Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://www.ikoreale...

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/03/2023, 13:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.ikorealestate.eu/fr/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 42 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.ikorealestate.eu/fr/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3992 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4924

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          7fd18fafed5476ac55791eb8f242fda4

          SHA1

          5a3f020d75cab0eaf95e867e0775c379324f86ad

          SHA256

          ae5eb9ee7b8417716664e98b8903946debdb8d7ef81cdcb6259383857f0eeac4

          SHA512

          52d7a7bb3b161ec4d525145ce2e7f0b3db07f158215446688f9e3a892c84eb8d953093480c2f1ddf1f139f6c9eacd6bf84774d8940c2b6a1f62971f9d38394f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          434B

          MD5

          37d2e89cd4bc5e3afb53fefc127ca6a8

          SHA1

          c375a27b42108a3af9a86a25663b2b3e1b835343

          SHA256

          3438b05266228a3a13dacda5d3ff4a1ba306982d7e46a04f9b7396ea9f5a09df

          SHA512

          651ad43abbeeda8515331a92d34c72d1622668c03ce982a558dad17beaadf8095de447004fbec5d1623c99f3ede99e72f85a04be79472f09aa766f3980c11b6e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verED5.tmp
          Filesize

          15KB

          MD5

          1a545d0052b581fbb2ab4c52133846bc

          SHA1

          62f3266a9b9925cd6d98658b92adec673cbe3dd3

          SHA256

          557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

          SHA512

          bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat
          Filesize

          828B

          MD5

          d6c0f03d0d6a9069d1d129ecfb10279b

          SHA1

          66eecd44a13f4ac28af5194ccb9f1b77426e8d12

          SHA256

          90cc6e7de3307e9c373ebdce50293cb8f31f608efd8190f15dc803ee26da1e21

          SHA512

          e6a2c8b0c315f455abe6902b1ffc89532458fc81d9b03b66f3c0982f17c28401dbcc3e4e642f1a1c3bc1abf841e05075570860a9f1ea30c075d695f15d8c9685

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\favicon-32x32[1].png
          Filesize

          674B

          MD5

          0bf4256e7f46e6c649312e3043ca95be

          SHA1

          704ddf2292f326d8dc1f861eadbfc8216de7b92e

          SHA256

          cdd8b99b8b5ec08530bf7eb62472e8ef0d5f3566c57c85c8c46ec4fdbc5aa867

          SHA512

          b387dbc1589fe740289089089b38d1204585d5373ddfb2260a2430334491d0a595f3de48167c566a6c6fe41032ceab35baf24f2cd8bb7034bbe430a20ca24b23

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • memory/4924-185-0x000000000BB80000-0x000000000BB90000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4924-186-0x000000000BB80000-0x000000000BB90000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4924-187-0x000000000BB20000-0x000000000BB30000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4924-188-0x000000000BB20000-0x000000000BB30000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4924-189-0x000000000BB80000-0x000000000BB90000-memory.dmp

          Filesize

          64KB

          Download