Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://oneoffice.ws...

windows7-x64

1

https://oneoffice.ws...

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/01/2024, 21:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://oneoffice.wsbeng.com/oneoffice/bidding/contract?contract=14317

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://oneoffice.wsbeng.com/oneoffice/bidding/contract?contract=14317
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db72b3ca5b86979e5210636a6179467f

    SHA1

    130a0084ee599a9a4831b469482fe84a54dfe8fe

    SHA256

    4a9160f2f7958b662079b3d4166b5dfe494361933e084510252ee685a67a612f

    SHA512

    7a25ec6c590453e60d00c75f6c27bae99593fe0851e1238aacbcae8847353e76a879809c2e66dc5f87d0d62b65fc530a3b78d1d02dbee16f02a9f298d242cbd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc17dd12aa38d913cd24bf28b89ab39d

    SHA1

    2bdd85d08b8e8483e49b0957e620ec871781fad7

    SHA256

    90e127740e34242f8821fe983c302bb46fb32162d28b9fad642b9ad867425db2

    SHA512

    0b1579fedd6d5e196dfaa9714ea575b71106713c2efbf1d9e9b205f82bc4647f9c699b01a098e4e7c63fed06b3c0f0fe5b56dd3e4be12647a3bf21ece0ffc17c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cdd7c480bcd5821897c671f0d57738f

    SHA1

    df2601d46d69347fd25fb01f0c34346380d2d2b4

    SHA256

    e82236bdf501fbf5a86c8bcf439336f90b895fe5eeb9b2d15db5edb75a25eb71

    SHA512

    53e24584e176facb01416d01b0fde5a59ff58a0023722ff3968d41b98df93c3e69d1c8122048215e633686ac88fe4d2a2edcff18d1d842cac6ab8c9789180a61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02d1fc4fd942aab7c1c4a35e9d8df807

    SHA1

    3932d8f9f5ca8466e86c08428fb488e9ecd05bcc

    SHA256

    ba3a6cf5a7ee20f3400a1fa1604f202f08effe214635c0ac3c65ba727e00a555

    SHA512

    cc53e7212216816670b6769f4918c6a4c9b4a067eb2886c730b5dcde6d0a00f4e23412f9b2d451738addba75b250650719db8313d93def4f531e741442ee0eeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c69e703e2cb9fdca8ff8f16dbb22269

    SHA1

    302f45d916978968060b4ce9b0e83d7a1e4bac5e

    SHA256

    2336e3a1dde4d4a1eef9ac8658136b5e38d9dfdd489c55900dde29b4e6731bb2

    SHA512

    12eca41250c15677d7a804c6f6593e55b921ec5fb906a464d72d8a440e34b8907f59c9ed191806c55caa518537c1463c6d0ad7b3a32b930add43a91d73842718

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc3d7099fa4a36ada8ce8239f079266a

    SHA1

    6291d038a8d0d51b6f037cfd32663a63267c1642

    SHA256

    45b3caa04a210850c489034b11603b5d84a453bf886e737be04436a1f22af478

    SHA512

    c5d2187df7ead4b29ed6e577cdcfd2d3404b7f4799f2b0795b5731c2fd7b6e1ba5c0223ece24ae22dd9122b09d73c6453f6dfa04e75cd9143d925714a3dc5264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2657e25e1bd003ee3a04414ae5b77b2

    SHA1

    3418c345b78bf4888afea98a5e5b84b45187c3c8

    SHA256

    2546d336b6c91779ed1254a66065b01cdb0922a2ba1e5f0e466a783d0c926bdd

    SHA512

    7fca0a8825f0fe98197ca4a697e7d7dddae356d4301d799e1c57d4eab93ff8dc42b06c5cbc49e777e97d72ab45560b7c994f174ad9c7c6af8e2ff0151855c415

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    326d9623af2e78e3cdfffbc1b312dfb7

    SHA1

    580179ad12735d76c7c11e1411b7d2b39461704f

    SHA256

    fb312a7ec7dbca2234fabc341b546510666fe22b65f35d524082e47aa78d6d8d

    SHA512

    0a5be13a27b3150fb3c91b610291670ce92124bef137818a638d855e5e4f78cb9845896349d06edd4147478420d374d2fb63453a75b152ac774ea563d29177cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    703acfd4e4028e58c3de97e81eeb68c4

    SHA1

    885ef2214f9017659e71d9ff3c3200d7c65be12a

    SHA256

    7eb7b819f52d3754185d0fdb8b1195a6ca8e30ee52fc4a69f58acaa5759a317b

    SHA512

    4bd6adb2ae1593793b9ef89717d84d0eae156fdd78830d64d5118c957507f5fe26d4292d2fd2b88f9f6c967135eea7d6716c6db63b9e83070243444446610723

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdf33c2c21fdeaea1892c5f9a383d215

    SHA1

    ef8c42e5a2c44cdc486886bfb92e6dfe8c2a6887

    SHA256

    36f281b4360d185da3d8ac1c91abbebffd1f0bb70bcfa8838e461abc3af09ebe

    SHA512

    7b492e375c15466e70f80dabd2cd201b370fb19cab36188e127e5780e121312f5c83b521c62823bf87f0a6e6b55c184c778a8c52c39ce708cbcf1d3abb5f027c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41395556f327c8eadc37d5874d3db21c

    SHA1

    f34032f4af759774fb6b54fb4650e40758a207e6

    SHA256

    d95a038e4e4218664cafe513d9092e8dbe397f8389097960a9f40c16d5da6a04

    SHA512

    f5112efbb99771f0921cee8a3d7cb63cb14db93de5605f8a746a6586c7ef0f20e67d7aa2a385905d1de0cbaf8ce7dc685e135535014c4d54d441cf7b78f414da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab51EA.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar524B.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit