Overview

overview

8

Static

static

8

URLScan

urlscan

1

http://nimh.gov.vn/d...

windows10-2004-x64

1

Analysis

  • max time kernel
    80s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-03-2023 19:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://nimh.gov.vn/d5/eet.html#[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2712 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1536

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    a03e3db17abda2b8279c2f4f37ee6cbf

    SHA1

    7470b2553b06790447cec18717a4bc02a24478d6

    SHA256

    341afed6144ebf64136cff435d5654f8525faf997a72e2492fcbc522f3858942

    SHA512

    4c93121cdbf94cd152f6e0f602c9acd5256073536e4dad930a0e1fc7656c5a1132eef1dd53d19c16979329d46916eea454cc65e578667dc8572e38ec5c4c4d44

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    9fba8b33bc14c653304aad292a0e59cd

    SHA1

    23320ec8c25034f12765f918fe3c09057838f677

    SHA256

    284b0bd430ffe8c8f3469b65e649d027b3d6a04c2bb47a21595a40f83d09cdcd

    SHA512

    dd114681181913be9737386dcc06000425fd169a0d74707e4766e488733ce73038f70d19f32e4bf5434047a6e1a77eb4ea410aa1a92362854dd5c226c20dffa9

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    110KB

    MD5

    47dbe43b10d052b8be224594b5c4aa60

    SHA1

    c27dcc48d4cff5b6ad4f45546bbfdf3918df0a31

    SHA256

    4617cfb6dc438ce16bc97788b15ab7a39173f6a46265cc0d74810015ead7065d

    SHA512

    3cea8b32aee408cc38c73c37478f3efec79d7bf120f2805ac2899a5e119420add315466b62694de8fa15bcb69150d77ebd10676dff0736e06985c4ea2f7074e3

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    111KB

    MD5

    130539f633dce11e2ebd8aee6d7a787d

    SHA1

    bd41f8ec519431a5cf575de4e1469367a24a7113

    SHA256

    d7dc84d2ec985c81494be45c7f59d81b8ae738c95813933ac207c15c809de866

    SHA512

    f9cd8bbf5552e9e70000975b8dc5e8c0b960ba6ed6dc836ce537d29e8afa44bb556c8b1d8fbfb2a07c1f360465d01282c6633fb9ea721efb8616a13fe1fdc770

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\U4IULL1L\favicon[2].ico
    Filesize

    110KB

    MD5

    1db747255c64a30f9236e9d929e986ca

    SHA1

    384023452346aa087d40c93c23ca2f5e32ff1b1f

    SHA256

    88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544

    SHA512

    05d654610ebf0c5de4ce828923c63e21d3164f4aebcec5db2415be23bd6965a50f5506ec8772c4624fae266944a9cc596947d3c061f0f9602633103238c64267

    Download Submit