Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://scalpmarmotpr...

windows10-1703-x64

1

http://scalpmarmotpr...

windows10-2004-x64

1

Analysis

  • max time kernel
    27s
  • max time network
    20s
  • platform
    windows10-1703_x64
  • resource
    win10-20230621-en
  • resource tags

    arch:x64arch:x86image:win10-20230621-enlocale:en-usos:windows10-1703-x64system
  • submitted
    27-06-2023 20:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://scalpmarmotproclaim.com/tv0cida582?agdmhzi=31&refer=https://ieurostreaming.vip/the-rookie-6/&kw=[]&key=6ab1a97d425f753077683e685e9e164a&scrWidth=1280&scrHeight=720&tz=2&v=23.5.v.1&ship=&psid=CF-2371_0&sub3=invoke_layer&res=14.31&dev=r&adb=y&uuid=9e4f72d2-5589-43dd-bd06-8e808dd7bc08:1:1&adb=y

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 13 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://scalpmarmotproclaim.com/tv0cida582?agdmhzi=31&refer=https://ieurostreaming.vip/the-rookie-6/&kw=[]&key=6ab1a97d425f753077683e685e9e164a&scrWidth=1280&scrHeight=720&tz=2&v=23.5.v.1&ship=&psid=CF-2371_0&sub3=invoke_layer&res=14.31&dev=r&adb=y&uuid=9e4f72d2-5589-43dd-bd06-8e808dd7bc08:1:1&adb=y
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4684 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4248

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    60fe01df86be2e5331b0cdbe86165686

    SHA1

    2a79f9713c3f192862ff80508062e64e8e0b29bd

    SHA256

    c08ccbc876cd5a7cdfa9670f9637da57f6a1282198a9bc71fc7d7247a6e5b7a8

    SHA512

    ef9f9a4dedcbfe339f4f3d07fb614645596c6f2b15608bdccdad492578b735f7cb075bdaa07178c764582ee345857ec4665f90342694e6a60786bb3d9b3a3d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5B04DF26A916EE6AFD03D3F62E9C5D17
    Filesize

    503B

    MD5

    590dfa5187707508cb062c0956b7093d

    SHA1

    6f235713e4028c6f6faaa7f4d076a5bd415cada6

    SHA256

    3f90d5792707b153016b2f08e2046baf4b0222736a2c84daa0baf175889073b5

    SHA512

    858f24e2532d07b4cc046eb442f085bbc83f6fd5bbf25c0dbaeb0df929af41a7ef8bf70c92dbbc2d741f8b1a6581f5fe2519a461e44d860eac63d674f84a7f9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    699ef5cf7e78b55e2213b6143f57f249

    SHA1

    acc3a737a598343674290c43ff591cb462f3d819

    SHA256

    fa467b564c064152c7bcca1c785a13e0a13b7fac45e98e436b639c410349de21

    SHA512

    ce8334e3768c7c563c33753b3ba58ecc37e8d94bb5c8823a88509725f7b63da429ed7d096dfe893f173439d83befc152fe333da7ccc81f343caad13c7384d326

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5B04DF26A916EE6AFD03D3F62E9C5D17
    Filesize

    548B

    MD5

    e9e68ac0f83b87ac5e53879aaa4c0e9c

    SHA1

    a8073a88d012727b87b4fa023b94c23e8d7279e0

    SHA256

    34b28b0454880dd9d1985186877e96d71047dc70d2388225ec76744ce8d095fe

    SHA512

    a33bf5a04b5f7687e55c9777c2527de12c4a49d492b5e0069a917a2a89edb9a32f9edb64e21cb003961995a5b5a1766099c3b5e790179467515d1f95a0dd636e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\445RLAJ9\favicon[1].png
    Filesize

    576B

    MD5

    f76e95aa42153a9047cd4b8bcca0be00

    SHA1

    f67a235e807ec1d016d394d9d3790a95846e89fd

    SHA256

    cd37f4f58b91e31ceb237b9470026a39bb96cf967b5886698bb2e38e65bf34e2

    SHA512

    7425d21efe1c5d00e42916777675c797388b82b1fe7c521a42010fae59d0644daca5cad7498b26a0285d20b76b3bc9e2c5129abc14870bef574b270abd36e43d

    Download Submit