Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://181.210.2.136...

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2023, 16:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://181.210.2.136/favicon.ico

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://181.210.2.136/favicon.ico
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1128

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    532e7a0da4dba4cb2bd483ad5eea49ed

    SHA1

    c6f0c2a0c5a6ac1258452809e38b481a9295c013

    SHA256

    b76e0fe6ac3d53c168b5ce28b8f95dfb9f83726150bcf89ebe6fb1ebb4000d23

    SHA512

    3be17ae317113fc1214b55b3d719607050698a669343acfed8a1df66dba1fd0dbfacb350ef494346c852ef07f1d404ad8b4865b85665faeb00806aa6af1ed50c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c5c25cf8ae6f7d940ded8636e8be9b2

    SHA1

    3fb76cb68cd5955ae0284d655b73a3b4de6b4e20

    SHA256

    a1cf05de188bda2168521bce3c5b7912f61f38acd4852eff2589ce117db18a2c

    SHA512

    f93d90d499088cae70bdff94e21a242693cb44c43db378bf99d8e6d74c67c227ea1c897149bdf9522c344be83d7e9977867365cefb8c38172bb2e9ca0904bb71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f51dd06d037ec316b2d92d81bd3b22d1

    SHA1

    29b3fd58ae4f2be2794924a37aadfe4ab3837404

    SHA256

    282539de07eedb97ebee6f6a7f8af0dc02e51f82886587c2b96cedd5c2b3d527

    SHA512

    1a7abaf7fc7bc6855b3e14aff0a56aa72fd6028f55b59922ffb96cbf51a51bb60fc1fec4202c5139db79893387d412093a792052f94589ba6878093b87592f3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb4d1413aef38aae8189a85b55367b51

    SHA1

    adb046113952633d5fee0a65dbe796c66dc89cfe

    SHA256

    4af696eca1c5f8229793ab8b356d663b1ea5850f09dc3dd2921c09492a3adb2f

    SHA512

    49031625018af72947469d0c005b29ae13c4c7841b77fca5c2ebed8f450d6d6a6516c61679c629656defcaefa9f4f6cefb9c9d2f119193c8ece08b844669f481

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffd9f4e1aeb58a0b132fd7d96bdbc3e8

    SHA1

    3cedb4bc49619b7aaa2112c68b4e910af9a7901d

    SHA256

    8a349329a5359001a2c661410db4cbb9ce81e6ad3175bd5252d5f4defd5f85de

    SHA512

    0831125165ee4500a24f5221acc0b81b4b37fd08763e80ec86a89851ac98b91ce87ecc759fad80c493aa54768d7fb8b1605b16e8143f5f99e07fadd7ab4f15b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEWWZC8O\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA557.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA615.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\F4SB4N7Q.txt
    Filesize

    601B

    MD5

    27353fae0d4d2789086a99d96af8370f

    SHA1

    1b4fff52f553e0736a26f509af50ed91ca9f5063

    SHA256

    6ff7326ed1de93bbdcb86b2a99aff8651c5a18632b202198a56aa7fc32b5b48b

    SHA512

    255529f8495e74d09149d820e66b410b88350093bec9fb00cab3ff2d6d0ac9302fdf1de49109b38ca0fe53e791765edc9e3fc074bb07746575b9ac3b02cdd120

    Download Submit