Overview

overview

1

Static

static

1

URLScan

urlscan

http://www.firstam.c...

windows7-x64

1

http://www.firstam.c...

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 06:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.firstam.com/agency/title/agency/sc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.firstam.com/agency/title/agency/sc
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    797dff97f0baee50e5527bcac89530c7

    SHA1

    42f5a5336cb97982e10eb2db740cb5c98f4ae432

    SHA256

    edaa416e795da392c2cf5a04350f02b5c21ecd84bc7a795663eb3495e639cae9

    SHA512

    6008be079df8c9e15f1e6a1dcb97dda1996d32fa2dc4167929b5934e040207e32d2144ce6c72fc132403438c94751ed376ef854d72b1fce3a799ed12d5a0ae1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea7ec7893a77889a3fb354701918503a

    SHA1

    67335b60a531ad1385885b76691f043f1bfa0070

    SHA256

    c2b491873702aa996ac57460559c95fe335109431a3e9a146e0368cc843929dc

    SHA512

    b8c14630acfe4b0750734a3babff13be6599f5849bb86e1a0121b7ba395181881de4bed1d65272278453b122b396b19165533781af08def32bd911a568526826

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5958a4609bb76c9bf56a316f0cb4b206

    SHA1

    124cfba93ad97a626ffc6162e4530290fb1adbb9

    SHA256

    c3243ce9ad0d3509944265ecf4a94f51b0437b229f13bebcda9e97c5166a4c6c

    SHA512

    eb1701db059e85891550ff6cbf38aee883671bca90a8ed28f9db7cb0b43c4798e50bfc1eb77d31345176e3c326abc0466941e2657803574e52e3f967b993b075

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cbbdb6cf099be64df7f94e58860ee42

    SHA1

    155cd1be4d6b21c541e0973905a1f43dec9d84ed

    SHA256

    a1de6a1cf6c4a886f1c8f7e8774e35618b4c6dba8508a551d7e2f01a31ba8f27

    SHA512

    6516106996bf72cd752ad01e14277aed90111daacc6d66a38bddd85074857f63695898a075092599ade3a784fcb00df3faca97a336414acb372bf210a05fb4d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d92b9372f35bcd754709a8932bb2d127

    SHA1

    818d52c145296622e4ff080ece2f4769424414e6

    SHA256

    15ad4b56390aea139c872d5600be822ae453fde230e2762ded30656684138126

    SHA512

    292bba69b70bf60e4341778c3371d9de1ad804bcc5f7924e6e50fe65b7d7a218c2c765ec697440c3a6c4b4fb7487eabb51a6f0ea9953778b16581cf96dc82fd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ae93fc9e7058a7e689e18ab043dfe15

    SHA1

    aeb51637b9ee249ec00e310fd4ad4b8a08fa23c5

    SHA256

    d48133cbb090fb565eceba15faf33423a04194f2c7c3175473cf1d7fd7260410

    SHA512

    7e1e8c18c6154a222616ba47d31197480c39a049820399fb928d998bc8f639bfd38366f3697c3d18590d3531bdd93e64b6dbe899d14660df0c4d867743417cda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d1de6345ea324822962ac9e8cd17627

    SHA1

    070228a0451481b88ef8158a1c3cd4059e7e0c1d

    SHA256

    6c0458d26fe42854ca57be051b9ee9535f3f6d17dc58879ad5766b429542333c

    SHA512

    433f70fac51c6c89f6ceb05efef7f569ae5b75498db42998277da220a150c346b1e2d76ad77bfd4712c9964c02a727f102cfc59cdc8000fdde8b4299e706bb2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    712d1379de3b3f2b736fc8b05778dc65

    SHA1

    db05a92d041d497332d38be230fbd08947f71e9a

    SHA256

    048e812637f64603bf4793f480627824dc8f7bf91b1f37cd43a7063d0cb09730

    SHA512

    097eeabf27f51ba1f466f00135716d879746fb578fcab0f11fcd166e4bde3a307fb03a89977a2f3a754d960ae2f6d44593bba68a42b249173ec6442e0dc2fff3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5000cdc43a7aaba3283ea9ee70aa472

    SHA1

    76cc6712f0d78e869dc60398d776b81613fd1837

    SHA256

    4afca29f5c7b919821f675c73287e2671fb8ee91b44e50bc929a5e42e1beba86

    SHA512

    b9e244672b0a8e30c3bab94e58bcac4e173f5584f741eeb622133c44f3cff032167e95cd2ee87881f8a69aa6b3886ff321fe6921f057d91ab2618d92a5bc27eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6411516123f79df8944f37116062925

    SHA1

    27efcd5ef8adaf3f37f38ab99dcb55019e6b00ae

    SHA256

    fd421ea4181fdfeb1a749b5d183498e126853b15f5f3185d95847e6ac1eebd45

    SHA512

    2fd0b87d28245706d45285b3416d31951cf1178da0e37ec11e256072cbc196930a924248b03aaf5360cef03adeebe931a196641c0041f6df3bde723c1fb76de0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a8cae5bfa0debfad0a87334cbe0b8df

    SHA1

    b65003055548fc5d1bc81bd301b75ac3511818b0

    SHA256

    43e599d8fa3ba0538d2ae585e484b832f54ce55ddf3dbe4d4ae2b36c8359fb0e

    SHA512

    d6d81cb512e10102fd365fe6249770ed061900108895143dd7381b62aca1c8bd30eb829e68b70135e24f73fae10530ee02b9023a57710b9a5482b54fe74c4354

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2351b924f691ca6c8c73cbb52c99172d

    SHA1

    0286c9794b33ef232a18b0433ba21c3633dec281

    SHA256

    b4702c5b267f970eb9cb57078dfa977407470398380165c54df685ae7b6ff232

    SHA512

    a44cc3d96a7c35fba7750ecf1fafb062b07317c9eab2c2dede1a4781cb5d7a63d282d75b0eda9a40e8b57a0d9706c2e97cb39263c4cfe936776b14bf90cda09a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c4d7cb1bba7c87341d5800d01f688ae

    SHA1

    a854b07df7415a91b53b33007d27ff2b7ee05492

    SHA256

    8dfddf984994d93b8d6e1bba8945b0abf08ad84f11abfdff01460f0b54529dfa

    SHA512

    e3b120f8bd6abe1ba60c0cec4303578237cf91065d9cce5c82702aa2e46c6031e2a9a48a31c897caccbc67ad663da112fc3cde5332b341cf3d7b3f2f15ce0f0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06f21a6396e6d7beadcc2f0fcae808af

    SHA1

    a792fd9ffd73240cdefaf35d9b0faf7a976c448b

    SHA256

    27cd94f6a5dc7d975f57544c9084db7089790bd52cb9f1b5d71171dc5a064c9b

    SHA512

    2752788bde050c2e50e22cc6fdfc993dc4dfe7796591142647e70e033f6b7d2b0250523f0ccf17c109a0afad069fe5e497bdeb3d37c4a1ac94a6800699ff4d74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    617495f9d40b2768312cc28c69100ed1

    SHA1

    416f011934177dcd28aa495ad50ae7ee9f46447c

    SHA256

    acfe13c3d32f7762a703a5e659a0ad53e3db525af5dab0ee2dee62da881a690e

    SHA512

    9d064dd3a69dcf2fac19c1537d5c2014fb87b3a3129a4a389fdf5f1b68afee7840627e2e5ed9ceac1f89308557dfc08cdea12151cffb42687b5ec1beaaa55158

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1d11c8d6301db6231ef0a4914c8c769

    SHA1

    503251c131a9ce9e9777ee86fb56cbe0ae093348

    SHA256

    17b725788150627d6a5a3af246192a6ea011aceaddf4c886d9414206a7f4dd01

    SHA512

    752bdd3cd655fdcf08540bec45c2165c73eacbbf07f8444298c867b283394b3e92d5ac3b79ac2791950ea2ca7590d193503f7eb91653195f4381e9c0102807c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25f1251d4d6e5760a49f00d80ccec6f9

    SHA1

    f86a55144686013b51e5f067b338101ac28819f5

    SHA256

    b0864ac55b0a940fdca86c576a1332c044db8f530c5d963b2339e0daa47bd236

    SHA512

    4b68ee6281fff456f0122801265eeaa54e9c0c51cafd88cf863c6d98a89f2155c9dfcae64dcbc3e10e1549da6b8a4055029ac4e1cfb2fc3e8feb241557b221c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB31C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB3EA.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit