Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://duckproxy.com...

windows10-2004-x64

1

Resubmissions

11/04/2023, 07:07

230411-hx28ksba89 1

11/04/2023, 07:07

230411-hxlwlaba86 1

11/04/2023, 06:33

230411-hbf38aah73 1

Analysis

  • max time kernel
    31s
  • max time network
    35s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/04/2023, 07:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS81Mjk5OTgv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS81Mjk5OTgv
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1520 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4456

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          98B

          MD5

          d7e20e3314b55e1d03f41b8fd62dff54

          SHA1

          fe3414b72a5aa6a59f600ea48a8f80dd89ef4bf9

          SHA256

          3e9a523ee798c8f5779e631b3baf5a2b4def8b196b94b4db114bfc974ed0a171

          SHA512

          95c6af4ad7803fdfc5356e8719018a39808c11c4112034fa2cdf408a62d40d9b7cbf70d3f754216be37aab369ea15b34885fba45a9cdf0f05f3f4461ba5fb3a5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          2KB

          MD5

          36fb2a478f4a492eb361162cc165c1c6

          SHA1

          08fe194778a528d9705f2d45aa60ffbc02d1ff6d

          SHA256

          5f0781b9046e76e14fe40f8acef727681fe1f792adcbbf2d2935b07b759537fb

          SHA512

          1d204a474ae098d6d7898f46a9d471eff48d5cb1d4c2481a9d86d1ea0e0ffb5c9caa72e5fd0e5dd048646dfcd9c4c9d17b0fc3ec26034dc6bb3a9eae2e836d19

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          14KB

          MD5

          be311cad93d5a93f847af58630f61784

          SHA1

          71286c9a35931abc6311bb6a1775ad9a094ec1cd

          SHA256

          54903b90d5f4a6527b95ecafdba3a75343663f6d387da380a18e062834822615

          SHA512

          01b28f97c6f1fd4ae75ac56233950e323b6a2ca0b9e583104016b623fb81efda711e91e100fe047bbdb58a55504b6b02d40c8b0cc02c06813d330b09c1f701ba

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          17KB

          MD5

          5dc28c014eab0bbe48f9dfaf1309fdfb

          SHA1

          c564c3e4011ff7aff0d34d576f36de05e9cfc96d

          SHA256

          87e4d81875a9fcef6142769edd82331656dee65a3a13fc65d170a22a15a81d2a

          SHA512

          b7bcc4dc6fc561e11c3e09ad3c97eb0121432402330c844f60b3af24a3171153f9d218f14d8091c79c4142ddd2510bee0a4da07bdc9a73359b02c4c829dd17a0

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          16KB

          MD5

          4e75f4544afaca3035164e892468aa5b

          SHA1

          418ba117d86462e5c6dda9f621be66e6ac772a52

          SHA256

          e3754bd1968c9c6a17390bd923c1c4a59c0863f4991d1a66ec1edec4db6c7ff0

          SHA512

          f86c45e302a720d1d1bf4e825397e9b0c267008dbfd3b8628c98a18c44528f2ed80e7b0b366a90c1a2fbdfb264783996f39797ec86fb49fa451ce0d26ef7345a

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          16KB

          MD5

          3c83ff187a3b1d00738539e6bb46c95a

          SHA1

          3cf36cece333293c5bb533ced16642cf43948e74

          SHA256

          79a35a17a494921f8a63adf112ca0aeb7a49a0db73ac64070b795717ef8e59e9

          SHA512

          974d0e785911c075f5d65024ebba9aadf80ada9242f41df24b62650ae4a9b570a5e9bd8114090a77169e44ce0df307bad910d9e401983414b496d04ecbad87b7

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7YHF511C\www.myshared[1].xml
          Filesize

          16KB

          MD5

          94fd9a7b17877c6d7b4d8fec96674c4f

          SHA1

          003b9a0a6358125d124c00d561ec01a2eebf91a9

          SHA256

          8f5eca3d6591baaf1de723fe1f68fadadd3a981031607ec43e31abf0acf11053

          SHA512

          45a361d716c2c9d77e2c5df5d47bca086ea213d2534c338074a10a47f5f543f9dca53a49da06b5c2f72eaaa2421d19c2e2833b606120b800ca13da5a419810c0

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\es5-shim[1].js
          Filesize

          80KB

          MD5

          f0fe4f1bbfb957214ec13560186a054b

          SHA1

          1841a006f205c324a79ae41b95c491b52081bd84

          SHA256

          5ec30bc469bcda0a48148673e0c86acdb392e7d2d0a0ec9aefed694151b5506b

          SHA512

          f1b1cb365b3a6be2266ae82c62885131409f643881df02e28700f128697c45055abd594565ce163001161d3119844ad7d16b4b15883923b6a3debbbb2f111027

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\f[2].txt
          Filesize

          107B

          MD5

          d9c47f48660b656705d0ff86fc850de8

          SHA1

          bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769

          SHA256

          a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

          SHA512

          0cde289ead00bd9b3bdd614fec5b5eb132fdd0d9eef5136f7e6ea0081f7d8dbf8144ee90067c8c25c4547fac4adc8fea1b028930c9edcf023151758bf6671d6a

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\jquery.min[1].js
          Filesize

          93KB

          MD5

          27275fcf3ea465b159c76d98fb2bc825

          SHA1

          df2f48bc336d868e07715b102f1e06c45fba539d

          SHA256

          446ab1879f7ccffc46eb699ab327840b39cdc54027ea8026f0f4cf034b8eb40b

          SHA512

          11ed7b957a9991032428b01ea9fa885b17b09c28196f9bbe71089712b6dfd85a96e978936f0bb999c66519456bba601d2b626c80b636d52b42377a0f88b227a0

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\pixel[1].png
          Filesize

          170B

          MD5

          e7673c60af825466f83d46da72ca1635

          SHA1

          fc0fcbee0835709ba2d28798a612bfd687903fb5

          SHA256

          0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

          SHA512

          f1c33e72643ce366fd578e3b5d393799e8c9ea27b180987826af43b4fc00b65a4eaae5e6426a23448956fee99e3108c6a86f32fb4896c156e24af0571a11c498

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\total[2].css
          Filesize

          129KB

          MD5

          f769d5e329219ffd6a4b57a53e399dda

          SHA1

          441cbe2ec949d917a18345e6052a9c336ecf1eae

          SHA256

          a38923922c3e7f2ad0f96eacf2c43afdf821fbe91e3f1616230ee65dbb99053c

          SHA512

          7ebab13fd017d31c6d782884324888c7fc453d19e3fa72b86ee3b2d92b317127a000ec4c9e4db0e304df39c63f7acdf80ba57d6ae32659ab3b06c0c0a5f66eb4

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\watch[2].js
          Filesize

          162KB

          MD5

          c318d892ff09ad70b3b8a27fa54f0b20

          SHA1

          a941dc1ff4e29ef47e583cfbc724d71bdb56d298

          SHA256

          8e5dedee681639759a0d9840b6bff738da3b05b032c2ac0ddbe2bc5ba7699a07

          SHA512

          a18cabb06d77bb762ef5d8d057519cf320ee74ef9945ef781fa06a16d4614c49532ff75bf258e5b855ed7e7e6922a1d00fc6ddab039d5974b3aee82534e54083

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\MKTc0epqMfojOjH6twP6MyXmNG7UHdnugUa-fDn4XVY[1].js
          Filesize

          37KB

          MD5

          5d88f6aedbdc962efa05bf87cf08c725

          SHA1

          2f6ec710525304b6a9d961bef7015371b29e55fb

          SHA256

          30a4dcd1ea6a31fa233a31fab703fa3325e6346ed41dd9ee8146be7c39f85d56

          SHA512

          4a0c8bc948cfce6e93c30652117052c6e54bc4e95f525df70ce759b068888a844c692ba5f88658abe80b51478ef5e079f3565189a5e372fb9f37eaf845fbd174

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4kaVQ[2].woff
          Filesize

          26KB

          MD5

          303172365485cc386d9ba516ee7a9fb3

          SHA1

          3154d196f1be8c19103ee47ddc78f6b83aae38d8

          SHA256

          ccab559de869903983c5aa7ec1d1f751865c7315ebc03ba3c6d15045157b6065

          SHA512

          8b26023586166bc76a01a9f57e94f19d604ec9196994b111c49d3d1c69ffb06dc38da9218f739463ebab66ced3463ff2ac0652c815b6f60151f82a936371e50f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4kaVQ[1].woff
          Filesize

          26KB

          MD5

          fe9c0b564a490ac5726816bd2f381bda

          SHA1

          9fb46cb797f69f90c2c78d30d568ac6bf0615f60

          SHA256

          814645577a4ec6b0fbfb2d611b63b32cc4ed02e2343a89c345af1985fa452bd1

          SHA512

          dd2a0146478355300a3ade4df025dfb215cfdc585275f1a7db68502d730d7717aa61f0ac0e4d95e0113ef79ef3ff786d3b9329b018f25fb3b4857cc0590e3701

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVQ[2].woff
          Filesize

          26KB

          MD5

          df6af52c7c307ebcc17337beb33ca242

          SHA1

          c817a81770a8f1f17893e00434aeb2815799771d

          SHA256

          2718ea1bcd118577b921b8b9752bdbf8b878018123804370f926f93fa8782ff7

          SHA512

          1b8eafb744d8b18127da07f9536dba5e3e46161bd4b9666cb83189817c5caff535ff5b4ef33f40a31bc86de8fe4854b485fd46ef9ed7ef559b486e21f7d291b0

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\16744078[1].gif
          Filesize

          43B

          MD5

          df3e567d6f16d040326c7a0ea29a4f41

          SHA1

          ea7df583983133b62712b5e73bffbcd45cc53736

          SHA256

          548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

          SHA512

          b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\css[1].css
          Filesize

          726B

          MD5

          86ce20f7a30d7662db21faf55e5a0aa0

          SHA1

          4671b5994df7dec131b2c44ec5b7ecc0a2329507

          SHA256

          d89deeaff5f46d9e1a213d8895250993f59a6890b4aab5b20046f1a248687af1

          SHA512

          3fc0977e65b2636dcc68b06dcb30c01563f34378e1f00d706f443a159a6b453e7fec28cd2dee4182ad9153da0403f9a1625db750d7ce1dc76633316ac24bfae6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\f[1].txt
          Filesize

          161KB

          MD5

          61a3d43d665e0840a9d0f4ecf29d6ee5

          SHA1

          65f65515268ecd2983124988a509a0af649c9627

          SHA256

          06968cf12d834e0505d416b387eeaba7d9438cfb4d5f37620380cc21acb5e47f

          SHA512

          163a5ac3ccd75bf78ef19a50633549c5560469591473f4a3dc68dae476d26402e5932f2fe6c2137ef9a67f708390a6b492808245bd65b259d7e2f364ae5dec48

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\fontawesome-webfont[1].eot
          Filesize

          67KB

          MD5

          45c73723862c6fc5eb3d6961db2d71fb

          SHA1

          b3c2f08e73320135b69c23a3908b87a12053a2f6

          SHA256

          d4f5a99224154f2a808e42a441ddc9248ffe78b7a4083684ce159270b30b912a

          SHA512

          299bf41da0ca937f4f5a0bc3fdd65ef7b53df30e10554841004f9eb10c97b25be1d4e21b6d00b2a405693d5abaf87cf6a16a5af2c680c09b25e5f5490d88ebe5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\sodar2[1].js
          Filesize

          16KB

          MD5

          2cc87e9764aebcbbf36ff2061e6a2793

          SHA1

          b4f2ffdf4c695aa79f0e63651c18a88729c2407b

          SHA256

          61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

          SHA512

          4ed31bf4f54eb0666539d6426c851503e15079601a2b7ec7410ebf0f3d1eec6a09f9d79f5cf40106249a710037a36de58105a72d8a909e0cfce872c736cb5e48

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\total[1].js
          Filesize

          85KB

          MD5

          20eae1891971e9c7c908bd3add504bc6

          SHA1

          4bf7708bfd2315db67e97ff5da5b82d07d9f7905

          SHA256

          80787a95b1c79378836a632a77b8b5d58e2fde915001caefc940d0f0072e2b29

          SHA512

          d429b4d2180893dc5dfa692fd69f4a804993a4f6fa66395119555abd02e9c37a32af8a3bd1791bf39e0bf0c752b2dfd036512ace3bccfc56b7cf05932665f4ae

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\f[1].txt
          Filesize

          401KB

          MD5

          d74a7722d71468a3e7bf467c98dcc9bc

          SHA1

          103e14c9be3b9c46de0443bf5cf5a981989da85b

          SHA256

          4e154f5de76ee570b2159a2349cd4669ef2d515bff376d3295b2c044cba41a37

          SHA512

          88fca1cb1e7b85bb18a01ec6f47bbbcdd86addbf4e71d2d59f0271cff3d739cb9b6db4898d472de1f05abd4b85873d17f41e65059e29c424e4561a797f175033

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\ga[1].js
          Filesize

          45KB

          MD5

          e9372f0ebbcf71f851e3d321ef2a8e5a

          SHA1

          2c7d19d1af7d97085c977d1b69dcb8b84483d87c

          SHA256

          1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

          SHA512

          c3a1c74ac968fc2fa366d9c25442162773db9af1289adfb165fc71e7750a7e62bd22f424f241730f3c2427afff8a540c214b3b97219a360a231d4875e6ddee6f

          Download Submit