Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

windows10-2004-x64

1

Analysis

  • max time kernel
    12s
  • max time network
    12s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/07/2023, 14:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.mediafire.com/file/petergriff6n/FreeRobuxNorthKoreanVersionLegit.dat/file

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 15 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.mediafire.com/file/petergriff6n/FreeRobuxNorthKoreanVersionLegit.dat/file
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4748 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3664

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IFS1FGNU\invisible[1].js
    Filesize

    7KB

    MD5

    0791125413d2f0b773c87cdb3e8fb2c7

    SHA1

    856cd8524656b60b4a02785aa241ea7d4143ad7c

    SHA256

    90918583068cbeb6597b03a59cb386c1e445832bfa21a9f3f56d4a57771525b4

    SHA512

    18c277280aaa151b67b6f614e0e6cddbed3226208728d05f706a21ac33353f8cbe4544c4dad5756b6bfee65e279303201eda3d6823e07333232a7d8ef26e5171

    Download Submit