Overview

overview

6

Static

static

URLScan

urlscan

1

http://www.profitabl...

windows7-x64

1

http://www.profitabl...

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02-02-2023 09:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.profitabledisplaycontent.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.profitabledisplaycontent.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1884 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1652

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    1KB

    MD5

    47f04bce6176beec9a4d5412bbd6c517

    SHA1

    082f77e0cd435dbfb393983cd6ea20ba118055e8

    SHA256

    770cb5bdb4f4d85b6d00f9cda803e754ccdc322bae9c0813dba0ae19461e7148

    SHA512

    5027d17e46c94766ad5b0905bb1f1879fb77f3341a343bd10d2ff774ae6f9b416e7d3bf55c4a3b6583c596a690949590a90a372c66e2a4baac0ceda0721f631d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    416B

    MD5

    b96025aa81571e14136625f62473f3f7

    SHA1

    9252d7b969202a6edcc53dac50231e36959830ca

    SHA256

    23bc2860a2d63bf7c99e8c9e01853b3515c758d3c22cb72a490a9ea656cffe2c

    SHA512

    f65f031665fea56f821216ad7943ea16c8835c7ca8a3a4809acaca8584ff24ef3fe81ff0b10cb0a1a784c63ed1195ec47d64c7736e620539f943ef27907472df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    340B

    MD5

    f6ad6933f4eda98080dce2288d9b75ca

    SHA1

    e43bee9dbf4142dab0fa27fbe76680ea141ab34a

    SHA256

    22efdbe423fc1dee3a29b4b0807dea93df39a97b68861424b377bce37a8e50f2

    SHA512

    6be76845313807edfae1749d356fbae1307f5b64c0ccbfe2eca83d1a1a581a7c6b96019e491eb09e13cc98f49a500d704f82790ec5e1ae30c80f3a299d6eedc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    7531f202518f025428e20baad1be3daf

    SHA1

    9cb142426640ae72d6e9e66e3c779d98d655b53e

    SHA256

    d02a5bf9fcc1472742daa4ad8f105c13f702798c5adfc507b239d2ab2208c288

    SHA512

    1a4179fc7e4179545feaf218885ca17517d734f62c2e7d81315acc9454e8928b61032f9abceef6cd9e273cf34812aec5e7414f463498a7b7ce84813d2232f2c7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lwrmjt1\imagestore.dat
    Filesize

    9KB

    MD5

    353cfe511d0708f5cc66ce2c380f9cd9

    SHA1

    51aaac79a4db804f3ce48424e49243ed14215237

    SHA256

    b4b9435598cf2fe99717a8f48343852c0b6ffe02ccad2b63a49ba3ef4656d59d

    SHA512

    e336bd1fbf8c34c040445d48cec07ae63ea277c6d0a5cbc2ce05a27e0c8a96fa93c4d6cda511ada4bfe5cc57ea46d7f2cd8d1887c27f0a978def9e2bd0c49746

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lwrmjt1\imagestore.dat
    Filesize

    18KB

    MD5

    04e8124fa64e34d87d8ce0de7b4ae2db

    SHA1

    31414f0d8519f27885eb9b96d7fcf5b506144dfa

    SHA256

    102c3b3719fd3266912ae541c927435ac0dbf5312448a6846f30167a51e6d43d

    SHA512

    1c27ae79a39f925ae36bbfdff8920dcb5975e7c0142e465c3deb94465bc66eaa8d025430d0d4d1469bf2c3843058aec0a86138aaa297f2a0d9190bec1b08e192

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lwrmjt1\imagestore.dat
    Filesize

    18KB

    MD5

    04e8124fa64e34d87d8ce0de7b4ae2db

    SHA1

    31414f0d8519f27885eb9b96d7fcf5b506144dfa

    SHA256

    102c3b3719fd3266912ae541c927435ac0dbf5312448a6846f30167a51e6d43d

    SHA512

    1c27ae79a39f925ae36bbfdff8920dcb5975e7c0142e465c3deb94465bc66eaa8d025430d0d4d1469bf2c3843058aec0a86138aaa297f2a0d9190bec1b08e192

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lwrmjt1\imagestore.dat
    Filesize

    24KB

    MD5

    f7fab70b72b3bb83b1d09b999702a5b5

    SHA1

    69158b81a4149b1a254d85364652a744062c2f10

    SHA256

    2fcb8d4b5ac8233af8683abbb70ca4c23bd382d9052d3f25cf2e7d2596aadc6e

    SHA512

    d5dc64bdd50ded14581dc779570d1ec9819879d65d60569a090416ba6b13e66482cb2b6edce9264e60df39ceec10fde362a497bb5e670ac0c654a03e5a86777c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BG9XQTG0\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\50GQMCVK.txt
    Filesize

    604B

    MD5

    6a3d03c827020954f3588e1cd1ff2b55

    SHA1

    9ab3b1b553d2f510578735c4298d4ccfaf24f154

    SHA256

    9bd0cdfd8e28833fba1c3da1fa3b4c752714aa6cd506ddcfb37b1c01bf9249e7

    SHA512

    67bffa2a35d9f58e84c207dfe597dc99ca5e5f46b47cf7753d4edde1e7cd04ea00c6226f30af8831ee9cf1b58d95ce7c66ab7dd0ceeeed517c22f261a38eae7c

    Download Submit