Analysis

  • max time kernel
    77s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    02-02-2023 16:22

General

  • Target

    https://cinecalidad.run/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://cinecalidad.run/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5032 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4992

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    8795643bd9448f355f1e817b1beb8f13

    SHA1

    fc5afcd5dc1c57ec501109cb987bec2e7b628514

    SHA256

    c9a53a6962ee0ada77bad358699a886e9d54243a3ae24cc182acfeaef4dba134

    SHA512

    4a8bc9001359c55a68bb329ef000ea7506c003ef6a98d57d769ca020758bcde63d52b03add74e39294b7b0c52abb9a07ff6ec3bd1e66f9eca0e0675b2b9cd2f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    7769a9ea58dc9b84a4a2f437574f4bff

    SHA1

    08eac6d47ec4f3997b1c94b4eb5ea7e76ecd198f

    SHA256

    eac1da05912b5385e337cdf06fcf83e006bfb246cab99789d5a42f7a33eb4887

    SHA512

    5e2fa8c1b5ef869ae5469bbb7399fb848d5cf20c8a2b8bb217ed9437b84a725f05ad1243f92da750a008c011531b4ea64875554fd5c524b86f2e7b13182291c3

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\xyoggsx\imagestore.dat

    Filesize

    7KB

    MD5

    9f9dfa6e50e89d6a77a77eea6171b8a2

    SHA1

    55acb3add7b4b6c6d4c4b5aec66bdf30a354d461

    SHA256

    131d3e31af22144751ba4d33a3675ee5e876fcf1aaa8295c3bc42a716af9e986

    SHA512

    216b71a877e6254e4425300bb6c5ae82c80d1177c30c8b7417bdc181a7a5053f6d5243ccfb68aaa4d0978a9fa3681597a97d88f060895621ad73c4ad9eddba37