Overview

overview

6

Static

static

1

PC6????.url

windows7-x64

6

PC6????.url

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 19:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PC6????.url

  • Size

    174B

  • MD5

    d76001a5ed4ce5e47a7bd36b0d327ab4

  • SHA1

    6405521c578f5035d2beffdb8f2ee953dde52cda

  • SHA256

    df3b263ac4f5236965999fed8b4baaee9c96f5c804ad71cc20ab9ec34706970d

  • SHA512

    8eef095cd7d24ec8cc17820363b0f61c704c570297ec41f622705f9dc23db379ae399906653fb79fa71fd327ac83aafa4d04b4d728e110c447dc4d391c5b501d

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\PC6____.url
    1⤵
    • Checks whether UAC is enabled
    PID:2264
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2592
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2592 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88c5dfafd0033571541d72fc9d746370

    SHA1

    aa4093a4c5b6d5849546c37ebdb0ac099ba11583

    SHA256

    08f754c4ff0d17cd923c3bc7f6bd309d304140ec7d2f5fca714da4f9d68fb96b

    SHA512

    4f0c9f7128f1f2060bd8e5c6f875e10d76f37c5c35b0fdbc4e2208361bf30addff4756af4fb03a4613e7ac62d071d119ccf140118b859662c6505230c444a397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b024f9b0012ba2edf513d4ce3dbf671

    SHA1

    848d57ca54a9dbecd02686aeb1b20be0c19395a2

    SHA256

    08809b0d5c6e3228447ef9a8782f628c6d83f25a562c0a46b629ab28e919af63

    SHA512

    f833dd876f5e1621fce19fa14db562c2306e309486bda4ef026aa237467f9693f27dc98916fea83e9078d91f77c94c0a5b23b4f08925257d19cea26f2ef48c62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93e3b3717f024aa72db4941acfb4fcf4

    SHA1

    5c448e7889f3f4a313b9715b0dd51dcfb3a0eeda

    SHA256

    cbc7e1f0a8fd86c63e7d43173727d653cb6f771d275b341d980c29274226703d

    SHA512

    7d378df797f8566ec284a8e5b8d78d6df29d94d46ddde99e234b2a614a9bff211e7be487da47885743a2aa4fa4abb6bc3deeedb227e97e81aaa804c1c4864c31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6711f929339bdf09fdfb1e7a677c8363

    SHA1

    18107dd0caad179351705d2c7b94dd8334ddfce9

    SHA256

    f2b750d5324754915905fae59a43123b85d585ab486b5ed3b370f89831dbaff4

    SHA512

    49e057545fea1d304b7e6ee74753ed1a266cc09008e65010bea07536ac31bf01f4304486addc5e772f7ac38051b750df8b029b5395ad84a6d6d37c4a1f7c50fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e9798c90f65536041cbdcf4a4533fc4

    SHA1

    f89c18f3c04d1c61176ebf8ff78911620c2e34e8

    SHA256

    d3483c1328055412785145b0a3cceae5543fb24765381dfa3b5632c5f2384174

    SHA512

    1b57f851dd18f6ce736acb529d1c04126d44ade8ced33f28166eab2bc22535ce909991e14ba9d795e45333cbff76ebf2fd6bb1b0f14079d8efd5470df6050ee4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9427bc66acae6539b4e5f9fec8c9fdd5

    SHA1

    537fbc9075780c6688f746bfaed016c5a581ba2d

    SHA256

    f15a1b2ef9e97187e0acb19c65ce05123063af4c73705fec98db9ab9534de322

    SHA512

    8d8b4c8cba1cdceefa086a51b236f77ce00b224fd8cd4c94201f08d2e63676639e4de992b52ceab6ac9e02e5961daed1bf36840ef54c73eefa219d65141c0904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9523cfb639f5fbd02d2f9203314989b

    SHA1

    0f85494e7d71d74e2ff190ddc06925ab3844afc9

    SHA256

    abf8cba53668b508b68a38fc859358e9af92b2ca5881a7a3f3549298d9be8d7f

    SHA512

    5cdf7d054b05d2e10fe17bfbb8dc1d92b19d73953d87d52174dfc0a6f1c82a4bf14f746dcd4b87a23e480f1a94ffb3083200ce1b7d8f1e0ce9abdcb30141adf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b61211f7bb47854846da7bdbc03aa452

    SHA1

    d56dbb93d6f2c7fe801d70a1fc4128d82dc37e10

    SHA256

    68c31fc7fafc50c6c11a45a91776797f1f1f35ea89e9a45d1f931c03518fcfc1

    SHA512

    de4476b92e08dbf6b6562e5c7d73ea070458fa2f9f91f54a40b030ddba293ab02b83f969848f678b3c7464f1a41e184bcf1b29f40e6906294e4bc1dee2154ca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4afdecf3ffc8d69c40230fd9849b7de7

    SHA1

    8542c54ae8e22c05d6c30a60b3b7201746f7eb88

    SHA256

    4ceb7e1bb73fcec96fdbb273b466c002cbf0e7bdcefa8af885ed7c2c6669f23e

    SHA512

    e0f7d943fb5305dee594d83b5de884ba819f26bb7fb21c0816d9250f2cdbf788734c6796754ef0489b1c801c84ae32542661868fe0b35e3953aac872d8c0d520

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    519922448292706f7cfd53df5c951a07

    SHA1

    e9db2cd60a58894adbe4df271f349cfd17ba446d

    SHA256

    83b1ada7616f04a58507ece3e31e8b78077df1635c18eec57ea5ab49ca8ec994

    SHA512

    c9057e8f272ce14d050439b3e5370e98dd7432de6f1dd14765e64b4d80b93bb6e25f8a2f001c70187fd7d704c0e18d0227333dd23bd552c079d420fe4bf61378

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ab0e1e5489fa6cd0ccdc314d4c896d5

    SHA1

    70bfe33cc6bec700c510c11121a151cc1141c502

    SHA256

    0556e5b52e112a422ced170e097b97a8cd7929705bd3642f44444744faa44e29

    SHA512

    2c429c9abb96b20f110c5a5dd6a402d24a79dcf937414f1a04ef7b7cecb07f7785baeffcbb64dbbe394fda0dd46947ce6206b687845c7148b8e9aa8b2e99e8e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c3153b20df2c5f85bb69884b5f5174a

    SHA1

    7fdbc97a076e3bc8926b93a3ef23acdac78e161d

    SHA256

    6e0d6bccf910fa44fc6a3eedfc12a8064ce525fb0a1c6688e19de70b45e178c1

    SHA512

    856277f40d8975f77061b2a0076b986c524180bcbec465a94897e4df4da90f24730157367721203958458df844c31c556d1dc1dbd32c3aa88dd65c084ac823b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13b9a4f34032b18d73d1555a11742add

    SHA1

    8824ed8009dd6cb26eabe9bc5a55e245631f8712

    SHA256

    5369766253ab713ffdc246ae5f7d8b4d1e61d34edfa50a6d4ffa1e68df1a4459

    SHA512

    d906c22ef51a509ea09d839ce5d1716a6b927680238bfe0e6d87f17115e8891578936ccd4add3d1776ad82f5897b14fd78d278df6c81559debdb4ab71fee53da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4e91aa79e05c74bb7b4d6a9c804ffba

    SHA1

    7ba35dd2f6e38ad61ae88f65c7881ed0251f3afe

    SHA256

    d57870754bd29cf9499d06b07cd76d4c69301b4b97bcf22c7168aa2957895c6e

    SHA512

    614a5a14e7584df1d4f47f1b7b0dede26444b82733b63b28054b14a48274f731ad7aa411a39619ee387ed417a35825b61a83035875a85bf061c8ffd6c37a8ede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9e4a7040dcc995ad1ed9f2ca9c833e9

    SHA1

    975843ca4d625c4cbfb473d9da53ae97f95e143c

    SHA256

    38f1b9e80145638a6faf758b171f70289985b35488b802ba21049a971f80d2f4

    SHA512

    749110db1e0b670c162cb854faf9965a5b4654128f2608c628ffbf93a07cbdfe2bddfa93714523a7fdb51baf80df4ba0b99166a2c352185dbc0f9c00dc179b61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d361b4eb852ccc33b013774fb775f6bd

    SHA1

    4fed95d6cfa448a6c8450cbc67a7576a38c12a04

    SHA256

    fa42a71e37315e7936c02a44b042fe671111237c766a87b8aba1737145c43cad

    SHA512

    2eb1b917ab21df2f81a8961e475fa9e3639b28e5256163e4edc13993df7e5d73ab5978de4b8abfc3990a31d2e2645eda8bc4d768a2ca256180ccacc98e4030de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3bc5f4317220381e6d3d2a33c5a5cde

    SHA1

    6b4af6c7c09d4b8558ea0a743dbcdb9d03aa5d42

    SHA256

    fd3bb00ef4dac2bef232a34c2e58630dd9ffeda6babde8ee95d3f9659ef8e054

    SHA512

    9b6fbc4b31365dbe3ae07eb895444e1a2593fa74b4036fdcbfb87e59a32263f1258e3bedca50502f71fff20975395d3bbc573563f80c65bb8159433f42aef74e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a062788dccf50c5ac793e8fa772cb9b

    SHA1

    d083c182fcae32e39da38b2aa5bd455662131d34

    SHA256

    b7032e1c6c2291f22cb4bd2a4b6a03b465c522f38264e34c3499d8a8e765fe0d

    SHA512

    9f41ab32f274448b872acd208bc66bdc346970725c039f01857794fcd0680aac5d5062a286aeab6220552e74308a20b535cf5f0791d4bf47a9287c8b5422455c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9f0b780df8aa7c936bd1a7a46a7d355

    SHA1

    44372d7f2a67fbd3bf57796ef33fce87d8e30622

    SHA256

    b284a584f31f29eb7ffa9d1c281605de5dbe39355795c41a97c496fbda8e88b8

    SHA512

    6316d3edacde30534a1f4b7731246d226327eed4e05a444a6b76333eb5148708371adb3d0cf3a9d5e9a726c2cc3cc5d4e00dfd779bde101e500cac35f3049818

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA6E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBB8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBCE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2264-0-0x0000000001E10000-0x0000000001E20000-memory.dmp

    Filesize

    64KB

    Download