Overview

overview

1

Static

static

1

URLScan

urlscan

http://jhvy6hnubgth ...

windows7-x64

1

Resubmissions

28-02-2024 22:50

240228-2r96safg3y 1

28-02-2024 22:03

240228-1yhjnseh8v 1

28-02-2024 21:27

240228-1atl2aec87 6

28-02-2024 19:57

240228-ypmqxscd8y 8

28-02-2024 19:56

240228-ynzzvsce79 1

28-02-2024 19:08

240228-xs7ptsbf2s 6

Analysis

  • max time kernel
    18s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-02-2024 19:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://jhvy6hnubgth rn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 15 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 28 IoCs
  • Suspicious use of SendNotifyMessage 27 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "http://jhvy6hnubgth rn"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504
  • C:\Windows\system32\taskmgr.exe
    "C:\Windows\system32\taskmgr.exe" /4
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f87ba9610c34d8c23c10d8229f08eeb6

    SHA1

    cd7340ef85441897129df2a6b89dea9dba6e8806

    SHA256

    a92e9ff8941c33e00259455cc708b9f7c50a63e78db1ea766f552c478fb8399a

    SHA512

    ba0767aaabf6f85c261932d5f322afb93330e37c6b57c8188cc314fe237d8859a78f57a92f71ca8a29c16e2425ea86f83acb3f274f0bedec609a7bdb12251b29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    587a9e1be25478e44903a93910d25982

    SHA1

    8241a6e4055ea0de8dbafe0522a3967ce49ca505

    SHA256

    2a4b24593b1f4d6133b7497f08ff052e57b9aec9a5bc40f82f391c494273fc5a

    SHA512

    bbc4cc19c0875b1460186ed49cf9a9d893467f0824bef86d5ce0037fca2106c1be505032e55b27d4b4963caca9e0225d6c551c763a47a2ab4e2383121d5e335c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ebf9614fcb653ee409d8742b3fb2158

    SHA1

    6b884151fb7f53f8929bac28552ae116e1c8c5ea

    SHA256

    e35e35df9f19954156cb0eb629bd9df1787efef5904b2ef84c7e928ed68464d9

    SHA512

    7437ad43dbe4a3a6bd6d075180f543ddefaba5821f40f10481ab22892f1c3aa73238560f95724c619dfe74a3c95cdd4710c1591b8de4a8da23aad7feac4662c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86c7111cf6038141cac5eebe2b341ff3

    SHA1

    4dc76ebea791a27adc1d809c259fec94ce2ac581

    SHA256

    4ba7e2ad5eeaabf0508760f09b7b9177be375d33a4add586bc7229262f0493c4

    SHA512

    44a3b05a3c36e25b363850440eaa0b6183f8b0fe58dfe6935001cf92777ed6b3e97c626f69e8315b3c75fb63f36f3240dd8eed1dfe75702b498440630fdf76ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cba07594ff393a301c0dddda07d675f5

    SHA1

    9b400293930b7d06f18ea38840d52428f7da8922

    SHA256

    80763f632dd2695c8772a3cf93319c8528cd2722a6c6f1329845d62dd5804359

    SHA512

    62da8ea2da600621fe30ccd5101fd12464049f040bb27f893097c74b18e90c2a2bd146c90d5e597600ad834c8d4df23ae423d59260f2d6fe1bff51846b2f44df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51ae5a71b456cd6cdfcdf567374d93d3

    SHA1

    8c3ab29e20580d7070aa2a74c253da9ac3e6e4b7

    SHA256

    5dcf93468aff0c5086a99e20b6edef6e92d20f633d2677fc483ff7c34166dbbd

    SHA512

    c44a9ac2ad41256f6685896fb226c35d70a39d3234eacc325e8432819c2f63b67db3ba21a5d86db5bd1c52621721055dd540561f7be684017520d1f813b553ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    580b3784af145df8e03bb15f05738d36

    SHA1

    faebe5da9e777fe4343bf85c94c0e69957599867

    SHA256

    4d9d7e61249341c9fb2721302ddd64b53d599b485aff38e8a97c785b5efe7844

    SHA512

    bccdefd332e8f5ecf0d9883c06247c1909daad9c82edff219112f30f403c6d825640b1839b1c003b91ababb95c7cdd1acf87bdf2f86ab6d0a461fbc96e35a24c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    491ebfb140429ed03826cbb6c7c6a241

    SHA1

    77549defc31d09588fa843979c11be83f31382eb

    SHA256

    f38e959df5d04017dbc826cac649ba04dcb64b03f93004bcd99a805c92e59ee4

    SHA512

    ae8054b81dd3f0fbae3110071b7c3ea5b0d338b17cf1b42ca32ab9d90e1d4b5d0f0ae101f3fdb1a6ddba9e3daef3253fb9a26c577a37b7d474311f9a10e85290

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f32e504293485a5577c8c2ccfce9dbb

    SHA1

    4e00af04d05eef0e426ab6b303ab5363cf8e4c5c

    SHA256

    72b43c139262f7bb182c0c18f9b7193959813d6449ad3c23a86bd2a84b406f63

    SHA512

    5d2def2db1cebfd04bba024127b36b9ed46597a6149b714c0ddd92023601586cf438301f6adbd00732107b66afff18283c83c90f7dc39f07be6268558746845d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f7bb8441e37938e32592dcbf30e510b

    SHA1

    7dac080562e2447d81a9d2ef4ae29a5596f8e933

    SHA256

    04a73c4ab3e480e2182eea1bb64e45fee75529824aa733ad0835b5ddb37bb0f7

    SHA512

    47916302e0456be968bb1703ddc8afa5f8de602be084e38795811159e5c0723344363aae8a9cc8127d94479c4f88d944d8a3ba6bc3c3c54ad489226b6c562568

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7fbe4be1fcba42ce8686bef87ec6417

    SHA1

    3532abc7cbab189a9273514929a23b7da4dfa630

    SHA256

    559bf8d0100e6f15406c257f1b94f182dfc298d7df2acb7d514aa1d0e5601148

    SHA512

    7c2215b7173bf930c3b5e84c87c0d00793b86f5e50ac00c34c3af0085853c66b7cc283774040c8cb5a62dcf65f80bca2d69d56211c6cf76300ba2acc0735a5d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA49A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA5BB.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/2096-5-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2096-4-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2096-480-0x00000000020E0000-0x00000000020E1000-memory.dmp

    Filesize

    4KB

    Download