Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://cdn.pansage....

windows7-x64

8

https://cdn.pansage....

windows10-2004-x64

1

Analysis

  • max time kernel
    103s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 08:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://cdn.pansage.xyz/download/CheatCheck.exe

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://cdn.pansage.xyz/download/CheatCheck.exe
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c069142f3bdb69937e609743c3496cf

    SHA1

    74c7ff22001587a5d7fcbcd9000ca283b15f362c

    SHA256

    f6d6de5be0c06ef1dbf9cbf2578f53f6ec6627740bb38a8b186be4c74e1c3ce8

    SHA512

    e667ff13df643f9db63edddb1bb3ea18a2541fce35c7020813c0f9bdaeb32dfa36272380188768ada93af3f7d9df92b3e68ecc3ad6b03dab466ae4796cb2fb4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b3a403b5f55d5a2d5bfdb59129199aa

    SHA1

    c085a7afd4d7c24a6fa4edd0eb230e598ae94f72

    SHA256

    360c89490002b53fead8606d808e5a19e8d16e36358fa5595465de6838f3787f

    SHA512

    3fd4aa6005063b1d49f996b5aafd842035a570c121c1e41318db55604717297683cf282ffe1e6f86db6bd8c2611e0500b394d50226bd646faf478d4dfc047a53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0899855926ab91f520d5519855315e05

    SHA1

    a6e4592ec8067e2bcbde7c8024bb0b3eb82f49fa

    SHA256

    4ab81618915ff219e92621d3beae7bdbeb425e44267af7f757796827930ab5c7

    SHA512

    d4ce438260a942f46cbd1c2b3317b4236e7a1a0632f076ae67951151aa41a8c7ca5adee4896c026490355d5d36457a09b92f48ded293b9dba19bc36df77306af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6220c581ada5131d6eebb04dffaa4bf1

    SHA1

    120fb6f14f55984f13fe39891874816caf53be98

    SHA256

    e010290f87372438c1bc48416f4ac87a0f871f8dafbdc416491c4fc2096c1fe9

    SHA512

    a05c0b7471bd06787382776bdca826abde36c15a6c40eadf8cc5d781bd597dc2d2b90bd97e82233cb871f6e5114a2d7dc0380f17041ba08b25a3a876454db417

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8284f01cbeb44bc0535f39f62a81760

    SHA1

    ac79d0fcecf5d8a2373dccc5ade8f615aaee329e

    SHA256

    06bcedac42e6e9b7679d6d387d577fe6bdb189790221e916726d276f55a2ac11

    SHA512

    9dc1ad2379bfd7c088c70e5990660e5a65faf79bfcb5eeece1b42713848df96ce461f8426ab2c71aa0bd586c6968fb6f7cb592150f1460dd84fa27154b0af714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d77541658748cd86cee36bed00336e9

    SHA1

    0435cd32d120ae683de9d12ea180e54985eb17dc

    SHA256

    b5121b8fc6c138e44dc0575504b652379da354d1dafce7da44841b47f9d1b6c7

    SHA512

    5a899abb92f4b729d88203b40972ac53d72bb12d0501e9cf8a8d00e6f2a4ad47121e3208919e50ca5d8a42e3a0299392533861692a22ffd6f1ab7f3af383005e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9df6842477756b4515c3c73059b02a35

    SHA1

    c9844ac3df05ecfa6029109564b528694b545669

    SHA256

    5b55770a2f0a68576532135ffdfe4638df13d1abaf537e93c95bd4fbb11807b7

    SHA512

    1ea2bd279e924b49cb52727322b3a6c08c1f37ce20a54505e4d32ae57e558ceb4b1c9b112717b16ee5f0a340c1edd84b12fe51f39cf359909e28c54891d15dcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    790ebeba9e0325898e97f6640c97a50d

    SHA1

    f334fdb94eedf37063339bc0feadbf34c8a3ce27

    SHA256

    03ef34fa821d5ac49ae6c0016a0e8c77e6c1d3d865deb931b7d4592dc8a30382

    SHA512

    36455b8cc1c79d37babdf37e440f25749afaee2535067ec919857d0a1f48a3059fa8ff45258dfc4ad1eda1a2d352d902d87567b779975a1492edf01dd789b625

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8166ccd48b9b0c350ee81e82bd832764

    SHA1

    5c24335932832823a111602c886453a48a83fcdd

    SHA256

    9a647519126761238e50d243b38c6330f45d3640a2525353b32fdc9fedca2363

    SHA512

    9c280af6b12ee8de031ca3f8bc000344cb07de329cccbd38691f7e0a0e4f63c98c13db903c01030937a36abab7231e8a8140b0533dd6baf52441e1dc92ae2b01

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab624D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar624E.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit