Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows7-x64

6

https://drive.google...

windows10-1703-x64

6

https://drive.google...

windows10-2004-x64

6

https://drive.google...

windows11-21h2-x64

6

Analysis

  • max time kernel
    1565s
  • max time network
    1569s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24-07-2024 20:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1qpZGRTQ58IM-KErL8WJhtyfbDOA0cTHA/view

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/file/d/1qpZGRTQ58IM-KErL8WJhtyfbDOA0cTHA/view
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7be8f6b34297bfbf208b411c11cc491d

    SHA1

    8cd24f446c1eaad1c6a1b0f7d6d277474ea70f66

    SHA256

    ee5dfa1916e7c75e7274528ac44ee0445cb4950d49ccbbd60497f1c305d21a77

    SHA512

    fdbe896d025947e1732eadce45bdfa781048ee7c809ad32b714b5358cda973b7aa1585d556e4ae7bcba5ef501a86d7955662f3c69f8141f7946b5538ebc60aed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12ba7f18d110100d43bf2133ff8be8b0

    SHA1

    10c9d605f8e475231ff2d0b63ff945071afd18ed

    SHA256

    78bee6e675e40eea5397535e465f60f5cd81d37472bac00c3daa4953413ee492

    SHA512

    1a7cfbc5b5af53a15f747830a851ae0d0a87979c701c4b37d76ab8cbc0bbb9f33f2a2fcfc6b74e727d66508ee4dff9bba0ca5ab1728f7c25edd93f46a199b2f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e62ba4b3bd7aa102054a1785838f10f6

    SHA1

    0c3c3091a5475f08561df02772835b9d0b393197

    SHA256

    4fe1424af101aeebb911dd5d806751a526f636e47e0bf806dc8ac7ccfb372601

    SHA512

    90a247cba78eacec1d779793bea59a1ca691897c7325f9a89d6b70be214e7ee7e2c51126c5dec42761e3986e04b64c0173d6f078bff0df50fc4865d1b3710534

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5dc2414b62f1dbc893eef014138a342

    SHA1

    6a5e65013c2558e60bac781a94a669d7ed47848a

    SHA256

    f53266c3972356b6f4ae56c8ca2ae727514a386e7a6e5bac6ac19b64e4f8d5a4

    SHA512

    ecbf4a2976b08dfe906a8a0334166ace9e6acd96dbc4a0c8c94659ed60b623a3666fc50fd7c4b1d49cf2cbc7631fddc2d1f559e047fe7e838bcd38d0d46b3af6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    676455606f5a8107029a4727b876b30e

    SHA1

    c1fbc47b5cda69e20987a4ba70806d545f6da63b

    SHA256

    ea0f01090dce6fad4c1316c24ccf6ede33e62924fc242e58fdfaa8a1b52c05a2

    SHA512

    84b3f4ec84b64ebc03d62e63d1b64bc6b1fdab8e4d9ea43a4556bbae6831a48fd9040d68629016428ccfcbdc0568bebff64b9a13ed455eea4df6292bdcff0c7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0edbb5b5145bffa36f081d0f02faca40

    SHA1

    30a72a5fce3da73a361f36f38702fafc88a6189d

    SHA256

    2465dcabfb0248d100c8258206d56d698e3ae517ba2354a37c1fdf10057de815

    SHA512

    3949318507d53b6e78d8609bea9fa3e5c83526870301b17a1b90e4d7a9a5bef9ae75ad7a49baed01fa78f94d1292b1fe8d3c22842b6af68b90a4e9b931ee6650

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13d92114e4d5d178b274f2d910d57eaa

    SHA1

    f0a5ac19be22aa9d2593f2e7ed16efad3016b066

    SHA256

    19ec77c23a65bd201581b070add474b5ceb4b4ab95dbb4ae50639be60ab36b64

    SHA512

    6562bbda3f085fe5e204e580d7344bdab88e9a240f3c750d3d4b1a0c41c9842bf4850be2c74963981231c49c5c62fb5774bbddb4b492712cc66031444a7c5d4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38dee76560f8aa3036cb3627245035ba

    SHA1

    2e36f938ef97284368c11df0873942de1f686979

    SHA256

    9e49ca0413546c33bdbd53d05648fd5580f686bee367e7ebde6faa0e4e4f2570

    SHA512

    9b8067dbc7988abc4ba88e6f24659ed62408e5516738d36e1016e116dbea69ba6e2f03c5f44aa40e818773cd2dd890a922e2d4272751f726068b4556b39ea63d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21e2f753eb4b772a8d108b0dad09d544

    SHA1

    e6c38269baff2200271af2cb7803d1512ad7fb9b

    SHA256

    1447c18eeceace478c84b761487f8c392b8a9946b57f0553f4cb3b6535dd5dad

    SHA512

    2c02db08b0a44cef29cb3803dbf9c07af97fdc78f307563a2ab29d3910050dcb8ef7ff1b180a8f52197d2a83c070ce729c2578bf0e268284135075255ca1d1d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    889aae313604b2edc08352395cfdb5ce

    SHA1

    537ea1e2f85e616c3cc15f25535df2a47e962df5

    SHA256

    2fece9291179d1e1e9160e68088342f616252c399c9de947cae45fed8f14eb5b

    SHA512

    73f04cc6426a1d961dfac3b6650d11d1dffbb89b42a95653b4a725f149b4c058443c9ac8bb1ade3215ae75a62b018fc0563fb78c38bb493a4aac1a832f979020

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7aa75730fb23924e69203517d05bcdc7

    SHA1

    2e8e8a7a003065df49ce4efd197b0fa6eca08ee2

    SHA256

    7e2c53103520a8ebaa56ec4517470524022a160a264b8ae40b9e8ed469236f9c

    SHA512

    70e4c785cb86b0ba86e8e5fe9317feda3d332bd600bdc6194dd1cd7c3259fffc93f84db79b64b9bbb39d32d7310bdfe53fb7a24d49f930d720725be4e0581078

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a92d23674fc90c02e301252c85fee31d

    SHA1

    9075065655ada469f14b4808bda5d75e9bf3350d

    SHA256

    54f9ce0964f1adcd5719bff4f2149b04de64e657323691ebe6fc4c0c4bfa633b

    SHA512

    0791ed95ebe685f1e45cc5e2532f08d669299cfdc31deb4db5f2e168773ef9f978910692b34d8d3b30b66f9cd93839b2aa536a5e1aece714e3f7fb861cb9f840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    058b1daa5c9159826bcdc969333f1909

    SHA1

    3b6c5b3151d86bfd6e149f1bab5adcdbf8ad1805

    SHA256

    f3de35c9d1ce0fe68799df0119891cc1e585bf2d4ba28b827e37841a0f6c6b62

    SHA512

    f82dcb392f2fd2d87ae121ee34aa1dff6e38ff9c212fcfa6a69732963c668eb540be035c929fe755cda52adbc632209919d4b4f447c422801bd31ffac8a30077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00d507e79051ca08054cab3131df6775

    SHA1

    74c4fe1789299a7afef01f4d020d20f7ce666b1f

    SHA256

    7b25459c68a5844b1c6f935e15ea9d995941a5ffa3fee03fdffef23b6756b31f

    SHA512

    1314eb930436aeb450d993dc6191e1716f83fd46bf40c26f92819f3921f8d126beb36c61c50b88ede89383cbf93b8cdfa61a55f5bac347c4d7ea79642540f443

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c49bd81ff21e9edfd13e2ef1574d1179

    SHA1

    f095df4521d195fc6939ded7f0fcbb2cdde89603

    SHA256

    4408f6011ac9048e6fd37b577c77ec7184c5b6ca0d1c945600102cf2805d969b

    SHA512

    3ed76ac2fae698f5b0e192868fc3e228105c572d8bbe3a430ee7925a54c5a3f7392d2794d17c96fb8d57caef4328a19a86ed7924f6de56d788427a0aa66cc642

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    296107a33d71f468401a6baf4cb57c8f

    SHA1

    0e637f84d1404a57e85e80d9719d1e8796756867

    SHA256

    26e3b4e498307744e0803ae945a8da715bbb8258cd2fdddc3ae0771609d761d5

    SHA512

    38af92f2726206853c53562f7fa7f57c63efcb95c7aabcf45f53f885906996cfd359bb0fa810397bbf001b2ca9a8fddb269be60900c10b9f5abd07be4f5e5e4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baa2d12ec56d59c310f3b5b2bb05dd28

    SHA1

    80508995f7e02a4c22d15d460ca1078b2116b618

    SHA256

    619e29ed1e1af5806b43821e050e4eb4865bd86e601a8b899699f880e7b3c412

    SHA512

    6083b9675694e8ec5d759eb7236a4c42099e3e424217a72ade7bfdd150f3bfd1f6c03ba66e93a45537684f10a964dba1359671a125dd868b3b1a9f3f99afa7f4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n4uupnw\imagestore.dat
    Filesize

    1021B

    MD5

    64bdb481d4ff3a01b6c64a6071504292

    SHA1

    c439b92825555f175650964385c1eb6be47f4d97

    SHA256

    4307b5361b3eb66b0e3eb0684bd1469da348975e8532c265af93fb0aa532dcb5

    SHA512

    ed7f97ccc14f9e5599d30989e218f08659e3477d96837c95d9741e78f358ec17fc3dcaaebaf1eda8f6bc682d17f427f81431d1440fc7c08e0adef9ed2af859c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT8UAXPK\drive_2020q4_32dp[1].png
    Filesize

    831B

    MD5

    916c9bcccf19525ad9d3cd1514008746

    SHA1

    9ccce6978d2417927b5150ffaac22f907ff27b6e

    SHA256

    358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

    SHA512

    b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE274.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE276.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit