Overview

overview

3

Static

static

1

URLScan

urlscan

1

https://pnrtscr.com/...

windows10-2004-x64

3

Analysis

  • max time kernel
    84s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/03/2023, 22:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://pnrtscr.com/kqkrc7

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 32 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://pnrtscr.com/kqkrc7
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1920 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4116
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 476 -p 1752 -ip 1752
    1⤵
      PID:4612
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1752 -s 1744
      1⤵
      • Program crash
      PID:4268

    Network

          MITRE ATT&CK Enterprise v6

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
            Filesize

            471B

            MD5

            bdbbd793778777706223b00a4ea24ed0

            SHA1

            bf09527cebe8906bfe6aa1e885bc9fb1b3ec54e4

            SHA256

            8b1034038298faf34d3f580c1ded7212f40d146de7e62cff20826c8b53f80c36

            SHA512

            7397d981e28bee91dd0e08c3a38444d8524204118548e8db810f5a277cbb08c20a64350063cf36ee4a943edba249f1d0ed350d4cfbc0671461cf27c2534c1f13

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
            Filesize

            434B

            MD5

            c66d5ab513e511d8b4c9992c7b179572

            SHA1

            94b9c27e738b805435db7e2bdcfd72921f810de2

            SHA256

            cc5a6f2eab32cfde0b423308b0457c5c45a79ccd55730a03ac31a62bd1fa0d0c

            SHA512

            b1725da78120cc7dc0b7168bf3172b9f2370b8cf41511407cd397f76e94e8491abf05b7e4d5913b5a8e243224f36aee1074469709dca9efe6494101422e90377

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\~DF8FE710B44E22A5FF.TMP
            Filesize

            16KB

            MD5

            ef464ee7adb3ac80eda6b85d2ec2cc9a

            SHA1

            b4cc4de91199b2d357c91422d08639360334a7b0

            SHA256

            85b5e7f3ff198b4758228aea890e3b37514fab46ca1a948038f12176bee064a3

            SHA512

            77134e1efd15d6ff98c1da6210daf0eeb05f1b8e907a2fc072bbc3ab179c024693d09db5e1bc32983d08442677a6d5090efbcdaceba084c9ab01b3a781697746

            Download Submit