Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://file.io/?exp...

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2023, 23:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://file.io/?expires=1d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://file.io/?expires=1d
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3508
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3508 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4276

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          6ed1b9e0ada67cd4e13ffe2ebff3202d

          SHA1

          26e57e0292d9b0fdf705748d723c197e50225bb5

          SHA256

          e4256833d3e11cd58e3725ea44482597742a652041a44b3339d371739a6e5735

          SHA512

          749783679cbd1f6f06ea031c22cc262152d57da36acf3778ac54717f5d9400aa0ad388b9898f5b0ff9bdf666f7f4c4ec590f770d48d1bf4301d05ad944746a33

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          c0f447b0ca6841f272f7fec49708b8a2

          SHA1

          386f51e9a05dfe180c9fe4a13f63adb4a6e12e4b

          SHA256

          38c41fe61f9203a435165f35e85be6650333282301b46636c74b6e9782baf561

          SHA512

          e168bcd43b7645acaa0029650247af78a1feb1d2e5186f3fa56b5331fc63e43dd365dca4f4b1da44aa056dfb857cc3fc32e3d420e4154c83120a8032d4c243c7

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\0eceb729-3d23d92b83ca9772b679[1].js
          Filesize

          11KB

          MD5

          0a3f35f6211feffe573a08f983c2a35a

          SHA1

          e13c6d866dd1ef940d9fc7e951afd9af9b58fd85

          SHA256

          618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0

          SHA512

          e64f4ac618a5d853a2cec18a138eee278ce32a2ea6d4c0d93d4a82edd2847870c735506b7dd6e4f76c45202f50a088407fc1061e8cdbb7f7900bf7437a9b6a92

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\d6a9949e-c7fb26743b3df7c3d4f3[1].js
          Filesize

          47KB

          MD5

          8be798e491d64c90fb2668c241136d27

          SHA1

          ea37edaa1afb0a04fc01834416d46b4dfcf9c1bc

          SHA256

          c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f

          SHA512

          8c5834d65d7b9220476fb11ffe5830472753b4fe7a848a5421418e6c3ffb80260170c98440f8a81da7fcd3018485dcddb490ed71ece648c2086ddd9ae44c6648

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1IYUAPIF\e82996df-418a0be62c8cbbb8c8af[1].js
          Filesize

          50KB

          MD5

          41f1589b5b330e89885e93dcec06328c

          SHA1

          e0f21cb584e0f8af5a3016e7794de8d9c0d365c9

          SHA256

          d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66

          SHA512

          f496c7d8b79a5b24ed614f7a1e4352759dab5c55e406ddd30d9c0333f520d95b1584a37c2b54b92123516eb0108bd04b0443e7d287aaac1afc25726e50d4c112

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\analytics[1].js
          Filesize

          50KB

          MD5

          4507839525a19180914799b08fb5fa5b

          SHA1

          738d7e47e47a102e67d09efa63408d21aaf02245

          SHA256

          e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

          SHA512

          124bb24b26ede426ac7ef14db40ff894ddea6eb9c7a5bf408fd83b116bd55ec86b51b6839d5eec7ec0f481aab940795006005b4534dff6cc0f3a6560f7cf9bea

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\app-5be09c19b74f123574cd[1].js
          Filesize

          737KB

          MD5

          b67bde68ed9e7a9b6bdbab8724fd08b8

          SHA1

          d025fd096f318bb3e4cbf2ec80241aa21e7d2c9c

          SHA256

          acf22296dc1fa599f724fe096f0f7389647ce122ea3d400e6413156d96d1bdef

          SHA512

          dd64646ff0769e0229f026e91c5064c3bffe647c723e926564bf6109043a30a3e01922fc752f0af6f9a59d0da774578ae1a317719f884cf076b720bea80a07f9

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S1Q31HZS\framework-2e81d87b28ccd7c06c04[1].js
          Filesize

          145KB

          MD5

          d57e42a527da656114d580605cefa13e

          SHA1

          445bd66c246e344d68535c39d15befbf7c128e8d

          SHA256

          57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de

          SHA512

          2dd1cdf6b52457f94dbadfdf906ad280ba978c43fc2f1b62eadc85b44271ee822d16118cf8510c813e3e9f90e075abbede6a635b5812981ad821441d023b4ef6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\js[2].js
          Filesize

          230KB

          MD5

          b9df1f6b83297b95cf8a3e753af63cd9

          SHA1

          40bc831e35fa8b7d34bad1b1028321373fec3e10

          SHA256

          a84cf2a2eba012917cf90b7a633ca2c818903b5aa68c859c48a5790ecd2d13cb

          SHA512

          a8e1fc439f0a0ee4d784ea82f61e1b15bcce6bc975d0435a9d97632c49766d7358d4e956b4ff8c8db1a95a429f7baba69ffd796e64b510c1d9ca9135ee0f7480

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\webpack-runtime-26e835637cb26d6f0294[1].js
          Filesize

          9KB

          MD5

          e0a64490816cd37fecfa88c395c14180

          SHA1

          6587a3f7de8aa3651691683f819e1eed724864f7

          SHA256

          3db5752a5eb0ff09345bbe65216cb038999963efcd826ec934d319dd2ade81c9

          SHA512

          536bfbc105ff080d2d451fc83eb0d40b4b2ece7dc388a32cf302673d1b8acffad46823aa18f8329963c3248cbab86b26ed9675e586195b84133847effc4cd7b4

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\Inter.var-c2fe3cb2b7c746f7966a973d869d21c3[1].woff2
          Filesize

          317KB

          MD5

          8dd26c3dd0125fb16ce19b8f5e8273fb

          SHA1

          f919da7384706d6924f10d56ce258129ed498845

          SHA256

          85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

          SHA512

          600aed792990a913df1dbef8de20fdb818f6c422a8b01d319b7bfdacfe53186bc05709d844d07c354ebd740bd62ceb50efc3293333da84de8e21a4c11645cce0

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\ad-manager.min[1].js
          Filesize

          981KB

          MD5

          1ef43f9bc6286501201d40be28b67a5f

          SHA1

          983dc89ecd57c067514aa99003d957051dd17844

          SHA256

          51dbadbd7861a819aea674afe0e416e0293e4e980254480d20dc7b0d65fddf53

          SHA512

          db452d30d3ee7e325ad83ffcd50165027e7bf749678aea335cabd94cc2b35147302c4f340e3bc691340cbc14308c32c177072f413c7c663535a78f41f4e893a3

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\js[1].js
          Filesize

          173KB

          MD5

          457f44ad9dcb6d2566f1e641a707e384

          SHA1

          ae9b744d0a92302c001d304d1fe77d088e0711b4

          SHA256

          fb77423fefc435b4fa0478166553a564288afb675f6d819f03d33ccfb66233aa

          SHA512

          bce6df41169e74ca3fc504f7e45f8562eb912952e0497ec055a52a93a8bf32c610025abb41b153545d0bbf14b4098ed9067b00ca5927f1fbb66879e1c57dfb7f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YYL8D8JJ\polyfill-63fd3a7531a392260f25[1].js
          Filesize

          83KB

          MD5

          f23b09327d4b80c6636930bf043c71d7

          SHA1

          c2d41f4954848174e11545bf93a2ea05b1fa5db4

          SHA256

          613dae54af07f872c215baad14c9d9ef74f70193506a71a4029112fcec403822

          SHA512

          3b521532e015774d071babc37e1dcf304302c12b946e194d1c52f1ce5d1e2e76799131c5c2860d92363c84008f3892278aaae4d74d65cc8402cea91f0960d76d

          Download Submit