Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://melinda.ns.cl...

windows7-x64

1

http://melinda.ns.cl...

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231130-en
  • resource tags

    arch:x64arch:x86image:win7-20231130-enlocale:en-usos:windows7-x64system
  • submitted
    10/12/2023, 16:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    http://melinda.ns.cloudflare.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://melinda.ns.cloudflare.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2852

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
          Filesize

          1KB

          MD5

          11ee9b656e0d75e0b543ede7faaa3f82

          SHA1

          620f71f575d8105e8315f7880d9df98eabf2d14e

          SHA256

          7b5e49b1b055696a4ef641b3c2e4ab7d6801537062109a0974b53e990c2232e1

          SHA512

          70764a9e6f435166fbed590cfda188965b70540beb7b89f082e538de472989f9338179649ac9ee7c4b5bc1cfe98cc33b765d1573e9b82f8f0dc2a6836d9b6b0e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          6ef6e5a0c34f6ffd687522a28b7f7ba4

          SHA1

          a83470ce31ae85fc522973b3cec8b57c9706598b

          SHA256

          2e3602ef49495935e7912576910ddf680121a72f153c5b1de85a92b9d6f279a4

          SHA512

          1d1eb82d73e246b5e4abeea5ee49b96e8a75303561efbd92fa682baf69cb65a5f8f5346587e40cb33a97e34306032d280189d30027375e99a6802014693fc988

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
          Filesize

          408B

          MD5

          8dcd496eb081f5d2ab455461d65bce86

          SHA1

          2b1df9c6b225863ba80fc5dcd797b25870cd0cff

          SHA256

          1014cf28a085f19ef472ce0b10fb2b0ba7ee3135aa6138b588cb2d51f1dd1d49

          SHA512

          4b04d32bf61416e245c508cd279390a6cf891a244fd20428792090a8ae64dddf07a479c7ed17bb9b3892221fa6b7fdc75e4b83bf9ed7d5362007cf398e49d3c2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0b68978d9d127f182fe3cafe1f254c76

          SHA1

          ff5b124f17f334b39d0e4c32b816a06344126a0a

          SHA256

          340f0300e9bb0a41b5b182a0892bfc59f0f0ecad404bff872c768b4ccfa77eb2

          SHA512

          e8e0bfb16a1b6874a308bb98ed74d31713de28a2fedd22a5e5cec332e9416f59025cae317f42e21a23d2633209829df562cbc6687eb828a71f1d8bfccc5e1fb2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          80dfe42a04095957408a50cce6abc727

          SHA1

          5e2fae6cc4edf35c28365fc37a00bff6c341ef4a

          SHA256

          eaeb531307276ebd1df4307299bba63e8b7ac538d5749274b484279a9ea26b50

          SHA512

          45e20e1352b39c4e7a2c5fb949201bad03b0c5215967035f164e1b300e59ea90b967d651e222f01130cf6ed68e180380c17c8ed252fba47330fdf3109a3525fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c47fcb46bf0897178b908858df4aa2ec

          SHA1

          666febe1d3cc933d9c2f6d7a5e47c69eaf5c89b4

          SHA256

          30212349c31bc1730f4204ee4e99ce27f3cdbf4d4092518c3d6e628dd2405dd5

          SHA512

          6f752743d6fac77f5ca41428ca215e492605e6008dd11cc5ad221106ea9db5d30ff2308ed5b8c4383e96a571d9c57daba72c88b79f5909e787df0175460c2c6e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7d5d54f74f4830ae91cb673512d610b2

          SHA1

          40e0663c70a761dfda5932133d2eeec0058c50d5

          SHA256

          db4dc05b589925882240b8b4119da1103b073a1256459c14b5421d1eb19fa50a

          SHA512

          c39fab08d7186d1850ee1cf4c28ca7412a5bb1bf7ad402dd38583f82f31192539a5a86c844b936b4a76b46499c08feb34e521c8cf3d01903caa086d0f87c9277

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3cef28c69709c34188ca93a29618eb0c

          SHA1

          8d367f278f619ab9a7ae591bd4a308dc89c0c8fa

          SHA256

          fc2e5b4c63670c21c35298d380dc33f6e6a1d42f173878ddc76b7f2840d509b2

          SHA512

          dbfbeaa8b94664e45c0f5b32185fd08ccc5f5b9e82d6f39782c1b976d14d957d3ea77af8d4f3b06879c6f8bdb99266f62cfa906954e11be306fde9d0b6f42ef3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          445b1419f518e8c2f5c40bc889df6480

          SHA1

          30c4432040892cd02b4934c8be34a5322a7427d8

          SHA256

          591db5516e9f7442de70af2bce30d4e0f8f2a4ce4ec19b1581bf4d54bb1aa9ce

          SHA512

          b57212e05d47df0d78589ff1bf4af19348c68e48899edf35e08824679860416ac036dac1892ca0e776aad83278e4055301d241ea4d0a8fcbb360d376ff2a0e28

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d16c7bfabc293420b021e05c055993f5

          SHA1

          6ac25e3582109699b4ddd7b0b05f384f75c0fc9e

          SHA256

          b3f4245f62f6ebe717f15fb6b7f9982d267c48589f767f6d771ce77f5f826b9a

          SHA512

          dbbdb8249ea8b388faf3adc0b556c31c24586984146b43a0651298c029c57e5956105311848556103b0eb096238fc7c7475594ba8d689beb783075af1fbc1bd1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          371ba1e57fe2b33d3212b674999d571d

          SHA1

          7b18282582fde8de0c4e451d30657536cb0169a9

          SHA256

          32e6bd5c9e3f305deb2de7b0ea77793a3452f36b85033b59d7410133771d970a

          SHA512

          c3963919e77dee218464028173b7e5fe5f615c3537f351349afb57f11c7e26bb77c07af896f5268f3a241a10caa55a5736ddfe31c020d1f486478eb8f2806248

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          80e9672c8b7094cc5a41805d92963686

          SHA1

          e0abdc63628de8892875120b4090f87cb8c61a4f

          SHA256

          4fa868041847b95401f35dff5bf7177a222962ca686dfa4dd390de3a682d6568

          SHA512

          e322cd55131166ad840f56dd0ef4373d28550e5a7e0f80855eb1e84fc066c8fac0757c62f6bd9deee48c072093204c23818b769501ca230fc19cc42372130921

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          adc46c5f41b2eb1fd6946cba253a689a

          SHA1

          9ca38298ddcd6c19c27cc2a88c0bcae6ab6841ea

          SHA256

          ebb28a4708721333b8afda9171722f5c5c1e1d09ff26b50121b3be18b866b311

          SHA512

          ab688571db48fc1793a8ebae501572153971317d8b13eb5e37dba454dab171071b128ec2525bf595bbbd0962ba68ea6cf43af129a66dc95710f79500dc4b465b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2a4fdf20e5b9c6b6bfec434114e00235

          SHA1

          1aefc8616c4472b235bfd1c7f7f56daad4ee6502

          SHA256

          f5c93e61b8bf3f5d1bd9829fa0256a94d7c6290cd36bd76c6c24c06a8f19a8bb

          SHA512

          07f2dbd9833be592de38480ac402a82282d7bb84eff6fa60a82998b00b25a19f1c544cdba25e7e01b5f2ae0f7ea81c5e717e9131f034ecfb56a9d633d01f99a2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b6981aceb50df23398cddde0572f3a79

          SHA1

          d7630aa230229d8d9ad7d0f430713544cb51a047

          SHA256

          a1d42fddca44f23af00a0a0f35c6167cef9e9c1e99e6c102aa5a112f348c8111

          SHA512

          e3075c3adae4eea85d2a32663f6a56beba580c113605d0e1df730da22301a6ffd1d7e4ced4baa314f3283748bace50433a8ce0c08b298565350d2591b48bfae7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0eb544d7f605c411b30d3a1fd2141bac

          SHA1

          6c3f865d559026c9ceb55aa57eb77c0996ffa1a6

          SHA256

          95eeb4edabb0b6b51ef00f56c75b3cf21ae40fd3513c1b8e83724dc1b87bef73

          SHA512

          4a918090580044797347d1f50de8fe59e65ef2e055c3b766f38ec5897f5262440d0e7121bc90b5c8b4f146456abea66d9e4ab7bd59a6da279edd10b9cc9f3e9d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fa3178ef4167f2397fc10efa7bd7035e

          SHA1

          f8c2d47942ef15a253d78b428f3bb48217b7728f

          SHA256

          a5d533b6940ebf68718cc0caecb0bc5b0257b6696eff6a62d3b093aa509e83e5

          SHA512

          dae765cf3f2f3091310ab53cb71673adfb0b71c4e604866653ecf3ffa144422e7792427a9dbcf09b2e968eb712f2c5898ee5dc8d84f253a9e93a7a54fa430227

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5a96715b3009c39e45085882877bd953

          SHA1

          0691e8594ab63629554f3380efdbfe92ee889f21

          SHA256

          acd9cac0e7ec6998657214f0c7a8e9e2538bb327148717c0f6eff8bb783d7670

          SHA512

          d734a9a851f0bcee31707472832b755dc324e44cdbc2db0426c5b30f53051261a40b62ad6c5ac79eb88a025487896ee8228b7a338e99d343c8ab1c849b425359

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e4bd20bd12d1e23bacae522ac585c8ee

          SHA1

          886ef74ec3a69f5d11928e995a7fa9ecd8045144

          SHA256

          60f6b2c68d3c6c20983ab5a718cd3cd441702d4e7eb3fcf7dde4d3ff326ab9d7

          SHA512

          f02b980e103b60e27373b72fdf696345b6876d93ef06a2514b0733d2c944c444946eadba7f59075c9af2e2a3aeb4806af7e928744b2a2abefc6ce6cf535d7e1b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          49024e54e984194ebc1d3444b1244353

          SHA1

          b8d5b4c1ccf7d0af6c386e786332992f66d2c5b1

          SHA256

          ee959b09a93d453055587296894082c4a93c665ec57c8011604ba30ce3d7c25f

          SHA512

          02a76e52c3c0fb9be590edcfff197bb332b24a8a88131406d4eefa06955ae5ea6a85f7de6f90650f0a33cf8dfb8d266d47b951dab5ba53cc857e936c22f69b8c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          955d126aaba317bf36373713c08378f0

          SHA1

          b1e6c660c94c2b40ef675cb8b06782dce489f682

          SHA256

          98e23091aa347bc38c14438726ef452f647d2839b57796292705115cf4d2412f

          SHA512

          7008315f50c87de41e3c74f2dd2482ae10e74b1f1dae2ef524915309c8dabfd5e49f733d6eba38e4b5dd923cdd0766aa8003ecc4b10da40a195d58dfc6b9503f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          aad93b7acb60b5ae8b0d49d57bcd25d1

          SHA1

          c5aa9814567d4be3e822c017225d03d9fcb9fd6b

          SHA256

          2b4728674c9ce5d2fd7163ca90e0364d2768b7b3361f73535cc55ba8b79edd88

          SHA512

          27de201c4be9a09a9acab235d7dc8dbca3774d1869fd15d0cd24a97f40e2c22e092096fee546484c83f29ca7e28c9bba1ba25aa790b77f81ce122872e424cb38

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\h00gt77\imagestore.dat
          Filesize

          2KB

          MD5

          635f517cb9bfeecb45bc0202b59b99fc

          SHA1

          bb483dc9275e8e8632727fd8d923f97d7a0bab2a

          SHA256

          04c7994c9ff192792f06467415515cb3764ef49c54acc2d6d33f21dde2e44b3e

          SHA512

          b7c40ae909b901acb9c0e8703d6ea537e7499096bfd89061cd149bd8d502c9fc0b41745c5463626e9076293f587548baa822c47be0a1cf58a13b153625ea8162

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZD2G7SH\favicon[1].ico
          Filesize

          2KB

          MD5

          112ad5f84433e5f46d607f73fb64bd60

          SHA1

          a8bf11f3f6099ca49d1cbf73c050eb7e6fbc68b4

          SHA256

          0f84307ad691800e391fccb42b4ba290a87febf001abedfbe03b34767d45e441

          SHA512

          a0fddec2cecc71aa2fe16eb01aa541051a5fd1b9f0feab18413007186826e81c2e582ec7f48f7242fa4142e7bb0105b29d1f11f1062f96d255f743050c97b65c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar13C4.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit