Overview

overview

5

Static

static

1

URLScan

urlscan

1

https://trk-mkt.taso...

windows10-2004-x64

5

Analysis

  • max time kernel
    124s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-03-2023 05:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://trk-mkt.tason.com/CheckNew.html?A8PI9b7HGs1iTtAv24GgKOcbPF6qT1ciHFyceyuPwSkG\=\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=\=&UE9TVF9JRD0yMDE4MTIxNDEwMDAxMTY1MzMwOQ\=\=&VEM9MjAxODEyMjg\=&S0lORD1D&Q0lEPTAwMg\=\=&URL\=https://suncrops.fr/old_site/np/tk//icrnkgf/[email protected]

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 22 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://trk-mkt.tason.com/CheckNew.html?A8PI9b7HGs1iTtAv24GgKOcbPF6qT1ciHFyceyuPwSkG\=\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=\=&UE9TVF9JRD0yMDE4MTIxNDEwMDAxMTY1MzMwOQ\=\=&VEM9MjAxODEyMjg\=&S0lORD1D&Q0lEPTAwMg\=\=&URL\=https://suncrops.fr/old_site/np/tk//icrnkgf/[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3116 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4804

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B27E6VSV\www.google[1].xml
    Filesize

    99B

    MD5

    cb3a8e0a7ac09b8240cf9c1a9dd007c9

    SHA1

    c9cab725c8ab18992b017fe24fcef348a4cce8db

    SHA256

    8ec4db5c39ad87e862deccda49353f3064adf14119dd5d7fde51621898d195a8

    SHA512

    80b3da86226f813db7a0a594826fef1a7e544ad1564f66787d7c58c5b8129b94f4a793fb9fcca998860866d07b2c284eca688a93f6114a74476702eee1851d63

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    4KB

    MD5

    d6777323e54bc491642ef8513228199a

    SHA1

    3ed4066bed8092bc5f28405083e789afbd2b8be2

    SHA256

    37bd69656e77510bcfbf256c65cb7a7b21a84d04da0ac16fc29f404def88a9a4

    SHA512

    02123627f8c6f0ea70b1b9cc3063c3c994df72b87f4e7ec54575e4d032f1f465ce8795dd776eb12405e16a4bdbc5b7c5339ed6e8b56974eb1e9872ce144f78a2

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    20KB

    MD5

    4fed593b7e757afecb5575b4c639861e

    SHA1

    90969c0c92f723ab8448565aad66649add29195f

    SHA256

    1de2cf2f3af89bd21225a168fb566d3a3e67af1de578cd97e4c63160365d7c46

    SHA512

    75eb99f25d39e2ebec08c814fd7728a7bf05c5c448e6bf88330999124f2c3ce3500e501f7f957f3f890e1480a9900024c1644857d0f66bc1eb44af88b8879e49

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    21KB

    MD5

    78609f09d89c91ba0bb927f1ea504586

    SHA1

    ff895485103f9413898ae129581c5ca02a890302

    SHA256

    215dc2c9d1f230242efc7fdffb50a0ec0668b1c1158c6ac7627e4e8a73604692

    SHA512

    1d7d1598707fb73127aff23722ab65b0f014a04eaa39f86269d1efbcff7f91d8793550f4f430295023bcd178ab1b810d7ab2eb318acc8e0f7153d0aa0828106c

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    39KB

    MD5

    c4cdfbd1d1f4aa771ab9d1c9c90ac4d6

    SHA1

    5133e7d361e967cf91a1592d50ea64280bb1ba12

    SHA256

    f66d84540125674a093e816a5677f3dcd2caf6eb42468eeb25af01670455fd45

    SHA512

    bf47cb679148c87b29516e30fd64f4ab6bc36dcdfdd4a36bf4c54f1dcc2b4135c8d3ae2cee83dea9f1d4bfa8fc7b1fac43f9fc13b19f7600d87d1fc581d6c4b5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\bootstrap.min[1].css
    Filesize

    118KB

    MD5

    ec3bb52a00e176a7181d454dffaea219

    SHA1

    6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68

    SHA256

    f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

    SHA512

    e8c5daf01eae68ed7c1e277a6e544c7ad108a0fa877fb531d6d9f2210769b7da88e4e002c7b0be3b72154ebf7cbf01a795c8342ce2dad368bd6351e956195f8b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\favicon[1].ico
    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\jquery.min[1].js
    Filesize

    84KB

    MD5

    a09e13ee94d51c524b7e2a728c7d4039

    SHA1

    0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae

    SHA256

    160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

    SHA512

    f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\recaptcha__en[1].js
    Filesize

    403KB

    MD5

    3e73dbef941895dfc538a9d6a69ed927

    SHA1

    dac57a54b2635c1d5e1e6ae44e95d12d0a547ad3

    SHA256

    d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c

    SHA512

    51c03135ccb8a33a233876423cf8d7e6eb0e7e9b0916ace5cf7a1588661878fcd738e0c72338b0c1c0bddc489552037e40b62cec438f31852fb4ffaa3b514fbc

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\bootstrap.min[2].css
    Filesize

    137KB

    MD5

    04aca1f4cd3ec3c05a75a879f3be75a3

    SHA1

    675fcf28f9fbf37139d3b2c0b676f96f601a4203

    SHA256

    7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

    SHA512

    890415fa75ed065992dd7883aed98bfbdfd9fa26eec7e62ea30263238adca4eecd6204f37d33a214d9b4f645ad7d9cc407d7d0e93c0e55cf251555a8a05b83ff

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\jquery-1.8.2[1].js
    Filesize

    259KB

    MD5

    3a316818411b5a80ef878dc5c8483950

    SHA1

    a0f48b6ad5322b35383ffcb6e2fa779b8a5fcffc

    SHA256

    cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a

    SHA512

    68cce216cf4af7c89f85d141cfcb16d448edc1f542314b6e2031789480ecf0921acd91b20d3cd70dd5af89dc2cd2d27f78bca2336967fc2e8d72fa76a996ed7d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\style[1].css
    Filesize

    10KB

    MD5

    da466f7f49a0083677dffa6deb04ff16

    SHA1

    56229a95d3b045a4ac397516b080fea2cae04879

    SHA256

    18369f4d03f6b6835da2e385997fb6d417dd7663f5834523193c9d63b8460328

    SHA512

    57e567863c990dae6cbcaf7d0c10cc888d74a0545916309259827c6b16c7a3fc78177241bed874c5cb50529e64eeea54d46489a1a88e49dc60400f1c25e91f8d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\styles__ltr[1].css
    Filesize

    55KB

    MD5

    83f90c5a4c20afb44429fa346fbadc10

    SHA1

    7c278ec721d3880fbafaadeba9ee80bdf294b014

    SHA256

    952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

    SHA512

    4f0d19678a6758e67cb82652d49ee92a3646c3b4b68b93253c3e468e88506bb8ad78942d7be244b390bdd29a0d00026ad561c040c1b557067edc7887fe7119ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\w-logo-blue-white-bg[1].png
    Filesize

    4KB

    MD5

    000bf649cc8f6bf27cfb04d1bcdcd3c7

    SHA1

    d73d2f6d74ec6cdcbae07955592962e77d8ae814

    SHA256

    6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

    SHA512

    73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5

    Download Submit