Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://windows.msn.c...

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/04/2023, 21:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://windows.msn.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://windows.msn.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3888 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:5096

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    8b82e64a7691fb70aec48c12c37eb312

    SHA1

    96084b73e24ced2adea93695f71a62092771ce79

    SHA256

    5e1b36f0cccb94221d862d2fe35c892d699d397a87f74f18a668a57ba7ef8d5e

    SHA512

    36802e6043f76d717a376d762f84e89be4bf5b6675bcc662f9f768dfe6487582654333ede1f871cadaa5b5120ad5147ca81bd79b5092623d38f1fbf4037237f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    dd50a5d6139e6d8b6992797ccd04818a

    SHA1

    7350c9c059d598c83af220ca6d30f1b13540cfa0

    SHA256

    b117851f48442b165516bc5b29d58ba0efac8b73ea78bfa676d43be87d9d5df3

    SHA512

    273265d2df03adf0284203a021f2f1f1d13d7b3e3154a7837d8112a27db591bda198f074ce9d2ca743c400a2c90b180b4f0be03fb950c8d342624a7590aab976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    74d1a36288f83a3ffa1c16ef21645009

    SHA1

    dc723e56830c95d3b2cc40a4c77216856632d9a6

    SHA256

    c5cddc77078b20f1177d0075880dd8b16426b3fe04d332da1d3bdd70f0fd7a28

    SHA512

    88e93567b7f4d3741996bed1cb7e33f3e6e51aff4bfd362ca2f5fe08334c333aded1fdee1cd67a83498c3ce64b0a21e5401746f2c2500311e9cacc3584c8a395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    232B

    MD5

    5d488a45291c47a31643e6cc134f166a

    SHA1

    94b903f8a0aa92cb51bc7fa972192d1f2d98a8cb

    SHA256

    7bc534bcb5c36ecc9ff829d30cb47efc86b97ffce3996787295f034023995e1f

    SHA512

    268c61521b4a9a62aff3e19b95e90059c7722311128011b51ac62521829f8e34999f264c49c275baf28137e474d5216292c99fe1a20a6beb360ea9f397409b13

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verAC.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    942B

    MD5

    40957cfca793d5334541cd4e6fcc276c

    SHA1

    6073b2a5bbaa8da289fb35e0432ea9d062e35936

    SHA256

    4ce75414df3c8aad8b912075c9b71a2dfa57391f0ceacf3b7a4c066bc7c1acb3

    SHA512

    b6bd3df59c125fcf1d6a4c24b093a1000ae92ec4b02bca1c0c3290fc57db59cde569c0f255e0121fbda5bcc2bdc5514c9ed784d8c925c5d64398833beb614e23

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\a5ea21[1].ico
    Filesize

    758B

    MD5

    84cc977d0eb148166481b01d8418e375

    SHA1

    00e2461bcd67d7ba511db230415000aefbd30d2d

    SHA256

    bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c

    SHA512

    f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3

    Download Submit