Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://u28850422.ct...

windows7-x64

1

https://u28850422.ct...

windows10-2004-x64

1

Analysis

  • max time kernel
    103s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/01/2024, 10:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://u28850422.ct.sendgrid.net/ls/click?upn=iZnbdU856XOSZf7K5KdjO-2FUSit9y3t8HMa2ZO7DGjRvAMRjOjRYS1p8ZIA1-2BOpdQRhxugsv0iS1ulG24KaR1-2BIEWvR6oT-2FfvPFR5n5fDobPGevfghSJbKyAZu-2B8Bh-2FjGQn07_mZxSWv31xVb0zX8Xwb4lntZJBLtu6RH7FWhRq80Dky-2F1eVQVZpLyAB7kUt3LNABP5VkWmuGm5IE6dp2p1MhCQIzmHuoV4bYp6nyLPiEQB6-2F0N231CpBW28TqPoTK4ffdBvG-2FcgvIDxjnaADyzYcnp094OWAvN7zi9wrp9OaAgXoqD232csosDlI59rtjjPM9KeauQf96AF9TuC-2BMUVyRheQjHFafAhqElX-2BPUuk1QtM-3D

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://u28850422.ct.sendgrid.net/ls/click?upn=iZnbdU856XOSZf7K5KdjO-2FUSit9y3t8HMa2ZO7DGjRvAMRjOjRYS1p8ZIA1-2BOpdQRhxugsv0iS1ulG24KaR1-2BIEWvR6oT-2FfvPFR5n5fDobPGevfghSJbKyAZu-2B8Bh-2FjGQn07_mZxSWv31xVb0zX8Xwb4lntZJBLtu6RH7FWhRq80Dky-2F1eVQVZpLyAB7kUt3LNABP5VkWmuGm5IE6dp2p1MhCQIzmHuoV4bYp6nyLPiEQB6-2F0N231CpBW28TqPoTK4ffdBvG-2FcgvIDxjnaADyzYcnp094OWAvN7zi9wrp9OaAgXoqD232csosDlI59rtjjPM9KeauQf96AF9TuC-2BMUVyRheQjHFafAhqElX-2BPUuk1QtM-3D
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:304 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33036b789b2943ef4d003eeca2a0c6af

    SHA1

    58d7dab87546ca90ccc9d1bf177fd8bd90ddedb3

    SHA256

    553898faa17d032bf10bc03b0443eb339453724817ce488776525228ddd9ee5f

    SHA512

    05e012a476d0e415de68c1db8414453d883238139ee04ba15a5f7e3c3308c37ec3d87616eaee113edc4a831b582016c45297721821d28b2c36c35c912548d845

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f72a98b6f790e0b4ad3ec71738f5564

    SHA1

    9f351b76c933c2e9cdd781ae41eca4c144afdd49

    SHA256

    768a6b46edc3c620ffb07da3d8ae92cb1eb91a6f019d4044408f83dc93bba9fd

    SHA512

    dbae6501afe4f7086624375ee0d6e503d388770941ccd2e4c970234949623f8a1497a369aa7b41866a1a6b31e7c6ca55d61fbe6e5279ab9b9aa8dd899ebb77d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97f66734beaf5609bef55fd32a30bc2c

    SHA1

    83ea50f5f787b1f8c30bc7d1232f7996ab51a36c

    SHA256

    f2a92d65fa484585d8ba3985430fdd161eca9849a57c3694f1263dc8d25c3112

    SHA512

    70330917c173c757b398861301e74888be1dcb18f6a6610f2ce3036e43919c4aee803cce75b59d84bb299c5282e2fa411af404e178413afce6f043678fdb8ab1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc2bcfe67464e8f28190dbd8488b8133

    SHA1

    9265640d30beac735f20884cedd64c9d17fdf3e4

    SHA256

    57cf69ea10ef64859ba3eaba8a934721e2fb14541582fb4a1d4e60b3a8e6ac56

    SHA512

    4ff09f37c4fba3a6e44453fe4a791b7f05e054868ea0769318a97b45f4594675ecef0519788427ef48fc69fa724534676308e152a9f73902babee7dbe7306fb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b4b075a96e209dbbe720d667db86230

    SHA1

    44300fd1d1c74dee0aa384cbc437fe306dad52d1

    SHA256

    71ef45b7e93015da609715aa89cb2ba964cfaf2da5f009365fae49905cf9141c

    SHA512

    d9bb5674646184b86f982404cb8349c09a7658a6745ad99968bf50f6fa1917c7dea526700661184816276af188ac3e9f914f2c78a1b6ac2691df93ee4414d342

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f79f5b0111c02650ad8efcbd28ddeecd

    SHA1

    02d5536f4d5fd11cbab03d2ab1673dc0379c36bc

    SHA256

    71888c0b62baa99ac64e21614c5a429fcfa6162a4ebb3561e6336f4697d2e253

    SHA512

    b11114697a4371c440e83965b0ff8667d23baddc104aebdab7ca8f8366892d2e2e1fde75844d5a8599d46e5dfbd4944051a14440f95111621992b4238d21b6aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b46c85aaedb9b4085704b89edf02391

    SHA1

    68b1fd743e5c56efe984599e04b08d54f38aeb26

    SHA256

    f2ca755f26449dd7842ea0b4b75409c40faf48a324e9fd680552cdb51484b8f0

    SHA512

    bd999b04d4a81a2f656e1b9c0bfddd7b7d4e1d073d07b11226bc31f0dd25eb90a6bf1b6c84ddfb878d4b0a660158aa785889f19066784b0999d521ea46f067c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24cea2409e0974204ec0d90fb3af8514

    SHA1

    639b865d922706c81c364cbfeec214bc99d7cbc0

    SHA256

    81bdf8a0c4a966109a6d2eb6ee1dba6b1e45a4e984dca9b73f952763d8b74fbc

    SHA512

    63db7f22b52a170859ffe772a55d7a3b1a042b53a28371fae1dc2ba4c2dca4f6df1a661cf0c21fa634601dbd17d26a03b247d8418fb63ab533be4ca0e7869b6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e16f55b9d08e726ddb8af9439ea31c85

    SHA1

    e9a76a7af039022656738984e1bfab5d3c6a9d92

    SHA256

    81c8772d122bfd36cb275db7c356ace6deb4c976f4b60a30802018095546c262

    SHA512

    2e6a05e807257450f2872ad1fed6f42c96d5e4d9e1576d901624bbd181f82b4b897c520e4a5abaf7b858a8bbfa0a28f97b3a850d315a3c46b7339526b6e3a2da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6B9F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar78CD.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit