Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://37.1.213.100/...

windows10-1703-x64

1

Resubmissions

10/07/2023, 16:53

230710-vd8x8scb28 1

10/07/2023, 16:52

230710-vdepdscb24 1

Analysis

  • max time kernel
    126s
  • max time network
    196s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    10/07/2023, 16:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://37.1.213.100/ycWbNp?host=guwdix.fishdeli.pl/&mark=06072023_490_1kkHtml_1shab13pl_serv1_SUB_10&keyword=cholo%20bike%20build&template=&se_referrer=https%3A%2F%2Fwww.google.com%2F

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://37.1.213.100/ycWbNp?host=guwdix.fishdeli.pl/&mark=06072023_490_1kkHtml_1shab13pl_serv1_SUB_10&keyword=cholo%20bike%20build&template=&se_referrer=https%3A%2F%2Fwww.google.com%2F
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3500 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:820

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    60fe01df86be2e5331b0cdbe86165686

    SHA1

    2a79f9713c3f192862ff80508062e64e8e0b29bd

    SHA256

    c08ccbc876cd5a7cdfa9670f9637da57f6a1282198a9bc71fc7d7247a6e5b7a8

    SHA512

    ef9f9a4dedcbfe339f4f3d07fb614645596c6f2b15608bdccdad492578b735f7cb075bdaa07178c764582ee345857ec4665f90342694e6a60786bb3d9b3a3d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\59D76868C250B3240414CE3EFBB12518_72974AF566E58ADE4F050E3FF87F7313
    Filesize

    471B

    MD5

    cdf2f2e676f2d07e8fda8bdf24175bc5

    SHA1

    e5d368423f8a22fa2e6aafec9eeb64bf5afc984b

    SHA256

    4d0ea92c3f25bdc2261e42c086479ca2be7a4b522fefea61bbbea3d6a1d72d4d

    SHA512

    44065bff3a6326a6b13f0298cb35826f32f6f3ecf137d5dbccf5b3d6761724007c7fa50e8d56966e58be58c9c1a1d431f76974ebf35ee488ac9df552fc7e6392

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    3161fb71161077d546dc96d610a7a48e

    SHA1

    40a38d6d9c7f0f0e2d4c64e5ab4d6e6c1bd6a706

    SHA256

    fec50f5ff203ffb3c1261081b291b2c224eeca8b6ed4ae88c2cd92eab991d5c7

    SHA512

    f1007eba77e814d0153444b42901839b5fec00e8fccb5e01e6ec5d9dd707ca89e9ab7c223cd6073eada04ad90a24529a7951fa6928f6256ad00d3d7938f33a5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D39ADE2C418FE81BF2EDE625457B069B
    Filesize

    503B

    MD5

    cb2ae03a522c9b7bccd48a945822f651

    SHA1

    0fa328f366cfeac91bd22a8f1f2facad82bb8013

    SHA256

    3a9206a5098c224410f9f4ff0d88cab3be6d278f90ecef5dd8d41ecc64460a49

    SHA512

    e9b91421e18d95a94381d44447b956b5bd90a2bb17540588b8cd1b2b05a09eca5dcb9b6e0fb6401c4210460f36621b076d9ff4c90238ec8a71db833f71eb709f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_49536AB5156BDD74EFF881D01C36A419
    Filesize

    471B

    MD5

    e8df46369a39c5d46ad8ca9f01bd7c96

    SHA1

    0ea3680ab4c4701578d850f3f4842cb4c4d4f46e

    SHA256

    ba6fa340fc304011c7da99d0616fbd31d865886363540499c1cb6c1436ac6eef

    SHA512

    611e5d32f90d32634116424d8b0aec9eb07e13111834417262acee589e50196da3496300dd549a36a02eb64b35f8fe3bf65b565d3532b0206fd4d00786039f2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    c85cf2f0ed0e7cf934e8d17e545a7861

    SHA1

    3b2934ca3466ae78cc3802b38c4c35333cd3f499

    SHA256

    713da9bee800a29de96f3a5831213606e02d7e02b3c178995889ec4dbaaa2e1c

    SHA512

    a5a07ec59ef7888875cb7f629a8da38528e8af0b14deff6219772e03ecc8cc6ceafd906832dfafb031107afe15cb6d5ba1e3163693f98bcd1fe381427e5254b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\59D76868C250B3240414CE3EFBB12518_72974AF566E58ADE4F050E3FF87F7313
    Filesize

    408B

    MD5

    91bb567d43cd2719fa36218f1d859e43

    SHA1

    c8b94d8316898cc35d97cd40eb8cf34b71478b78

    SHA256

    b15311f2857746c84d0bc6184e2b2208241df5dca2b0ccabfb98ba1b4785a7a2

    SHA512

    3584f3ef8f844e715fc6651710463cb55fe8d8b8febcaf7d45a073896bdcd3cb69f93b898427ed26a5cecb45f89c82fc0add7dccf31253015cb8cf6e5c68f9de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    29e45cac10940065dd82825b03339143

    SHA1

    21c7d4e158f31cfa2e1057d33b59b60512b362a7

    SHA256

    40c84743c96f7b8aa205dd11612ef23e8ba1a5d09b7da5f31fa7e3a79c873559

    SHA512

    b8b92d342805f7f4e42c44ac928870f884c3804245b3318f1f526ef03f533e627ee14343e638ca843d2dc8ca1f8340fcf9211e5e9b017542d3d8997e89dca09f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D39ADE2C418FE81BF2EDE625457B069B
    Filesize

    556B

    MD5

    0c4b7e77f5a7a053e619fde05781e6f3

    SHA1

    0c6795580b0cea00dc16a5556279f3e116e9d3b3

    SHA256

    d64bc54b6794de3e1325b248b65da46f93bc878035b7a05cdc3dc75659230dc8

    SHA512

    aa38a374130893abdacafe223f7373b85b873e503b2b4b28cd1835ba0a78003c9bb4e74c9df7391c01d5a9153d822126b2ae0e40b7db48e04920ad9d6e8666a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_49536AB5156BDD74EFF881D01C36A419
    Filesize

    412B

    MD5

    5f238da878053e28e6f95fa1b5880a6b

    SHA1

    9c98a24b740c45c9c841490197bbe9a9be9f61cd

    SHA256

    903bd05be89b15e178942f9789dbd595045c69cb38fb2a97dacad06e4891786e

    SHA512

    f7052c45cfa159de318cebfb4b586ad2cc9d1d2023dcca2b5f0f364cc0dcdba8066880fee8c23305f82657706035e705df18f3ba3e4b9711a57c9915c7635277

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver439C.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\A2AULULF\apple-touch-icon[1].png
    Filesize

    1KB

    MD5

    e5dfad0262f03fd732d2dbde48396f02

    SHA1

    0831fcaf317136ddd696be244d74e937e2784e7a

    SHA256

    531b62639d04ac7317f0ca96b7577791328b952480847dfe13fcc8f4c871e191

    SHA512

    5c20b229cc3fba299bb9a810eda4d8a951526b740c0b5fa41babe2bea37163c1b0bdea783c914e1fad20a3a50034c8fe3eda41443b2bf5b66f6cb5e2b96c2b51

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\KFR0RUGG\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\NNTV76UL.cookie
    Filesize

    608B

    MD5

    48d08f7397c881818499510da051d972

    SHA1

    1cbb83f31ac2e1121abc9cd61b68b147aad5ddde

    SHA256

    aa99039442332ea63b1bf16e309dbd513b17126ddb0f98a5df9b1efb027ce087

    SHA512

    7afdcd3afd5fdc4941be78bd9c238ec51a7e1891e025bb81725d2e3e310699b1792b56ef5d2c6b48dfbbec86b4e77664ecfef39e76e9c5d4c25bb769ffda61ac

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\SOBZZ37W.cookie
    Filesize

    607B

    MD5

    f7e216084ee4a8967d0f5e532f8321a9

    SHA1

    0917cd0868a8e97d359951e9c8d93b6bce777d1f

    SHA256

    697ed7512170e6a8bcd351233e473a1cccf98a856d6bf540675b11c68085d1e0

    SHA512

    7479125b7dc8cdfeca7c5766bce59e0545b6a1fa2275fb3b959fa6da3110e5b027e2e0fcd7147746ff7db997fac1c6bdda469aed00a50d1b20e562e19fc60e29

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\YEL5J24J.cookie
    Filesize

    1KB

    MD5

    4eaf8d688f51fe87b9c7bcaff43632e0

    SHA1

    b31635fc52e40acc45abbe66dec39f31ea41ca1f

    SHA256

    1bedcddd3747fc19d3927f9fec04d55b38e6e0ef85c12caf902c6b886f530df1

    SHA512

    6f9effd6dc0fc19fb78f9a08ceaf5a265a2c4d63ffcb28aad7a8f27a45b1ef8b85090a326ce1e967511bed3568664812cf2b00a91a9ef71e4049a02c46410e03

    Download Submit