Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://fe2cr.update....

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/05/2023, 22:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://fe2cr.update.microsoft.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://fe2cr.update.microsoft.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:900

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    1KB

    MD5

    841785fa29e2c9c554cfde87bcbda6b7

    SHA1

    dcfd3c07636dbcea62a23e20d60e268e476a24c9

    SHA256

    4f072540751d954745f9db3db8ddb93c122a52700fe4bc5ecb977c2c48c52562

    SHA512

    e9ff84cd3b073e01cd68e70c5e5e9b99f062b552e9641f21c3273497526d158f88baff8a3b08098bb65c353c3f2af8acd8cb3d14079f853ea1bedd655178fb6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    bd71617256882953841a8337a4dd5d5c

    SHA1

    d9b47492fafc72a5fbca10c56229fe6a2757331a

    SHA256

    8f2693e8b656256ad2faa63c3421eb6f1a4e278d2e2e3cc97d5acd5642f97ba2

    SHA512

    2d40d636e04523d2095e6896f24a911c523d581b93d486af41275b3b6dc94e05bf5e4de8e2c8479886e4c3f2ff87215fd25c028846ba5a868258875dcca3fa2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    446B

    MD5

    e226cc19a05175066d01ff40aed5c5d9

    SHA1

    cd9ff06091a9692d73f3a13b427d233f6b0280a5

    SHA256

    dc303b2ffb3a4f7f7689607d1414ea93cef04d961153fc0b7ad73f820a5a44b0

    SHA512

    418b9e16fdfb93e117cb079378481a5a9e85863b6ff5912bb52f5ecca49255e51cf8500756ba56cd931b34c2454e31a89d43a0a96f93cfcaaea34e631b37a8b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    c4d62edd6344ee94d7f151242713458b

    SHA1

    b24015cf114534f0e39e0e7907da7564a50b8423

    SHA256

    1c16657b15b03d39170075ac53a0856d309981f3ad40dc35e1ad1a8185cc176d

    SHA512

    2d82d69d14ed8c6963ac00bc1da5de0bd46d1f3131db546a4beca941d679a4d3e250d4f063bcb08d519b77e6499ad24f34ee3331a99af1db8ff31e01e2f10d01

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3JVZUD1B\support.microsoft[1].xml
    Filesize

    17B

    MD5

    3ff4d575d1d04c3b54f67a6310f2fc95

    SHA1

    1308937c1a46e6c331d5456bcd4b2182dc444040

    SHA256

    021a5868b6c9e8beba07848ba30586c693f87ac02ee2ccaa0f26b7163c0c6b44

    SHA512

    2b26501c4bf86ed66e941735c49ac445d683ad49ed94c5d87cc96228081ae2c8f4a8f44a2a5276b9f4b0962decfce6b9eeee38e42262ce8d865d5df0df7ec3d6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3JVZUD1B\support.microsoft[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    771B

    MD5

    b19519d64f538b30d98004af9d3321fd

    SHA1

    50e592ac09c2d06ada4ca7e198ff0ed4bc9c1d59

    SHA256

    1f9e5002acb2ec59401373b437054846a90f194ec750098864341162f32b5441

    SHA512

    8f04cc25855aa4d28806a33ffccdbf99c0244638ae5c9ff9de3d94f401ff38b33966a5ef10f4d3f51a7603c57f6d69cd7c575d053979449041573b5a1e264425

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\favicon-32x32[1].png
    Filesize

    631B

    MD5

    fb2ed9313c602f40b7a2762acc15ff89

    SHA1

    8a390d07a8401d40cbc1a16d873911fa4cb463f5

    SHA256

    b241d02fab4b17291af37993eb249f9303eb5897610abafac4c9f6aa6a878369

    SHA512

    9cbcf5c7b8409494f6d543434ecaff42de8a2d0632a17931062d7d1cc130d43e61162eedb0965b545e65e0687ded4d4b51e29631568af34b157a7d02a3852508

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\OffSMDL2.4.50[1].woff
    Filesize

    43KB

    MD5

    4c6c928daf19e2a06faf12bd2f002d2e

    SHA1

    027d4709db809d9e9b2627b74a152aec29066ee8

    SHA256

    2c9728c235211d8956826af42d99936b409536e6027e9162835731d5b005d462

    SHA512

    62445364d9696d1ffa4bacb49b6d04d4d2415d3145b628885d48348c233a11fa336c5de8133564c541d73152950b33a3661f190d3f86a326ceff13cb0d52005e

    Download Submit