Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://novamedicalc...

windows10-2004-x64

1

Analysis

  • max time kernel
    34s
  • max time network
    42s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/05/2023, 20:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://novamedicalcentre.ca

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 25 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://novamedicalcentre.ca
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4280

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\299A946F8A19A69D42846BDEBDB471AC
          Filesize

          471B

          MD5

          137873172c6402db8e523b7b59370a40

          SHA1

          1d5605a3ff2df6063817b0a0fa022eaf5c22d058

          SHA256

          cd1657ec622ac6d60905d76fc9c861487827c759b9b163468643753117acdf7a

          SHA512

          4ce83bc6dce0f574d378dabe75326aafa26d5455add2d40ce77ee8891ca589d0cf13afc1fd31b53be6829fa9fe397487ec1bcf119b9b4fd6e6ae98ba771c00c0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          94efe971fd70d9d426978045456a879d

          SHA1

          97f170ffda6afd79be0795ffcc37c7efd82ee801

          SHA256

          fcfaf64c502c0feb0175aa72247927eeecd556004302a20e09f6fdaa644504e6

          SHA512

          baf5e9e1e9bbbaef3cd6365ec2b1c71314c14d0acd5837c1975e71a374b9fe724035929b47fe5bf5aef5845ef6eb17b178f20460b115419094733dfc8a27799c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\299A946F8A19A69D42846BDEBDB471AC
          Filesize

          484B

          MD5

          04a8b424c424412e9657ec6fc8c00824

          SHA1

          a98a98ceb50148e210d30ace1b4d05e3c8a8d93f

          SHA256

          aa1b3cda4175a4ef58b74ce5631b62cd3d2243cedf4a6a7af9f47afd6643edf9

          SHA512

          db7c3c5b2dfc9727acc39619a290f94a5fc12f8b8253477992ea45c755d16629127682f73941e3a17c2d2747d84427c74ae189ca897abccf48f51f2913b0912b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          ad078bd9a7a9560325aafd48caf6112e

          SHA1

          d78008206f92b77623006b22135c86a7950d99ad

          SHA256

          206a20907f71aa9f295c40b0f77d924b225a8ac66c5804316ab82c55a623f967

          SHA512

          80ff79604a09b1302987a54f5946b89a6426cf025fca74796d2567f40c7478b3a3d8117ce00c09c154717502cf4edf364f20053b9e4e08cde83dcf0db48b158d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
          Filesize

          1KB

          MD5

          2671316a6a0ed4fee34dff7d37f8cdd4

          SHA1

          6a106c70a1bf343dc3ad1779c84bb8a76b9fae98

          SHA256

          721152a33a005d70889603c06fa2185c8eb1924d1201e543f3450a25c04494c0

          SHA512

          637715da160c9f4afa68f77c2ccfb6e34e4c9a72ea0dbe27ce22242172dd225e556fbce941c396a391c2f27eec7cd6ae2a204a29da17873687fd8ce0425623df

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\da6061_359d886b4947440fb19f22fb07897838~mv2[1].jpg
          Filesize

          1KB

          MD5

          9e51c083b8d5fd020cb3ba8e1ec8bb6d

          SHA1

          53049a0f259904696002a494a355fdb8424a17f8

          SHA256

          787fc73d99c9a47830c0543775eb6db18a24701bddbe0a6d161b5fa328daf9d2

          SHA512

          793eed94cced1950a51a36000ec6dc6c2867ae614e6bcfc24efcff92676b8a49f4f3acdc623768203cf2afd64cafc590b3b7aacebf2cf0124ce4295709f2efcd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\analytics[1].js
          Filesize

          50KB

          MD5

          4507839525a19180914799b08fb5fa5b

          SHA1

          738d7e47e47a102e67d09efa63408d21aaf02245

          SHA256

          e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

          SHA512

          124bb24b26ede426ac7ef14db40ff894ddea6eb9c7a5bf408fd83b116bd55ec86b51b6839d5eec7ec0f481aab940795006005b4534dff6cc0f3a6560f7cf9bea

          Download Submit