Overview

overview

10

Static

static

1

URLScan

urlscan

10

https://tesla-online...

windows7-x64

1

https://tesla-online...

windows10-1703-x64

1

https://tesla-online...

windows10-2004-x64

1

Analysis

  • max time kernel
    68s
  • max time network
    144s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    23-03-2023 11:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://tesla-online.net

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://tesla-online.net
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2184

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    d34cd5dfc285c4e53c303f1f9472ac2d

    SHA1

    895053c124dead25c4d10ef566966949aa2fff79

    SHA256

    65414eb04c4f2a5406379134c518247eb6d9359e437a49b958e41df8711256eb

    SHA512

    8893523ecdd330d0f88aa757aced0eff47c4db0089567e4f7934b2b1ce618d816f23109e0b9033dee58cc077b10edca4fb79ec91e15eab3806f7b47c186b51dc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    7e6edac4c08deaf3549189bfc3fb721d

    SHA1

    1bc71fc3691ec8fff202ef503f30c83673709055

    SHA256

    99600b86d6c324e84351dd8f09183150203c83df6188ff21104f3808e57adff9

    SHA512

    e5fe4d62400e6dd9d835111384b965a1ee33e72cf2f64724c22a535e133eb71196bce1566f9f2ed15c5965709e9e29c27bcf6744efc671bf406c9acd416946a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
    Filesize

    724B

    MD5

    c18c1ab84b27ba6cf9cd2e5ca8a96d62

    SHA1

    df6dc9e0b61be770d13df05ac149ed07c5f9210c

    SHA256

    c3535d9b617c8060aa4a80b708e2d017c1b344258b5f18d1b6889060c894ff2a

    SHA512

    cb84a250d7c37c1def8d34976326f4d90b4e5fc0dbefddec5958af85e67a07e77ca0bebe8bd8c3ab784b138eb2ee05004ebba20156e5e02186bd1dd1d92850e2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    541551a228da8b73465470279a0f1e0a

    SHA1

    34e89bac58c80294f3ad4593fa54066735cc53a9

    SHA256

    eeedebbf7b5377368d56e594e17d8ad24c8a2402eebcd9df3d8bb2e66a4e2b9b

    SHA512

    9ea34ce7611371c3e079ba20f587152b31b05a1861e23b9830742c5479a9ad689a13cff27d2aff29e68eb650a7daa3a21a84215b727702aed7e4bc5dc6f061f3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    d442ba09a66d5a0b275e6621ff8d3328

    SHA1

    1597dd947e361f3accadb0bc58f9a0ec9aa980e2

    SHA256

    81e34859d027e4a3658bed5dea329bcc7bc83fa362dd9cbbd59f5b0f58e401d8

    SHA512

    fe99d767a06b0c96d90fb476eb8313f576bd2a291cea740a26f504ea1df210aa77949e52fb9f2c75f642bdcf120a6aa1786828841747e5a131eae230e0fa2270

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
    Filesize

    392B

    MD5

    c548d06af46b1a5a7882e2266e079e37

    SHA1

    9b648f2bf765818dbb302a10b841d398642eb398

    SHA256

    75d63191bae0b59b1861c940712d89f3c7115913a93d6545b95bb8d47c5fec68

    SHA512

    270bb3e01a942cc4180fab6f146c0c65bf0cac9117bf0c440827df966fc65d5e2f72ec3303039b96565c80b0e61e4a197cce7b7e18a15656e89386f05fd27b1e

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver100D.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IV9H23MJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TTLFUYWG\favicon[1].htm
    Filesize

    4KB

    MD5

    c80e475fcd59142a0c26e3f8791a30d8

    SHA1

    68c00bc4eaf503caea9ca5c8d50f2e7d5cc40d38

    SHA256

    815d32bc63fbb6527b20bb3e02cf736c5566e278eace9ca286b7118c97fc51aa

    SHA512

    2204a5a33b32f0167694f88e035d5a2b91e60515ce961388ef5a134db137f867f5aa6b0441d6236af982682b072764b3a58de0e7a43d3d2b96cdb4118b09ad34

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TTLFUYWG\favicon[2].htm
    Filesize

    1KB

    MD5

    4f7b4170904d1a9b0ade588d61023508

    SHA1

    43b20224905f16a0d676c9c4b85fd494110b06ce

    SHA256

    d9dea3087287e9bc1825803556c20832e8108e6f2347c0f59bd00c78da6f276a

    SHA512

    608be8d2140b97a5ce1bb013d409594965ba4dfe2d030e1fbc2b71fcfd00b0eb3272f7f2670b8277aeeb895574aa73ff1afa74d6d2794958c2aee4a1a24a8542

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\2R6ULM3P.cookie
    Filesize

    612B

    MD5

    15e9ba2805a1085dc5e378b593058420

    SHA1

    aaac3a539f76539a8a73227be5a06d0fb09e06bf

    SHA256

    00cb51d3f62be23fffe1434465bf20178b044bf42a15fcca6cff11819962fd4a

    SHA512

    cdad26f321cd8397bf71c7aa2f1becc3ce941dae14b13bfab78969c8ec12283534e893fd44c90a4e67cf2ab23699fe19b140f8906a3bcad3481b8eb8c116cf56

    Download Submit