Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://www.linkedin....

windows10-2004-x64

1

Analysis

  • max time kernel
    80s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-03-2023 02:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.linkedin.com/company/fortinet

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.linkedin.com/company/fortinet
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3992 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4908

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    a03e3db17abda2b8279c2f4f37ee6cbf

    SHA1

    7470b2553b06790447cec18717a4bc02a24478d6

    SHA256

    341afed6144ebf64136cff435d5654f8525faf997a72e2492fcbc522f3858942

    SHA512

    4c93121cdbf94cd152f6e0f602c9acd5256073536e4dad930a0e1fc7656c5a1132eef1dd53d19c16979329d46916eea454cc65e578667dc8572e38ec5c4c4d44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    45ea4e0c5b2eee3172b830766a155416

    SHA1

    6aaf1e10eb07555068fe71daccca2791fb277268

    SHA256

    2a6c43534e7b586be1e3d31367ffd696b3169919417645285bd89d097bd599cc

    SHA512

    ef4b9a634f49ea9fe1a176139d4bf9b3144aa4c879630f4c50398c3134a11044fbebf250bb45fa6ca77039f3b24a5ae47aacf30bcbde11c757db1a82e3ac2073

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    1KB

    MD5

    fdc9c32f7a04b438ff639cf66c6a9d15

    SHA1

    d8e93049c8ec1dbe62990ab6aac8c89fbc151374

    SHA256

    ef0b091770429bdb64c6fcd548819f43178b519cab4494994f174110ffcbb7ad

    SHA512

    bc7f0a39993d0ba2e0fcfde8fd65aff4c28edd502d864c6621349cff18e95afebc6cb26f2ddb6b0f30772bd73168d4f6d911ac9a829ac4af20a98bda528f3852

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    26KB

    MD5

    6cafe176565b57d8636f93a60f2af284

    SHA1

    19289c44e65f30f4da11efdbcb7e564c6bc1c536

    SHA256

    0fb56ac6463527b2b86525f9663e72ec3e2ad480e6cbab2f80149eb5e95c9fd2

    SHA512

    1a12919838a086395ded6d1c20c37b462f14f1f39670642b8a9741bb9ed622234de0a9f8a1ebcb8d640b24f47fb46e0f9d83906e9dbbdcf507df4d9ad2b16a34

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\al2o9zrvru7aqj8e1x2rzsrca[1].ico
    Filesize

    24KB

    MD5

    b2ccd167c908a44e1dd69df79382286a

    SHA1

    d9349f1bdcf3c1556cd77ae1f0029475596342aa

    SHA256

    19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec

    SHA512

    a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\favicon[1].ico
    Filesize

    1KB

    MD5

    9ad5656e945aca883b4d28c4d0ac4b45

    SHA1

    70f5157a8a4dc5a924abad83309d2859cf241ef6

    SHA256

    6aec45ec9ed43941a46eba5b713029748632be08103bbcef74f8eb5dc1d7e58b

    SHA512

    4dfba2a9292302d60cff9af5c9ad38bb0231c07fe445ee682af73bfd1468dbaf1972712d1810e6ea721c4e91ea1be766a1681d6b1fbb60537cf2bec9d1fab281

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\favicon[1].ico
    Filesize

    1KB

    MD5

    9ad5656e945aca883b4d28c4d0ac4b45

    SHA1

    70f5157a8a4dc5a924abad83309d2859cf241ef6

    SHA256

    6aec45ec9ed43941a46eba5b713029748632be08103bbcef74f8eb5dc1d7e58b

    SHA512

    4dfba2a9292302d60cff9af5c9ad38bb0231c07fe445ee682af73bfd1468dbaf1972712d1810e6ea721c4e91ea1be766a1681d6b1fbb60537cf2bec9d1fab281

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\U4IULL1L\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit