Overview

overview

1

Static

static

1

URLScan

urlscan

http://

windows10-1703-x64

1

http://

windows10-2004-x64

1

Analysis

  • max time kernel
    1200s
  • max time network
    1585s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    05/07/2023, 07:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    http://

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4528 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1388

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          1f89e83823a7054dbb660c66bf41b311

          SHA1

          ad6877efc78cfda9dc0fe11549b78deb23382f1f

          SHA256

          d58114ac0a6829add4d17e19d87e504b1360a7319a727ace672db140b1ec25e5

          SHA512

          76204ec61acb9ad619138b1aa5182cda2b18a6fa492ce01228fa8beaecd5482c3965fd7395a5c1fee319f71d483b5142b93e9d1006666ebae120a2178485f36c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          404B

          MD5

          3d2dc9688565b70468136a4427b98e8d

          SHA1

          1ab939dc05413a6fd15aeafbc99df4c07ec66bbd

          SHA256

          4e682599ecaa9cc6003da3c6c3c417f5199729ce6b2eeb2c330ba38015a5fc97

          SHA512

          0f114d4f8048fbb3c8ec5e1a5075d45d5b711169f56c368e6cc686542211eff6e96372b6dc75563ebc1d73de036549c536550efdeeeaf6cf43b8a4ebab7ce2b6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJUMHB67\www.roblox[1].xml
          Filesize

          95B

          MD5

          f258fa32a0ea30db3d9d165b726bc03e

          SHA1

          a29f8cf3bafcfb58f5db42e5546eee3ce649e488

          SHA256

          9b063528f5e497d7a426e0e5216630678a93a16c7fa11ff5578aea5b092773a9

          SHA512

          e7d73e8575550215c80d2b812900c4880071bbd37c2ae34cbad5ff3578b49508f154a2c0e9e7dcc4841b2d7e6c4297ac709b349eae3bf5293a977ceb3e59a6c6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJUMHB67\www.roblox[1].xml
          Filesize

          209B

          MD5

          e9a29319f90601616b654daf5442b48c

          SHA1

          4f75ab437c41f10326c8d71a05ac457060bda4ca

          SHA256

          d8e830510c565ceb181f4b418ac1ba18818e9504f1398c3bf230707cce0b167a

          SHA512

          612dd0e41dc6bbced7bda0532c8bef59ebeb77ed830577484608b4c145d20f63c142e20ff1c1d74b9d5b3d9cd4240e3f6c7b078ad250d70dd49d3be61e4c17cb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJUMHB67\www.roblox[1].xml
          Filesize

          209B

          MD5

          7d34f2e0aaa5852abe76c3def5359e24

          SHA1

          bf5139c3a9baa04aad16b0603aad871ff519d6db

          SHA256

          f8990148d0cdf65e7bc8dc41f767a1b29f07261eb95458445a2e66825986e0f0

          SHA512

          6aba6f15fd635c75b1bb6d895c5575749b0b4356e568a57afcd4366b9f33dd8e9e0d2c2ca5a5c8e990893a3873139465a0ea414cfb564e56ec00c88a899f8858

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJUMHB67\www.roblox[1].xml
          Filesize

          209B

          MD5

          204edc673ec058a3ea6610668247540f

          SHA1

          0405b2d51fe4186636c39cd6e81ab5fd18a51949

          SHA256

          da3b0812b198666867870a2cf1c4dda74894df0b9abd1e5615833d73ab6e1978

          SHA512

          17c8120ba93ff543ed50526791a9951e5d1f3257bba6855b4f630ca7e6f1ce027606c9f0ed05a4321c9ce4a22a7656e9a12d629127c43859ac6d6e78f1ec56af

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJUMHB67\www.roblox[1].xml
          Filesize

          209B

          MD5

          e71c77cd49748ffc94ee78de6503d6dc

          SHA1

          f9d864738262625916fa020df8ced1e50da103b8

          SHA256

          194ebd2bf3039e8338d1f71806fadd989871a5eaf6e805200f605964f92c29f9

          SHA512

          728b277af4b548cb10470598b82631b36d207673a99fd233391e0853c46d818429b6ef55734eca318cc484c8460082940e806b8944abf3ccb341aa120a9e2c3e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJUMHB67\www.roblox[1].xml
          Filesize

          209B

          MD5

          c5ecd92ccdf3f11a2f07cd9274d524a3

          SHA1

          7c5da05f0a5a14cf427406e513ddd0964f470745

          SHA256

          b4b8f4dc9f66df0486d95e4184d8b32259d6853475ce433eb96f970089ef7261

          SHA512

          2a4ca9d0286a74fc3531baa7b4b3299897056ab81b9f20d788b92e403d5549e47fcdbabfc7be0e9d925299abf21f80fe816c085a776e00baf300f6c116f104e5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2BUC20L4\favicon-trans-bg-blue-mg[1].ico
          Filesize

          4KB

          MD5

          30967b1b52cb6df18a8af8fcc04f83c9

          SHA1

          aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588

          SHA256

          439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e

          SHA512

          7cb3c09a81fbd301741e7cf5296c406baf1c76685d354c54457c87f6471867390a1aeed9f95701eb9361d7dfacce31afd1d240841037fc1de4a120c66c1b088c

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2BUC20L4\qsml[1].xml
          Filesize

          497B

          MD5

          de9ae5c2dff008dc9bd82859c53bb750

          SHA1

          2f0b24e2d46ebdec7575e40e1ee699eac9a660ff

          SHA256

          7b2c758f789cadd9712ede63e8bf816781811ff6707286f1f22f32988e62d87c

          SHA512

          ce863bd3199c252b652723531e61bc16aa4ca1f3e01407c1575ba38eb5430a011bf28b1cb044f3032eee18ba9dc5a7348b583e7aa2094fda8917838289f30893

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2BUC20L4\qsml[2].xml
          Filesize

          508B

          MD5

          e179899f60f143f7e7f28f64089ac507

          SHA1

          85154346cc5978db9409176bbfc038cb1276f97f

          SHA256

          9f0658d9f6811dd38657a0f71e02b575cca33468952be1ee6a419515b9892084

          SHA512

          a5936686b029be650ed663bf9bc7ade4eb24ad652cf39d5682286498793e4bac6dc01629fb856362e89e42770ab2befbd5d3bb4cd33ff382bc0902855c901aa3

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2BUC20L4\qsml[3].xml
          Filesize

          508B

          MD5

          7817a46ff49254f475746c3fb1c21509

          SHA1

          456ab53f952b52234fc313948cee7bfc83734d2c

          SHA256

          05993207e5c415c28d5468f93e4fbc1cf8f80a4f3328385f628fdaa8ee74b68e

          SHA512

          71af6deb9a07de72c179ad96e7c2834c2e09f5222932bb9b61cd04d00824dd342c0b1f8e4a56ae45e7211136fe5ae89f126ac29394eee740db4d1c58e747b392

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2BUC20L4\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QQV2ZVID\7bba321f4d8328683d6e59487ce514eb[1].ico
          Filesize

          4KB

          MD5

          7bba321f4d8328683d6e59487ce514eb

          SHA1

          ae0edd3d76e39c564740b30e4fe605b4cd50ad48

          SHA256

          68984ffee2a03c1cdb6296fd383d64cc2c75e13471221a4bcb4d93fcfa8dab54

          SHA512

          ed6a932f8818d5340e2e2c09dcc61693e9f9032c7201e05a0ce21c6c521b4ac7dd9204affbbfffd3bcebbebe88337fbd32091eaa1e35469b861834f2523c800d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\5O7HX2WM.cookie
          Filesize

          101B

          MD5

          f2a29b7aa187ebcc6370187278ae8a38

          SHA1

          e04760d929e77a0db44570862727408eff5c7ff6

          SHA256

          c6169f7367f3fd80e383d731b64f2c8ae1d834d28f56d2dd70235456a3c60825

          SHA512

          fbfbab5362a3f822865f30c26b1af06a8f4d26ab15e6f70bbfd830af46717a4441aa03f3c623ae0911e369ac3346b85b72c0f6242f298676456b33a2b51bb203

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\5RUR2D4H.cookie
          Filesize

          580B

          MD5

          ffe2a159e6a7f5f412c594c2a59a6678

          SHA1

          c3e4668941f7123c1fe00bb2787fdac40e5e3d7d

          SHA256

          bdff910cc3580c9f6449ed354121dd3a2db801a48a78bae7dab63d7502db1305

          SHA512

          379329888b8e01fbc16745bbde24412e4db3fc293146430ad5663de89a6c64829457d4dfbd4d66d1e3fd600c49e7f19b0687a782a5240ee420cdff537f40378e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\GQ61MSRI.cookie
          Filesize

          615B

          MD5

          2c81aeabcb68e0b56c4ab9f93908bdb8

          SHA1

          c55aedfc66bad33cc2dba53a9d03f3d55abb404e

          SHA256

          66e7ae6926725bf50bf266567c346464376b63f1ae7717936a4e48afbf8d6e4a

          SHA512

          3e128fdb0b550f2570c1809f2f08dcb9127d2eb869626f78c0e2986d40bd8dc55aaf9b9ee37f7d221f5c6e8dfd18a6fe1c701a2eced9fb9c319386658b2ce8b2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\XSJIVTX9.cookie
          Filesize

          615B

          MD5

          f53539b3b449e52146485fdbe2f48ef5

          SHA1

          7b44a1853462d071cc210994da8db28ccf7f3b15

          SHA256

          6b0c11fc4086b6acfbfa7fd6665488470f754c9d31aecd2dc3c2336517ce82f0

          SHA512

          71bf4946d286511eefd520cb82562a7f9de65e8ffef235a5d30c4618bb47e14db28dfa90daeab032fb27c022619268a8bf770a70c6f0aa5b2e196a7dc35dedf6

          Download Submit