Overview

overview

1

Static

static

1

URLScan

urlscan

https://i.imgur.com/...

windows7-x64

1

https://i.imgur.com/...

windows10-2004-x64

1

Analysis

  • max time kernel
    67s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2023, 12:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://i.imgur.com/aRl53RS.png

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://i.imgur.com/aRl53RS.png
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1764

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73eb6c8d5c4e5ee735d0059bcdc05eed

    SHA1

    acce5cb919a4bfbaa1aa2ceaf16837f8200abae1

    SHA256

    4e44ebe53c677267bd5691e2be180940d30d2247b4a9ee234cafd3319f83f614

    SHA512

    4fa95ac63f8ad8703e5a91041329e702537e5773a2f23425374906e33462dfdb70813b0f2c0bfc5efdb4c341341f93b9b0ff48849acc0cfda7c6fd3b0872d899

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9dc26082b2e8f613e7f41eb47e30df99

    SHA1

    28fc9e89f503981f70d08884dad5f4c2e16a5bc9

    SHA256

    c77fec7907922b70ea7d5313708d3c142f76a21882c77c0413985d6215035461

    SHA512

    a1e9d3f616b9008cc60388b7b4a7b74a80dfa57302cf9aaaca2194f8cf4b891a9e3a9bf686ac58e7f296df3538b234c719eae78fde9128b558153aba4482885a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bdbe59c6f90200dd9f1d634f03a9fbb1

    SHA1

    915dc5df84a1df8edb406efe836cf5aa16e2f281

    SHA256

    7e700dd67db7862c89b28895d4edeacb741f6cce1bd7521dd736f11bb8a5f79e

    SHA512

    b9850d560dbe4787f9fb0b9c29e277e652904f937ba4023936ed7c9ceca2a04ecba37499914dc895cc176fed6b00e04b84711baa4df1f68bd632e1fc114125c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3988fbd5a9573392c71baa56528ce15a

    SHA1

    0e770bed09a57229b19b9c8c27641c8adbe5b7b7

    SHA256

    140677cbeaf1797391fb1b2f69d60c6d13e9d51ddb9d3c3b1feb06292882aa57

    SHA512

    1b9699f01a8b0c523d633d876130342af1e9cfef925e0b99a71afc9a9aea3264963a17e3b0743569e21940ecf52a56a70d1918f0f46b5fcf066348f6f39076d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4de1d45995be413f040a50a32071787f

    SHA1

    5437e4845cd6ad3f3baba0681b59dcc73bd55c4a

    SHA256

    5aabd8b9636d953939a284c532b5425d9c02b5e1091b0fdee7270a0c5da4df7a

    SHA512

    7a4874c79284b7c7ecf7f6d99a26234482880095ec8fc105e66a1ab4376c24e246f2a0bdbc17d7343d547f02aa89d85ce6ab69ae1d9c2afcd4e80d16b38c4356

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20011ad68722143afad62deabfd333d5

    SHA1

    79a3d1dc8113beba7a430336ae262b103ebc4fe0

    SHA256

    619b0d0734ea5da5a60ee6e6761f03a7a196f0594eda9c15d8a7ad40302e5895

    SHA512

    421b97b789fda26ce032c4b0b0959eefd13e8d2e8fd11b404876af52f61ac1db12a36c3f901b897129e07f735c8d7552dc2e9ff924109ffb386bf710355d59d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78ad245d11899eff5b00ea4485914bb4

    SHA1

    bbc0796c7b328371dde96506111d266b95212d58

    SHA256

    2d41ee65551f9cf37b105e5572caa7c515cc840c1d29d0dfc07f09b62e8abdbb

    SHA512

    24c12c9a74e0ad1ce07a3a788795699af65c65179ddaa8fd4e3e9a931e50ba5150e94636ab9542f532721efa36b0f425af6d9822fe09717464f3f0f01b6006dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    630d80e5f39c860b38a7f55bba58a624

    SHA1

    75644a0f354f2da62da9f238754aa192b7aa37fb

    SHA256

    cb482eff3b355831411b58645dca2e54d1b80804a941d87691a12c6ae1d51d24

    SHA512

    06d92ff6b65dc8e17a251519d46b1eafa906d016e2d0897c552fb04705ab479a1d547d52b285682ab59e8be59bc6adaf3a7020424ca79c395ffaf8b438482c1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ea23763ccc497574b1f5848f25601bd

    SHA1

    8f3846f19d6a4289278e4dfff08766bd6f13c465

    SHA256

    9907d054b60736a99088ce38fabc9092220c369284d5085047b9fc088266c7c5

    SHA512

    c80d8a82a0c75d3adc892ae5c18df81568531eac0d4dc292bd742bb3f001e9b3a38975d709af6f200a07a37ea4e2ee9f6f807a27bf709076547ef2d587d03f24

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z62wpf5\imagestore.dat
    Filesize

    38KB

    MD5

    103dc022a4bfb38019d76b0bf476c5b3

    SHA1

    e00f89df10eabbce0a49f7caa13cbbf8abf35ac4

    SHA256

    033420939f962f11d07f0bd9b736358e38363a289fba93254f16071a99295778

    SHA512

    88709f8a3db810a39c83d9e8b32788a3afa8d09e2988d8a4899e303237159bef9265f93e0079aec82ba7dc85b8f1e112bf42d74d7e9bab05063fad7e9a7ed176

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z62wpf5\imagestore.dat
    Filesize

    38KB

    MD5

    103dc022a4bfb38019d76b0bf476c5b3

    SHA1

    e00f89df10eabbce0a49f7caa13cbbf8abf35ac4

    SHA256

    033420939f962f11d07f0bd9b736358e38363a289fba93254f16071a99295778

    SHA512

    88709f8a3db810a39c83d9e8b32788a3afa8d09e2988d8a4899e303237159bef9265f93e0079aec82ba7dc85b8f1e112bf42d74d7e9bab05063fad7e9a7ed176

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\favicon[1].ico
    Filesize

    33KB

    MD5

    c2aa5cd03b44bb2ff874837bc56cd85e

    SHA1

    7f567872dae7a3d183f03783972a05879baa8853

    SHA256

    17b883975935fa4f463d771e4679523645f11991e728881d7a0924b8aa95177e

    SHA512

    7bffea0be80e1e096ad90bb00cdaa138df71b14a0506ca49056303b77b1fe89b4a6700da235f9a8113b55fca56d255721f086f58c713af894bf99dce79d002d5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab257D.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2797.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\U45Y2M70.txt
    Filesize

    605B

    MD5

    e852b606e5303b92070bc0a06563e62d

    SHA1

    29b14f075df5dbddf02b94fc86ec07994dd95875

    SHA256

    f999a1d177a55c9b3b1f36cbe14c8e41aca5fb7af1a4463097f7d6db8d95c9f8

    SHA512

    c18e65707d5d567d74efd5a2cac7fc440312dcd000f0cf7d377fb6bdaa752656f6644cfa715950f31cb2bd9f31fdb0b8c44ac8c8c14c7a7526e22bf4f3af2c4e

    Download Submit