Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://mailinternet...

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-04-2023 10:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://mailinternetsub.com/ru.it11/pub/mail/click.php?tag=sender.eyJSRUNJUElFTlRfSUQiOiI0MzMyNzYifQ%3D%3D&url=https%3A%2F%2Fit-rkomi.ru%2F%3Fbx_sender_conversion_id%3D433276%26utm_source%3Dnewsletter%26utm_medium%3Dmail%26utm_campaign%3Dyandeks_360_obnovleniya_tarifnykh_planov&sign=1a20e3d528609f5e88c6b43502b746974f81c932ecbe9ad264711ae11433e093

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://mailinternetsub.com/ru.it11/pub/mail/click.php?tag=sender.eyJSRUNJUElFTlRfSUQiOiI0MzMyNzYifQ%3D%3D&url=https%3A%2F%2Fit-rkomi.ru%2F%3Fbx_sender_conversion_id%3D433276%26utm_source%3Dnewsletter%26utm_medium%3Dmail%26utm_campaign%3Dyandeks_360_obnovleniya_tarifnykh_planov&sign=1a20e3d528609f5e88c6b43502b746974f81c932ecbe9ad264711ae11433e093
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1400
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1400 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3228

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    dd82240df63118f82e88677708bdf0f5

    SHA1

    88f0c4c226a301424750136d0fc4866130d72cf5

    SHA256

    86f187644b792441c4b458edd392252a2d5e4460e7c9d414805f045a985becca

    SHA512

    b2c818279fa8b6c2d656385e01f3fc3ed867560568909b41cf8f493bee7906d0316aed4bed1fdc497e8de594887a27c7b4004e8b4c8b967ee64ea5ccf9bde7dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    a7aa188efd274540b340601b156f6313

    SHA1

    c31ef96a039d8efd788f64802ca339277b5c324a

    SHA256

    03bf03952613485f777142d482ed3008f9d3b27eb1fbe655f63c8e4e62c26d08

    SHA512

    fc1ce5b6f03b2d5f12ae04f3bdc6a8ec4f35359a67edae6224509ebebcd578eee2579c343624fba79e00932eb07f0d2debb0183ad78ec91761a374c8fa776612

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S31CPB37\it-rkomi[1].xml
    Filesize

    640B

    MD5

    d1ebabeac2ccde55a6a8314c43ef3653

    SHA1

    5c9ffa61e784305e352f293b1aa5ce57d1a3f9fe

    SHA256

    049537486ec791d70c0412eef42ea481ccf40e0ad6b88c58f53bf2e88d2bd614

    SHA512

    ad6f1f819bc2bd4b8b020acbe9591af0dd04808b8766c072de21b5b485a3712788ea457a0f6e877fd42675523094ce35728a9cb1f271344c2e8c835e752107f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S31CPB37\it-rkomi[1].xml
    Filesize

    640B

    MD5

    d1ebabeac2ccde55a6a8314c43ef3653

    SHA1

    5c9ffa61e784305e352f293b1aa5ce57d1a3f9fe

    SHA256

    049537486ec791d70c0412eef42ea481ccf40e0ad6b88c58f53bf2e88d2bd614

    SHA512

    ad6f1f819bc2bd4b8b020acbe9591af0dd04808b8766c072de21b5b485a3712788ea457a0f6e877fd42675523094ce35728a9cb1f271344c2e8c835e752107f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S31CPB37\it-rkomi[1].xml
    Filesize

    977B

    MD5

    bf9a8154c35227a7887eaaf28b437aba

    SHA1

    0684813d45fdb700d84f228b151ed3b454feacd0

    SHA256

    7d1cf67d8f68ad60ad86e9c62fc6c7c5291d38f7e5403053fdf1107c6c37c6ff

    SHA512

    26128841feba3ee1275dd5710022092e6818ff47d50112d0af7f57f8325c4a3b462972a492e5fa8109f4b40d62346cdd8262d0f93b6f50fe2e65c59f4be7b439

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S31CPB37\it-rkomi[1].xml
    Filesize

    2KB

    MD5

    2427581e75285236bd34c8d674d3a930

    SHA1

    c3f1f13ee9db21ba43dcf9dd80ba1da87957f969

    SHA256

    28f516d0ead7fddd8af218d249f78124c8a41c3c30d0b239df13e11b1d50da23

    SHA512

    d9c3e65a1efc5531b8b7daf0d269f717feecfed22172a2669b83316ecccbefd4b28078ff03dbb398223c608a354c69543949d66678d4f380499b87cb33c47d5f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S31CPB37\it-rkomi[1].xml
    Filesize

    2KB

    MD5

    f79efa99d8e3ac286603f30291c39268

    SHA1

    8c26cd3132aaa98424e27aace85b338ec4c9a55a

    SHA256

    f93445385438baa3ab6e42062bcad6821799222706871758b624bb86c4dcc4aa

    SHA512

    4a1ef586749901b1848f12bef53a81f87b0b828a1588d3a6c11c4ab3dcb62c46d7775dac61bb1cfbbbac6b97d966d9805c523a9bbd717cf4fcbc549040166e6a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat
    Filesize

    1KB

    MD5

    6cde77be99bb58c5a6915bb988bf6973

    SHA1

    0097f7e80bd19a8c13c77c1b10aa1c0f6ca01a9a

    SHA256

    a55fb9cde947994577e9d8f30bdbeb1b2c55ba7bc4c1b0d25dc7649662e39714

    SHA512

    eecfc100cd7637b418ef38a41b8a5189f4ae67b02eff5fbb591abcd1d5c8119518db5f74345dfe1e1eaf6bad3003c88b3f0eac96be9d2624176937c8f1227a04

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\script[1].js
    Filesize

    470B

    MD5

    ce94cb6a06d6c389c2567007bb95270c

    SHA1

    018087e3faf305d9d3a47983300440e100df24ee

    SHA256

    443be08765d70e4bdaa98a2c71dc9564a042af09868a0a4fa7accc00a619819a

    SHA512

    48965c9d1a8eebc2db8fdcccc90c33868ffeb44241eb9e16005966e076472b9695c4ee24d9b787e451d00f864222f22428be29ab09c483d0153dc0ae20ca21b5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\favicon[1].ico
    Filesize

    1KB

    MD5

    d1952318277159108aab56073ea7671c

    SHA1

    9589fc13fac9b091e98c65d2380a18568aa735ea

    SHA256

    c03e0033540218437e3dcdc3a713a8113b5b59a08f5c94815e6af800fce67dd7

    SHA512

    79ab5d9765b23fc92060c6fcd528666cd70ab716610c635aaba6f263eac92ee18bb381aa91da2c13800fc77cc3c793838c1a8a03d39b2e47075630cb49b070c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\recaptcha__en[1].js
    Filesize

    405KB

    MD5

    8e6fb0dd4bab58257748f4f760d4c03b

    SHA1

    2237e528890d4749e7c55a1440a6e1497fefda4f

    SHA256

    3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1

    SHA512

    05c3faacd101dc0ce00abcb775be983e0fb965ef90705bc7a42f9f6320991523de9f42254df296fe27003fd27913e0e459a31a31346d5115bd570becf3884b3d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\style[3].css
    Filesize

    4KB

    MD5

    f3f06a514b4317baaa0d78dbed4bcaa6

    SHA1

    3256cc044ff561aa88a1d2af805a810db429df41

    SHA256

    2e387f20b9e7ab817c79a07e7f26fc016e4053298eb5a6384a75693f619f6429

    SHA512

    dfc839f333e98b6a89e2e736cbd84451a384f9f71e544defedc516b95a169150d125e72761763a6e96dafb2a52f44dfcb1d31554f3432d89a6dfde575e1f53ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\styles__ltr[1].css
    Filesize

    55KB

    MD5

    83f90c5a4c20afb44429fa346fbadc10

    SHA1

    7c278ec721d3880fbafaadeba9ee80bdf294b014

    SHA256

    952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

    SHA512

    4f0d19678a6758e67cb82652d49ee92a3646c3b4b68b93253c3e468e88506bb8ad78942d7be244b390bdd29a0d00026ad561c040c1b557067edc7887fe7119ee

    Download Submit