Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://colchadoyaso...

windows10-2004-x64

1

Analysis

  • max time kernel
    233s
  • max time network
    295s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-03-2023 06:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://colchadoyasociados.com/////////common//////kzgtx5////abhijit.kishore@vodafoneidea.com?id=com.google.android.apps.youtube.music

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 63 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://colchadoyasociados.com/////////common//////kzgtx5////abhijit.kishore@vodafoneidea.com?id=com.google.android.apps.youtube.music
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3296
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:82956 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3376

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    bb4cd9db319e8007cd72aa17af4b76a0

    SHA1

    8951973b028c09c71a792feff54e3096454a8c42

    SHA256

    aca8049efb96040e2124d06db9c9b2f3c5ce4166c831dabaa421e14cb5da1295

    SHA512

    6187a2b310a672f9080b9865115f44ea827a4f013f791105efc1f7641f11f9759877d61f5c50140fcf892b95318f1276eace9f78161dbcaf6e011f31e34f0729

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    a437c8bced3856c28f0386fd5cee8b2e

    SHA1

    1cad24e8c41173b93aa0121e95693940c8b696f5

    SHA256

    ab9501a3de10472b0d2e3a7a19fe68947fdf1bd7831291f63562dca28e0d74e4

    SHA512

    e334a023453fd2aaea63828b7981b0fb503bcf9224d3e7ddb37953514359ea6c16ced854209dac49c7be4a5a0a6ec0bf36bedffb78cd91aaf3016c787adefd97

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\modulepreload-polyfill-3cfb730f[1].js
    Filesize

    709B

    MD5

    1c8ae01e7f201d4200cd430fe65d71d8

    SHA1

    b8619dd0ff7340e0846c54620f33daa1b932d4e5

    SHA256

    defc298d21fb26c58677f3507c0e9d1d9010c1230f283e613cdbe242a81a4f2a

    SHA512

    41c63df09450d1612144acfe52eae617a45452e4991644ce1def52ad3d9b4af8a2c347fe34e71960c3274d16483324f85401f0fd59da48a958992917c1d7f6b0

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\otBannerSdk[1].js
    Filesize

    375KB

    MD5

    05192d6d030b1b2ba439000618a40262

    SHA1

    43ea9a0cd01192d7f1135f9106d1d8dd422ee221

    SHA256

    5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd

    SHA512

    b9c72a21a9dc82aca5777430ebed78c293e6866d3e244e4a840a0b021f104e3489a93a684efd6660e11b9bc97e7e7db800ce3f95a2fba74e5b0f719ef9d58d27

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\vb26e4fa9e5134444860be286fd8771851679335129114[1].js
    Filesize

    16KB

    MD5

    f23fdce5f9fc681a13ca76353818ffac

    SHA1

    6779cba0c60c1e89ab3ec72c90a952268b2ba37d

    SHA256

    a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

    SHA512

    33784dffa72f6bf4a3c2b3adc977946b922e093d2c79dc9f4fe8cafce57eb3e0f4467ceb4dfc23c091e177ec187cc9bd1c94ab67520a92c39d75d2ee37a28ecf

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\invisible[1].js
    Filesize

    26KB

    MD5

    e42da083495c154e752982ca80fb1a2e

    SHA1

    b26c75f6c8deaf74ff85d26d0c2742e12d342e16

    SHA256

    c0a81e06d47da92d5caa536775f03a758ccab00ca5f80044f6cc309040ee1fa3

    SHA512

    779cf9304c4f9c0bf88ea13911828c809dd5a75161bff6c6cf056922367acc6dc28e79bbcf5ce6305c6885a752a0f9a757de8aa48e7e171ddcdb75ad4958852b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\littlefoot[1].js
    Filesize

    15KB

    MD5

    5d87ca8ebd041a433e5924c2b4acfd97

    SHA1

    38fe6b5ff402d0eac89d18a600d3a4ab59be8c0f

    SHA256

    2ce1c7d69245ebee89a591f12e591e3ba9a70468445d7854d8f3f70c3dba217f

    SHA512

    8c6c283ab88fb846143f756474c8b62b27ce0e9fa31f41e5cf4d2acc1338058637e6aa27b6b823aba5dfaf3db9bb44abac9a4dfd98ff5ad4a6d2043035f7ef3a

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\sdk[1].js
    Filesize

    23KB

    MD5

    b70ffba5b40eb0c50c9805876b838d90

    SHA1

    5350fd4bc9b27bf8fb3a938890bb39c2d24b0255

    SHA256

    8a0e139b99b68dd01a56f2e15a59e8a6e759989c0afab0daf489c3903c76b59c

    SHA512

    cfb4d660296ee6498163dddbf3d44111fc2de75b4951cd4dd8a39c214ecf5754fd503478d91f0c4a46cf08ab251e0d8b1a56dad7db6bf38f045865c3831ef492

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\OtAutoBlock[1].js
    Filesize

    5KB

    MD5

    b333e0a76095797ec322cec18e8ca1ba

    SHA1

    c432f09851ad642bb87b944675e47690b0092624

    SHA256

    5989940b023ee1cbdac4df28ce960c5297c1ee191bf4b15f7c5bc29cb3e40dd8

    SHA512

    a1fa1f88dde0ed0b1cb2da018598f953796acbc482e0be226e8e699f47a18d7bf96250ac7a396db6503fc01f082ad744f9e9e3c7e58f06b8b9fdf569d787fce1

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\gtm[1].js
    Filesize

    408KB

    MD5

    1a20972932da3f99115545c571b0d964

    SHA1

    e8dd1c7a599789c1d77777203c0daa0eb75b9af7

    SHA256

    fbaef227485ad396cbde7f4cae91b8824ef56635269fc92dfb1664c7e6c8e8a4

    SHA512

    718c39806b909e4eb2625cafd680a816b83ba081b257a37e045283ec65d41e5b9a0ca7e66229bf48c587ffdd761e36ee12ae4e8154da9a503ded5731e44af8c5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\otSDKStub[1].js
    Filesize

    25KB

    MD5

    10e367ac910cc8ad9be05cfbf4036e57

    SHA1

    ff5dec5c85b00e742c02ef515c2a44c2db97f7e7

    SHA256

    e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4

    SHA512

    57e6538c6e4eada6fec386bac381e05602773de855652c54e666ece83d756d1f70ef0a769b2ffc183668fb0cfffdd1cbc79ac62608851b670ba479fc541cc73c

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\main.min-033bf022[1].css
    Filesize

    93KB

    MD5

    31f2cb3af679890c549a98dae640c38c

    SHA1

    d184c468a59975c8535198cca1c6e7ed8506d5e6

    SHA256

    91065f36afae79984cc3bf275bc66bc956c74a89f346ea8bfde8cdd9d3314b74

    SHA512

    8ae9856be809dc3ad6cac8cdae0f24a0ecbb8c96bc364c14adfe5afd88ceb93ad5185a6fbfc3dbcdb4ffddfe17ae6dbadeb91edd4b317a7fc64355128a46c612

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\main.min.1d0102f259cc7fd64f2590e52fa32640-515e83d3[1].js
    Filesize

    6KB

    MD5

    c570f3c03431667557b2149128d89cc6

    SHA1

    f9d34db08b4ea895a5213fdda68c30c4379a683a

    SHA256

    db9f1b030af219caab2771bc239da97b25271549bf6e1813ebff8a4610e9b2f5

    SHA512

    5db508c8f3f8caa4b6144700a4f6bea2a520cbf48fbc67988a9562d565fbdd2a8fbb44b250161d69939b061a8dc8bc06c10f114aa620c736b540748a6feffd5e

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\search.redirect.min.c8925a2c849cce975a7cbcb6ffba3085-051b976d[1].js
    Filesize

    534B

    MD5

    c8925a2c849cce975a7cbcb6ffba3085

    SHA1

    68d76c72da470017b8e875379f751ccb4a814208

    SHA256

    1ec7316f19a224c4d354fb26d86746a798c36893c44e5c25c80a9b94e6137d84

    SHA512

    29b67c784c9d44e26248f3f82b4c64aa984bd3bba702a47151abfb124a07967a878e4909162aca33ef8f157d832687b02dedbec8b0f85e99c9616388c16fe730

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\~DFAF201216E920A209.TMP
    Filesize

    28KB

    MD5

    989f07e067c7e2697a4df6fe5d7cd5fa

    SHA1

    3c80deb243ee9281e53e2b17c873207a708c3f50

    SHA256

    ad220afc9c9dfeb190eb6b7c9a94ab210ac6736342129d01ca07ee407b49edb4

    SHA512

    c669ead4901c0b1da71aeeaf689f6e1ea4f22c06cd931acb42f48f6cfe5360feb1b16a60386505b816e1c6b2384feaa1fb218983dd83b03b2a7774e02cd7456a

    Download Submit