Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows7-x64

6

https://drive.google...

windows10-1703-x64

6

https://drive.google...

windows10-2004-x64

6

Analysis

  • max time kernel
    1563s
  • max time network
    1565s
  • platform
    windows7_x64
  • resource
    win7-20240704-de
  • resource tags

    arch:x64arch:x86image:win7-20240704-delocale:de-deos:windows7-x64systemwindows
  • submitted
    16-07-2024 09:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1ufalXBSQopREICnIjJc1sYCyAZ4M-i8K/view?pli=1

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/file/d/1ufalXBSQopREICnIjJc1sYCyAZ4M-i8K/view?pli=1
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2684 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9f30957935d5554da19005c039b4093

    SHA1

    823a5ab2d1036b246d0087ed8a1c5fafd13742e5

    SHA256

    4b95c328bae154b4b08e8e08336d0e4fa02b41f1784b12c424d76c890a927d7c

    SHA512

    46f61e5b99103a77d898f0129dc0f2058247cb77b606580ccaeab592369728ee89506acaa6b694e435f1c4d995f952c1d7280fba80b6f5f1e090de11889f42f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5bc8dcb5e04ffbc771c8b408a8d37ef

    SHA1

    74ede44d4b6b2ff21370afda68644319ad0eb63d

    SHA256

    7d25552be0dbf0d149ae57b32f5ff10d743c0800d1e11f8343c4532a3109e7ef

    SHA512

    23602f12999cc330fb7c04fc252862e724ef6645bd50d11685db62f94561467977446deaa502c950c7ea4fe0102615f9d524d34a99f4a6d5b4bc04d63fdb1254

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    645914240c437b8f41bc8ad93a49fea5

    SHA1

    08ae0ab89aa277a2e2a845b43a74b6f4363b2724

    SHA256

    2b83078686296f963166d46d5bc09657316b84330d90d754af6cac29f681892d

    SHA512

    7412a52c0e82b768418027d2e55d069ea987bc8da984c49ee03adf8608f8d0c05a0e833db24175071dde304879d27c9921e7f130f9e6c310e7c680bb0ece63c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16b869e6f26f5fafc81439c72caa0644

    SHA1

    470f4e9d2c714536ae374f7496db750b8f661590

    SHA256

    dc8996e978873e57e9bb0239fcd5e74f1a5a98189c71c5a15fdbdde83d8bbc6f

    SHA512

    f6398d6dd204bc1e65a0da7c18d15eb46386a7fd55d6d8376ee4b95c869c1827d38e4eeb2dc91fe1f9f6c28295f79097433d0da6e35953606ec0e05a7aff45f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d524d9eefcf8d8b63e26d8b47e4cd6c2

    SHA1

    423f1ab7108fb51f98b36a09fba453a7e6e83d5d

    SHA256

    310a19f03aa4971520b4198032800114548a9a962cf0f48461ec1291c6973197

    SHA512

    723a6647d212729dfca9561f65dc539225eb3888404a5dfba3d4e4d080da130d2fc3a60779c3c691275c6834ec39a2735c0bdac39cda00abd1d8efb9331fb6fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b5f31768eff5bfd1e09a417a02d3ecf

    SHA1

    1bb62f99624a4fda8775149c3c6e2beb9fb5436d

    SHA256

    9a8c1ea47331d970f3e3103f76dd469b47cbee41f6c2c2b6b8f78cec0cf67b72

    SHA512

    ee5777209cd05dba92062b5cc7e0c970fc22eff3d4468cacf01ab20d6bf8a948fff089e36c82d5c785a2a55613209b14a26e084cb1a5de7138dccaa6012c8578

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0f58db526e4f66439dceef3cd8a38aa

    SHA1

    0025e0afa5162709ec330abe3ae40e3eebb55fcc

    SHA256

    60f842e50588f3196487848add0c9207c766b6f25feb879485927cd9fb247933

    SHA512

    80ec5525fa0ce15e114d7f34142b8967bfa058dbb12e2df4eb3b8e4a880a868196e443b1a5668d784cf9ebb8a8fd018813027ba34cf185487136d7663de832c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96e772699649baa192f6c8f92e47ca04

    SHA1

    896a6bd16fbefaf6d8f1d9e0f6d7cb2f3a451d52

    SHA256

    1de28c1b4e27053046cbfaadb20c5a53b31864d5e8f7925d1f5a3c80daf5c032

    SHA512

    c3a9f20ed8cc16285f8b30f1a7c856115990a1cb95f28f6447e3a3c5447b82c84475f0d4cb99df2a3c1807173ed2464a63fde5eb0537325e59d60806cd2cb7f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cf366374b824fe8093248f0e83ee72b

    SHA1

    9afab334b24322fc739b4e65690e73a2655c7291

    SHA256

    2bffc6c899033658bc044622239df6a9a11fa12d24a6ef89b06d4f36a2ccd392

    SHA512

    5a5ee116e3ad50960338d1720b1872f1b6c297b83b2ab0e293a3f6e94c30e57b8ef30ce2f0e4b32110c5356856a45229d350d40113ca413b8818dde66f036297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc4634666d92134d443108bb19cc42b1

    SHA1

    9f400e33b8b18759eaf4c15ca000bc4e1d23aeb4

    SHA256

    78607235e06f649653798344e609e5731a0ce72d4c3e1c7e8b5c5d89931f625d

    SHA512

    f3fd69e637e1c1f2b4cf099fcefbd487461db99c837adfd720a9c1b88877da22a7a944ab60c02c6829d7d4c3c9ef5a439e46dd85ecfef8e82c36af0166ec3a49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd6bded6d6dfc277bf9a146508d3d33b

    SHA1

    b949336f7106f535d40266f468ecfc2148a90c45

    SHA256

    fea11f6325dd9a669bd570219766930012dd5f111340d2c927f821bee033309e

    SHA512

    3d309df35cfd498d7c3b2f6501926b526bd77eadb2189ad760281bd9ce1f1cb650e4505d9990c3d9ffcf7f8c94704f57bd389a9d9225ab02a83c0dd971505e6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72b442ff05263dc09f79f62db72f5213

    SHA1

    8ed1e3f1a6374094aa18a9b0b7986cb07d72d8f4

    SHA256

    5d86cf65a0d3d755b02c4a5bc23c0f1e090f06fbd63ce8456593e1252351338a

    SHA512

    62cbfa5ef28dd27c51714413d65c30c8260e1dbe428eea6b02141418b4ae58afabcf75bb0ac94ed928e582bae8fb2ee2b1048f6f8c4a6bd2176c5bab06483f0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a01a75413b2c1344cf759e068af43d2

    SHA1

    ce04633773e007099f7ca03f160060effa6778d5

    SHA256

    f740c146405512bb116c6e81e1745d52005d0835dd49fdb344f16489e9354ff8

    SHA512

    ff72aecfee853d632ef74d5d91bbb479db6a75981d74fcafbbd74c23a95a463b475cad261ac193b2975faca886cf3b8d21ed74aa37aae71ea4cd5e8d8fa8b315

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5a9ff23ef2370072d1bb30f46b31245

    SHA1

    7725710cc893cd25ce06824787a0675698028e88

    SHA256

    cb8767e7aa6e924c5a711fc0927985bb8efbfc3e09de2b0c60a681591fd62c50

    SHA512

    0d27efdd9a92d6740c5ab78f031cdb6b141e5bf21e3b34eb4e5dc84045ea041445a3d9c48c9a84af6aed407a82a6fa52a0a86e3ba9513e155ddf25534989f91c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    731bdcae9d87280975e341338de1658a

    SHA1

    99cd1fc8fb915494d6480cf9cd82d1398e90a523

    SHA256

    0a613ee3c52306c78a653479e1aecbae93d8ccc472d2485689c4c10caa16aab2

    SHA512

    88383c0ff38f7ddaf6423f007dfdbbb54ddbcc0d03aed6cd22e27008a31bd87c0e86cc42a8325208fda4f952efd8e1dd636877342d72509876a885e3981592f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6681e371644a99934d725461e572086c

    SHA1

    388d937b4073f78edce3db16b0ca9d4636631faf

    SHA256

    6eed4848448c6018537982a4426ac0827d7bc9cfc6a1966c6a237368dcb19128

    SHA512

    35fe348ac8d4c43c78fd7f6e046243289ae54029d2ea85d95c121f31106cb9fefa97f4d86783124b0dbf3cb040dcd4e15a44493237175c42da2ddd69993f2b45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6882d05b0dfda786b47c84f3f5059d7

    SHA1

    f295c69739dfd4ed800e64b20163b9e85f7e2f6a

    SHA256

    18cee1a577b840a6db6c8688e4031db70ec2ebb7cd1f424e2dd0b90412e23ec0

    SHA512

    89de80fb76c6cb0dcd3bb3bd40c593a402753297e2d73390a4e66e0f045064cb8045b6c86351b03789aeceba19f2109947cbbf19f7d7c4b93a85d1d9d025def0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3d894bd9362ea0908c97dfa2b24be82

    SHA1

    9c89feb9f33531b2d43087949abde8a49b3fb5be

    SHA256

    8c2d6521d56276d0dff91c0b57a6a8187b751ddfd4f5a723e73e553dd07d6fd8

    SHA512

    755eaf9dbe513367d8b7cfc239668dd3f8cec74019d36e9cf889fab5e20139bdab6e75ca864a9cf59bd73beaca768534e8e90e5b3691d751bd0be49aa203b8d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fda68dc7e67400e13c4748cffd877555

    SHA1

    09015f31c487cb3632fd488ad835de29cb201f62

    SHA256

    fedce2d36bc00a0fe681b66c0404238a21c86a40b2bf5432ec7a5fa18a6a1dbd

    SHA512

    8d566b0a2d02a393dc7005a4d889cdce870e1c197eeded02274e390918f5672977b97bb3dcc7fb420070b34dc059acb6e53700db02e3151642a4d5f75bd22381

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd5b7a21e7ca274017cf41a86a94513b

    SHA1

    d85239ec4bc03b0c84d743a582ee7e34513a55f8

    SHA256

    4e430c488f86f1f41652027dbc73591d75968c05a74f1d49c5cd684f1e707b72

    SHA512

    7291ec4b203b83a54311949c1676413d2f6de78281118b1f989db635d916173f7c3220e3364265f20ae3fc94e1c0751739a132eb89d87fed7e3e1ff4ada31433

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a73667c765a17ac7ec48ce89cbbf2cc0

    SHA1

    d835dbb7918acaebe6fd6860da025607bfe60749

    SHA256

    ede9c7150a832ca20e423a0c4dfb3288d6cf0937f5fe97e93ec288b59556139a

    SHA512

    11ba9684f01acb73d0bb596b5315c9b04ca1020d611d2c27cbfb48986927bf014ad7b734dd0e7fc947d62f581b117f01e5f28904cdcad6b2d2189a7ea4d773b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f127f785cdeff1d29f05fbbb9efb5e5

    SHA1

    bc813450e017c68708b61844ed63664d8449eecd

    SHA256

    9304e5384ba850934133d4f282cfcafa1e24f5ddb77bd2a2b7a9e291a97e9726

    SHA512

    1b2db74315e9ee5320991742b88902983c7207101ed6cf4130a2dd345789a44f636663b67a837ec8641de3e752444945964633e9805230a36ecdf8cf98de764e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70b97a80109275ec60367c4f142bd5d4

    SHA1

    2b557a2cb587fa5b2e0389591cede30cc177155c

    SHA256

    9231cd2751d5ac585bb7c6e0fb81e8682ba13df687fa98616a5b7ce4d3f80b7d

    SHA512

    8fffcda8252315b294c14488f3ec719080506e2c0973046f4546a823813a00ee1ea7a56c23b030e1266d5dc3dcd521f7ff37f824b8e1dca16b552191245f0dbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c936024085394be662d4fe1f829d274b

    SHA1

    d01e634fd88dde702ebc5316b0d33e1d0b6c5376

    SHA256

    3231f1eaaa8c635cf9b0e25edfd0038b2bcf0f54889d28fd712bd703c8bbe8f4

    SHA512

    303078fae8e20e02b24a253d123eba4e89bf0a968cce8a8d251f1f7b4922ecfcd6c4a073b739ad0c29359a3a831acfed926f331277159f559078d429ffbf61ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\85y7ywt\imagestore.dat
    Filesize

    1021B

    MD5

    8d58976f34fcb17dab0b7c6b01e2796e

    SHA1

    dbe37e8c902cc4d56b4a3bbfcec7ce409886f871

    SHA256

    ac268cb3cee1bf5239f1f2e85922c3f8f10b3ccf498af10ad8e05b87bdd6e420

    SHA512

    0bd9be0e5a6a96fb7d49574ab60b7ec8713687e05cfbe7e47e7484c843b459b7f87293f300866ea719a31530a30f24d07acee91af7d19baec559a5e215f30c57

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\84EXSCRK\drive_2020q4_32dp[1].png
    Filesize

    831B

    MD5

    916c9bcccf19525ad9d3cd1514008746

    SHA1

    9ccce6978d2417927b5150ffaac22f907ff27b6e

    SHA256

    358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

    SHA512

    b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9FF8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA0C6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit