Overview

overview

5

Static

static

1

URLScan

urlscan

1

https://hitachipower...

windows10-2004-x64

5

Analysis

  • max time kernel
    54s
  • max time network
    58s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-03-2023 04:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://hitachipowergrids.sharepoint.com/:p:/t/ACRD/EZgQWIteYG9NljVjWTqJ2C4B8VpHos0fKG-ZYX1yMqRWFg?e=6xifCK

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 32 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://hitachipowergrids.sharepoint.com/:p:/t/ACRD/EZgQWIteYG9NljVjWTqJ2C4B8VpHos0fKG-ZYX1yMqRWFg?e=6xifCK
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4900 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3240

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    9068e30c07161dc7240c1796414329f4

    SHA1

    a367ce58f8a78f33111f740bd84b54629bd976f0

    SHA256

    53572ed01864df8feabb26b21511901e8b437ceca35f4ce5c3fd9bc6a097f57b

    SHA512

    d7d0848640c532e52e4323c105f80e38e8c17d1d5acb603c2a00d0f2adf468da0579e1fb6461ed91915bf659a94e475d0404daf7a61dd68f52683e4974aeaaa6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    bbf4592c889b6db229d04da755d61918

    SHA1

    f12f1accf4f2babe43516304f33f5393d1908043

    SHA256

    75be5aa6850c7ace110509a98d6564f7e48a011ba990e3d5625d5bb5696eec57

    SHA512

    bf75f6baddafc225886b3d7f9c7994eadb3d35999751c978f31872eba4ca6b79cc94e2da0b81becc9fe5be0a0b28be9937d53157b5c683eb823b946df9eff842

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    18KB

    MD5

    11cd2036e1696df43cd0e944413831e0

    SHA1

    bcb4c6d5c914047a58180a39c27f0ed548ac5e65

    SHA256

    d37cfb5e5320c406029ec89ae988d5159cf7ca3ea9f146449f27d9e5238a3f00

    SHA512

    2403e4d63708a8c0f8e9856b765963e8f0a677e86f57dedcd20fc126b2425664bbabf2b4dfee41ce1295d0b012b4b6e7183d6007be201c10bc7ce5f2bf0cfe70

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    18KB

    MD5

    11cd2036e1696df43cd0e944413831e0

    SHA1

    bcb4c6d5c914047a58180a39c27f0ed548ac5e65

    SHA256

    d37cfb5e5320c406029ec89ae988d5159cf7ca3ea9f146449f27d9e5238a3f00

    SHA512

    2403e4d63708a8c0f8e9856b765963e8f0a677e86f57dedcd20fc126b2425664bbabf2b4dfee41ce1295d0b012b4b6e7183d6007be201c10bc7ce5f2bf0cfe70

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

    Download Submit