Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://waaw.to

windows7-x64

1

https://waaw.to

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2024, 01:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://waaw.to

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://waaw.to
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2772

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AD5F118F7897046E8CA970AE6A6AB70B_CCEC95E3A3F63B03E57079ABB3B0CBB4
          Filesize

          471B

          MD5

          69a6d56811bca0e3691d8b31e2ab3d62

          SHA1

          7d8b037a6f3da954079eefef40ddaaf4f499edd2

          SHA256

          362a5ea65cd6e51fbd4bd383bf7991383b14194734464d62dcff6828b94b739a

          SHA512

          9fd82f770170e3707dc268507de0a9a8e4807fb48ecdd07552cc2620e5f4a7307a9dc194b9e05f101e9429b956637d0fb3455f1c7eef92d3939b9991877214b4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          b9498c386df6e6740cedd961cc844c78

          SHA1

          62ed2070d31339892398746a2a1d25e5363d221e

          SHA256

          e4437dc4a68d0e0516460b1ddc12cf4909d16360f69e51ef0bc18f6a27c9d058

          SHA512

          d9ce08813d3da8342513e797ffb3b0e386586491d17d13d4ca79a6615fbe9cc9f529c230cdef6687b4ccffc52f47c7d1c8e2ed9e29bcaabc7201b51fed2c4cab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          18a083dd9441368e2e1ee0e5441d2990

          SHA1

          bb4108764b8110320d8935b60f536931c2bab491

          SHA256

          115a4071a1c76c70e19ca585c23b7ea8a2988f91429d9f40e2dc0adcc51ce7ca

          SHA512

          7104bf902d0517c1cc95cf76779bab78275bfc8844f87eb23515b22123a21bda8d20fff6427255e63b8152f2fd7929ed5b8904bfb670b4c68c95b7b8e452af3b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a1b70824bfe80ab76a6df40b4a07194a

          SHA1

          acbab83d3471b0c4a6f44a198d05bd11fdc0431c

          SHA256

          a32f18b8c7f630f73addcab3141df3b1f5b2c7a007e5229dc1030588a6a5e88d

          SHA512

          6ee2bffbafc70108ef2a10798805d7512dcc0143dbd75bf8a998de8dc1ac16e478c65fc6327b6fb6e3e3f5e2b3fa712a8f7726af4fdd6c170879bf06677de707

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          32a5369935bd32452dbb111cd14a0181

          SHA1

          13a6f050e89f8a7d42208a6ac2e4b7594e0a6f1f

          SHA256

          e82c982ef0462a83372fa7ef1cc556260ee1d2edfc55893eaf68fa8aeeb8d3f2

          SHA512

          aa4aed5fa952da0366a5fa516615cc6bebc6c137a1209d3d72f33a2ef0151d77b6a8ecfa64951c14d3f31274581ff135c8f7498806a5672d3481665ec75effb1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3171fe5759d79252bee1d38757a8564d

          SHA1

          171f59bdf183134237f56a2df9b1a48aace7c0ce

          SHA256

          f555029c11d3bc37dc50c9f22a07a6076a4973cd41a50238a2d45e58b8ca75d1

          SHA512

          468ccda3af554c3634e402de4a179ba45ad647abb5b9ff535543787e5edcd1bbb21521d50e9de8425b499465a47dd646020e0619160f3669084e14cdd5142ea7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          847920394873dac4592bf302a5848857

          SHA1

          0e388ead03b90e82ca6b6c62a807a0bd5dc955df

          SHA256

          797db472cf3dc27058e46569cc370a9d3561fc4be2290f7ca8ed5c8b29badbb2

          SHA512

          949b5090d6bbcfc235f659631e844fbe540310e724412c02eb58b41280d43dc72ba626e72e108bd17647d9d6d719ac34b8a63f95d174b866fa1b74d79dedf67d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          40f72efd6386f943fe59d0f738a58a64

          SHA1

          4902584152f833f6abbdce8a2b0e3b953ef36ca8

          SHA256

          aaea3d7078e3c79bcdbc12dc6c97cc5496112042999d3a4c70fde311a6347c46

          SHA512

          fb7f450e4bf4cfd44c88c6d3ea6fe70815d3fdc87efded554d3cf30a5f4ca4ad58daa49848233b0b42113d423362f6931763e919ecf9432e1f49a04fe3144a3b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          736abdb235f49508fd83fcb3e2f23e6c

          SHA1

          9d03063b5059dfdcb62655f383d580131f224514

          SHA256

          dec3c5d6966b32dcfa6ecb9af9e67ddfda795fd15dac2301627ae822cc1e5397

          SHA512

          c0b3f56cc94f4c11f58b205f4c301ab32b0c95f0d52801a75aaef0ffccb33f231678889b225765fc9d08f179e9228333960011e8693451c39409d7157363b592

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0109159d0d09ac1146fa4c40b7801b68

          SHA1

          424af48b0399c5189fdd130f797fabe48ebd890a

          SHA256

          6fd7c09fcb64f379c955e705e97f1e2cf47188a33402dad3a0709922e12e71c0

          SHA512

          98bde133e3c90031f63073389e021fc8643cdc6a20f1ce532bb90b0d3427e0600567047c510559da53134eb1519ca30f32233c406019789dd668b178bafffe6c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0a47508362d874e84aa85631939ae06f

          SHA1

          227d303d6c3534268686d2f2d8dd2a95c2130c84

          SHA256

          1a5da82afddc585dd72fafb5eb75873d8247e2e106ac577d8a5b70a7979296c7

          SHA512

          ee7b9dee74652b21a1e0ff5a640166d50e0e15b999f5f2d6a67171c7b4cad4611be23e1d596b44cc6315436693b3f3271ae96b461a0ee07d32fbd9b1ff2b184f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fa25c617c64c17a7f87124d282485e14

          SHA1

          0d6e50db6e796a26f4202cd01ff905349fefcf4b

          SHA256

          8b4c75697d8d7dd45e47f5be0f097f1286c65371ecda2de81635faacbcca0f57

          SHA512

          fc8982af6b87ca07415ac637128c79c691f6b9e188d379b8cf6603c117f3ebb0af0023395305dc70b63ba523fe57394a6648deca589cb8d40399ae8c16ab6445

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b78a1c7489ef1af675a29d5acd78df48

          SHA1

          7e30209cabe7f7444c309186a23e13e7ff36b026

          SHA256

          1cc850a95fd34c431d41c519160efb97e7db5400636b861e8091a2868ce5ad87

          SHA512

          bda813dbcabc6cbe3c1f225a01461b9cbec65cd0e32b5ccdec198e1d2a26e5a8f0dc7850fac6d48635cc1d7d4464a8d1636b5850e114949c22efdb7010956b04

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7c990a06e4d27d847fb02e025a5ca2a3

          SHA1

          62f7be771524b84c19133d485284103005444691

          SHA256

          e0906d0708335e1700f5c8ff4c17e7efc473457aa8e82adaf03dc4e6ab54986b

          SHA512

          5b0680db7173195e79a1984b5bbf409f0ff1e3bf70b22c4014c934171da5dfd72cc1e597d0c4d4651980a8aaff52a3408e814f63a36aaec8efd02e2063ecefee

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AD5F118F7897046E8CA970AE6A6AB70B_CCEC95E3A3F63B03E57079ABB3B0CBB4
          Filesize

          406B

          MD5

          07ed4e854fc54e33f998a4ef32d93905

          SHA1

          0156374ae07f8f23a4511df38d4ec44cc9d12475

          SHA256

          ba4250e498bf0b19fc74927c49b31046a5badfe53ac533a4825bb24f0caed0ef

          SHA512

          d9b21bc639375dcb5903e5298fc968605c62a3d7b1570d18d270741329f5f2a4b5709e57439c7304fd82121d262a34d2e8f71a3a10153f1dd80f23a9e3833ec7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          3f644ec28dacef04740954910d2c36b8

          SHA1

          50bb4b010d25f58d39bb668e17982481145b6dfa

          SHA256

          cd289b2dbd5f429adf2715d2c080f2653c3f1228522a47755e797fa3b561d7ef

          SHA512

          efebd5ed10c97c86af355f09f251839910b133270d72c5ca71af3523d3cbd992be7e4dc13a43f4918add9db7d0971494e6954ceb37a9f939e3a44679ef402a9d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat
          Filesize

          1KB

          MD5

          c6d1887ad1c613f8878261073e167590

          SHA1

          ea0f2f67c020b02db9cace46ccc53e14355718fe

          SHA256

          4350f3d8de16c2bd7c3149d0a5f3f85ac07d4cdf8c069d1149d011775f177dd6

          SHA512

          57af41d796fdcb82ea6a113b82b706c89c9b8e436fe50041a328b52ff190375eeee9d9b9a547cf31e21c0d6bdf21abd52bf34dbc5f1555710d2df302bbd7263e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5I8DTPB\favicon[1].ico
          Filesize

          1KB

          MD5

          fd70151b8681b06422dcdd740d4f8995

          SHA1

          127c7753da1eecf259196a54f2375ccfd77937f4

          SHA256

          e2f1b67e6a39acec95a7e0fb9f5fd5c84c936421033a05cdfc3edf0c4a8de11c

          SHA512

          3a1687dac19c85e810d7219697aeeef72c4327c9816fd4b483237157bf17116d572f0f31187676efaf8d4ea78ab01f026358c42c0201c6fc0326c21365f05d53

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5I8DTPB\spv.1305141919[1].js
          Filesize

          6KB

          MD5

          5ac1ae6111efef994779aee099a56853

          SHA1

          3dff80dec79c3fd0591c71d75af0d8ea9d863129

          SHA256

          cad76b118faa5f2ad4582a237708bc3e43a3895f50ba3702eafccaf14c7bda0e

          SHA512

          0e70e9d2cdfcd8bf39c661b174a4dab5feec7cd455452b115de5dfc2b783f1b5e575bb18573e1a5282ce6b874d9ec1898c193dd1c77803bb7014413bd6f7d2b7

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DB8Z7UM7\index[2].js
          Filesize

          19KB

          MD5

          19f78f369c759e4f85090a2184a058ab

          SHA1

          49f5eb4ef84389e1712dfeade223220cc5719bcd

          SHA256

          665259a734d78c4dce3b9595ceeb2fb888a3f03ed8c405de266bf718a3a225cb

          SHA512

          3f61b97791baf1b0bc2c814ccd551614f7709f7227db2d221187380996cd997589b0a17b0152fd9bf3d6a44d0e6e80f9b406197b8558ee34ad8050f183bbe667

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar20EE.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit