Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://bazaar.abuse...

windows10-2004-x64

1

Resubmissions

20-06-2023 17:53

230620-wgaqaaef3t 1

22-04-2023 19:18

230422-xzw7nsaa3v 6

19-04-2023 12:59

230419-p8g54sce2s 1

12-04-2023 21:21

230412-z7tgvsgg7s 10

Analysis

  • max time kernel
    135s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-06-2023 17:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://bazaar.abuse.ch/sample/37d8e1ce3b6e6488942717aa78cb54785edc985143bcc8d9ba9f42d73a3dbd7a/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://bazaar.abuse.ch/sample/37d8e1ce3b6e6488942717aa78cb54785edc985143bcc8d9ba9f42d73a3dbd7a/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4968 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:4756

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    57cdf6110f9169470652840b9ad5174a

    SHA1

    63ff540f9c2f154b5b8ab3ca0912a573732ff8ad

    SHA256

    e735be26082eaee491597b63ae68b20a2fb1ce4a580369357525a4df60629fa1

    SHA512

    11fdfdaa384e7e7d11a68e3b2ff4986c82ec06be6e7e56fd6e1be01994c8bf3d4578382756b72728b72bb3d0fe9f143faa2521fa5bcca6f6e719fed81f9fe96a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    2d867fbcad947dce5b61e8fee032158c

    SHA1

    e67ba68566cdb430887171685a9b4d2a78c8e886

    SHA256

    0cb53248ebc2d773cdf3798ca7d7c16566eb358ad87858aacdea4c154d4e1474

    SHA512

    c7867c003b3e4aec5ea1d927fb21a7fdbfb1a2ce8f76521da5a82163007cdd4bfd1d2d56eb67548269289fd20c1aafaec2fde70f7222b98e9b3db08779ab1ace

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\V3MQB1TB\www.google[1].xml
    Filesize

    98B

    MD5

    e59cc6e33af0d3328d789e4a865a6f9b

    SHA1

    b4afaaa5a95842679cbaa176c388842f4d9fed2d

    SHA256

    1d7f1612d0c837c488885b72345ed367ade273902a931b00a6058466ae8f827a

    SHA512

    8a8f702657d321e0dedf04bf6a73194eb8813cb893e1a0a3f9b2a7335e72ee39dfd024867f69d5426b563fb041f0ae73db64744a979fae5c7ac3b027d206fbb6

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\V3MQB1TB\www.google[1].xml
    Filesize

    566B

    MD5

    3e5d71339643fc970836fb64d0a4e0bc

    SHA1

    4b3058e79e8b435d2e9859666818c6cb05e56e07

    SHA256

    3edf016a1abd9d85a50b6721cb29ae4c8eb104db3ce1823b3856adfdb104fcf8

    SHA512

    d63411d1586a55d8f065827363d71144215588e33f8f99fe443ac365a0a0b33b493c3c40a918333e02d2ff39d0678e91be7438fe0543868f89e30214921ff984

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\V3MQB1TB\www.google[1].xml
    Filesize

    335B

    MD5

    59e885b4156960a8dce63021c7ad2d0e

    SHA1

    5dc755daedad87a7e0cdcfac9df6af44570b789e

    SHA256

    b3c8923da183c380e6dfb0e0c3958b69c61095b1089d4b2f01b41f36378ff9df

    SHA512

    72affd4dc8f43f7ab8c3f38f825c4e0b44a913d2168a636ea285070ee6c4bf8b57e25157378113a04c70119f95ee84515b343579d46baca6913627e782709de3

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\V3MQB1TB\www.google[1].xml
    Filesize

    247B

    MD5

    04938ab2b3aec36c4e06d54b16e04503

    SHA1

    10c8cce80445492d8f0edfa4e1f7f97309a028f8

    SHA256

    6bc71b6f46a3a42a656fc023c3fb89d3a813cc809692e89a3972c5768bf6c3ac

    SHA512

    4a2db7d085940925796346713ec36730622ad17ee5f1352f172171618469129f6802a60170e4311180718b74bf88cdabd4b65b51878dc2d773cb8c8be601d6cc

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\95fmw5u\imagestore.dat
    Filesize

    636B

    MD5

    390e9d2a6ab76e3e048a47e5bd40354c

    SHA1

    00e0246989738dc362e10a9446aa820c044fdab0

    SHA256

    d766f38cd9b1dd40cd381efd848629c7ee91b057ff3b4678643eb491c270a516

    SHA512

    45a370051fff85b5f79481cf33281a46d36d55b6aef35b25258f0d7c3038e90f2b305627923c829799d349547b4033881c279ee52de467134f5764be7f82780d

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1B83N948\recaptcha__en[1].js
    Filesize

    415KB

    MD5

    b932fc4a2825baa93c5c79ab06a68d5b

    SHA1

    397e124d54a0ab0e56898a73c1e931dfc4db4b6e

    SHA256

    752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73

    SHA512

    994a244decfe0f56db050327566c2184666a16210d2140bbbf16bf1be422181642ff359ef9535ae7b91e87fd87167191fbaf867abb9939bdbb2d50e425c98b25

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1B83N948\styles__ltr[1].css
    Filesize

    55KB

    MD5

    83f90c5a4c20afb44429fa346fbadc10

    SHA1

    7c278ec721d3880fbafaadeba9ee80bdf294b014

    SHA256

    952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

    SHA512

    4f0d19678a6758e67cb82652d49ee92a3646c3b4b68b93253c3e468e88506bb8ad78942d7be244b390bdd29a0d00026ad561c040c1b557067edc7887fe7119ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\P8NMKCW2\favicon[1].ico
    Filesize

    520B

    MD5

    e1c76d0b0ea7335e0e0106e5ac1125f5

    SHA1

    e45003897b26137bd1e9ba88a237f5c5669eb92a

    SHA256

    e4805c69184ae414aa88a6c478abee36e27b7e72e045365d81e6c44246808ec8

    SHA512

    15bf7c9e0a1d7ee6897b5e024f043eb07f75af1d9010e7bf1209d0440c2edc5fd1c4fd16c5e340c9a767ad2dd729e5a931d7979d163d83f0b59ea2541d83e013

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\P8NMKCW2\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit