Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://rzr.to/hSeaa2

windows7-x64

8

https://rzr.to/hSeaa2

windows10-2004-x64

10

Analysis

  • max time kernel
    722s
  • max time network
    818s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 18:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://rzr.to/hSeaa2

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://rzr.to/hSeaa2
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1620
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1620 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2876

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d04b76778816e5005fa3324bae035086

          SHA1

          f816c38c4673e5cd60a8ecc3a1bb5713b773e91b

          SHA256

          e5c7bc41718832f338a14df76d0c349ca7e5b0360868f67a27b446f183752c94

          SHA512

          2822fc60cefcf3a299030f62fb3cdea2cc6f411cfa60a25460500c594b0b96d71bb383cf587d605219705e1d6aa4370976fb2fb91c9774f35ef9d025beb20e41

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c13b550d5dd46a12b6531403d65a4c7c

          SHA1

          9c313baaf3caedda8b0e4360de3cf10985c42cd3

          SHA256

          32023f8999b855ed762cff220dceeaff116dd5ebdabc7ee01fca185ba4ca03ec

          SHA512

          6e7322bd34ae82d09bc019df381aa0379d1a25890a26d1ffb93bb64610f8faf2ffa67ead3e45c9e2a6a6ca7e84a79ede99e68dc42e3e97e0f194311174b5c075

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9220676c035dfdb9a2b250f7062384ef

          SHA1

          8204ea89216f3909c1e5c00949044658bc6f25ec

          SHA256

          5e3f4808022b2b1c0d3f3b2df0c777539f7f0017e349f756a98d0d858e734ae0

          SHA512

          25fda5ee3e34c5b36810a179187169fa36291d68a01162ffaa7763023dae34a0ef2c253428b24d724897d37023bbf5ae68a37efc60846e37c25198c20c522bfc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d13cd5df1abfd2fabecf91cc646521e1

          SHA1

          c3ca313b490a6cbb687319f100440705e4681bc6

          SHA256

          4e68ca6988d2002b79a9999dd081f3f57d128a2f530c7c62b47c07ea8fea2ff1

          SHA512

          c6c1da15faefb7c5fdf16bd9890ad538a66c28c5836e8b190a2db1a6a29f15a78854df47a6280dd8356c62c2388aa583e3a32e46da920dc74fa6bf1726fc4182

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e9b234a202930eda3993fd5843db06bd

          SHA1

          e27d32e48be58e705668145a85ebdd40623b7846

          SHA256

          9ba2d497cb217d6634d14868c077c1f29880342dc331dae1e8b64c431d9055bf

          SHA512

          b11fb784dc5b67abf6df345553f9bf4e10b5ede334e8be9d8b495c061ef6a6a420f9dc2216d9d0c338380ab045b18e35cee9b0d5c447c9d93964b1d30bef6b71

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3b3be77b9e178bc6974c1788db63a8db

          SHA1

          75fcd023348db0f984991a88494560356ce429e0

          SHA256

          694e1107fc16437df52c084189df46e16fba20e37d4997157910cafa99f94e77

          SHA512

          f3bba7e2b912735b39fea017f242dc184f81c25371d2cf11cb329d64dacbfc486330d5be152aa38289477e1341030ee51c69464959b021ff0aadd9c4e495366f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5f9381ffbfa016ca50b7d38d0660383c

          SHA1

          95d0e92bd2539fec119746064601b2267ff8e445

          SHA256

          54a7247960d3c63592f6ffd4f632a9ab05f021b21c52ebf124e4c39bc7e2cb70

          SHA512

          26f6a58d46dc06e7190d5cee7ff1a198c1f39f96bec7810e65a46c07e91a331945d12078bb5350ca2a89d46a8e8e8e02303f9663815564fc12d98891cf6a581c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          99c13621d8d144a5f2f0b350ecc1f3da

          SHA1

          435e07bc29e480ce643ae78a53330dd10956e07f

          SHA256

          09d280bf01a79a65c5bb74ed772cc0bd3deeac78e40003b7371cf5c89af84793

          SHA512

          262baf72820f05c0c44e87ed0e7cedee447a47559705c45180151dc0bb8de16cd3d83ed33bbb35ac82de4d5162e6462741d06638abbe6bb72dd31226c8c15910

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f9059b8fdff57a55695840b959b4a09c

          SHA1

          cdd16fe9550552631595cd961b52cf1d4631e2fe

          SHA256

          eb5ab93633e97febbc511c902799934ff1394341364999dc4cca802b6cc453a5

          SHA512

          824dcfd2ba8e8e5c261f32ad5c0f56342d211f33941a432d44d545f2ef97a00b596acb3ca6b793c9e6bf5be4acec06a238d5aa0ac310993479baec30db1d17cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e0b2f6700864a9df4ffba8addccb9d49

          SHA1

          8b2d339dfbd14f09553e4265f99fb99194bf648f

          SHA256

          83177fa7e0422b24ee6f2f8ba7dadc4cd9d8152567cfee3c20ab656c7367812b

          SHA512

          fd803f48f49fc82e5d18ad6ac2901097ada3b1390e39c53037e61f7ca67e0083e111a443239374f0ef6b114addd70233501a83c7882f447a497e50a50ad39a49

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          799ada96b18896fe154a0c77ac9f6e8a

          SHA1

          3c06799e51a23ef252f93127e83c29e805637c6c

          SHA256

          2f4db6321a2c500a628d1da083e8532a53f9968b6594d0c22b2fe53c69eaf314

          SHA512

          5b77bbcdc4f735faa6f128373695c8b7fe9a7b83bb043f33f52f1c784132642d0654f1afe3f0032dbd89620aa2db0c9ded6e1087a96b5587ac5b56cea1a2f4ed

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab585F.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar58EE.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit