8872089d858e2cbaf89

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    059404dc5e479eaf08572dbad65c7607

    SHA1

    5916147f26c8f4e23ed05f35f1215d7f2e0444d5

    SHA256

    40f4916f4dab50905d048b0c65bb364e421d0be2396e84f3bbb3e29160239360

    SHA512

    19dfc07004eb3dba62209a055a5ae03c9896dc2f18bd779c4e28cff21c2ee4cc72c8cddad4f66f458ae8cf2906cd8cabf16d7cdc570e07b107aa7ada24a22827

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc691f6f8837effa0a19c29be68c49d5

    SHA1

    63685314040a98f4834bf2758e9d61daa3802783

    SHA256

    12c098d7c68a9d59ff2ad2a3af433cf81082ddf78adacd52946e4c8853db2cc1

    SHA512

    0f0ead461d06f0031f4813c5cb29d09e340716adfe17ee5e2db14555a8995cc6e28577554fff5227de0734550d8b1c01e24975888745712fcee4d18a6f24a3a8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    513e2e9209955ab30efd8402811f9618

    SHA1

    901dd01b53c9f4f5ca00ae7fd35f42fbe1991c66

    SHA256

    286aa5462939271b64c79f0684f273cdbaf1b835ebc1c2b083390ca813eda272

    SHA512

    00d2557405e03ed62f2e2b69ebf9eddb6ed9f23abf98e6d8ff9a59eaac78f10f26db7efabe28c1a16b953e4e43ed972e674cac1bdecf8070b450e619a6e69f52

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22864bc591dbdd995b604944ce242850

    SHA1

    e75883e7912f546cbbad758411c4bdf4ed590255

    SHA256

    81131c7b1899dd2140e3249bc665bb6838daf4e26e5903feabff369ba47ab6cf

    SHA512

    68c056d02e60f9c403abe58a3c16f4e67c684d91f2b4b1fec6d7a0d39b5acf22b40f5660a00465cc8fbefcbe9abc4c8d0b9b46123525bc1d1abbf9118f09057b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f72b5ff11e103f58ae277989443a4680

    SHA1

    4864375fbe7839f4d5335e19d8284900c20a9007

    SHA256

    d8cc84f4101074e6c6ae506b0d5d58abf1eff38b1a2f89e16c1da434221f4908

    SHA512

    55421e28020b09dec54dd1e2c487c96a8d27f21691f6a9f6483c4910942134cc051222c374cc30fb37cad5af1225f26306d002c86aa382ca2628ce59a5592070

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c9a54079f85e0f5467a12d10a234348

    SHA1

    7229002812f8837f1304c32418f7f5482310bad9

    SHA256

    492bda42f2afeaf7cd435e9613cab08138b6a84c2e39fcd0f0e88d218ec42b88

    SHA512

    882625fea2762d9792e6aaa74faa594b382d12cf4766a36fcb678cedebefe468f35d3be9adbb49aed692d4fb23ada2144f2cb9d0f96e9d352cbdb9fb3de62d4d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9130fce6c34ce6502c7600d30870ca26

    SHA1

    00f022d3a66809c4db02e6e89192e3238c80fe5d

    SHA256

    e003333aa9a33b7c58d2f2138fbb6342a7a3345a371281507bbcbd9c180c0a7a

    SHA512

    4758971678e9f7c2842c8fa26944a376a6e91cb4e3ceaa9e53909580f71048ce91a242b067d645a339e1bcc95c38dee9a6ddb74bc861b350699afdaf6230d1da

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3553bee9f84174aca300a688ca3172b4

    SHA1

    d74febb436b7fbaa04f3e03ecad0a07d1ded17fc

    SHA256

    4b5d0c803290d08d14d49f99a633e69e3f995f683fa68454340777cd8affe2a8

    SHA512

    e6e819617e50a6825269aed9aedfae5a9fe377b43559140d7f41e3d26098a67b163dddce063543eee12671eae8d8f139909ccfda3d7be6f7857fc2937a78c654

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8a9864c5d5102fade2eb89a24a77358

    SHA1

    7c0799309b3fe3f5ee9b4ee12eebdd5399c9ef60

    SHA256

    ff7c177a409d3dba4b640da5ac526b442252225a32bacacc0dccb471de1a15a1

    SHA512

    846bd06f4efadab010ca52ba06302d74f1ad4a5f74d5392b3d77e6aca6babccc91bc41a58238fb68bfd6a4dc1ad475ab689e914cb2ac26e631842949fc39e79d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t9o3c8r\imagestore.dat
    Filesize

    18KB

    MD5

    da7ea41a4ff23192713a3c98d3848195

    SHA1

    4ce5543709a28afc44fa9d64caad2142c4a78fb9

    SHA256

    d2923ad850e15ca50d87c667394f3ce8c357fade1101b7f537e5967a809bf865

    SHA512

    654eb23253b08f54a4b998d10972253969a6fa4229530425b2eb1820f465b17b7f6b7ba36b930df3351cc1dccd7698e5ac25f0835c1278aa846622d496f1be92

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\7PSIXI0W.txt
    Filesize

    601B

    MD5

    c8c30a0bb63c10cb1d5eb1b14054fff0

    SHA1

    cd823ec75fb5850703d8a471037f4d8d7eef4ef1

    SHA256

    d7b9043622aa64a8d3be8289cf9fb17e4483ce1494531610f0bcd5bda950854b

    SHA512

    cd17611aeae59d56244b628125bc70d0bc911a8a585f5b6c2edbc8d6de85bfe332e4ab4c55bff59ce081ca23b26b229811650bab661699353c8f9f4bccb333f8

    Download Submit