Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

windows7-x64

1

https://www.mediafir...

windows10-2004-x64

1

Analysis

  • max time kernel
    481s
  • max time network
    453s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 00:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.mediafire.com/file/h9zujp2vebdzk7x

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 56 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.mediafire.com/file/h9zujp2vebdzk7x
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4f35143505dc25bb389b49991681225

    SHA1

    67e65cd7fa03d6edf56b1ceb635e9beb65b0c8a4

    SHA256

    14f41de603b85cb20135a7d5238eb99b1739df0c9146020e79268e1c0fb2013f

    SHA512

    ab38330f58ac26eb2817bc821958cfc0912127ff39902d6cfe442a9fda8b638939d3f9a12e08da82df2af2a96bd7a8134be4bfccd69f692af095512164e5add0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f387f9d7b3b3f3274e82de0a63da384

    SHA1

    e68ecf36090eb52b310d69d497b17a54fe160d66

    SHA256

    6c1b7cb757c028990a30ad8fc17e12f1b99be40180395042e6122c5ecaf521fe

    SHA512

    7a90c961dc8bbeed44d317254c834d62f10dffc78eb5a7076347ca3726169bf9d7a212ef408736cd00c61d982ec3c5f56499351fcae85cd410922c14d0d63067

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b063a990668c1cd4124cc8be6d59face

    SHA1

    11878f688da88cf1c9f91b8ea47af53af08c0420

    SHA256

    1ff57eeab3f83ab4c03d4c461a4ec7a44699572811477da0186675af9e2d1c36

    SHA512

    7f74bfd7c261889a95b30184b99179ed68370016fc23d1d402827f3efe4a5231189e5973f2f13ec49d6b39a1d9f7e568cebc38a4d1d4c15f3e0df67841802beb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eae18ca3ca729e9fa69f293dd14deb9c

    SHA1

    f07723abdf70c0aaa79b40507d91deef0d3ef498

    SHA256

    98e0632b605ace8a1a21e092f7bc63d0f1f0be5c613d2bad8825dddc845d1349

    SHA512

    91218868fae6fdc7423c5e0c2f03a69cd9aeaf537a6f5466dbc03c4aaebb0615cc9b87a4eafc5e6b84c0c2d2dc5dc63831e0de717a88d6fd13215a75ccb3877d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07b2fc39ad3c9b05a0225b9f198347c0

    SHA1

    2c67cea9aa5d78f7d8b455bc5ed6342edf7d383d

    SHA256

    51a45616bcec4e91c836f59db73dc26b65073f8c8a6a2d9af875ee7f87e1c988

    SHA512

    9cc1bf701fa6b965dcb95ef28cc50de7cf52df12fad47f268aaf281327b8863c6e5900fd32bc09cd3626567c337df42a2f82ab94df50bea340788587dfd2af00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58f54fc52c73a1b78b1e621d6a42ac88

    SHA1

    7bdbaca8cb16c0a14ee388e5574c799c379a530d

    SHA256

    0a7c6637b778b461aee6ed06609d2f25d334e88b356e1101befda59d06f92ade

    SHA512

    a1223151a34c78dd4d40a5204ac8aa51f3d6c4c10d6e9982216f9566ee25f51facdf42cfe4d5059884b3d34cfc49850d8ae1a119cf266623929116cd46f0b630

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ec15c5957bb2fd296f88b7e72339ae7

    SHA1

    f9300dce161a3044904745fb1fd8acafdbb4c67e

    SHA256

    809776e67aeeff5e20541269ebf4af0cfbf638ee67b13176811d5e9522b909ca

    SHA512

    02736b33af74c1b4d61958bdf4c877a2e592e865bff03a89860a9fecb96bdd73699f8acfc441a64424b8e2363e2d84bf9737c90193f1940231e50f90368210ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f41aa78d9ab1feaae0d667478f6660c

    SHA1

    ab25f2b91359ae7c726215eddd6ca85c5a39e385

    SHA256

    46666fd58adf2e7ff0f65bd993d9ad01bff27c8d3db2e7074af0db090b441d85

    SHA512

    8445f9529daae215fc151812e600c3755b2b9647d2a59dd8d37f309191da8069d7354101f97e76abf96d7ac1bdc16c03413db244935863a895de017366e8b3a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20a0873685890defe9c55a873ad83e24

    SHA1

    af3733018e303f8b8a6115bda28b0b893c12621a

    SHA256

    699bb3c4116ea4e7e4f08b20eaded3985cef538b84646ec383b06e493ce223ba

    SHA512

    a03da8bb32fcb9ddd09e3cc6e9d342088de1ae8011e45e665327cb67c2c893c9f6990009930281e25c78abadb9b5f721c13a2c0461e0e259358a5934ee98d4e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    271c3011608c669ce38a8ea405926aa4

    SHA1

    8c35319d7ec288c25e10f2dcdd8e0677595774a7

    SHA256

    1878500606ec261077ed610f129dbd7e2ee330252f41e157a4cb752634e96fd8

    SHA512

    fd08a4c18a38c503c0a3cbcda1de1a807ad9b54333b2447f116fd1a5cf034f42bf69d83092fad1c7b2ff2021e10c7166ba95a3ce637a1bd2dd4e973be11662b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32d17f68a3563c27facdeecda3d82ace

    SHA1

    145a44b714e3ffce87e17baf1ca0b9fff265f60f

    SHA256

    6ad6985c5f796d6a3290617f84603b2035c2f7d5d63c59add71ee4c15fa3d59d

    SHA512

    112728633445cca146132fc90234ee30418b189e22dc57bc17cd645075b02979eb6a84143f14552c3271f61eb19f299c698c7363b1190bebddb08fc2b9877b64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78e0edd342f1598e92e62c3165fb0472

    SHA1

    06aa9d68fd93ae5f6a8fb59621a448d7951a95da

    SHA256

    0ec343ab0c4020e222913a7cbeb20fd0c5bfd43c9d10f585e9fbc29ed0cd5d03

    SHA512

    ca588fff83bc567b8dc2c06e09f43a4225cf70298f71ab9910ef3db7b7f6b9971cd812222293aedf99502b5e95ca98251b032eaf8e23b3bb355a48d3ec020fed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc2e006f4f2a6aadb3b23dda26acd18e

    SHA1

    774e3cd8a679ebdbcd470f8a9c8da6ea5ec567b2

    SHA256

    9f18173e6fec5ae0ed38ff7a002f353f7220aa2789f54084b3ddeb8f14331fad

    SHA512

    f48cf6e294c415bdd6ead82d563a746bd7b958ac4e8b94242cd648774495e68b447bf8c299e3091b5d8fe62de776e9665cb74056a0b39bf7cf99475cd51f2ea2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2436e731a22f2729d1b7898b82d741e7

    SHA1

    be69b42ceb7142734e650ce3541c9245d98183ec

    SHA256

    43aff8dd8f75cb786a7b3a084ce8b04a34480d97933b856a3c1c7bc215efebf1

    SHA512

    e4b34f342ef5e72c31145c06196b57b5af70dc7deee7a8c2707092e3f0a77cffc219bf18e38d920fc6e5ea8bed5eaffeaa72f9192c738be6de26c02bb4996ff9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6319169ee434692071f3341c1e1983fd

    SHA1

    1f56da5ca0002cdd76021479e55d153e88b16b56

    SHA256

    e6733fec74088133166a2132db1d9a8d7efd62a87d91f296fe61c9a533c77343

    SHA512

    3a020e7e4795ee479014b243d166989f3085347956df57f820179190558879ff0212d5fe8ae6df6753a7b7cf5b7332b001d940b5f913e95450ac1e8db94a6335

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f25fdc08a78f66b93b1d9e21779993db

    SHA1

    9f5f70a15f6eec7fbd485c4eed60ccfe3c5db336

    SHA256

    d3526a9224455eda3b61c160786e69f41d63a9792a17769621f453da43c19bcc

    SHA512

    5e1fcdd3cc7c27c72cc1c7c61fbe67c27de5c03e383e7627dc2facf610ad5e8b0b05fe383aca3d9597ec461c9980d9ed96164c45f4ec09ceac1a4363b232bf0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3897351058562a4028242bea20cf3679

    SHA1

    32e339e0361461cd75375db05fd4f212aae895c1

    SHA256

    82e5f3476c9cee2ae20c3bcf7bcdae1b3d991aafda8b302332c615fd4225980b

    SHA512

    f7623a981421bc2204ed8f8251e98151e0abedef2ab21ba430396dadb231ab0caf1c94277516adf5b832ede4fd8b3e9a0350a40984126f8807a6d75159f4d8f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23ad48fc0661e181f7dacee24ab971b2

    SHA1

    64a913f9f5921d76cd09bb9e110bb2356b40a872

    SHA256

    92e93246c01550b38b806dfdf35be5d2541ba59fc5c9acaa679a9ec492ba8366

    SHA512

    b866dab28c2af7d34ef97bbd2752a279ed1b6a0a5e95299ec0e52901ed752adf0c3e6301ebc7c88565edb61caf0867c47c495e5553de6f94c22ba69654dd1fee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I97UBRGF\www.mediafire[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I97UBRGF\www.mediafire[1].xml
    Filesize

    246B

    MD5

    cf43efab0d68cfb438e9af1b026dbfe5

    SHA1

    86004fcdfa77f75d806da713f6a7bc886dba42c9

    SHA256

    8cb94e3d7a683201e6891566e2685d89e690e0a0968b201a4b4356c4176548d0

    SHA512

    6d1f5394f9c4518284ba15e95a6481e22cf40109b870691c37b91c69e167f4f6c8c798e03c3b7235587cfa46c9eed379eda04cf0ef921fe9358519f8b6809b87

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I97UBRGF\www.mediafire[1].xml
    Filesize

    246B

    MD5

    2575314ebb2195ac40bfed18afd1b054

    SHA1

    a18e2549baae25bc57fdf90b46004f60f5e1798c

    SHA256

    f44761d0c78aca44cd0a421bee81bf4cfa6ef8f48d176c808f099b8f95219653

    SHA512

    58a95ecbaefc516c77137923ecfcdd65f8e2657228e8a844bd1e3167a9dcfee714edb8e41638a4cd3bf3cd710054ccd6df76e8039867c4541bc91922a7723748

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat
    Filesize

    11KB

    MD5

    38eb5078b4757728e4a14a58f42d1df3

    SHA1

    1b7ea8cca99bb4c48696da46c76b589d0e5d8ad1

    SHA256

    d877b3ae6ebd75b0f3162ff925d6b21f561296bb332c4fe76089e609a325c582

    SHA512

    dc951d3d3b4144c86f4dbbf6c0524311efb286c6dd7090a2c1b71d6009acbc1263e1b3339de84366853de42c0b4441f615a042c3efc72719100545b8600a65a9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJYZ6B5\favicon[1].ico
    Filesize

    10KB

    MD5

    a301c91c118c9e041739ad0c85dfe8c5

    SHA1

    039962373b35960ef2bb5fbbe3856c0859306bf7

    SHA256

    cdc78cc8b2994712a041a2a4cb02f488afbab00981771bdd3a8036c2dddf540f

    SHA512

    3a5a2801e0556c96574d8ab5782fc5eab0be2af7003162da819ac99e0737c8876c0db7b42bb7c149c4f4d9cfe61d2878ff1945017708f5f7254071f342a6880a

    Download Submit