Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://amendbendoz....

windows7-x64

1

https://amendbendoz....

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231130-en
  • resource tags

    arch:x64arch:x86image:win7-20231130-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 09:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://amendbendoz.com/installer/host2.4/9e11d58.php

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://amendbendoz.com/installer/host2.4/9e11d58.php
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1436

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          fd5a1733f8ee3077ad1ce052a097885b

          SHA1

          2d0152796b7cf5c58c9ad6e93b118c3a3f5f23a1

          SHA256

          6c7418509110729457f8e225dd2308bf6d174d24863ef9ab00e7d292f7293a4b

          SHA512

          0d358c2fa0e8ed03e6e8fe8c8ab17da5af15659587452a53202d32f993a64f70282c1a2712858eff6e6c9b9870a06451cb4fed1ba5afeb178307bbc95742627d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3909d161231fc5d77de684a2d0784d5e

          SHA1

          85170f2bb445f58edee5307bfb73fa732ced9554

          SHA256

          1fc09616ae984f707f69638ee701f1caf96f20c8b2b606268161833ebcc1d251

          SHA512

          cc197e48898f83986012f538b5a5d18d07f71724bcb7b62c9b9db4be2a1abba50ec98aa97216b37e2cca53421d01b65bc56a2d1f202dadf577ab24dd7b79097d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a530d83b81b55e5c09458ab96345c6eb

          SHA1

          48212fc6f2f17768a4d8c9019c371bff767335e1

          SHA256

          eda77760744d3892d184e17d5e552c187c345383ae7e5791990b8e94fd986d19

          SHA512

          beece828b303466976d59d14cc08b48e5e349a5e58761239e703c24a54f5a94d0aaaa7f33613b57f28db2b5fd6da613000ff1e2af0d89fb9ddc9f3e46c1e0781

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          36ef4ae7ad356c627e81af33d7830f96

          SHA1

          a572141267952b6a9e4618e27f59d752b9f1c869

          SHA256

          45f489097f18351f253d8f1d1bb3bbe78d89120b6ae8faf48c8b8d74ab5e9d27

          SHA512

          667230bd350cfc0c2f4cd11078c5547af57365075e58fea25a5762f5a7c6043c6b9ea2416dc599247d9ba76395dac83432ce139ad0ab59a7c8e08da36179e3bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          32ba5795fada19be69f9c9c2e293e022

          SHA1

          f3f141f8504117eefc4664ef0e8175035df9f93b

          SHA256

          bbfcf9f1e5cb542189f11d4e777ded586b215085fa68f6d5f13061dbe9e67e14

          SHA512

          2b6337ecc0b716302262f8122052fc89d19fa01e6fd08ac0ebb93facd25cb355716273e975ac4d5f4f685618561fcbc1a93c38951ce50a97c16d4aac23ef11d1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          09ff5ae73a2865e1674b0a1ba49c152d

          SHA1

          c89b0485cf3a51e26d785543c3d54be33221c8ac

          SHA256

          03950dea949dc465a74d5b0dcccdba0c2d4f22cfc757655a8951e7db6e5c014d

          SHA512

          9b2686df5bf1347adcfcdb1727f1d59912a700da055ec1674fbfde563f32307300afdbe10fbeda3d6ba2ec8d925518ea7d89f4d21daabd4f93673aad06eeb7e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          338f2a1e4e8866e43956e05012bcd8e8

          SHA1

          8bcf33ad922f8ffd79b0180fdf0d14277d3ab0a2

          SHA256

          fb030d4b72b7ac9eac1bd43c997aa7416f2e7310ead67fec8475f3c71caa54d6

          SHA512

          b29a81efc8bdf9beb9919e84d7189a023bc6a31b83b162703c9c39a8a4300d48dd6f5de81639c1af9e8845eab5a52e891e2d647dd1797638e1c69ad76bf388ab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1667acb176484030f1ed29a45cc97707

          SHA1

          acb028e70bb39f9dccdd29e12c8b9baf80eb4a94

          SHA256

          9b2c47a0d1eb8694820d7fa643097715a94bc2a12cafa909c3051e73ffd18858

          SHA512

          099ea8119c927a76197d012eebe2ebd4eb2ac7077d0417946d813f12cf1c75f4a53d637fd2130c50d1ff4a947af56b45fc08eba4d3e5ea913214019099f2244c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0715e1515ba98087244f907354772c4a

          SHA1

          f33cc0a4791b8671c61d3cce7436527359fa1ff8

          SHA256

          80c4e460e76c7ba2137980fbf8872b30b17d8a91674ef71ea43e243fb6aaa1c7

          SHA512

          519a33f3b36f4c6cad8e1dddfdfc9465b8316615f0a8abcc2082d47bb65a57035c1098d4db6cd1695973d7cc0a6eb0a806366bbd9f6f6223c9a1f1035aa5ade2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          acd317b128f23664f9650ec700c390c4

          SHA1

          2cc01480716d393a49f215974ce89fbd98b2e9e0

          SHA256

          2fc06e99db0134acb23de9cf619f558d6d262cc0f272c6b240e9f2e40643e459

          SHA512

          ecef939d89e4948e14eb31ef715361ce5db27225f41308e7703f08662ef51e4c8c4d5853228c4413c4426a832586872de0c84c475c43a5cfd896c2508149ef69

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d5fb2e7f27d6a47dfc5807c015a36c9f

          SHA1

          378367f1230951dd2f4a4425ccf2d32105fbaf20

          SHA256

          deb8f7a84cb8c305212a18f33d4e3f030bcb0a07f989137fd12e0450283ac3af

          SHA512

          0a891f667de28663093806200ed8056a6c1afc3df921eee71ff43274c5964291a608b81f8ceb3f429a942d22357c94539dabddcc8b20d87e7296986d5733323c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0e6a697cd64f232a59d0ad465fcdc938

          SHA1

          97e05218fa0b186f2e165067883ba9b744089d81

          SHA256

          e784db0e0ea4022fd2cd048fb7bfd4bd56306b17d7828d2cc8b10b3cccfa61d8

          SHA512

          52c2742672f18c517c557e2b94f8ca4289798b7e09f7406e869366351bd2e827583e255225d8748c003bf0b3e8d218bc4821774f2a4fbbaa61b239c923794479

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3f2dcb357b96405537aa01e8d48fb260

          SHA1

          b55ebb4b59c39796affe760ba8260a32b77e6fdc

          SHA256

          49aa00689d8255368851e621eb987c979f8e6c924b4ec4903030fb128d27cdd0

          SHA512

          3a7e1726ae8640ea8e1632e8ff8c3044f182b1ce1c642beebd17a323672bcd44929308e96effca235b1e429c654d794621197d3a017751647b143aa18db9fb76

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f98fd39a2463c9130510004e1d486d15

          SHA1

          50e251e21e10acef20e99333280340dcd4415a10

          SHA256

          2c35e0b2181518035f7512c2b9ee23e0e9261d14a5ae094bd9649009339d1b1e

          SHA512

          5088e66dfe3ebd52ded13306fa61106fa44c2e35122f84b967d56e72cae8874a3160325497e587104ac43c0a332d7adfa3ac6a344f16cc27f15d996e595952c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c1464fe8366962954677b5e4ac90e312

          SHA1

          b292c575815a233604abc6063324668cd13a4d18

          SHA256

          3baeee85a969bd0fa6a5d11e38eb40aaf2be5293a774c9e399f798211692b742

          SHA512

          d003de69913a7af73288281e70eea51e0d9ba7f9ee253a06f3b3e554730f674fd5286ec05d7969de1356ce17d736104ab636225bc89397d3b35eb4eb65db3560

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          9566b226e6da2b7a64485c10bd81c0ee

          SHA1

          9a88a2afb4bd408be514910e9be9f2920aa8030c

          SHA256

          1a2d230a1e2d7efa23fdaa53cc7716242b61b43ec7529b00fba4302b4d47ada3

          SHA512

          f5ecddc839d424d7c67c3d5cb08430a3074c7d34dbf6d43d166f816049e875131a8805455f44a1d41410cb731c01ed3accc2f1acc7c7c4da105c573ae4b92361

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1EAD.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit