Analysis

  • max time kernel
    16s
  • max time network
    15s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2023 03:14

General

  • Target

    https://aol-mail-100773.weeblysite.com/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://aol-mail-100773.weeblysite.com/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4924 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3264

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3QQGEP21\aol-mail-100773.weeblysite[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ffzgd5p\imagestore.dat

    Filesize

    4KB

    MD5

    19d1782c9e60fb8083ebf96001b2b556

    SHA1

    9782901deb0a47d7cfea49073a11ab54a19252ca

    SHA256

    d2aa3594eda6103d1d6812622f1412046a6e1e7f5fdd680b18090eef1c08627d

    SHA512

    9f709ec630f7e68a9cda34a0c55fe20021ef757e96c987ccb745ff2ee3fc796cde06023804493b5d2a20a86fafdbb16f44ce83ce8dc0a80d8972313340335078

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\KACS5BDS\favicon[1].ico

    Filesize

    4KB

    MD5

    4d27526198ac873ccec96935198e0fb9

    SHA1

    b98d8b73ad6a0f7477c3397561b4aab37bf262aa

    SHA256

    40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

    SHA512

    1ee4b73f4da9c2b237cd0b820ffad8e192d9125ce7d75d8a45a8b9642ce5fe85736646caf12d246a77364c576751c47919997d066587f17575442a9b9f7cc97f