Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://my.dealersoc...

windows10-2004-x64

1

Analysis

  • max time kernel
    62s
  • max time network
    66s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2023, 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://my.dealersocket.com/DealerSocket.Web/CommPrefs/CommunicationPreferences?si=ZtJbEHyfbdY%3d&em=yhiYmyLirxZQqQTYzQSZaVzLrS6l7pGl%2f9MDj5kW904%3d&se=sVxukbNnJKo%3d&en=nRs98vjS3EE%3d&so=wKtEMx8WV5U%3d&cu=5AVMHjmGqWQ%3d

Score
1/10

Malware Config

Signatures

  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://my.dealersocket.com/DealerSocket.Web/CommPrefs/CommunicationPreferences?si=ZtJbEHyfbdY%3d&em=yhiYmyLirxZQqQTYzQSZaVzLrS6l7pGl%2f9MDj5kW904%3d&se=sVxukbNnJKo%3d&en=nRs98vjS3EE%3d&so=wKtEMx8WV5U%3d&cu=5AVMHjmGqWQ%3d
    1⤵
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4548
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0ecc9758,0x7ffb0ecc9768,0x7ffb0ecc9778
      2⤵
        PID:4124
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:2
        2⤵
          PID:5020
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:8
          2⤵
            PID:1664
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2268 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:8
            2⤵
              PID:4488
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2884 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:1
              2⤵
                PID:5084
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2892 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:1
                2⤵
                  PID:3312
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3732 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:8
                  2⤵
                    PID:5008
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 --field-trial-handle=1908,i,3701937635351983643,8050345749861056137,131072 /prefetch:8
                    2⤵
                      PID:1748
                  • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                    1⤵
                      PID:3868

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                      Filesize

                      144B

                      MD5

                      6879957695872acf4a078a41db1afde8

                      SHA1

                      9b19411095d326742ee8a8a934d1adc4b8de04f9

                      SHA256

                      8fc332cb777f03d4aa80fcd75b5777715cbcc0113135ac9da4ca916701f0212a

                      SHA512

                      8fbdb84f90fa85a04a58d20c54842abf8f88f16e5ab1c472b113bf7d5177b62a91a83cadb567753313e4f93c31f2b2dfa7d4d83ed65e72d359fa452ac5a11808

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                      Filesize

                      537B

                      MD5

                      692c07f603627a3ba67ec64907273a77

                      SHA1

                      71ae84146e9d2b3b39941ddd8eec2056436e2279

                      SHA256

                      b939b3484e4adce72f3ff37c37a71086cd1a21c5319fdaeed1898567192a55df

                      SHA512

                      8d9e17277d7b6fd939e150f3eecb86fac81ddb4d9394f819c2fbee1adaf1281a78ebca31bf9f633bef8fdc5b3b58b7a723960557afd6f8684104462d99d65538

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                      Filesize

                      6KB

                      MD5

                      b26eba4e8af461e1ee3365e503a5c72d

                      SHA1

                      71b192b108a51d0dbdd4935efc09e2773f84369e

                      SHA256

                      5105491faab073f06f02cacaafc6b59e28a0db9824358fe83cac3a890b0f5e59

                      SHA512

                      d0ac29eccb0650f3f191dd753bdbcadd167b1c8d5e10b16f6b32c8cb40f26006df4e0cbd97790b1a7ad9bbeab902193d79129dde572004be80bb63f59548f316

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                      Filesize

                      87KB

                      MD5

                      5a228bfed9cc5f3dfb029124b261b243

                      SHA1

                      96546314e331100673ebe89991c409365c046f80

                      SHA256

                      dafb12b23dc91ab045b6b628a737ea59c839c29cc78b14856e4d77c2b0a3f186

                      SHA512

                      06af04bd19627bf3aa09f9ccfb76b0d1242b3d1bc3470c0945de5da5e788be53978a84ee0ba89f1377fa7827e0e8f4a9bbb32cabf5d286de3155f79e7b55b6eb

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
                      Filesize

                      2B

                      MD5

                      99914b932bd37a50b983c5e7c90ae93b

                      SHA1

                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                      SHA256

                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                      SHA512

                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                      Download Submit