Overview

overview

5

Static

static

1

URLScan

urlscan

1

https://trk-mkt.taso...

windows10-2004-x64

5

Resubmissions

20-03-2023 07:56

230320-js3h8aee5y 5

20-03-2023 07:50

230320-jpr83scd66 5

Analysis

  • max time kernel
    135s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-03-2023 07:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://trk-mkt.tason.com/CheckNew.html?A8PI9b7HGs1iTtAv24GgKOcbPF6qT1ciHFyceyuPwSkG\=\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=\=&UE9TVF9JRD0yMDE4MTIxNDEwMDAxMTY1MzMwOQ\=\=&VEM9MjAxODEyMjg\=&S0lORD1D&Q0lEPTAwMg\=\=&URL\=https://suncrops.fr/old_site/np/tk//ueefahp/[email protected]

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://trk-mkt.tason.com/CheckNew.html?A8PI9b7HGs1iTtAv24GgKOcbPF6qT1ciHFyceyuPwSkG\=\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=&j7jUKLzsw7wjhVcTX8mH1AQSNwJp7TMCR2\=\=&UE9TVF9JRD0yMDE4MTIxNDEwMDAxMTY1MzMwOQ\=\=&VEM9MjAxODEyMjg\=&S0lORD1D&Q0lEPTAwMg\=\=&URL\=https://suncrops.fr/old_site/np/tk//ueefahp/[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1856 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4056

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\MBOJ02HC\www.google[1].xml
    Filesize

    434B

    MD5

    da3ce645f16977e746455dba34b97f14

    SHA1

    65f3ad2cac2fc0af3d14be5f3ebf73fd00056e97

    SHA256

    18b4870b037bb83d392e536259f39e90a35026dccadba6cdd84eec1b45e7b8df

    SHA512

    85c189acb962015c1dd50f8bb18925b83fc906f115e3194d23682aaebb96eae3be6a8f496cb37a2b10e67d438a26898c94761e747c51a2a319f95b2f5bc23304

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\MBOJ02HC\www.google[1].xml
    Filesize

    99B

    MD5

    6b292c1ea2e870684f9c2b656c07aa3b

    SHA1

    4970fd8ebecf3e9bffb90c3e926e14b82b4f3d86

    SHA256

    7c8a66e1b6478527a39a008d9be2881f1ac3b4b1ef820afe9ed0a72e148d73a2

    SHA512

    4571c510015d6658b0bc840637a0fb936966477711b32d2a29783560a6db5ce4a540b8a5803f6aea9b3297949e6fff101d79b43a1b12c38757a5b9f50a08a1bb

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    4KB

    MD5

    b64213b388351acd031a2b31cb89b5ec

    SHA1

    fb657a8ca0e385518df40987c9801a7b9db8aee3

    SHA256

    51db4a78f5b25df208db9aaf85ef209a9659fee84672f55db46a9671e20c7644

    SHA512

    405fdb228a370d1152446cafda533f937bb7e1dfdfdbc044225c0257c1433048618e332a7ab4547d322eefd054eb190120944df357293c4b442d020ade03fbc1

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    21KB

    MD5

    95912504d8f24abfac5b081b15fa6b24

    SHA1

    3941c5c1dc51edc0785f4ab8e6bba57182e97181

    SHA256

    d9786fb8baed7df5e92f9dde26fd4dc15838c0709d567fdb19672f6dfa8e1735

    SHA512

    b0d3db4d9e0cb9e401d5b2642117920c67d6aaced20e46e3e4b009d6b55d6928c12006834d9b2eb6a5e1089d9bce199f3cec8a67163fbb71223a8668c2771f20

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    21KB

    MD5

    95912504d8f24abfac5b081b15fa6b24

    SHA1

    3941c5c1dc51edc0785f4ab8e6bba57182e97181

    SHA256

    d9786fb8baed7df5e92f9dde26fd4dc15838c0709d567fdb19672f6dfa8e1735

    SHA512

    b0d3db4d9e0cb9e401d5b2642117920c67d6aaced20e46e3e4b009d6b55d6928c12006834d9b2eb6a5e1089d9bce199f3cec8a67163fbb71223a8668c2771f20

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    39KB

    MD5

    1a33eaaca2292a6fb4ccdcbb565d86a0

    SHA1

    1ceb8b447fc0e6ecd2b291c2c907a89617d66145

    SHA256

    bc81542d19d3cd209c9755ceb4f4b8b8b97c709acfe2d221f08a400153cecaf1

    SHA512

    8aa614aac5ddeb5ca40757a4c6225755bd64f80c02e978cba0aeadcd847aeab8792e2168736f6050e85cd08ac6eb32b84c01dac91685469a6cd88d9a069f520f

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\bootstrap.min[2].css
    Filesize

    137KB

    MD5

    04aca1f4cd3ec3c05a75a879f3be75a3

    SHA1

    675fcf28f9fbf37139d3b2c0b676f96f601a4203

    SHA256

    7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

    SHA512

    890415fa75ed065992dd7883aed98bfbdfd9fa26eec7e62ea30263238adca4eecd6204f37d33a214d9b4f645ad7d9cc407d7d0e93c0e55cf251555a8a05b83ff

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\jquery-1.8.2[1].js
    Filesize

    259KB

    MD5

    3a316818411b5a80ef878dc5c8483950

    SHA1

    a0f48b6ad5322b35383ffcb6e2fa779b8a5fcffc

    SHA256

    cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a

    SHA512

    68cce216cf4af7c89f85d141cfcb16d448edc1f542314b6e2031789480ecf0921acd91b20d3cd70dd5af89dc2cd2d27f78bca2336967fc2e8d72fa76a996ed7d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\style[1].css
    Filesize

    10KB

    MD5

    da466f7f49a0083677dffa6deb04ff16

    SHA1

    56229a95d3b045a4ac397516b080fea2cae04879

    SHA256

    18369f4d03f6b6835da2e385997fb6d417dd7663f5834523193c9d63b8460328

    SHA512

    57e567863c990dae6cbcaf7d0c10cc888d74a0545916309259827c6b16c7a3fc78177241bed874c5cb50529e64eeea54d46489a1a88e49dc60400f1c25e91f8d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\favicon[1].ico
    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\jquery.min[1].js
    Filesize

    84KB

    MD5

    a09e13ee94d51c524b7e2a728c7d4039

    SHA1

    0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae

    SHA256

    160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

    SHA512

    f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\styles__ltr[1].css
    Filesize

    55KB

    MD5

    83f90c5a4c20afb44429fa346fbadc10

    SHA1

    7c278ec721d3880fbafaadeba9ee80bdf294b014

    SHA256

    952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

    SHA512

    4f0d19678a6758e67cb82652d49ee92a3646c3b4b68b93253c3e468e88506bb8ad78942d7be244b390bdd29a0d00026ad561c040c1b557067edc7887fe7119ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\recaptcha__en[1].js
    Filesize

    403KB

    MD5

    3e73dbef941895dfc538a9d6a69ed927

    SHA1

    dac57a54b2635c1d5e1e6ae44e95d12d0a547ad3

    SHA256

    d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c

    SHA512

    51c03135ccb8a33a233876423cf8d7e6eb0e7e9b0916ace5cf7a1588661878fcd738e0c72338b0c1c0bddc489552037e40b62cec438f31852fb4ffaa3b514fbc

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\w-logo-blue-white-bg[1].png
    Filesize

    4KB

    MD5

    000bf649cc8f6bf27cfb04d1bcdcd3c7

    SHA1

    d73d2f6d74ec6cdcbae07955592962e77d8ae814

    SHA256

    6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

    SHA512

    73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\U4IULL1L\bootstrap.min[1].css
    Filesize

    118KB

    MD5

    ec3bb52a00e176a7181d454dffaea219

    SHA1

    6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68

    SHA256

    f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

    SHA512

    e8c5daf01eae68ed7c1e277a6e544c7ad108a0fa877fb531d6d9f2210769b7da88e4e002c7b0be3b72154ebf7cbf01a795c8342ce2dad368bd6351e956195f8b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\U4IULL1L\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit