Overview

overview

3

Static

static

1

URLScan

urlscan

1

https://6489a81329f9...

windows10-2004-x64

3

Analysis

  • max time kernel
    61s
  • max time network
    64s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2023, 11:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://6489a81329f9c.turner-links.click/affee3c

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 25 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://6489a81329f9c.turner-links.click/affee3c
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4732 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:4712
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 444 -p 4972 -ip 4972
    1⤵
      PID:428
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 4972 -s 1752
      1⤵
      • Program crash
      PID:2256

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      6ed1b9e0ada67cd4e13ffe2ebff3202d

      SHA1

      26e57e0292d9b0fdf705748d723c197e50225bb5

      SHA256

      e4256833d3e11cd58e3725ea44482597742a652041a44b3339d371739a6e5735

      SHA512

      749783679cbd1f6f06ea031c22cc262152d57da36acf3778ac54717f5d9400aa0ad388b9898f5b0ff9bdf666f7f4c4ec590f770d48d1bf4301d05ad944746a33

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      404B

      MD5

      2735994503097d6839e9bc7ecfeb22b0

      SHA1

      38f1b05a580e3f11c92ac183a41c0b26697b5e06

      SHA256

      7584820b44678005ce24222da48465aeda4cbd6dea0019fca253bd06625d88b1

      SHA512

      81ac7d58cee2a15e7dab7470f88ab574fb98230aedf76f7a4f2fb780a3cf92fc29bb1bdbcf8fc1b0b08fed6f571c71e7034e42f546dae247956bc14ead62468d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
      Filesize

      392B

      MD5

      d5bd2b63372aa5ca320ad038a27d0508

      SHA1

      f7a3c5e71d904e45eec4a0cc62ac0c5eab57ceb4

      SHA256

      6861cb7e71288c5d54c94a937783a203d3b14bc4d539de505dd92b9df3218d59

      SHA512

      28c011fc0427fa51673827750fa3609694d02467297679ae9b4e52b332371ece650bd57395eca4d8c190e509d4fd4b5734fb1ce84d3949badd1bda08572ccdbc

      Download Submit