Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://youareanidiot...

windows7-x64

1

Analysis

  • max time kernel
    129s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2023 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://youareanidiot.cc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://youareanidiot.cc
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:624 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:580
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x568
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1032

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcc144bdc542d730c8ce5f46865f4bee

    SHA1

    8a917c7c2540a99e94758145b0452b85bb407570

    SHA256

    e5aa1ceea5fab5ebe5f4c27e60adf3277162407b874594199e3f748a170b8669

    SHA512

    ff2645f11b458835c2206a5e18e376f77e5029f342ccdbc4909547f7b31c549a6e857ecb5bbf2e5dbc097c98e1b798d923b6a421c9e26f51c419c2c18a90bff2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8e621b368ed83ce00bfe55c41a1560c

    SHA1

    812364b9824de685f76ba9425626de43299e0d80

    SHA256

    bdb9b2f50fa2daff92bd85a7329b9e7640d047f740bd6130fae3c748a4b22393

    SHA512

    2cfa866f1e29bbda92addfe1180c5ff34ddb4956852e33a3e417953ccacafe8c4abce4de6ef00ac7c8ffd457b0181f29aca4b16b6c5732e5b95536f5831062d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72625c2b42315d9a42abb3e87f748914

    SHA1

    970dee69ed9a2b8845460cf77f2dae4a27d0cc48

    SHA256

    224ded2057f9e1f278910826fc2cdf8c1a705b72a06b135f4d260556b58ee99e

    SHA512

    5d85ea8bc55b43e66a602338e4123cd806ecc78e2bfb13dcb0c5e0f2c0e6cbac70e22b4cca383399da1bd8744fbf808455dad87991be779e3bf91b9c287cfcd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99e8818a83f7e0de3dfeb8b3c6b48aa2

    SHA1

    cc3b0a1924fda10625a8993ec997535a9ce5cb78

    SHA256

    86b340592bee1ea15fa9b9e47627ba020778a7b2e0a0248549980e0f38f471c7

    SHA512

    ead09debba1e29dda210eb7d1c735b99c7aeccae5e362538b6f4a68c533eb0a5e4d22fd72870b0b6a86235e70ac9d9c2d26be5f739ffc982b28a88606089bdbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f7a11b2f09b99f0ef8fb204a291bd45

    SHA1

    be5d9bf3836921a03396c6f0e3543f33343415f9

    SHA256

    fffb292c909603ff2fc638bde07f88e51a0f5fe4839a3ec99a2dfb0acbf9ca4d

    SHA512

    9d4b6be16a64e2daf9ceb144c1c5413f9243ea4f4c3b604e23f4207c3e99ca78926639de6672701e9dd5d37d08ba3ab2dc7071a381224c88d58a6d04696b37b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7714f88b7f8e9da07c2320e51a4aa8b5

    SHA1

    6c4f0cc716474c14f9f0985584ffcf1a57dbda91

    SHA256

    9b96d1e9f866a22ea5bcc0d20856074b9f9a7984afd077083cb16c7bd978d807

    SHA512

    e39a036ebf65ed0d8f501a6e96b9bf6071e34a65fa65645eea69d66d88e270be9a9b3f309cab5a7b339ef9ce912f71e20b6d439538bf8d785610f4bdff0db227

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    451a1e0c26775105b96a176a30e79969

    SHA1

    4284327fff44e91060b8fea76032fb0da880a969

    SHA256

    a66469d97f4c80befc5d2f8b2cdf945b83780c3f06a9d55a59486d523cefe22b

    SHA512

    c5dd8db0a6df232b310d81443a93574d0c63190af30bcfd9b3b509bdb00953732ee1323a328070ee8a1ca524df38aa5066529aa6c451d1c7fde3b745f0e5f720

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\07asiie\imagestore.dat
    Filesize

    109KB

    MD5

    80e799a3808ce4b0a869793d80bf8b73

    SHA1

    ace9268ccb0417ba3cb11e7e9f30fcc757094225

    SHA256

    bcf75aa2f19a2ab149f79604fba5dc250b175ed7939d86afc852e5fa053405eb

    SHA512

    4115f9aae8de3708492d74b77b57d939d6929a9c11b931de3c1811ff1a6c911f6c2f30c1fb838c9d4bede16a00edad4dff2c2b72813c5cf7af747592cf9ec4ec

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\07asiie\imagestore.dat
    Filesize

    109KB

    MD5

    80e799a3808ce4b0a869793d80bf8b73

    SHA1

    ace9268ccb0417ba3cb11e7e9f30fcc757094225

    SHA256

    bcf75aa2f19a2ab149f79604fba5dc250b175ed7939d86afc852e5fa053405eb

    SHA512

    4115f9aae8de3708492d74b77b57d939d6929a9c11b931de3c1811ff1a6c911f6c2f30c1fb838c9d4bede16a00edad4dff2c2b72813c5cf7af747592cf9ec4ec

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\favicon[1].ico
    Filesize

    104KB

    MD5

    3fb315ef4774bf9d76ff10254829a29c

    SHA1

    2dc02161b4e1f781d942dd5b5407743c7ef38373

    SHA256

    4172fa160efaccf8726ce46fe6eea79da2d77ff1978848b06f663a80c53f786f

    SHA512

    5bb21677b59b52b5580e720a3fa45cf19bdcab46ebeb2b5f3061ad3f92c62b758e41dbfa61c88e124a0afe86201a6af03151ea81368c42884c91cab6f9348a74

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T210ZMR0\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3372.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3411.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3464.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BHFF2S4Q.txt
    Filesize

    597B

    MD5

    3f1f05052db9e8bba896703300cf43f6

    SHA1

    05c585207256becde1812802fef75ee3e26dde63

    SHA256

    749f63526040b723f587799de39ec23392b2c41d467369fc913fbd106fd5b6e0

    SHA512

    e36de699e391a14486c5cad64fa37dd32dc29678e8e1525f0f86298511dee559cb34a2f70bb1dc2e2de3a876113180fb432e85c20b63e0d4364a2ffd6cb6b6e6

    Download Submit