Overview

overview

6

Static

static

1

URLScan

urlscan

https://github.com/E...

windows10-1703-x64

6

Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15/04/2023, 07:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://github.com/Endermanch/MalwareDatabase

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://github.com/Endermanch/MalwareDatabase
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3516 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          dd82240df63118f82e88677708bdf0f5

          SHA1

          88f0c4c226a301424750136d0fc4866130d72cf5

          SHA256

          86f187644b792441c4b458edd392252a2d5e4460e7c9d414805f045a985becca

          SHA512

          b2c818279fa8b6c2d656385e01f3fc3ed867560568909b41cf8f493bee7906d0316aed4bed1fdc497e8de594887a27c7b4004e8b4c8b967ee64ea5ccf9bde7dd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
          Filesize

          471B

          MD5

          61f066bb2556156889a8186d442358b2

          SHA1

          9bdbed1f4a85de9f036dd7bf593c65fdc744b8d9

          SHA256

          b2488e79e4ec73f46a734a6259f30ce5c10163c612a63ea6348a594cdbcd6ff5

          SHA512

          c78225fa884d1bb34ee4432ccf7191bd627928b7321bfe068b617b8c872ec201c3004386a7cb98638a204ffa3ab0265ede4d8b84f72a0274042b7df4c05c3e57

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          434B

          MD5

          d1d234eab516373f6a048cb7c850e5ba

          SHA1

          4a389d9d1d0688f9fbcbccd5bb38a1893b522879

          SHA256

          15a80fc849f893c9248be92fdd12309e8526692ca1fc7694c019b26b24f32712

          SHA512

          04ed4a771403a05cd1648c2a2bfd35cee4dff2e22d223821ca948ea9faafbaf6f082667f9516e621e5874b3f8bfb7598a179cefafd72165459ea230eea3d4a1e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
          Filesize

          400B

          MD5

          b550975e21e007cb2996e54881fe13dd

          SHA1

          237fdae3142c911bb4b5e30ac3d8385b07423d23

          SHA256

          5056956acdbfa159acf4d369d3ce876bda545c7e02a7f720cda0a94d09e5e75f

          SHA512

          6b512d1690865be819d041b4eeedf0cb71205113b2f0659ac0ecb3e4313b196b9c46c9a9e6c37091e0944ed88a6ca8bf4aaad1ae74d024f87f997801d700487e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0PBDMEPO\favicon[1].png
          Filesize

          958B

          MD5

          346e09471362f2907510a31812129cd2

          SHA1

          323b99430dd424604ae57a19a91f25376e209759

          SHA256

          74cf90ac2fe6624ab1056cacea11cf7ed4f8bef54bbb0e869638013bba45bc08

          SHA512

          a62b0fcc02e671d6037725cf67935f8ca1c875f764ce39fed267420935c0b7bad69ab50d3f9f8c628e9b3cff439885ee416989e31ceaa5d32ae596dd7e5fedbd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0PBDMEPO\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\NNDY7LSO.cookie
          Filesize

          614B

          MD5

          a7109efe50239e5789f6bb3251b89b71

          SHA1

          cbc145512daf101f7fd764cb7f43bd757388a4b3

          SHA256

          2d739a324e93e07adfa9b5ab45b824ba68ced4b06934dbd28496ee0d37f8e953

          SHA512

          5e75da6b2630b0b28228e42362fc6f22163d49338e64fe3dd3ed2122c1bd18e00bb034e73e54a06ce83826864569f2cdc395f475e5a6a3c321dda130ca922336

          Download Submit