Analysis

  • max time kernel
    133s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2023 21:02

General

  • Target

    https://ipfs.io/ipfs/bafybeiebvrji6sipvpmfs5mfwn4hqeuds7hqqitij327v4biuchxty4x4e/mikellybox00_cham-eyu.html#[email protected]

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://ipfs.io/ipfs/bafybeiebvrji6sipvpmfs5mfwn4hqeuds7hqqitij327v4biuchxty4x4e/mikellybox00_cham-eyu.html#[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1404 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3112

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    931ac31f82e01c4a5ed27d29ed4ac208

    SHA1

    3c0e857f02516e94d3086ec277790e5c2c4bebf4

    SHA256

    25f80b41222c619107eebc45f57f927f46cdd4fc8370183857e6893015437a60

    SHA512

    a21065c11a9054ae76793859dad589aff47cb98ed0557bdb334ef1c216038635c3b5841406a21969af77775334e316989f29195beb415f7fdd409f53b6589ec9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    6ea3975b626d7417dccf5a008055d19b

    SHA1

    7d8a37d87806177b20f0f3b3f177a7529bcfb745

    SHA256

    e0ed94ba33705f727a0eb3005b7c374e402d0bc593e9554256755bdffabf893d

    SHA512

    1c1835781c51da89cfb898963de6cc1a29407d3bf9c36311a022c40a8347bcf8eabb405d78e854b11331594e195a138c27dedee2cf84b22d655ca617dc4e100f

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat

    Filesize

    15KB

    MD5

    a83c72b64b8390a4028436f49ff9e013

    SHA1

    7f83ea4ddd19dc6870f23eaf2e43fa8d86ec11fd

    SHA256

    9f99292d1d8b706e4ea454d244f3eb9f9a9657ae01d5ca2e682640f4ed5e1c12

    SHA512

    c1bd82cee2a7d2ecce383a9ffd12e754e6bd2d989d8a5631566e6c169ddf7b4e5aa68ebaba4b1f53f60f4b7e37892cbb4757e0f3dadf0152c8054da44c82438f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\favicon[1].ico

    Filesize

    14KB

    MD5

    ea7d143efe3c01de298f9f1130e8bce5

    SHA1

    4672164fab3870dd901034abcf3d35998ac94dbe

    SHA256

    94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456

    SHA512

    b9b76ee9964e836ea720828e77952e89ecc318d55ef5107f89c11f666c1bc0742d1bdbad0bc1cad853d93d1e150664056705ba3688544220759e9f4977800a8d