Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://dev-banrg00w...

windows7-x64

1

https://dev-banrg00w...

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 21:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://dev-banrg00ww.pantheonsite.io/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://dev-banrg00ww.pantheonsite.io/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1920

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4730d5e96210755049e679ae6b175b63

          SHA1

          0ff375cd579e9231d196a6252d1ebfa114dc8f1b

          SHA256

          b1e4aa398fddc59cca6e32307d552f3f72fe79c50ac202225b1b4f1ed3969f8b

          SHA512

          99d64d3bf4b370ee5f1118f71062d58703acaf428f41d954b4d1501ec3b1f7db74af3251b4e9aebf62488c61e12640a188b0122f336828719e0bc0c686a40fd3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b8412ae1d2d40ca9ce130c2d3f12ca93

          SHA1

          cac43a570d82066fa5f4320fd944456a4e5950f9

          SHA256

          c67f8d53207c4503e708d24c427180b1f7bfd9caf1b5ce01057d58b6b98f61fc

          SHA512

          9e093ece247520c32c8eef45622e6a5c3f34e49595e6a769d8d04b03f7ddb0445be0f42032f0bcc3c9c103c91a9b291178ac01a5ef47d750b128f43b59c34f1e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3ecf6303fa6b31e655100548e97f3095

          SHA1

          b9b247de7884087b03fffea0c1a80de4928b9080

          SHA256

          881ff288b2d608a9ccee8524098d67134561805675071d9a48ad35da8277a708

          SHA512

          2c05866a1ba976d7c3f52ccc183fe2d07bcf0f2503a509412f0dcc2818bfa74f011210903061cbaca33493d1de8ec8651b12cc8331fba4d409a914cf9d26e46f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          38d2c9d0b583d3cd465dd681d2501090

          SHA1

          48ad43702dd9bac059f47674f26bae70a38c478b

          SHA256

          5ddb78c4404d27c0959cca09a6bae000d652aa9d9f2d1178ef3f370860f094ae

          SHA512

          ca02ae54ceea707d48cc8583ee0400ca2096fc5b3a6641547c12080bbacb98ed17f7c0abdb5f5be382d0713fca6daba42dc2ca04a7dee8aabe36f1754f81eb4c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2ac1edc345a4d1bed68ee0ab579ce20d

          SHA1

          abae5589ba9ff982e5bd8f2aacf6a93c7151dc7e

          SHA256

          c5eb20d99d85e4befe8d2b7789137851082769b93d641b68f2e9dd4b054c6e70

          SHA512

          6a2bb68c97f5526c2cca0928d185505505538fcb98c6e5ae6462fa967a6e38f3123ad07bb3236a8536645ea0f217fc04c0ea02a26727b3c84a8bfc6abf1a8ce0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab38BF.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar398D.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit