Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://r20.rs6.net/...

windows7-x64

1

https://r20.rs6.net/...

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/01/2024, 20:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://r20.rs6.net/tn.jsp?f=001blv32OPQRb6epotJ_g6-cE4uoUtaQAd_X4Clj2Jdr2IOzlSSs4o9CeDX_ElOffPCpO6t7R6OTB2ly_1xHqV4m5AkxctMbLzjsEnBs6DH4YMIoiC8wOANbhwz3Anl_gLT8fdisF0hrqPWhFSW9Q9ci0Sg1Dgfj_ymmc__Hcz2P28=&c=&ch=CXBmzCN2aEMcpumrNUZzfmWC-LsjehoJTuX21pjSanzf1X-1PcbCAA==&__=/qwer/YnJhZC5zaGlyZXNAc3luY3Jlb24uY29t

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://r20.rs6.net/tn.jsp?f=001blv32OPQRb6epotJ_g6-cE4uoUtaQAd_X4Clj2Jdr2IOzlSSs4o9CeDX_ElOffPCpO6t7R6OTB2ly_1xHqV4m5AkxctMbLzjsEnBs6DH4YMIoiC8wOANbhwz3Anl_gLT8fdisF0hrqPWhFSW9Q9ci0Sg1Dgfj_ymmc__Hcz2P28=&c=&ch=CXBmzCN2aEMcpumrNUZzfmWC-LsjehoJTuX21pjSanzf1X-1PcbCAA==&__=/qwer/YnJhZC5zaGlyZXNAc3luY3Jlb24uY29t
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2612
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2612 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72f254b29f61e3a842a538bc5e6d8b17

    SHA1

    38cb33d6971e421324dcb01d69da9c5f37549a2f

    SHA256

    3fb6231e002b553b41e551bbba002c76947b3be2a0dfcd834ed0bde527d8eae8

    SHA512

    0b1fd78da19cba7435283db12fec09c7d3f1d735807dea31b7a2c784832d13e724a3993f648f6b735309ead7007257e9580cf0662b748b44e7a5e5c69520559e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    771232145f8fabc8ffcd97697f230c03

    SHA1

    b589feb36bde1e9bc45a71eaaf7fd3a58acac795

    SHA256

    530c65638cf5f7910ea1e07b9380cc1f81bb144461cdbf0642cf808c35501a9b

    SHA512

    29b1c3b4d93303f9bb7dc89e3ad84e7c1215eb6525af8270bd6f9054887669d9a6f18da6c462f7c214ea592a2919fb315015f78be235a8d21f7911dfffdbf0ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4492bc5996acd1bb5912db8cf0abfbed

    SHA1

    8885eb553a9757f6f36fd3ab37de490ff1373aef

    SHA256

    630b2b6a78bc54f09c0976a4cba694a064aeae17a76f52f3ecaf248ec3cc90a6

    SHA512

    c9614a6dc8fdf155c3c826b4ca92e32585d64104570c55a1f6133483139cd7589199ef7cceaa04162204c12ab1fe8504edff7e0ebeab325a3374ed369d728511

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8e31bf2cddb35075d61e9cabf42421b

    SHA1

    06fc7b9a50b6649ba3edf48b0228e591602a9ecd

    SHA256

    02e3a1c917df39810a89a2a12e4ac33a3e5572b627c89e69cb11bb2a6ad75f7c

    SHA512

    d9cd28dec902a499ee9d63137c0f47f481fbcb977080cc3445bbfa555e5dcf94b07b734b332afd0cc88fe8af31484ff3245f449baf6009759a38b2b732005808

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a714df26fce45483ea9433b544a4861

    SHA1

    02efbb87988bec0b37583d9bde011e165cb06c3b

    SHA256

    f261a129483d883f833508d0c061df307dc1da2ec13aed6e53dd3ddc96b6762e

    SHA512

    597270ceb97c5226f2a44444dddcd1477cca652b4896eded34aa97f4a5f4b98af06b57388b9dfae8ebb213bcfc221fb73d1343751730f3be5ef7fb6e5549a43f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88ab201ab333fd48a838550a6a046525

    SHA1

    ac2d4b84776dd58d86530bdfc47afa63ac85024e

    SHA256

    084e2520b3f38c080e2f438712632f2fe272bd95e8dfc8526cadabe7a1c478ba

    SHA512

    94654455bbc3d5576497cba1a23879145b52d6f1aba3fb85e7528bdd471ff725a4877e5b4876dea5f401e1903ad975cc840c70d552476ee5f933bc45c791a492

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6ae0e8445b9fdf6c0776f87bad020d3

    SHA1

    0384146a194b08e72dd679c97a0bd86ea36f52a9

    SHA256

    811fa6b273acb2a81c2fb755ad91668dd5f0ddc74e7658acb63c706c53c7a912

    SHA512

    7c29184aee903c4d8bfd6aa71476b6c596acf177053cbfd6d61349d746895b834016f2b81a98a7310f9a39450ab9f7a9d513a8b516d76b54997327defbffeeea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edbf98ec2c34085d30b8e0b56a463a47

    SHA1

    abdc81503a4d80e74a1f871216b87c87a03c1da5

    SHA256

    a818f74d64294f5f22c40f4fee5bd057a69ef400dd074af15819739a7fc6b111

    SHA512

    9ee177f4d3d1d0c11447ae6b269b056ff5dfa9a2bdc9122d21a9a53fb1138291b1eb9ab68021e626636179d11240c45d9b29f8ada14b3188a05c2d273e4da556

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8a7ec6420b4f005b6cfcd00e44dca94

    SHA1

    c44e2a1267b5b1f1036a84916cd69882a7cc4284

    SHA256

    0e614582a98469c09915c350bf98f81076de5276269ef25ed526cf749951ce87

    SHA512

    8f2a1b5b4524044296d673e4907fe8cfc25f0890e9dd9ac681ef180e6cfba080c4ee5614179fcd9eacfd27d8f0816c32c95473ab3d3bba8d5e7feb7b574a238c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9f9ac9c989f9242121a66463299602f

    SHA1

    cbb19dcad129e3f127719621c822e816cd1f3e64

    SHA256

    e3972791086cd3d8f05edce9b2a8a498e3213ca9a16e62ab61f27cdcb71f62fd

    SHA512

    bdeb7e5a78e01c708c70d2413cb07c535d70feec7c6632d52aef85ab049f26e33d6f22a3f6dcce5c98638a4d15fdd2f8e357a4d2808435e4b18fcac8a377bbf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb375152183bc4e334174304b9141e99

    SHA1

    2420e0768ab853ac96f16af1c8e128b14be946c6

    SHA256

    5b4b793c6bbec0e404dc4124b478309678b789a4e69650330f40b2fea190d412

    SHA512

    b96c416f4d38029e1bbc66f5d15067dee892ca173f80216b1438935fa422a525f3ce8973486421b5e1909454cc0299f2c422a1b38afbe593aeb58c2c0149ae6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1094945d3976fd9fa0f1589f6b1bb85a

    SHA1

    b21417ce6a96bda30f258fc7326b7c539d820076

    SHA256

    7acff17d41c684a57929c85fe8d836d7291d3ff399d1c460b299ba69e10146a6

    SHA512

    4debe1c8e2deb228bf64940bc43a388e1dd29f84ab7a0d440be9bcdead44aac9fd540e5e411924315316bb4a71dd5579df0bb2eadae8528e9a69bb9f767df6d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f568c0af4c3cd425b0ce49cea32573de

    SHA1

    14bb0ac341a2719f59b0e0d86219f230e599a1aa

    SHA256

    6857798e409781c3e525b168437830bb2d223fe181410a315054e54a7c1f5e9b

    SHA512

    95991074e6ed173c224e9a13ec064ff6f885e20721607df36b8d8bffb9c7a3bff762d80c50ab17a1e890d66db44062e659f2b1274c42f92da901b08dcf217b13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1dd9e9ffc3198849e56278be0c7ee85

    SHA1

    ad5f2ea86a5d6e12162cddff60dbd95783485d63

    SHA256

    cdac3bdb5233065b9d5a6ead63fc3f3440c1c5c7ed822d261579668fbc2693e9

    SHA512

    89ca2d91dab7a89cfc91f65b092d8a4275d79bca6cb4636aa94c4b36575ca0dc785507edddffbb8fa05e0403599fa096f599a26d07d99f80fea0406fb72ef4a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3555264f902462df5fb5446fee81ea73

    SHA1

    11718b820b46cd65fae925cc3e9d821e0ed3dbe4

    SHA256

    7712776410848e8a3336cdcf84c304fb2ac64d694a9a0b20a85feb455f8b8f71

    SHA512

    a749209ce77ee3d87f0024c1eaa519f80ef4fc9011e061a3100b30aa94f5aeeccf5a96487f93fdef06b0611ce8fa199a6d3ab00d90ee1db4b557f1a3b65955b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f0b91522a948ee22a5b7e994c670bfd

    SHA1

    82d1067cff953769616e7b4031c6be77c68d37b0

    SHA256

    be08103ade2b01612b86b50dc6332ebdf66ee94749fe703f533912af49084e3f

    SHA512

    e31008c0b5538f12eb873a57d18eaa3f3551de521c7529966935067c92a34c5e4c045d7fefe3266844c4f4bed83e3ae44f5142cda1a152776df6ba8133d29b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47ea34f6a1577ea75e42fc0b3b4dfeea

    SHA1

    0cde436436437b52bc3df52daccfe7da6fb08a72

    SHA256

    c027bbc9550f62f11510c114b208fee20b3623b71c6af0d3278e85ed2b613a65

    SHA512

    b9927111970dceadb222ba5907df71f64e226a5f99687128f0f22bdf2851f0f05687e5661bed082373d58dd57a4f7da489e46712627afca090034c6430e86370

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab61A1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6271.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit