Overview

overview

1

Static

static

1

URLScan

urlscan

https://handpex.qual...

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/06/2023, 19:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://handpex.qualtrics.com/jfe/form/SV_6y603VFSJ9qu7P0?Q_TS_ID=TS_9mjLXe98TCyNsrN&Q_TS_PID=P_bKt4ZJjV9X3Xv7w&Q_TS_RE_PID=P_bKt4ZJjV9X3Xv7w&Q_TS_RS=Self

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://handpex.qualtrics.com/jfe/form/SV_6y603VFSJ9qu7P0?Q_TS_ID=TS_9mjLXe98TCyNsrN&Q_TS_PID=P_bKt4ZJjV9X3Xv7w&Q_TS_RE_PID=P_bKt4ZJjV9X3Xv7w&Q_TS_RS=Self
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4288 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          9f40f0353257052e597cc6a63918ff40

          SHA1

          1c28ed248cce39532cec1a8685dbef608f1fcc1a

          SHA256

          71ac9b72aa96f07fc0108f5762830c2007eccf77726516bc4c31de6f619e04fd

          SHA512

          f9b9c9377b51d371d7e1691e46f5be78ec11745fafda0713844c6aba10c075afa8e07b9dae67794fe06a1f8d99258d016b7afd386d5a257c57e3bab3a1318713

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          c9d0e9fa036da7dc4343783ee2f97f63

          SHA1

          daa4299922d5a7f2c42a79644d33b98f07c2d3d2

          SHA256

          2cb2783a3f3d3358bdfb5d483aba69e274b0b4789ad6d816c54a35529ae215a9

          SHA512

          5b76f91c7682e2130b84aff69ce062db529ce469c6a4d60bfeda14a96d72b51f57917d1e7dad106c02bc2e77e72a772af91b9534f148c5209bf22fe8eb95e28b

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
          Filesize

          15KB

          MD5

          516c2e02399dcc1712ae6a5ef1df4e29

          SHA1

          e42fdd1cc39ffdba94d5dd8b34ff84725e5c0ada

          SHA256

          d5ce5fd39913307d91a9022802f5d6108d449215edf438f2663f701171eecf69

          SHA512

          c95b5c5b63ec68541910aca018da485a46f92cd6f114440928387db2e5329a9845358da96ab4583fae112afc0ddadc8f96abfcda14e680f95c67518018314355

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
          Filesize

          30KB

          MD5

          1dc2e77185e24f5959a9dd6868640348

          SHA1

          abf0969451f0e229769522ed9407171f57a027e3

          SHA256

          42e647ffade4619d7aa7b39d94724afcbddc56d539f2be35f92095495735f0aa

          SHA512

          5ee336c47f337405cf53d300c08eb7a89aa33eaa9d8a9c03b4acd0c930359163bc7802ade9d7f31c4f1fbf9aba597d324bb6de3a4ada7186d6a1b2db710de0ed

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\favicon[1].ico
          Filesize

          14KB

          MD5

          521269841ff7f01a1772f3856e636d01

          SHA1

          7deb793c8e6cb57c23cb3ad1da6ceaca9982adb2

          SHA256

          65e99ee3b805f7b1c8b08159161e3ad53960640a2c3f952d282af4900d1ae572

          SHA512

          d72849a984866c1ad66b88d3aaae7cff27cac05ece4a491cd7afd8d31a05557e726f502f4223802d10212a1cf8f769c1484263cc20ee1064e3ac2b0be7ad9d67

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\stylesheet[1].css
          Filesize

          193KB

          MD5

          247da9ca1246587edae1cfa0c9c7a2a9

          SHA1

          c0a45f8c8815b268e0f7bea5ff4b1ccf99423bda

          SHA256

          16ef27db55e95a958f0c979ea684569dfa779f4df1810f649bde5f22466be23c

          SHA512

          e81ba9132843c998d5aebb2eb5d8ce1dac888924651089021c09111ebbe3f58599364ca0be5643cbf9a6da66f9a89df7e073f0526444afea77cdb17a9040c676

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\external-link-icon[1].woff
          Filesize

          1004B

          MD5

          90cf29ab19dc601f2e5a9f9b3c4898fb

          SHA1

          a1a366b0bc23887a1f2645c8f68cb7521706d8e1

          SHA256

          c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38

          SHA512

          fe4c726a9176e1d379e48ceba881fcd7a12caa38b920604fee157705f4d7f5fab7d7f0823d74fa0a3930755a45ea463658fe225b9069fad99b5566823963a4fe

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\U4IULL1L\jfe.b33a535e630130ae920c[1].js
          Filesize

          257KB

          MD5

          b33a535e630130ae920c2e267c906e2d

          SHA1

          340fd17056a3493dacb224f6905ffbd8231f6bc7

          SHA256

          273fdf1f796fee24bf99aedc67e8afbce15d8253cbe47617f132c078d5c8a2bd

          SHA512

          e082d3569729d5526309585572da8dae3eb12a1b20405131324077a5cdecbe5130690f6049fcae76bef190dbc46330b52a0b0c2c1c4c6e87ea67887e9eaabaac

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\U4IULL1L\vendor.254378d095ead39584d9[1].js
          Filesize

          260KB

          MD5

          254378d095ead39584d96b0437285b05

          SHA1

          849ae6e81b7ddd3e3c7e4ec497eb5d9e43d2552a

          SHA256

          0fe3c8d5ee972c1521e05aa37358db25dba8dea89af7e3b0f5c944efb76d96c6

          SHA512

          6357b353f450f4fbf27de801e29a8368fa695922482e356ab8a398f96275c7c00e12c991c5ed4ab1fa27ae6cb6b419cf727d577d819ec522bc9e6ec24685890c

          Download Submit