Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://suncrops.fr/...

windows10-2004-x64

5

Analysis

  • max time kernel
    113s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-03-2023 05:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 60 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://suncrops.fr/old_site/np/tk//icrnkgf/[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4972 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Z0K0IC7U\www.google[1].xml
    Filesize

    98B

    MD5

    7a5b44d285c5f423523dba7f8a077ed6

    SHA1

    12bc079603dec882b66d85d03edc674ad04033c5

    SHA256

    f640b6551fb8fc87a895985478c043750b54c71ddd10081273e59f3c2e32801b

    SHA512

    eab9f83bd92ce4712287a41d0f981453cf80989235d187f5bd884412f97cccbf73f24998574b596fd362d76d6ab4f29ebbc84632d0f9f24cbb4c0096e9d831a5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\osplltc\imagestore.dat
    Filesize

    4KB

    MD5

    3ff1ed88daec8fe73042ecd2400d6d64

    SHA1

    d495d16f113c7f7f69653221cd34007a264a28e3

    SHA256

    34ca0dbb3431ccd6455a2f65a3285963a3f32a4919bf2cc1847116334211a7e9

    SHA512

    2cd152baf4986cdfea749e29719fadb95de679ce2e8eea2a0e5437cc4c28b188a0a4c96fb1cb9a231e2d3b8a1b2c6dca7bdeecce9faf738e5f14087870f5e6a3

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\osplltc\imagestore.dat
    Filesize

    20KB

    MD5

    25d18f2397bd8bc8fada3ee85082343f

    SHA1

    12181c6041826d67fcc83b2347432a0239989835

    SHA256

    4aab9f7439afe0a839b040421cfde48ff0021869c7d53a395c4d3b782fda4dc4

    SHA512

    0de0ab0e05844c9b3f97aa250d9862faa0fe3bbb649c406d8c95d48ac93a43f3d69370836f4621c8f7f01c3a14eec9798377058509fb6848c08f74687d690820

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\osplltc\imagestore.dat
    Filesize

    21KB

    MD5

    024ffd9afd152d2ab5cc03b980e3912d

    SHA1

    454e5abde5b0c6d1c6e3eba5a907059b42ec7cf5

    SHA256

    564953450b337c1dc6338df2ad464f2b8259442f12d0000a1dc7f526883bbb69

    SHA512

    eb01d9e8ede3a80d95ef12c6d191116535137f0cd685e22ef49ea21a8676d20ade629d3cd22f0a2d96dc19e9de8509901f4f6a93a747af57eec2c588608ca64b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\bootstrap.min[1].css
    Filesize

    152KB

    MD5

    a15c2ac3234aa8f6064ef9c1f7383c37

    SHA1

    6e10354828454898fda80f55f3decb347fd9ed21

    SHA256

    60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

    SHA512

    b435cf71a9ae66c59677a3ac285c87ea702a87f32367fe5893cf13e68f9a31fca0a8d14f6a7d692f23c5027751ce63961ca4fe8d20f35a926ff24ae3eb1d4b30

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\styles__ltr[1].css
    Filesize

    55KB

    MD5

    83f90c5a4c20afb44429fa346fbadc10

    SHA1

    7c278ec721d3880fbafaadeba9ee80bdf294b014

    SHA256

    952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

    SHA512

    4f0d19678a6758e67cb82652d49ee92a3646c3b4b68b93253c3e468e88506bb8ad78942d7be244b390bdd29a0d00026ad561c040c1b557067edc7887fe7119ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\KFOlCnqEu92Fr1MmYUtfBBc9[1].ttf
    Filesize

    34KB

    MD5

    4d99b85fa964307056c1410f78f51439

    SHA1

    f8e30a1a61011f1ee42435d7e18ba7e21d4ee894

    SHA256

    01027695832f4a3850663c9e798eb03eadfd1462d0b76e7c5ac6465d2d77dbd0

    SHA512

    13d93544b16453fe9ac9fc025c3d4320c1c83a2eca4cd01132ce5c68b12e150bc7d96341f10cbaa2777526cf72b2ca0cd64458b3df1875a184bbb907c5e3d731

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\api[2].js
    Filesize

    850B

    MD5

    dc06c3119dddfbf05587300ac8ed33b1

    SHA1

    4b1f693198d49ff46bc137de1dde821a6d0e2c96

    SHA256

    8d8172236c099b083eb385a86781096526ef00b93215bd3a8a223725978cd04e

    SHA512

    82641db7f37bf23735aa711c4ed685883c72290ebee97bbe192bf39e5669842b41931ae7a6d39c9fba68b34c7d184513a7c864ef5417e20edc7d94b273826cfd

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\webworker[2].js
    Filesize

    102B

    MD5

    e6faa5cb41bb6b5bd583f439bade20a7

    SHA1

    a97a7eaa98aa9ba9ededc3441531707a1d161f10

    SHA256

    4fdd793c6b9c084150c7577c83ddd7bdb6f38b1e5b1f036418f20d6d080b42a5

    SHA512

    14739e097fcf03ac2350e6773883ef6e0fc70fe0f8c1c3ac5b14d3e8a164302047170b7f4cf49d597100ef72b37cb15557be3c3777d24faea08a9d27ce9a5036

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\KFOlCnqEu92Fr1MmEU9fBBc9[1].ttf
    Filesize

    34KB

    MD5

    4d88404f733741eaacfda2e318840a98

    SHA1

    49e0f3d32666ac36205f84ac7457030ca0a9d95f

    SHA256

    b464107219af95400af44c949574d9617de760e100712d4dec8f51a76c50dda1

    SHA512

    2e5d3280d5f7e70ca3ea29e7c01f47feb57fe93fc55fd0ea63641e99e5d699bb4b1f1f686da25c91ba4f64833f9946070f7546558cbd68249b0d853949ff85c5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\KFOmCnqEu92Fr1Mu4mxP[1].ttf
    Filesize

    34KB

    MD5

    372d0cc3288fe8e97df49742baefce90

    SHA1

    754d9eaa4a009c42e8d6d40c632a1dad6d44ec21

    SHA256

    466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f

    SHA512

    8447bc59795b16877974cd77c52729f6ff08a1e741f68ff445c087ecc09c8c4822b83e8907d156a00be81cb2c0259081926e758c12b3aea023ac574e4a6c9885

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\favicon[1].ico
    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\recaptcha__en[1].js
    Filesize

    403KB

    MD5

    3e73dbef941895dfc538a9d6a69ed927

    SHA1

    dac57a54b2635c1d5e1e6ae44e95d12d0a547ad3

    SHA256

    d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c

    SHA512

    51c03135ccb8a33a233876423cf8d7e6eb0e7e9b0916ace5cf7a1588661878fcd738e0c72338b0c1c0bddc489552037e40b62cec438f31852fb4ffaa3b514fbc

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\w-logo-blue-white-bg[1].png
    Filesize

    4KB

    MD5

    000bf649cc8f6bf27cfb04d1bcdcd3c7

    SHA1

    d73d2f6d74ec6cdcbae07955592962e77d8ae814

    SHA256

    6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

    SHA512

    73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5

    Download Submit