Overview

overview

5

Static

static

1

URLScan

urlscan

http://vk.com/away.p...

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-03-2023 20:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://vk.com/away.php?to=https%3A%2F%2F2k2asarltg.com%2Fwp-includes%2F%2F%2Fnew%2Fauth%2F%2Fpuykkk%2F%2F%[email protected]

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://vk.com/away.php?to=https%3A%2F%2F2k2asarltg.com%2Fwp-includes%2F%2F%2Fnew%2Fauth%2F%2Fpuykkk%2F%2F%[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5028 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1152

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    312B

    MD5

    a534cf9143fbf6b0b59618aa93f64fc9

    SHA1

    c414cb4b741ed22a1facdc4e5459a5c8498b29fe

    SHA256

    0d6056c88bd092c688e756f94aeef316f50d4bfbac52a90d8e4b5120247e0c7d

    SHA512

    b2f420caca7867fab9f4f28bf0493a8efb569c4b3341dd8f71766b432aa64a90973b43efbf466b51f818ec09a2d6ee827856447001ca92e1f9cc9b19fb1b9b27

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    18KB

    MD5

    4aa7e7e942354f50a488310fefe5da70

    SHA1

    3ca4b61e39a185efa535fec67af08bc8ba34e2a9

    SHA256

    7d6e1ebe45434790d43a2949644e0b44ab9ec45602d3d3f3a670087488e11c89

    SHA512

    f022abbf5860193445b43120be63c14d310b5437b3078494f7b4f0b22ac7509a4424f96635aa9e099b3d4d98cc5dacced919dda2baa5c132ea4132e9df01522d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    18KB

    MD5

    4aa7e7e942354f50a488310fefe5da70

    SHA1

    3ca4b61e39a185efa535fec67af08bc8ba34e2a9

    SHA256

    7d6e1ebe45434790d43a2949644e0b44ab9ec45602d3d3f3a670087488e11c89

    SHA512

    f022abbf5860193445b43120be63c14d310b5437b3078494f7b4f0b22ac7509a4424f96635aa9e099b3d4d98cc5dacced919dda2baa5c132ea4132e9df01522d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
    Filesize

    36KB

    MD5

    1e2bbb6c310baf27b6af675d0bf99324

    SHA1

    57a16d53b3383ea02b3374a47a82d3cdb1479c19

    SHA256

    e81d884b4afb26e84a564563bc15fbce12cb5701792375123a50edfad5d74e4b

    SHA512

    c4e4dad9f4255f0aea17dc2b297f001f3ffc6808b656c2253783af4e28d78c13bf294a5963c95bea94cb26fda31b1b40460bf2f17c933ab542efd42761deba23

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\favicon[1].ico
    Filesize

    198B

    MD5

    ca2bb9889f5870b0b31006f9f09a23df

    SHA1

    5932e6a0e4fcf1b7ecc28452494f73d4ae82acd3

    SHA256

    17bf068c76eb2d552b4eea51a7f9c02d251c4a9c3b30c6a9aa322cc8eea70529

    SHA512

    3eccfe852124950656ef93b632f0472c5dea2e0d339f76d27d0022ac481a924e2c35cdba9112eb45dda4079c56a1216493a8693075d1d630a580ea0691a96b30

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\favicon[1].ico
    Filesize

    198B

    MD5

    ca2bb9889f5870b0b31006f9f09a23df

    SHA1

    5932e6a0e4fcf1b7ecc28452494f73d4ae82acd3

    SHA256

    17bf068c76eb2d552b4eea51a7f9c02d251c4a9c3b30c6a9aa322cc8eea70529

    SHA512

    3eccfe852124950656ef93b632f0472c5dea2e0d339f76d27d0022ac481a924e2c35cdba9112eb45dda4079c56a1216493a8693075d1d630a580ea0691a96b30

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\favicon[2].ico
    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit