Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://wowroms.com/...

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2023, 11:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://wowroms.com/es/roms/nintendo-gameboy-color/super-mario-bros.-deluxe-usa/11633.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://wowroms.com/es/roms/nintendo-gameboy-color/super-mario-bros.-deluxe-usa/11633.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          173a79e136330a70b71832e4563d1b42

          SHA1

          28b14a7bbe8a20fb082b36a9d2651e13fd1d14fe

          SHA256

          b3a892deb1113445e59cd3ef9ac10f02a8792652c30a2effe4cdc060bd71a03e

          SHA512

          b50efc28fb0d1731a9e337b531660c20c0d4046f2ed81e8085f5a9ca1c44b9960577fa558d729b48c8d3328f2599d1e27a19c4e59ed97125deee6a638fa2e880

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
          Filesize

          724B

          MD5

          cfbc16e33dcbef6f773f0f79af528f45

          SHA1

          ecb8d5e8107bc671dd57fb2a137c00bffa419f1f

          SHA256

          f0937890fb1053069baac97b7992c6d22cb74cae20317fc05d51070d96950ffa

          SHA512

          59ac2ead1eb84edffb06867850beb1e63f72c5b5415abd2fd4e7c2a1922c368f612d2a0288c00e32d5da47c4a77968ffbe72660a8d1f577f44fb20df9c11a4af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          434B

          MD5

          6b40b719610ba372fbecbca9900cce1a

          SHA1

          517204c17220d40bab89d3aa6c35c3fedf98daeb

          SHA256

          8a880cc1f43cacd5a413088fb8f1fa52d33a9651f13c1430d213d9e7f92021b0

          SHA512

          981bff6df0876353b9fddbc05ce191d3d702d2f77ccc89bf213a4c9369a1a625d510ac0bb10e00b08858707c8b68b184438047f78dcb443a82f2fbc6ea764b49

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
          Filesize

          392B

          MD5

          29574cfc145fdc8b15207c63ef6f0762

          SHA1

          d959e26afb1d3b1712cfbb1551cd0899e5900112

          SHA256

          f3218cddb2f2174b2b85221ff2a76cdc55fe08df8e6cae84c07bf66ce85feca1

          SHA512

          b319457d034fcef23aba0d9790752c56ec6e0f10863becace57b0890cb8e44401daa5e46c749109e7ed412a6eab46f4d02995b5051393cd07d416e6aec5640ce

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\0TR0Y9KK\accounts.google[1].xml
          Filesize

          17B

          MD5

          3ff4d575d1d04c3b54f67a6310f2fc95

          SHA1

          1308937c1a46e6c331d5456bcd4b2182dc444040

          SHA256

          021a5868b6c9e8beba07848ba30586c693f87ac02ee2ccaa0f26b7163c0c6b44

          SHA512

          2b26501c4bf86ed66e941735c49ac445d683ad49ed94c5d87cc96228081ae2c8f4a8f44a2a5276b9f4b0962decfce6b9eeee38e42262ce8d865d5df0df7ec3d6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\5N8RROH9\disqus[1].xml
          Filesize

          13B

          MD5

          c1ddea3ef6bbef3e7060a1a9ad89e4c5

          SHA1

          35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

          SHA256

          b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

          SHA512

          6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\5N8RROH9\disqus[1].xml
          Filesize

          239B

          MD5

          e5227fbc4fa1c388bf9e51f0669cedd3

          SHA1

          d731585cf5aaf12603d579245983914b9ca04653

          SHA256

          5832c31f80964630dc21f482a9c311478bc962d7a0ecb11f082e66cf4d76a97d

          SHA512

          c38f5d0dc685c62c07cc3289ff68e3e0b4b8642caea53fc530084cb67c8d0d9e5d66f05a685e9be8f1eac8b437732f730d33e04ca2bdcbd67373c42649d07dbc

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\5N8RROH9\disqus[1].xml
          Filesize

          323B

          MD5

          dc23fa6d0d8b7312d50168ff581e6373

          SHA1

          72c25b683e337beed6f5d1bad21d61d6caa99022

          SHA256

          bf21d40ea813a3a036f60b41ce9c1ac2ab0ddd95dedf942e0e76964bda8cee4c

          SHA512

          b485a5a90a918987e069124fdf9340d1be5fe656276a2ee29dcf3f742a2a063dd24b2c21b79d68cbb6f6a7871321d116142e70d6786a19bf2755ec709464b01a

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JZUJ23DJ\wowroms[1].xml
          Filesize

          16KB

          MD5

          ec75ae68286fafe9a43f70b1c2382e3b

          SHA1

          9209534f429588dac08fcfc1f177ec63fecb9020

          SHA256

          2a58f9ad3095c847957a2d2db77b3d378da226be4a3e48a92473bbe48740c33e

          SHA512

          5cbf4b6b5e2f5fa5052a54444019b762487b47046f9fd3cc710c962554605f44e763f3178cf4ed1de4fcfe636e062705d1949f37968d4d2ce1977f27f9fa3472

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
          Filesize

          1KB

          MD5

          1c5a34c954f1ff4e4a021aed11e00706

          SHA1

          4c0bcb6ff6ac28998fec42f79dd6e7fb7578cbe8

          SHA256

          3eb1bd38463f4219f2ee4a90d600b29893d24982c60992706e993be599000bd0

          SHA512

          33b8f768b55ea4656986a310cf1ea825083d4e612146598c1f241fc36d970e995cd01bc59bc8528ad7281ecc368a8b2c2b203992faadb37869274d607480c668

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\f[2].txt
          Filesize

          27KB

          MD5

          74a286b0673f0b4629d9a397e3c08b7e

          SHA1

          eeaf98a8171f9b5ab6dce5e0ab9422b3dce6bff6

          SHA256

          fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

          SHA512

          ae04e67baa6e534a939201d3642ede361ac5a5dfb06f2bee4f303b7957f501f8eef65ba97e0e38f81a88af6f3650c6f443ac80f792082815467a09211f7ea4c5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\pixel[1].png
          Filesize

          170B

          MD5

          e7673c60af825466f83d46da72ca1635

          SHA1

          fc0fcbee0835709ba2d28798a612bfd687903fb5

          SHA256

          0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

          SHA512

          f1c33e72643ce366fd578e3b5d393799e8c9ea27b180987826af43b4fc00b65a4eaae5e6426a23448956fee99e3108c6a86f32fb4896c156e24af0571a11c498

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\rx_lidar[1].js
          Filesize

          158KB

          MD5

          5c7f2e4c1539f0d7b427b4e470201ef9

          SHA1

          1b7accb5fe358364efb42c2cd788a2cebaa1ffdb

          SHA256

          bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

          SHA512

          299a43229d10f7d21bf5a04f199049eae3fdb9247f0f66e65a275b4b6763063b48fb6c5231fde4de1300ccf800eee2d89a8510090cbaeaa6afccc22d7351fdd9

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\9pLw7ZIMn0md49dyndIEGeIic6mDiMugJIU-CNIvH7c[1].js
          Filesize

          37KB

          MD5

          36b7cf13a1d7d94c5df96fdfd02a4fd6

          SHA1

          43b02150634ed4f23825c957683e2f0c0d576a77

          SHA256

          f692f0ed920c9f499de3d7729dd20419e22273a98388cba024853e08d22f1fb7

          SHA512

          be05a660f6a9773ff7bac57a046c4ef8cba6589ba0637f38f55b9129bec06e21421f8f212acc8d3157eda2c2588587e17918dcbabc8eb8da99088c595c7209cd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\f[1].txt
          Filesize

          159KB

          MD5

          c25ee820b9b367f324197ab5f5d8b7da

          SHA1

          ad3791eff7bf60636c6153c60f25330adfc681fa

          SHA256

          c5405884e23c536c94d48a5e8fa01e50a06850eaa5f840e32d323e7bd0011b7f

          SHA512

          de0eb97caf724c3a2983f93249949afd86dbd033ed1192304a434196038df756af9813a4a52e431ff5f905346abe7466800dd6d159f5c580b6121545ea439349

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\f[3].txt
          Filesize

          2KB

          MD5

          01b5d2b1c33bb607d605bc345663153a

          SHA1

          681e30c5eb4133c11e621d351218121aec16f354

          SHA256

          9de103952ef65bbed1caa4c723a8c4a88760791eb92dd092e410f643a1e256f4

          SHA512

          4bf150c698930ac0e606ee4ee4be37abaab9fd5bde1fdef2dbb95a9289d36a80555208038a86013d1d33665968498e3d4ff8e8668dd5d08bbdfe5f85d7546f71

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\f[4].txt
          Filesize

          27KB

          MD5

          f67ac44265a95a603a0c586b3784c995

          SHA1

          3d3a46ec7f359d814da7a0c205221a8f851e1364

          SHA256

          97d7b972404c907e926e9084e68d9da12f6b2e87ea898400a62f6b7c24957a1f

          SHA512

          1254549a485dd7191e36e5dcdb4467c838f6ce5136ff8c5a0383fcc39864f6884d991ce4729b0ecc651cdad630ba8041f3bd20601a21cb5f0206c5e2285d0c7d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\f[5].txt
          Filesize

          2KB

          MD5

          43df87d5c0a3c601607609202103773a

          SHA1

          8273930ea19d679255e8f82a8c136f7d70b4aef2

          SHA256

          88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

          SHA512

          2162ab9334deebd5579ae218e2a454dd7a3eef165ecdacc7c671e5aae51876f449de4ac290563ecc046657167671d4a9973c50d51f7faefc93499b8515992137

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].jpg
          Filesize

          981B

          MD5

          f4a36f535cecc1215c7ab32efec17cda

          SHA1

          a686e4879442cdca32a398361a233195d7a3531d

          SHA256

          d3a4f099d7bb9d70b5e9d6987db607d3ab5b587014a7ebd42979a6a80a558a43

          SHA512

          2fc721ee976087e16ab4de9f7c1e30084f42df4b785185fe11504528bcede7a5e614dcbc9d8f1c7765aff0c5f7ba0f3f11367cd41caf5426e34abaa91c22f39e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\029662e016002e99f5b262f83393821f[1].js
          Filesize

          46KB

          MD5

          029662e016002e99f5b262f83393821f

          SHA1

          93a4852cee85763bb8ed26e6d8e8d2d04bb2505f

          SHA256

          4d863150cf103d04d276d335d0708d9fc2b9ad3d3cb5a36a48b92d7323cc706f

          SHA512

          7062741d36d521c377c6c4a71e339f10fc877a0714700095e4d983cd8d93b32913616b266b25eb771d6a743dd2f75f7f6eb753ec3e6c10da7ca4537f6f1839f8

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\f[1].txt
          Filesize

          160KB

          MD5

          447c68858693f244313cae9ee43baddd

          SHA1

          7e28b1f2eff29fff826a7747262f41adfbd1b50e

          SHA256

          1f545431edb9ee771034fc52b2eab617ab83af42f44fa6b3bd5f06421cc7b6c4

          SHA512

          cbc3fcfc6782715158cc9c4c5da234f93133591d967ec093bea52b098ce53b26ebce73c282fa0686d1884703ad86900fb5de4923d5e9b72496fc32bf3a1916a2

          Download Submit