Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://govatoservice...

windows7-x64

1

http://govatoservice...

windows10-2004-x64

1

http://govatoservice...

android-9-x86

1

http://govatoservice...

android-10-x64

1

http://govatoservice...

android-11-x64

1

Analysis

  • max time kernel
    161s
  • max time network
    179s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    20-12-2023 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://govatoservices.org

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://govatoservices.org
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0112b37cc1d1ed0a6498a858452d4f8d

    SHA1

    0ad2cc4e9efadcef6268a73fe33f8275a2877ae2

    SHA256

    64ba132a9a594d1f52058a344ac027a28e9ca2be31a1ecc7782a942dab72a0c0

    SHA512

    29fa46cfc04b49f672c582f2a06a42f6d922a56b09408f8250e23f3f4021075fd7686b08ce0656f598c2e9c93e3bd3048efa67eb316ca9752ae5f9f0847fd8ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    760ab670e7f312031dcd6e723065aa66

    SHA1

    561a146542fc7141e1cc4a6c143874353dac34ff

    SHA256

    5e98b92f480a3985c4933053e571fdb77003a2879183e4d876b1c225b1869c15

    SHA512

    afdfacbeab8791b7be26b9f5ea2be891d229018627e65260e216f0ce895d6d31c762c867917b6388f5cd2cad865f0a58d530b9cad25f0cf8ecff56742931eb52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e50e7b18da1f76524ebc9ed2dcb9af7

    SHA1

    99029a12d6bdf416f5d8698bde09f82f066db173

    SHA256

    5b8debd402f8dea1f52fdb450271ef508611ffcb2221522a9b767db278d57ab1

    SHA512

    eeba1da95d1052090bdf0d5ca6f2c38c90bb09d07f17f2def9f78cdd1ea465e8c3c48d62bbf37b07ed9fe151741fc726e40ce804274f2daceb5bb8b01eca0703

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a308cae5b0adf5c91a9dca3a3c73e86f

    SHA1

    efd10eaad4727afd24d079a5a2cd62170394103c

    SHA256

    0d67a34aa0b213092817143b672aed8a9e67f0086a6b845432353df6356fbb29

    SHA512

    ac84194a36fa03d84e76697eed12391eded0f7a9380e1c575ada898f47f33e4f51704bc324f7ba6675e579bc6737e684be6d0ad4790aa25c2c3f7e2993fc8636

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dbdd49e15f841c712fd4388615a62ee

    SHA1

    a9699f415a2c117aedb2c1358679b7bb4e11e763

    SHA256

    3e39482fb9181173fed415a3d2aeabb39ce360579d6a573f13795498d0922937

    SHA512

    45ece54d537e6f0db5c900eedf22c13582638059293aa28c273b25eefc2ea000974040aaf86ac03d0d3b5e7e05559f32778ad4dd128959943c64115dbf0000cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbcf4d17fd10e76fa6ceffcddb224a36

    SHA1

    534e3f70ed2affe845ffd4db78fbd316bada7037

    SHA256

    3c37d3654012adfa61230eb59fb0b13d68085e97c44561b0109e0eed2a276ea6

    SHA512

    647df9dca1654698df5e0d9a1ef36c82a0a5e30a3f30db9e3c905ab46580c71af3852b7d53689d31fbd5179acf8236edd1ae52909bcd8ec80db7c9a8d668f69c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f642c8b2351cbcc66029794fc44526c7

    SHA1

    1df3c989aebd601551e9ef9a71de4fc8e7f8f5b9

    SHA256

    e0535a22b61abc438a0364bd17c81a08f0c764f9b85a61a7d82c91baf24daae4

    SHA512

    45cd0b204d4a2b537494b5066628c0542a5c0d6d9139e920b359f35af8ddee109f28d0628681f7512d33b031be1c889d769e011cf7377ec3adfe09d7fb23cc63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c3783deffb166713316897b48093324

    SHA1

    59bc05624ec70a1d65fd3c3d44b4812c01dcca0f

    SHA256

    6da5320ff53d6854decf5d12068ebdc6e55f0d1aef3d348899d12b81e9671418

    SHA512

    cb38e59d9a1325eac8104421c35233a384b9ba7805b1e79398a9cb89b40ff7f5066bf87732e05721148d160fe19a818afaece70bdb1a0835243ab87aea104dde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b98fb5ad058479b3167194e2995853a

    SHA1

    05259a015c18b7fcd1c270192f52f9d5d0542145

    SHA256

    43710ef1729691c9825f046d844ae6dbaf31c457d1efd1ed0c2389662d892ac4

    SHA512

    c248fd7368dd5f66e6015ecfb20d4ec88b5d990aa45a09502f2d2d1c29a30a055c8e5e6b6abffe20fda5f47ed07f68994d73283fe09d9ec38462bc6615f81797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1765f5d1e43a4d5435b03fd132302456

    SHA1

    57f0ab4c8a19c8bd05a800cb16cd4fbbbb96b84c

    SHA256

    ca8dbdd0692b4729d32ac61e56098719d2153b87f362829d363c38783d2354ba

    SHA512

    e26beac2ae5ae06d68e777b4a83fc2f700d0cfa7a98cbd15778cd00c227c11c52b5333a4ad5e208ba4c744c4e5924dcf99e0c5fc51157b45929a330d4b128c4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e161b3893e06851f1b639b4a57909816

    SHA1

    79382d383e4789be0ad4af4d06b6cf74c563b751

    SHA256

    7c80b3bc792fc4fca3ee39ccdd28e531aae35f66fe7364c9dbea450d5ed03ee3

    SHA512

    2b7a7bdbd4ba8dae338fd14d266ff07901637baf310d084641d3668234bc59208a5952606b538c2922805c3b0f3adfb70cfcdfa0b21a6fd010e7a3c59232e73f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80637e7a13196de2f6275af075c74c62

    SHA1

    93df523b25feb991327d21d8e4695291350bd985

    SHA256

    931e8821fddd2e403a42ce188e5ad7ba01d43788a2f39d3493585e45cce5f26f

    SHA512

    5743b89bb6ce52d8dfb6e2f2be5a6ab0ab5092b3c413cb6a94e8a1c21a64c0f68204c0a659b84fc4ab714f46173d222ac1f20707b7fad93db90a42751d8de911

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06ea86f176e02d6668d707f6b3c46c44

    SHA1

    7908a596dd8d6fab97d206e43003655892961c3b

    SHA256

    3f0586a56bd7aa81eb0ea96031a406315bb370bc5d67c0d1e6833ecc04883fcf

    SHA512

    a4992462e9d9371fccd14ee9ec2d5cdf5125744e4da06375c2d9cec5bdab78ce372d53f01ac9c7484fc89bc704caf1323992cd73fbb0b1370cd6d4fea6b2b905

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c42b942cf06935247d41056f26fd9892

    SHA1

    a8ae99e6fd6d85b3800df6b35dbe470cb8660236

    SHA256

    a7050eb11a8d3c17c1c3fa510aab74e85f09d8113a5d238ffdf8b47ca7526056

    SHA512

    e6580b275203103e86fde7a80eae39fc20c3e7215c959f2f731bc4c14125e7a800fe6a85bce632be81fdc4a035d15c413a801eb624f9dda715785a980e35bd60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6849c20e1bf3af7e91f4fcd8229467fe

    SHA1

    d6b7370ad80a34e0f8b930bcbe2f39b51641b4a4

    SHA256

    471043a9b6ce3345522d070203fd6b5cdae2e1b2fc9d8f44070492d7b178bdd0

    SHA512

    deeb22d2e06ced39030002c5f7ddc886d6bdbd3064d78681fa9a27cbe7d1d0e885e552da363bb104e45f4b84568f88292b7ee7efae1b4c1887ff0e417a8b8871

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6033f26056747c3941deaa1d531b8070

    SHA1

    3a3acfb5f4a3c0c221bc00d61c4129e1326926c2

    SHA256

    c827116105bab478b7e8f3be6cae29a750bef46ce5e9f2ba6dcf3dddb6d22077

    SHA512

    65317540a9d0707f069a72e63d6f0d202f15859a8f19224195c2a9628b2e6f3583c7e12337410f33da04813d80c68c8e3e7090f9de38197f9e3c060c52cf0ceb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af10aff285854302effe2f4f87be225a

    SHA1

    17daa70fb7e8d6b0564906249ca2d964aeb56f09

    SHA256

    79e79274dc08aec4fb9e4b8c005a737995f00eed4f44fd2a7f6f74720bfb55d2

    SHA512

    0b42a5fd6e35a99dfb3d9b4eaff21438f75a798fd9bb0ffedec0beda8a39d5e862c048d15a40b999830b0ca524c56ffc988630ce848836c125453c2731548ea1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c230675775370cd3dd709e955f66b03

    SHA1

    1953934e8392f4ad5692ebc1b96a0ae28cbda73b

    SHA256

    fab39578670f20ce8f9c9e05825058d4385b265c119df87352cd1a93756d46cb

    SHA512

    d10d7634429b8a542160d2b81add5bcf5998c031f591f7731cac5c52f12270a63e4dbc49a8e9f52a6120080236de1266e56551236aa7248a23f1bc1155f2d8c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bf1bf8a6bae5f42c8e640f28cc7506a

    SHA1

    73e4b06c07435a94df01acfff14921e9bb3b0e1a

    SHA256

    03f2f6cfdca6421d7c158ba765298685fca52fb8bd54ff19403b5ea82564809b

    SHA512

    36ba9f2618dac7e550e024dd534274f9800dfb0037353baa96437fbcecf71a6dd6109f583a16f34f60f4d25508f0ed1e2ac3c320397409a1126999bbf7ed6f64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE523.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE593.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit