Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows10-2004-x64

6

Resubmissions

30/06/2023, 14:27

230630-rsp7wsdd78 6

30/06/2023, 14:23

230630-rqdq3sdd65 6

Analysis

  • max time kernel
    141s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230621-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/06/2023, 14:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1fJB2h48Vk9b_z499X_2lLVzKbmglNhDy/view?usp=drive_web

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 60 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/file/d/1fJB2h48Vk9b_z499X_2lLVzKbmglNhDy/view?usp=drive_web
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2572
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:17412 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3436

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          91462ff17c47fbe4a4c00fd034c0dee9

          SHA1

          ed05319b498c31fcca466dba18b1895ea9ab1893

          SHA256

          44d7962c129478b55afcd24e9115fbd3d5a80d992cebe858aee61a24639d5c85

          SHA512

          07789fe2b4594f8faf20209aed200ec5a0cf262bf20d42ef74eb07eb9b7dae1f221baa465e5e84fcee2e0e024edd9d497d3ea14717b7f3816d628be36b17a199

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_B7F77CA30FDEE9C9F40235DCDC85DF26
          Filesize

          472B

          MD5

          9698e5bc67fefc4fb8143b1e83869b29

          SHA1

          aa5ee61bcda0d2a75e8608470d11ec631f110eda

          SHA256

          8ab87e68190fb1e8b7bc49035ac0fa86ceba137382366af4bf02e0752341e4d1

          SHA512

          de61e0580addbb152ce2837787ae16bdc09ec8ea1f3678deba711995a47359efa2e382a4f372defff4675c06a002a89300d647870342a7a198bc9a4a401f3328

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          4a552420c7864c4423cf99e284010d71

          SHA1

          7a5dfd0fa6ba5b586aaef6834038d09859d34fe8

          SHA256

          4e01ea6b5a9bc2b568de91f514cdcd5224ae9e2306ca49e24480602dc5fa89a2

          SHA512

          c2df898494e359068195f80e707026ee697f7ff0a419e0f79a3ebf4b64f7f98983abe73c6550c53994019c103c08b9c8e8397e322c7ed269f3a821a2b9d8f120

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
          Filesize

          724B

          MD5

          aa62f8ce77e072c8160c71b5df3099b0

          SHA1

          06b8c07db93694a3fe73a4276283fabb0e20ac38

          SHA256

          3eb4927c4d9097dc924fcde21b56d01d5d1ef61b7d22bfb6786e3b546b33e176

          SHA512

          71724e837286c5f0eb2ee4ad01ac0304d4c7597bb2d46169c342821b0da04d8597491bd27ef80e817bc77031cd29d2182ccc82ef8ea3860696875f89427c8e0a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          dbd6d2c9d907a2fb87d5d54a9ac9841e

          SHA1

          1402246ddaa4c5debd2cc201e0de2cac51cff39c

          SHA256

          f644fb221605b966b158797fa96cbd385cb1bb1633cf7dc0c859ecf897327c12

          SHA512

          56b531e032bd394e852da76cced48dee6f1bb3e31e7a2481e7025f0b1edf832fe188610f7aee2757967e336a66d0d375cce62a8af75a328bcf4ce02cd48db7f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_B7F77CA30FDEE9C9F40235DCDC85DF26
          Filesize

          402B

          MD5

          fe252b73445c064a9bbba896d93f2578

          SHA1

          ab27f0b06e177b8b784938c126517a25ed190658

          SHA256

          cb6b48051bb297b3f34fadee9e12f2f60b46b662c11ace901e596e7544189c61

          SHA512

          014b1c69ae4deb36525213d7ff4e3c972e1975effbe3969c22ee7af9efecae0925fd17b5c353f20cc9c1b00b21c2b4f159debab817b2c9205dd510a789cbba85

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          a4993d708ef3119d3191eeb76e67e164

          SHA1

          6cfea182399962ae8565af62ab1fa37e30d60311

          SHA256

          f64af6896648bd255ec4f5ccdccf0ce699c44102cccc5a88e7f21e1a2a631ef4

          SHA512

          c71b0d38937233561a18ac61bc43fa08456c1aa721e1179125b52e6fc14763c9a1a2c0e53a9df259cd4d080ab9c43b5bc7680f16cc09193fc3627cffdd4ac4fc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
          Filesize

          392B

          MD5

          d84114b226b669665839ccf0407d7eb5

          SHA1

          6f3b517ed254eabc05fc9af08a8e25b7d1f94e8e

          SHA256

          6a3c61c09f3333ac4aa17bcd7477a7e49a29ca171ce25a73aa5b9cc6bf5068b4

          SHA512

          42c70c51086ceeb2cbdbda660d9c04c171926e62b2c133fa4f3112ab5dbf43ba7379e9627d446d671d8c620a79d57d080ad0689ba3683bf7985aea0b4dab3061

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HDWO09S\drive.google[1].xml
          Filesize

          13B

          MD5

          c1ddea3ef6bbef3e7060a1a9ad89e4c5

          SHA1

          35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

          SHA256

          b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

          SHA512

          6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Pinned Sites\Looking for sex tonight in your area.website
          Filesize

          315B

          MD5

          62242d3abc55eaa47b0e09ee3bb60c2d

          SHA1

          d1eb414414f3152a883954eaf380992dc8d6c8b0

          SHA256

          292b5dbdb5e4c811f2944723c3dcbb35c86e93d39336d81acef1da2a194d19fa

          SHA512

          b9b18a8a3061a4c275297a5aaa0e78ff080e5ffdf9bc689603ad97b8eb53b829e0811f9e792ade6058e34acb32a65e4200599a4387a58c2a394ce4fa7efb3920

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\7ysgaof\imagestore.dat
          Filesize

          1021B

          MD5

          d6ace5ad995fe3bd204e67a7025af1cc

          SHA1

          896fea3644c28c586c81708b692e64131d5f7f77

          SHA256

          798bc25fff6cec274bd2ee15041a9e561a282df57eef497cd9032b6cc3a63f93

          SHA512

          49ad62f4df59f7fe77e05317448b7765729dc6dd2c9e61477af710a93691a3658b9d38676991d4ceb1a8dc9d9f27a40db84e8abd0e4eed630803bf10f76281e8

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\7ysgaof\imagestore.dat
          Filesize

          6KB

          MD5

          22426e2f9352d169e52738e852232d3e

          SHA1

          5c75811412573a32be51c7ef044e6b0444f1b8e2

          SHA256

          71bc28f4a26e30ec4afcf3150328945893fba8dfd98d7ea64d5a541efa720fbf

          SHA512

          2c12a76bfec369c8a0b6a3465dd14b6e1ec583e96892b51bcc59ccdd0193bee83843fc94f0739d054761b43cb198b34dfa0ca8c13e548eac9867c3df2aa44010

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2YMNL2J1\drive_2020q4_32dp[1].png
          Filesize

          831B

          MD5

          916c9bcccf19525ad9d3cd1514008746

          SHA1

          9ccce6978d2417927b5150ffaac22f907ff27b6e

          SHA256

          358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

          SHA512

          b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2YMNL2J1\favicon[2].ico
          Filesize

          5KB

          MD5

          f3418a443e7d841097c714d69ec4bcb8

          SHA1

          49263695f6b0cdd72f45cf1b775e660fdc36c606

          SHA256

          6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

          SHA512

          82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IDCMYYRW\cleardot[2].gif
          Filesize

          43B

          MD5

          fc94fb0c3ed8a8f909dbc7630a0987ff

          SHA1

          56d45f8a17f5078a20af9962c992ca4678450765

          SHA256

          2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

          SHA512

          c87bf81fd70cf6434ca3a6c05ad6e9bd3f1d96f77dddad8d45ee043b126b2cb07a5cf23b4137b9d8462cd8a9adf2b463ab6de2b38c93db72d2d511ca60e3b57e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\X8M28FTI\cb=gapi[3].js
          Filesize

          77KB

          MD5

          2171e1cbc12b7503d7beced5964ab7e3

          SHA1

          3f162ac3deafb25d1e07d34de9869b7e8dcbb591

          SHA256

          eb28922b6e8751c168653adeab48b7e2840ef98d035578e62b2b968313b0856b

          SHA512

          812c4f87a8e740aaf8451b0d3f0e41f31c66d9798d02fee37e0699936735dd3f27e3c62e72c25988ac341dea00aad856525aa9d8dc64bb4715e190ea3bc85061

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\X8M28FTI\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit