Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://fiber.att.co...

windows7-x64

1

https://fiber.att.co...

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08-01-2024 18:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://fiber.att.com/?source=ECBB0000000CG100P&tfn=homesolutions&WT.srch=1&wtExtndSource=S_AIB_IPM_Fiber_G_FIB_SEA_CRS_LF_SALE_GM_ALL_OOF_FIB_NA_BND_EXM_SEAR_NA_NA_Prospecting_NA_NA_NA_CPC%3BGeneral+Prospecting_Internet_ATT+Internet%3B700000001889173%3Bat&t+packages+internet=&ds_eid=700000001889173&ds_cid=71700000060044898&ds_agid=58700007972218069&ds_kids=p74305571038&pg_var=NHL_EX50&gclsrc=aw.ds&ds_rl=1295680&gad_source=1&ds_rl=1295680&gclid=CjwKCAiA1-6sBhAoEiwArqlGPmKAbn_adWGye7HPeU9AX6eRi-LM7QBs07jMDWHgpfQ63IMBPI0bLhoCeGQQAvD_BwE&gclsrc=aw.ds

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://fiber.att.com/?source=ECBB0000000CG100P&tfn=homesolutions&WT.srch=1&wtExtndSource=S_AIB_IPM_Fiber_G_FIB_SEA_CRS_LF_SALE_GM_ALL_OOF_FIB_NA_BND_EXM_SEAR_NA_NA_Prospecting_NA_NA_NA_CPC%3BGeneral+Prospecting_Internet_ATT+Internet%3B700000001889173%3Bat&t+packages+internet=&ds_eid=700000001889173&ds_cid=71700000060044898&ds_agid=58700007972218069&ds_kids=p74305571038&pg_var=NHL_EX50&gclsrc=aw.ds&ds_rl=1295680&gad_source=1&ds_rl=1295680&gclid=CjwKCAiA1-6sBhAoEiwArqlGPmKAbn_adWGye7HPeU9AX6eRi-LM7QBs07jMDWHgpfQ63IMBPI0bLhoCeGQQAvD_BwE&gclsrc=aw.ds
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1616 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2459d64a959222eb9ede38ae7173683a

    SHA1

    417f6b358fa3c02081c83915673e65f6066603d6

    SHA256

    9c8fd88531ee6bb2327b1eee275a06a8d9a67856ed46352619f8bb3f2760873c

    SHA512

    2128a42da446b6db267db9766f3ab82c7f2c3377f6c8db127c08dab0d6750ce3127b6a375c855cc2211fc143958957afe67e8e465f4d022dcde5a06d7ea5a692

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b02646ae480d902c2d7cd282b3cc4f0

    SHA1

    199469c5df98a8d0398acc3530fb6f413323d98f

    SHA256

    6fec79eed91d474858b8faa5ff2ff0d4c3f87f1daba2cd63089208a20c0c52b3

    SHA512

    303647f4b963caaaf27a52bc1bfca913531761ad6ea08ebe3adf3326b15f7d8ae9843f645e4c44d556f621080cb05ed6381d3fbc619b03acf68f5e1f4529f3ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7845f05fc8c65fcc818fc14cde266bb9

    SHA1

    634dd58195cb2c28d988d3fe28f2ba319e4d098e

    SHA256

    4621fa58c56d743fc78802c533732650b6853041e81db1b1433e5404bfed50b6

    SHA512

    66a685e027c834130d0e43759544fb424150e718fcc06c80f3839be843a83c2cbf1d12bab9897ab339e9b55df6b2974bcdc226576e35ac246cf40585f34b4f95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b875f685de50ebdc81663987e1e4426c

    SHA1

    8186c76731447634bba07fab3837e4f5856f7cc7

    SHA256

    90447d051de3c3c972d849641aa9ca47d6fa5a87763f7f28a82361dbc16d4123

    SHA512

    0d1e30e0484ae2ee5303e2457b528b78228aedb3f995727c86332e8270d7f24f863ba3599d0269ad7a01fa1bbb4400a072ad2f7b89cf15b71e8075dd5d9e9f60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2566bcf28759248dac59bccc15964fe2

    SHA1

    5afdf5d4721aee704711e33b1cd2e89ba5d21119

    SHA256

    63c40c83e0ff3f36f45464d053525a4366a8dd9ab1d77952392dfd59cf0d6cf2

    SHA512

    ef7190cc6e609b69295e0a67a33678a01aa89ad3f6c19115c19d97e0945721ee49a6a3d2f5fff21e823b2f4e79cd805b8f806d0be031c348fe9efca5994ccb76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba977fcce1ac5a576a22b88f6d427ebf

    SHA1

    02a47d1a8c48f89acdf7ab9770db4c4e39665aa8

    SHA256

    d368723f05d7ede611d05de9431f97dc7ee4480048cbf2f3f319af0d02bf6230

    SHA512

    40079548fe6856bfe681af52e086e5339e46ba9c7ccc4c1ba9fb16cd01093c416ca1ad415dcad2f17e4fe799e29f5b7f717a3f5f90ead9fc804ed00fc7097c45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d676ad34b86401e21f7c2dbe90d4476

    SHA1

    59f43b4863d76f96f716772d2d4c9fd00ca2a704

    SHA256

    1c592d8b404524f5475eef2aab172cbaa8c1e4446af6b6068dff44b894678ff4

    SHA512

    55526d6ec9fe78c5fac836f0c6d4d61faaf0f0ffb19982510741da1ee7a5dba001e4b52901c16438fb2bd88e9d30b28cd2a3465c2792d08cf66d9e3be10bdb3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3343bac3ce55f5c9aa51466e8c98ffea

    SHA1

    e4bdaf5a99f6609e7024e9369559decd55c98a22

    SHA256

    f1e030f814b186599cbb497e7a4ab492496374df6e4bb29a459085963739c036

    SHA512

    1b78b3847d464ff2abe75933b31145c279c46b426bfd4b8b73905b5031d924fb261b428a5f3526b0c671fb23f16d28437d670a9847f5ebfee509b136fc606be7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    291da21cde3356cdcd379264aba561d0

    SHA1

    73d456685e210b5a404899ad363752c49fa32029

    SHA256

    3ccfa113bd0fe6492ca2eede1a5ebeb982c4fb9784ada17df81723fb14cbdf7c

    SHA512

    a1f36bf809e154fce70bbf3633f658b0878fa88f03d75013c1128b0c3f25a0058074cabb8f3d8529d6bf9709c5e35a610d06f7c12b4a778069fa6c83a763645e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    137bff0c68e73c121289f11252780a81

    SHA1

    3d7d7eeb5d9aa1b095daf717ef8147cd4a26f016

    SHA256

    9dbadbb156b50d8aaf6c7ad32aed0e8d113b021541297fae32931eb6fbe1fd2b

    SHA512

    02086422b9d6f5e311e61a8d78b2fd6ed38ab6d24d5faba17166ecb5c2727e9a2e823b2f6775597f9a26646dcb09f056810ba7e77ea90d9a780790d1c5219742

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55903175b4b66d85dcab5fc2f69a0628

    SHA1

    5d6608aae2a7d9921c488851ed9503a812e5406e

    SHA256

    1f90683d83500f98af9e359ace57ab3200352a71ee50fee9a308ea36a8c9830a

    SHA512

    de9ddafa8cd959ca49c08fab1b33593bb1cfc149a828c5e3a1beb8bbaee3bf65dfd72bb09a5c0171ba16fdd00b6ef89b0fe2ab106e824063a3643527b088f249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd86ac77ec8ce074e4b28e7b9ee799f1

    SHA1

    2b1827286aea7bc80f0d326735ac2c6ea286b455

    SHA256

    86f2ca259d6c07bbe8bfa5f92bb4dc727c30b054983d5aa537199e1698bd0ba0

    SHA512

    36b5d8583a67cccfffc6ecec22c01775757cd1cda4b9f2f3db11f124d4e2c7eb189c3b93650cc62782652e11a7f5fb5eb4c281cdcc8d29431c0dbbabcd19923a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    325331d00511099520fd85b28f3b029f

    SHA1

    12e2fa6483ff438ae5c56500aab6fbbd6e5cb189

    SHA256

    5036a8ee2e81c48e61eeb0f1cc6adf66570f9ff0f82a5dedc183621833f7fd88

    SHA512

    8943b5159f62905777d36e25b3595638096b9f18e254d554dd86269c333015cad3e61d291131f9b0f9608b52316a49ae1a273e54c7c6aa47f1cdc81ffb2165e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1539a8417e7850c94b96a0b2d828180a

    SHA1

    638e5e4d250b4004276a6f4304e630d78fcdebe7

    SHA256

    b7007a471fe179a38df0a75d236214f26c315df1c4240277abefd0fa1b7f4255

    SHA512

    2fda245937c0e22ab875a6a67fe3e7bcbf40f5479bb60f204c8a4057780f10d7c6c6f4a6d5ec5ace12d43ab917b3782257d10a999b811df78f1f580ab47134ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52395b104c8068ce06eddab1589fe38c

    SHA1

    6a56c350b374b8035a4f4d675216b749e718d2a7

    SHA256

    ab20e8075ec903087a9519179e6e64be14618b1d340f40a47204993c8e855898

    SHA512

    84af0b73b531b4b80d61eeaa869ced4d52a0859dfaa5d333af13d9684c7815bb52513c827b0ceddd519c56c4a07d66bfa0b160dc539b3d55bc38a94680d1c607

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4acd59187bced7176465d7c35eb5da6

    SHA1

    65f8f7d5029ec5fe9c3bcadfa0372bfddfbb68a0

    SHA256

    16869d0a694f8409bcf88d3f1bc70368435a3858021e3bef407410f5e138d775

    SHA512

    75a490e97c813be4742b63b8ec377443d6f31fd8d7f9f1978f388b33b9347e74c589d335f34a4331938f2d5a7995b071c038edea1095c8915679ccc3fcaa68b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3c165898fd6534d63ef5422cf01d098

    SHA1

    a374632f17d4e383025277a0d2ec2bf9d2186336

    SHA256

    58fb242fd378169d761f40d25ce0c6268e52d46382490590a70b81cbc7872639

    SHA512

    661541b5a4c4aeb12ce1470e98d6074a148e37a9230f650b62f5f61cf276bdfed650388a1e0806148499ef7711c07ae656697c267bc9b4db50d5a97b5fb45f4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88f9fc84eb9b8cca0dc9f88c4c2bb2b8

    SHA1

    f8a288681dcf22465cac23a9d6d4bf938ac01300

    SHA256

    5d7ec3a5ca51ded8e9c68cd2095113517d5af8bb7a672191e70392b57c48eaf0

    SHA512

    b277b0f031534df60fd73d6af0c795fd5f36c45f0e19056e48ef8cbfe1300e4cb75c6f737a8f752ea1be7f49e1dc4a70c45cb066d8bdba45914daac90bf32f1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59908aee5798592e63789ae02c2ba12c

    SHA1

    cc165b75cea1c79743d7800a903a829f242d92e0

    SHA256

    ce7bf3e72748df9dbf41394925cfa64e3d3bc3c94f6839f75b74e977a7272c0a

    SHA512

    9b86b89396be66ff18662b20933e4db03b574165ab78041c591d13badb4b746030a00d0010d84caac8e31df85f293458dbbb16f3001fce28e1c76451fb655a77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    739c7ab3b13f889e35a588672a0137d4

    SHA1

    fd10e588e46156278f3e559ab32c20c48326509a

    SHA256

    853a989285882119edd8393f57c857025cf5c93e613428e1e1c050847aa0c489

    SHA512

    83c5f8dd2484e815f6d141a2b43d39e660bfdafbf55c65a85162865d3344dacab7e6bae2adf1a4d318702ede0325ca87ea16b7d3d29973ee6f43145a6169cf48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2561ac8df86790a511a48138f80ecf31

    SHA1

    bb493ecb0360ee2af8cece3c236506d9f8290f7b

    SHA256

    104d348d9610a83a73f3f70bc50ab29e7fdb508a5cb8d162bf53711ef8111872

    SHA512

    2dce07d51ca4d7614b6162a54bde62ef9117c856ef0524931418eee90a87665007f05b5926d410eddbbcfcfc04c1d772204787799c9ac6f43d1e5d70bf1cfcbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbc0394d8d5fbcde8c7bc6d3fe8bceb2

    SHA1

    c0fb4bd88f5d3a3b027b0c1e1ecca6e445a4df76

    SHA256

    ebc031a7d5a1a28aaf44da0fd8ac56edc90c21ab38bbfef4d7a84679fbc65cd6

    SHA512

    81dfb3ef3d0cee1ca094daba548f92bd1c91d03cb22d19ce9858792d81ce198e61aa195587585214e23c2ca13b0741fc5bc1e9bb8aff97bf38a9893194ea2f81

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\N5DZTLGT\fiber.att[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\N5DZTLGT\fiber.att[1].xml
    Filesize

    151B

    MD5

    c50f88b3d8c08c389c4f392b3df65fd7

    SHA1

    80b8a52a62863f18679cdba515e86148bbbd25c0

    SHA256

    6c40f4b56947bb705cb1178d1cdd3da13aa69b151e28158cf02b067ca3101a2d

    SHA512

    770dc1ab731e85c9ab2e03ed9eaca07a4d9e9cc43b125e47fbbaac67fc7ffa6c79bcba459ed9254da02fdb46dd22658ebdc59cb0f4da155c5ee1ad09fecee4f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat
    Filesize

    1KB

    MD5

    9ef10a2480ca46a39b4d424be76355a0

    SHA1

    ee22aa85c3ef8fc282401a2b77f0081ffc296a88

    SHA256

    994ffa6d25bae47607462576cfd6ebd0b7e2d6cf7e20615b226d2a51db28f838

    SHA512

    fc16fe8d3f826e258f6de8e5a12d58c81bbc6da575acfb923af7b47d9688ec3e7ec89a445e2988589cefdff73bb858c47e8318f07b4d3090ec1fe81323932010

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU3RPYUN\favicon[1].ico
    Filesize

    1KB

    MD5

    8cc5501351f013de0ce76fa0a2c59d50

    SHA1

    ccc13ea6e1bf7ca9fe31b0dd997981fa8ec6a2e1

    SHA256

    42938b72e2ec54515eb9c49145f42b8728cfc0b70170f80aef58ce93032b1c1d

    SHA512

    bb41b6338f83027723f628d0724eb533a2bca18956776c985bf2d6e03267d1e3c6e1c45f0a8a1316726f847dcdd16c1570ab0e8bafffa03d5dd663b0fad385ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab94C3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar94D5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit