Overview

overview

1

Static

static

1

URLScan

urlscan

https://www.google.c...

windows10-2004-x64

1

Resubmissions

03-03-2023 11:40

230303-ns5qsshc63 1

03-03-2023 11:39

230303-nsn32sgg4z 1

03-03-2023 11:38

230303-nr6ayagg4x 5

03-03-2023 11:33

230303-nnwx4ahc53 1

Analysis

  • max time kernel
    35s
  • max time network
    36s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-03-2023 11:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.google.com/maps

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.google.com/maps
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4192 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4192 CREDAT:17414 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4776
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4940
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0x7c,0x108,0x7ff8bc049758,0x7ff8bc049768,0x7ff8bc049778
      2⤵
        PID:3508

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
      Filesize

      1KB

      MD5

      6d6db28bdaddc82700cbd63440314e0d

      SHA1

      a78c1249125c23dac36daee3e5560c4f8cade1ff

      SHA256

      c605d5bb5d30de2eab76db8dd8fe088f10002ffe01a5acba03f1828cd308f5c0

      SHA512

      cc5521159e5720a3e866708ff930fba4637d28f76af81835e315e88f25ee836715a099bb08526a01587e2e0e4a1b793eae13f3d80107652e11013884816febb2

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_5D17D366A168D9C54EF2B0CBC06BBA4B
      Filesize

      472B

      MD5

      65867a0eb23afa147aebb5376405e1c7

      SHA1

      286fd4b2ff01bdaac14c3777dff4a0e44086663a

      SHA256

      84f2302ecc2ff32b4a65a9c53b40b7079d8a6bf0ba39157803390f97cba8d04f

      SHA512

      393e65737822183c46e850668d0245c58931362959f66c584f69bb6661f52524fc39a0447035e7016e8f725871816f391dfa96a7f0d27bf4babfa3c50700cbf2

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
      Filesize

      724B

      MD5

      f569e1d183b84e8078dc456192127536

      SHA1

      30c537463eed902925300dd07a87d820a713753f

      SHA256

      287bc80237497eb8681dbf136a56cc3870dd5bd12d48051525a280ae62aab413

      SHA512

      49553b65a8e3fc0bf98c1bc02bae5b22188618d8edf8e88e4e25932105796956ae8301c63c487e0afe368ea39a4a2af07935a808f5fb53287ef9287bc73e1012

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_0BC0FCBE7B55B6BAFCE4F5E1E794363D
      Filesize

      471B

      MD5

      e0c8f2eab04f81350f4ba6bd80e97bcb

      SHA1

      7ed111523470ff20998f330417b53a619641ac55

      SHA256

      24feadd95e199166c4d0c14e910bb80bfe0b5272d5cebd5e1850be00fab4a562

      SHA512

      26289ed8ef0790b0be980f0d5513d358c5b779d18e4923259975370e82bfb9a5f1e24427fc818e8ea7be39ff0f54db35e56a28ada617173df9d4ff9e9db5f6df

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_C7E71308242D9661A08E819C14F4A863
      Filesize

      472B

      MD5

      c5e622053810f5ffbb809def8721f2e7

      SHA1

      a0ec04b7ad55adb13d9f46b4f1fe13aa4855a53c

      SHA256

      2aac93f2264b10a205ae085d6bfbfb5717e3e1f77f1ee0fab010a44db60d8bb4

      SHA512

      ea068160c7f430fa76573b325d7f9df93e85817b471d6add52818dd98a9d23b1a3a8ff876036630f6f40e3f92b355dd25867ecef2f03d4ae6a343e887c3b8890

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
      Filesize

      410B

      MD5

      c9cabbad17e8b43fb9d6d6992cfc1b91

      SHA1

      fb90fa6e1583f3de0fae5cb3bf8b8204526c1ba0

      SHA256

      2ffb89b36c4c7160c53cd4d050ca15f61562f35e25499556cbad1d1c8a40d42b

      SHA512

      5c767d4be0abba32b74130bc3379baca6f8cb0891aae93cfc1c673959f47b6d55f473f429b7efc7275a06fac2b7043bdfe94986b93efbe022abafdff3bc4100c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_5D17D366A168D9C54EF2B0CBC06BBA4B
      Filesize

      410B

      MD5

      42d9f7b779ac5dde58051b50ff201cf0

      SHA1

      ea86541db98f42281d5c67c99ff4c6013d20fdb4

      SHA256

      cc3a5c5a6ef019a868600ee93f721f98d068ff1f4b10adadc3106eb76f1b0146

      SHA512

      eacfb8ea3e5c9747b432173bcf0824be5698a618f2a3faff50649f961debf7dbd71e078e22dbcbdb35ffc78de13ffc462a05697ed9a697f7310389b88d81444e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
      Filesize

      392B

      MD5

      963a9464858e7b627a5609a3432445da

      SHA1

      53b967c2bd16d4f451d3b6967bcc8d3a62514bbb

      SHA256

      88760f33574346f865efc271ab62b31508ea9cf71dfde71110bb1a9bf58af818

      SHA512

      4389d87fd11a65990d52d3c56b5ec136dc2c7ec33f7abaff559ed045ab08bcbd203a9981c2b3f783d77ecae99dd4336460db02494a1762866d78dc3cb42b81bf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_0BC0FCBE7B55B6BAFCE4F5E1E794363D
      Filesize

      410B

      MD5

      b096e0ec2b59be1061c66c0a50fe8195

      SHA1

      2dd05870c29f28faa12e0d0f5b866caf8e5b3d6d

      SHA256

      b96e4b021e1d862e03012c2282092908b942cfc9b91580971df5a8065b39747f

      SHA512

      019373e8af01185b6b25f14db3e3cc270cc21d4250446afc8dca6e3c97001d2c58b0d14d69e7e5d955ed009d2e8330aa0b8ec530aa6f28f607b5d57723f1a5b5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_C7E71308242D9661A08E819C14F4A863
      Filesize

      410B

      MD5

      e3bceba70403f24d4d0bcf985b73d7b5

      SHA1

      1f0ae251ff3a3b8b9eb02df103e26091e33668bf

      SHA256

      e23789d4030595020bdf717dcee34627d75d4ab06643f00fc1d9b5223c9b7f03

      SHA512

      ca52e920901bd70b661d21a6396983e9d5cf905fcd6f2d86751c40c93c4459f3da612500e1ed771c112f2b74f00a30374ab861997a1688627f835c94b94e0eb2

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TALZ6GLD\www.google[1].xml
      Filesize

      342B

      MD5

      782b64e9de1fb5e48d7cd102edc454d4

      SHA1

      22722e7704eefa56658dd37dc893b111da6390e1

      SHA256

      ce90ec03074666a0f071996925d852e42448a45d74fad647c4191664ea730423

      SHA512

      af9f9cf0bb4e06633e619ec7bafdc4dcbce2a7e2e62c2f5ca3a2f463c71a503991b2f9eeb65b72c27647766cc161ba1a4c18ea831affe593cc54df88638543a2

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TALZ6GLD\www.google[1].xml
      Filesize

      347B

      MD5

      4e32d0a27ae42661bdc086b3236fbf5f

      SHA1

      f0e4a6d8abce3ebdad79e17352be3a20dadc7a14

      SHA256

      bfcde80fc73b282f9d409a70895e08f00cc8e707518960c99499c25b252670e5

      SHA512

      04e1f84555e8fbbca2caefcd8487f834601caf912c7467d549c2902757a3d403f6a6f113315f1d919bc9a6f8a06b46c1b13988a493f506e70499ea394f9da9da

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat
      Filesize

      4KB

      MD5

      af9872ec72e0e56e32135a9bb50c2717

      SHA1

      fc86dd07b34ed7c3cca757c8388dfd1eb43cdcce

      SHA256

      8bc640e4c3da55fbc340f81931bd7d896f7114e5b0c7c8c6b9604140e0947bc1

      SHA512

      d3b25c04d552806d1a0a03f523f2f9d6b1e116d9b285d98b55150467a5290a7d2efbd1663d457d80623dfbe3dc2a834ff3e8f33ec2ba0afa2c91501f817b41ae

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat
      Filesize

      5KB

      MD5

      5cabcd432ad2ce8904d2fa5cb706de76

      SHA1

      57157356354ab784689d7e3f3c778c2ec6c50611

      SHA256

      f6de5942a1403c67ab4f5b2a2f9e566916c39fe57fd5dc8ea682a25485673b0d

      SHA512

      743674d48c12a8f45f193ea9920da36930b639a8912cd5a722443fce4e71e7b2fd723cdedcfe405ee4d2ed415eba0d338781a026d33885b29910e8051e3653fd

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\main.min[1].css
      Filesize

      102KB

      MD5

      45f88a038d126df1113c96012037d9cf

      SHA1

      6b70c5c7e8e16b9847a959e9dad1762751ba470f

      SHA256

      4262f6e072bc5ee7fba68c944378712dc34a94510fa3e104e8f6b822be4dc69d

      SHA512

      5d1edd9d3a3fd1026a5de4fb556eda749064d66d66db73e030dbc6322a6ba5ef01fe3eac112e684d4a7bfa4d62275e2e9a99216395948c601b0087fbd0f0db5d

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\analytics[1].js
      Filesize

      49KB

      MD5

      54e51056211dda674100cc5b323a58ad

      SHA1

      26dc5034cb6c7f3bbe061edd37c7fc6006cb835b

      SHA256

      5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

      SHA512

      e305d190287c28ca0cc2e45b909a304194175bb08351ad3f22825b1d632b1a217fb4b90dfd395637932307a8e0cc01da2f47831fa4eda91a18e49efe6685b74b

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\favicon-16x16[1].png
      Filesize

      695B

      MD5

      7fc6324199de70f7cb355c77347f0e1a

      SHA1

      d94d173f3f5140c1754c16ac29361ac1968ba8e2

      SHA256

      97d4556f7e8364fb3e0f0ccf58ab6614af002dfca4fe241095cf645a71df0949

      SHA512

      09f44601fa449b1608eb3d338b68ea9fd5540f66ea4f3f21534e9a757355a6133ae8fb9b4544f943ca5c504e45a3431bf3f3d24de2302d0439d8a13a0f2d544f

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\openhand[1].bmp
      Filesize

      326B

      MD5

      feff9159f56cb2069041d660b484eb07

      SHA1

      0d0a08cf25a258511957f357b89d3908f3c5e6e3

      SHA256

      7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

      SHA512

      f850277f48ac14fa363265469776e6f7f07f7dd743aa1d1ad7cf2329eee6d323da3422cf6baac066c84ecd24800a02088053ef3fc0488d170e7fc942ac8ffa99

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\maps15_bnuw3a_32dp[1].ico
      Filesize

      4KB

      MD5

      994a80b245ec135d196902af06b11aaf

      SHA1

      3fdbf039839fc3d59eedbb5c698f3d432a22e0c3

      SHA256

      f3ba67ecceb7e89135a67b36f49599c44521da1f48e217c374910990782d6973

      SHA512

      d1801b65cac508171e0b86af1607c5afab781961b096849a84e5a2d30fc740032c283dd3fb4db2f976f85e105ed90485c8c8b559c2f5927904915ed521b07764

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\~DF5E7A0340E897AF8A.TMP
      Filesize

      16KB

      MD5

      b551f47b5e600643e272d74d800c62aa

      SHA1

      bc29dc66fc706368b071d434db5e27d02d5bea42

      SHA256

      2d0d978e2dc36a43ab353d89eabd253524004525e24e8a98b26299908d14a5d4

      SHA512

      89fc967b06684be5de784981b228f48c7a6e4a5d9b32dc09b3230b38908f8cc5272010023f4c99f5ed4782a1df5fba53d2ca9c1e1a7053f00919203117fb93f2

      Download Submit