Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://lol.zip/

windows10-1703-x64

1

https://lol.zip/

windows7-x64

1

https://lol.zip/

windows10-2004-x64

1

Resubmissions

16-05-2023 20:56

230516-zq4aqsce86 1

16-05-2023 20:55

230516-zqq1eabf7z 1

16-05-2023 20:51

230516-znevcsbf61 1

Analysis

  • max time kernel
    319s
  • max time network
    1801s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    16-05-2023 20:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://lol.zip/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://lol.zip/
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4112 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:68

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42A8D58F9A237D75EF41BD5715DB567C
    Filesize

    525B

    MD5

    43968377194d76b39d6552e41d22a5e8

    SHA1

    77d30367b5e00c15f60c3861df7ce13b92464d47

    SHA256

    349dfa4058c5e263123b398ae795573c4e1313c83fe68f93556cd5e8031b3c7d

    SHA512

    1a46f732f5ec8ad2579a2a8cd0d36c8e3dcf056a8614e076784aa26fc6d82157fa539d43fe3c51b3571b7e77a3282edcf4017ec93e5ac3924ab3c0db5dca43e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    59077241ce0ac9ac8eb9b9310aad1952

    SHA1

    e55ab1ccbe4d6b0c3cdabf5b8b7b06a2957e05b8

    SHA256

    5ac8fd637c49c033c7f208265b0323fb9a626767da12d460b9d550e4bcb92399

    SHA512

    3b603aa5ddcb00830d46c4eae716f9b4e2493729a21cc6be0d257046ef23f78882446f84aac06572c0cf9a10da0f89897fda8bba078046b84fecd8d6992f59a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    6514da914e04b827c10d447fda4ff83d

    SHA1

    ff5e57fd14a17e79076f48355c00e6ae1b197e10

    SHA256

    62867fa0427e19e2d9f7fe1511ab8e3c05a4aa483f5131da0a8fb9506fc3c22c

    SHA512

    cf23732b6701d735009f5ce3ff454ff7dc533b615c993fb205d33c6d8974b225339a22b7da2b58754d006bcb895afc0b7af61019cc18b4ac553cc22a2aa163ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verE534.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6FGHNCOX\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\V8QAAO9S.cookie
    Filesize

    610B

    MD5

    5eeb2ed640fbf7efe45b5c4c4e2d893d

    SHA1

    9cd5c8a3d27163630e173dc0b7804f86acbd14a5

    SHA256

    85cf501a6f7aafd213df62aa6273d39ce33fd2698fa0b9bf49cac2773d7b1121

    SHA512

    f6d468b97930a03cd4a47330e752a0a5985c95a0e87f28cd5eb3a950f963e871e6dbc6c4e30878e7b55dd74b086bca68d2b6d268e29e9cdb83a17b429b0a1d6e

    Download Submit