Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://helpdesk.ope...

windows10-2004-x64

1

Analysis

  • max time kernel
    89s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-03-2023 00:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://helpdesk.openproject.org/mail/mailing/105/unsubscribe?res_id=69074&email=satya%40securado.net&token=8fdd52f224192f07e6691cae1da58771f80dd17520b5947196f19ebe787b840ea5d0760da542ef35d1e72ffc81a7bb93c19cdbd7861a5947df28b2e7b8dd6b74

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://helpdesk.openproject.org/mail/mailing/105/unsubscribe?res_id=69074&email=satya%40securado.net&token=8fdd52f224192f07e6691cae1da58771f80dd17520b5947196f19ebe787b840ea5d0760da542ef35d1e72ffc81a7bb93c19cdbd7861a5947df28b2e7b8dd6b74
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1772 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4464

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    08acdc49cd3b02b898cf5b16780a44e7

    SHA1

    d01f4fb9193458bd67f7005618a895358f6102b6

    SHA256

    b5549a74ba341c0ca43ba3bdad6991e02bad5acc24168e487a9174654ff9272a

    SHA512

    324f00eb1fa1b45866ca7cb4aedaf522624dabed7f8a1b955f8b517f99d32785bcb08a4aefac45c5be86797e1cf1229e8c3fed4f77e1bbc53bb39a8cbffb06da

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    232B

    MD5

    7a8861cd199cedf091f82d25a3d62604

    SHA1

    a32f14d18b21a138505643bc817a350ae592033e

    SHA256

    f684f68e11f1661055ebac409d021068105a30de4f75a27feb0e8efae5f10e12

    SHA512

    00ca274c92b2acec59a45ca635974ac90bf6812c213ca4881ccadcd949495252fe5af2ef39e2834a675a1065e25bd87f00371af26e661115a80bd07b7d24a846

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    1KB

    MD5

    8a9959fe7bd45df13fe7cae7db4e9390

    SHA1

    1f0dbdc27f94181a419afabb433b61af12d8438f

    SHA256

    c6836e0a6f3ffbaaca2c46a3cf8dfff91c7aa4f90af7c58d0e7815e3d53ef4d7

    SHA512

    97eef40170798f484a9d53d98bfc0dd58c533d3ce4a50c944828d5253d26b80bd94a61dec85d0d61e8c13d203f42931ef58f08bd42ef438dc42999c5535483d5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].ico
    Filesize

    1KB

    MD5

    a342fe863a8e41dff2a55410c7f118c5

    SHA1

    2f7028932480cdcb927f83b0165d577669e620fa

    SHA256

    4bd1ab3d744c19286e0676a67eddb7d4a649d690589b7e7ac93c9b5a419db8b0

    SHA512

    348e4e0f22bec1f4a3fcd57b2e5d2414345eea33077539aeb6798f1d8b88aa8904a65b1b97141fb3d45da3a35ea99ff6155f9e8ecb3b11a2ae947d869626f970

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit