Overview

overview

5

Static

static

1

URLScan

urlscan

http://vk.com/away.p...

windows10-2004-x64

5

Analysis

  • max time kernel
    78s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-03-2023 19:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://vk.com/away.php?to=https%3A%2F%2F2k2asarltg.com%2Fwp-includes%2F%2F%2Fnew%2Fauth%2F%2Fpuykkk%2F%2F%[email protected]

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://vk.com/away.php?to=https%3A%2F%2F2k2asarltg.com%2Fwp-includes%2F%2F%2Fnew%2Fauth%2F%2Fpuykkk%2F%2F%[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:536 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1660

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    312B

    MD5

    00f487bf97be1f5895bd9676d27d4dd7

    SHA1

    3c22d52e597866cc5d00c61e3f9cfa506a154ab9

    SHA256

    48b76ab8d60f0c9399ff76e0087845adbaa38d820385ab7b720c20b525d43bef

    SHA512

    2534e67f028a0cced614122cfacaabccec5ecf7fd7aac2d9268e4023d2d38109dd0200d0dafda7f129c47908af11bcd7dba4cdfc5f3747925d74ee216a538b09

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    17KB

    MD5

    b4ea1374f289c8d4159760dfc9224b4c

    SHA1

    dd58d91787f5939c81f3fca0e619e92c28e02154

    SHA256

    287d9eef84b64aaeff74591672fb9ba3848047f7d85c7e1fa5233e0c5e45363f

    SHA512

    ce4b69c1d7bac2b165d3f08f6b7d9be69c7917de714820e9689683a444d2721743e84e6d9321f665039218fc923255345be3d03eed339b9f12308d0171cd37af

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    18KB

    MD5

    3dbcaa19c1f63839e4e8f31b0050eb8f

    SHA1

    74d3df721071e86eec28f78319bbdc5eec80f55b

    SHA256

    aebe3955203832cf3640880dff7ba47ae1c38503e3d0963d186e5eadf01a1c3c

    SHA512

    ebb5495201c8074fb092a7187d256865df4708b48ffb74af0e39d420fb5dd7d58c632bb3798fcf14f953b67ee5e60b5b23f40cccadae1369a2d5a3111e87736d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\favicon[1].ico
    Filesize

    198B

    MD5

    ca2bb9889f5870b0b31006f9f09a23df

    SHA1

    5932e6a0e4fcf1b7ecc28452494f73d4ae82acd3

    SHA256

    17bf068c76eb2d552b4eea51a7f9c02d251c4a9c3b30c6a9aa322cc8eea70529

    SHA512

    3eccfe852124950656ef93b632f0472c5dea2e0d339f76d27d0022ac481a924e2c35cdba9112eb45dda4079c56a1216493a8693075d1d630a580ea0691a96b30

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\favicon[1].ico
    Filesize

    198B

    MD5

    ca2bb9889f5870b0b31006f9f09a23df

    SHA1

    5932e6a0e4fcf1b7ecc28452494f73d4ae82acd3

    SHA256

    17bf068c76eb2d552b4eea51a7f9c02d251c4a9c3b30c6a9aa322cc8eea70529

    SHA512

    3eccfe852124950656ef93b632f0472c5dea2e0d339f76d27d0022ac481a924e2c35cdba9112eb45dda4079c56a1216493a8693075d1d630a580ea0691a96b30

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\favicon[2].ico
    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit