Overview

overview

1

Static

static

1

URLScan

urlscan

https://kirsten1gg1g...

windows7-x64

1

https://kirsten1gg1g...

windows10-1703-x64

1

https://kirsten1gg1g...

windows10-2004-x64

1

https://kirsten1gg1g...

windows11-21h2-x64

1

Analysis

  • max time kernel
    15s
  • max time network
    17s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/06/2024, 20:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://kirsten1gg1g.de/invite/i=16503

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 19 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://kirsten1gg1g.de/invite/i=16503
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
          Filesize

          717B

          MD5

          822467b728b7a66b081c91795373789a

          SHA1

          d8f2f02e1eef62485a9feffd59ce837511749865

          SHA256

          af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

          SHA512

          bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1B1495DD322A24490E2BF2FAABAE1C61
          Filesize

          299B

          MD5

          5ae8478af8dd6eec7ad4edf162dd3df1

          SHA1

          55670b9fd39da59a9d7d0bb0aecb52324cbacc5a

          SHA256

          fe42ac92eae3b2850370b73c3691ccf394c23ab6133de39f1697a6ebac4bedca

          SHA512

          a5ed33ecec5eecf5437c14eba7c65c84b6f8b08a42df7f18c8123ee37f6743b0cf8116f4359efa82338b244b28938a6e0c8895fcd7f7563bf5777b7d8ee86296

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
          Filesize

          192B

          MD5

          272ae854e95acabf088ff665f56c8884

          SHA1

          9ef435c257f5b572ecbb11eaf22a838ba1b32d7e

          SHA256

          ac36967983734b2ab1e2e0349dcb0379dcae50f57a830aa4929978bd7182e4f9

          SHA512

          0d7fc15483b3cc1085a6dd2bfa52b7ef20d67d6e104e30c3ae5b0e71b5dd5223a1e858195bd4265abe16d0146b023d812a048b3447ec3a3dafd79b586bd7c975

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1495DD322A24490E2BF2FAABAE1C61
          Filesize

          192B

          MD5

          5763d8728219ed83370875b2b8755b76

          SHA1

          cf35eab0370222531f15fe35d08d5a02ce479666

          SHA256

          58836add6c7a01ec009cf30b71a45183d40781ab7fdb67ef93d100aff4932bae

          SHA512

          c3781f21c2206b16783e5265de8143da3aa63f73928f94c15dfcc37d082c0a0b4d7a21e38c9ef3d66e221c066d6b24f8c076cbe952ece0a258536dde24b1a5a4

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BLQDLNEB\favicon-32x32[1].png
          Filesize

          1KB

          MD5

          98b614336d9a12cb3f7bedb001da6fca

          SHA1

          80e6b1159707dd27cccd335831483617a77c9e1b

          SHA256

          02f64bb479a7bd0d7ad052123fcce9c7daf6200f9fb4dccdf5337dbe6968b2a8

          SHA512

          f7dda16b2f1d6b27ba52e4694153a1230a176cdd1e1084a1575d9227c433713b47cdc58c5ea94b04d10e8a3515ff9a2e84beae757271974e1c66be7ee8acd1ae

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TXNHX8GN\favicon[1].htm
          Filesize

          2KB

          MD5

          38a4272015850e878030e85af5a36077

          SHA1

          22596c3e696ed0dd85916c84b871cf6f85623ac2

          SHA256

          4db5b10b8cf91768b9294588507c0e6c425fd207548e382428f423ded9a21bdb

          SHA512

          8f5a76d7c0db2865c05b341e34cdcd1edeca02b02ba34b48d212df54d08e1abdf26aac026c60c5be2ff96ab9bf274dffc5e76fb192935c7fb21c4fc9745307cf

          Download Submit