Analysis
-
max time kernel
141s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
-
submitted
11/07/2023, 17:32
General
-
Target
https://r20.rs6.net/tn.jsp?f=001f08BTiEpQnE_egkh6wqoMN-cT3d6RwkTljOkeb-WGXcOuIgxxJ_UbEAWLkorQNizNRkmVMxEkqzI9f8s9etmiztA7-H2kFg_2QVf3K5K8s9xuMebd53Xd_3HbHPgd1iSyX4o2TfscBHcHwO06y_gsQ==&c=DkBiK5zkW4pazNtUASiVhgGTICblESf-HCI6_JmpTRhjEWCcum5Z0A==&ch=Ulf4xa12_rv3zbHS9bQbqUohrlkmWZM3hAK3crq265_5jcUVIdze1A==
Malware Config
Signatures
-
Modifies Internet Explorer settings 1 TTPs 43 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of FindShellTrayWindow 3 IoCs
-
Suspicious use of SendNotifyMessage 2 IoCs
-
Suspicious use of SetWindowsHookEx 10 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://r20.rs6.net/tn.jsp?f=001f08BTiEpQnE_egkh6wqoMN-cT3d6RwkTljOkeb-WGXcOuIgxxJ_UbEAWLkorQNizNRkmVMxEkqzI9f8s9etmiztA7-H2kFg_2QVf3K5K8s9xuMebd53Xd_3HbHPgd1iSyX4o2TfscBHcHwO06y_gsQ==&c=DkBiK5zkW4pazNtUASiVhgGTICblESf-HCI6_JmpTRhjEWCcum5Z0A==&ch=Ulf4xa12_rv3zbHS9bQbqUohrlkmWZM3hAK3crq265_5jcUVIdze1A==1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4508 CREDAT:17410 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4508 CREDAT:17414 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
717B
MD560fe01df86be2e5331b0cdbe86165686
SHA12a79f9713c3f192862ff80508062e64e8e0b29bd
SHA256c08ccbc876cd5a7cdfa9670f9637da57f6a1282198a9bc71fc7d7247a6e5b7a8
SHA512ef9f9a4dedcbfe339f4f3d07fb614645596c6f2b15608bdccdad492578b735f7cb075bdaa07178c764582ee345857ec4665f90342694e6a60786bb3d9b3a3d23
-
Filesize
192B
MD5eff4b411b151d09e15eba930b2419d31
SHA10f488bec8cfb39b53b28c38f8d12848688d7e427
SHA256d3327f9daa43d08ec0c9039fc7954220b78787a1bf3ea1fcbf03b7c6f9196d08
SHA512e96ee783a822780e9145b9a96d2e2dc438fad29117d394123dcde07a36b96f3a17ef0b83930ab84058c9f574f0eb84858a644b719f1847a8c59868e30c218bd4
-
Filesize
152B
MD56e4acc1d09a39be806a39ac6c8a79078
SHA1d9ea138a8443c774d63f3f7e6a47edb5833ee506
SHA256fe95f324e53acc34a2f34a68e33d83e71de4a0fbbad8dfe60896bea429efc28e
SHA512c6923d320f35de9688aeacd3f47fd7c912bac5fefcf81be70b425a578640dbba1cd34eceebb76ab45044b713212e47535a05dc71b90c550897d227fbba40cfc5
-
Filesize
1KB
MD5c823cf160581c38f1a8608e8fc824dca
SHA1d6515471c2d052f0aa6ab6731889f2afb08d46e0
SHA2561a2d8eaef74d572d7339d5014470ee0f7ca9545b4bfcc5b4343ad0c610b4dfeb
SHA512c957e4a7f1a7fa7ee8f882d538db57e333bb3083d25ae2014a4e33778eb0e3f7b8d79e04157b82740b1cee9891a38aaa49705783dde59524764ff11cd8e1bba2
-
Filesize
1KB
MD56d668ad741d3ef0591b5fc753b465eb5
SHA1eff32b42d8144c277d199f0ba3a608d28e092ed3
SHA2563b7fdd787735562628cb562334fff9be06e570450aa5c918d5c483a10742c64b
SHA512c02dd80fcae63eaea75646895f22bd4a225b380493b2f7977ba57b0751d517b5ee61766c75da978f67cb54c3778f20b896bb31ec5485a2f1f291ebd8d1a3e2d8
-
Filesize
17KB
MD55a34cb996293fde2cb7a4ac89587393a
SHA13c96c993500690d1a77873cd62bc639b3a10653f
SHA256c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee
