Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://gofile.io/d/...

windows7-x64

1

https://gofile.io/d/...

windows10-1703-x64

1

https://gofile.io/d/...

windows10-2004-x64

1

Analysis

  • max time kernel
    600s
  • max time network
    867s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    17-04-2023 16:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://gofile.io/d/qXvX9j

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://gofile.io/d/qXvX9j
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2420

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    60fe01df86be2e5331b0cdbe86165686

    SHA1

    2a79f9713c3f192862ff80508062e64e8e0b29bd

    SHA256

    c08ccbc876cd5a7cdfa9670f9637da57f6a1282198a9bc71fc7d7247a6e5b7a8

    SHA512

    ef9f9a4dedcbfe339f4f3d07fb614645596c6f2b15608bdccdad492578b735f7cb075bdaa07178c764582ee345857ec4665f90342694e6a60786bb3d9b3a3d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    c5eac463d1d45a752223572efb1ed5b1

    SHA1

    649fd8bcc3705d81012acfa09c56b92280220168

    SHA256

    93ec76a088937fb866ca3347ae719da9cf3d6a12d47711d6f548c7be9d827150

    SHA512

    88dbbad2ae7d60f1166dbc26fd7ea7cd958e30744b6fe0f2ee158bf28025dc753544b28c06b2e1e492d9ef725ad8926fee0c37569b0e902d549864496e1d843a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E748DF9A3D57C804FB19B3A64B5DB144
    Filesize

    503B

    MD5

    68aa1eb7464fd5a61930ab75b9c16ce9

    SHA1

    895db88dfb5ced842fbb7bb751b561ce827e2c04

    SHA256

    ddff75e921779c1a026c0c5b83d6f84bf308779778eeceb71f9ec1d8dacd8322

    SHA512

    c325b457a1eecc2f79762d2898559b4c26c3553b36e3c34bdd631ea75b3562cc6bdff89d5ebe52889f2a24826a95042c4947eb647395769d130e8746d45c0056

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    9dc9e6654312ce020cba9824bb563202

    SHA1

    fe880390fdf5c4c97446129aec086efbb2850c8c

    SHA256

    2ef9b15a4ed9c4faeee3599ca9a71e67431948fe0f1eab52462e147ec1dcb9fd

    SHA512

    72abca9e0cc6431e4896de93780688d680e4836c013e5f0c3f63d91245729aa8f03a39194702091910eb329e9b0ac05a72ba3d3c4599e131b102fa27fe02465b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    3612d41c7d7ddf76c9d3f9c94a758adf

    SHA1

    b3c2b582e592e830ddc237747f883aaf3507b096

    SHA256

    50addfc7973c3ecc9a15ec759eb07213a0fa0e66d3fd5b9c439c393bc25a2c61

    SHA512

    173ea3c0beaf5f342288879e84c558c693531f2f19ee31a343f5654a12506a3df677dfb239252aa168535927de7e3078312cbba3eff36757384aa863c58bf52d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E748DF9A3D57C804FB19B3A64B5DB144
    Filesize

    552B

    MD5

    1f94625968a1c87fb7a33028b9368f91

    SHA1

    1a7523d9532496d4cb6dc930b589106619400a8f

    SHA256

    c3045101fb248757cb1d249ada84e086f3aa98669214a9cbc6018bd600abb71c

    SHA512

    9b64e44077c125efb5c951f2c5618cf47bef641a08cf5f3a1f84f6b0bbaed047867b84c13f611eb014414da68e9effba5f192ecfefb1cc5b0c2a089bb64cbe48

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IV9H23MJ\favicon16[1].png
    Filesize

    503B

    MD5

    ad98355e85075a8ebc15a01f875e1aab

    SHA1

    de8398fdfeb3bbd48a58a8b12453e1fee61e5f2d

    SHA256

    6a437098dcbb8a0354ae28a5f7825685f471c13cecb83186cc950844df7c76c4

    SHA512

    1b5d5402256ec3ccc20f1b1b635a9ea16131c2aec49c94105c8b7d3e32c9bfd45e937bde8af35ced6b22f39526de2672ba145ec43f49aba4d7a66da79e13819a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IV9H23MJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\A5GCDMB2.cookie
    Filesize

    613B

    MD5

    a21759a2c5d241b39251c57c90de1695

    SHA1

    1cf714332bad97db7321988bc3bd35d9a95ff76b

    SHA256

    1127f63060116c36c3243aefaf5a79f1257f9c299a2fe5925de589d21661dd99

    SHA512

    8a6c143fe0cde019152d3fdc8d62717fa4ee11faacc6849d4d3bb4312aa3723e57b1117b6b773a2f4524533875c894df3667f8497a843fe830937db32a2ab69c

    Download Submit