Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://vk.cc/coDeF9

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-06-2023 04:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://vk.cc/coDeF9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://vk.cc/coDeF9
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3224 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1064

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    0a18c4e5d48519f11d47e21d48beb4c1

    SHA1

    ef72edf3da93c8438e33829542296d86b9608d48

    SHA256

    572990d6df4be97a68222158083b64bc4391b26347069435b00407b3fd1d0e0e

    SHA512

    d6b78a5a080d0339a58a490122c80165dd3cce9ef1aad17e6363814859116c91a05142a5b8a7de4cbae658c9cc754dbbc1c99f96f139a17303db3f749ab6b7d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    071874e6e12058fc954e50ff9886fb4d

    SHA1

    a584301e9f9dc81d1cab4e9143310ad96e444161

    SHA256

    3e19e04bee7c200a757a1603fd8c743758a569b8c8abd774c6ac14236ab2ca9f

    SHA512

    e604bb60c0f5b6a2f1f4b636e6fd93bea6e2b9d4f5c93fb6b3a3fa1c8e44610122eea8af4f63a3646537fa18def2a896fe3eb6b88a928854092eedc62e876cc6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XN549CZK\nsk.travelata[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XN549CZK\nsk.travelata[1].xml
    Filesize

    2KB

    MD5

    e91cc7e17b48412278663c0994c9c8c3

    SHA1

    bfe3cae1d5f55bf38c5a016e15c8612f8637b896

    SHA256

    90182432a2a0053d524685593d36e72d2e118c8a071f8675b19bbd538b4b5b89

    SHA512

    5dae3ecb0d112ac09d169f856dac432d5abef22daeb17338a437f54345e02db0e92c82828fd71ab7d80e2d42433cac9cd45dbd28cc59d5bf145883bb5d496250

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XN549CZK\nsk.travelata[1].xml
    Filesize

    2KB

    MD5

    2e19abda375796c6b79070e40f67fef0

    SHA1

    38606ac91340dd99c6f4b5cf6a2441609556faa7

    SHA256

    6e2c902570b800a411b6cdbbb5a20c916a12053b05468db3f03aed8ec44a5084

    SHA512

    8a1f8c4a19fb18d842c03de35441af0e413e25b2e406c354248bd375437798f5158a4886358133482fbdaaf1f863442e8762998efae8118f2341b1b9ec2ab95a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XN549CZK\nsk.travelata[1].xml
    Filesize

    2KB

    MD5

    0e9037ec4202ee2c5f24e7df5d14cd85

    SHA1

    6fea4b249de5323bc4efb66a03dbe34262f24d5f

    SHA256

    2a47fa5fbc7bc8b79f0333976cc807088b5104976cd0cc99533adf73aae0b4a2

    SHA512

    abe7431d8b67c44173bd7c1c1766599f901e5dfa34dc7b6ccca5a11d9d5c15eae281753cae7f33f0d09b5affd5a5c88c74739a889f79cb007240dd8c77909e61

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\osplltc\imagestore.dat
    Filesize

    15KB

    MD5

    28ab927541fd4c47e0fdf548d8eae080

    SHA1

    58e9be9ed45a9f1dd5eeebb6fd23cacde1b0553f

    SHA256

    66269b300a00f22766f906c9b4b9f72825c563016feb820e0476cf367fef8a66

    SHA512

    57330d8fb3d261fc65ed52fecbef3e130373978938e2d7660d505d0f0ec97acc40af80742bf5930ae4f581e59512585dc46a13bfe9cf141b5e08f160b4638300

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\ga-audiences[1].gif
    Filesize

    42B

    MD5

    d89746888da2d9510b64a9f031eaecd5

    SHA1

    d5fceb6532643d0d84ffe09c40c481ecdf59e15a

    SHA256

    ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

    SHA512

    d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\tracker[1].gif
    Filesize

    43B

    MD5

    9bb191c6827273aa978cab39a3587950

    SHA1

    25d8043336eb799e52b1a0e15ff6b95e09c24e35

    SHA256

    24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

    SHA512

    c3970b9a8dc9b424528274e8d22d21e9990ce956aede61cba13de8d7832a8c896eaf1032662a78e95980ea013090cd4406f32604da3c6f557aa136842d04324d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\favicon[1].ico
    Filesize

    15KB

    MD5

    73b5debcd32e58854bc965413460263f

    SHA1

    83ffdf72a5580328f8310e0b610a9b982d2c9ac5

    SHA256

    d978daf30a39919ffe612f1b163c9c12d1f5ac99cc4889ecd55301c2db88bdde

    SHA512

    76f76011f1add61dff4d35b71fbdc29bd3e070c4bffc16d8f8f9a2621d8c749d62275f53096f32823d77d42165d923e090f0953969eee19722d81f5c432db73a

    Download Submit