Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://filetransfer....

windows7-x64

1

http://filetransfer....

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 11:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://filetransfer.io/data-package/vpQ4koWP/download

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://filetransfer.io/data-package/vpQ4koWP/download
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    0bbc2adfb4836cfa724fa9e1229ce8f9

    SHA1

    7e9e2ba6e589d3110f0fd5eece7720f68e08ca8d

    SHA256

    47d4c021b4845699170ef3e45d134b5c57e6465693c6b7c860f527de09e85b27

    SHA512

    160920d50225c4aee533ad6321f7967fdebbc358e0c287331278e91d68ef5888f74f111db7331a185fb9a27ef0edd9cdf2001000df5449dc0fd74d54d35e9453

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f868693bc80fd55ac4f137997e350f5d

    SHA1

    dcdd6699e6059ca1809fc32f4d57a36acd01a80a

    SHA256

    7c0092a55462fd6be7a11c9d1f5158e42f4362727fa9bd2145e81413c06cde63

    SHA512

    fd13d7a50159ba013a74bd43e5034538a415fa27dd05586ba6e3405c9b8479b2c4d5f6f53899f89c471d1d2dac238004cf6d58202efdf465540d29fb883bc06f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6e3adb523ceaee184051849366a96d9

    SHA1

    51f89f463d231876cac4551920901f751785d5c2

    SHA256

    5402fab829197e7988b10e19e8a62abf756c452ce0cbc2d580794b562c8c77f9

    SHA512

    3baac5df794352eaa0c01ca8850dbae16aa651b95bf3255b6220aace61a39bec9f72bf356f1ae66b4787faddb1a7033054ffbfc395f977cbe6aaa78ae3981c78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    782c87720dcf43a276a6c6080d039a0f

    SHA1

    feead5b4980e8096f48e801e641cfac2073352f8

    SHA256

    724ecb82ee571a286ec385f8714e083f539d9fe965c37cf429a98bf216147fea

    SHA512

    5020d57993b917cbbf201d0e0e584ac2cd604ac1282f5515655ee03e131aa4eff509c5230674a9b41cbe15bcb24c06f3e9587d6e64696b0d344fffb222fc7bb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    630244ebb331134bfbc1c0a81ea8a98e

    SHA1

    bb75203ff1841de5186e8bffe402b2dd24581f39

    SHA256

    4935ea1a5d26b7d7cf8103e512cbcfcacb3675987721a2f2f7aecca26b75196d

    SHA512

    1128590f6152cde7c970005a9ad9f0c3a66fd5b830b046f2643097ab92a3375329723277e60600be0e1672a8e86714ef905ec33998752e15143b65b8760fce49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26f89f1288714fe4903a72af000423c3

    SHA1

    21da86c85b6aee0725ff91a08658bb0c313b372f

    SHA256

    62b9ce5392a9e9aa970fcc5e7b33ed2f719b27039f06062b749f10135524f0a6

    SHA512

    f52ed1bcb04b33c207a61adb36c151a5ed0683b948ee95d05194f6e31fd6e75d09ee68ffe11439cfc28eb1aaf05e167367e1d7bed9c033e16d5f677dfbac23a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    7771448bda212c5deb70b54d4e7f14d7

    SHA1

    bfa63dfbd4bfbe88acca24b29507323819e9f4dd

    SHA256

    a29199b5f1ce82db617c1be5bc3c10ec75ddeb2a9503402cdbd890e6c1745fee

    SHA512

    eec27e67ab8ca95ff9ec8240760ddcf2678aa0982b1c2d6453dffe64d6fedf32594735b69e5f4dabfb374206d2185b20767ce1adb14f590fd396bce6c8e29c04

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\pagsbca\imagestore.dat
    Filesize

    1KB

    MD5

    414955bc0603e24ed2deca82dd142f30

    SHA1

    e3c57c1e19934c02a4601efbb03ceae44f365a4d

    SHA256

    ee1b01659e98f05a47895e2062c848368cb94df84618d1b177dcfd34bab79cfe

    SHA512

    37605b20d588d82241368fef43449c9a4ca7d7a07335450d962e2f91a2a78683e5a2fa30f2700ae304723152e1f587479b1555a43ff008da867907ff547aa017

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HNDI6Z3B\32[1].png
    Filesize

    1KB

    MD5

    e92586d1c87096975cf243c3dece809d

    SHA1

    ad2a63c7909b5e0e1b439cb236baef3e752fe93b

    SHA256

    1064095b485eeb2aedecc4adf6c8fa443eed10fa404e36e3270c188670cd5cca

    SHA512

    66321637821bb1f07e3410dc292674297c0b2627e76becfb1c0e92759df191296f306a88c5fbae9e1179a4cfee8c5e44432ea0084ef0c1a90c3932ece33fe425

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab395A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3AB9.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit