Overview

overview

3

Static

static

1

URLScan

urlscan

1

https://192.168.245....

windows7-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 03:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://192.168.245.159/dms/policy/requests_ng.php#

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://192.168.245.159/dms/policy/requests_ng.php#
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8d54093d7bd45bfcec22212f2c6a22a0

          SHA1

          d87eb171daa5381dd1c3e6fffc6d7f192343e92a

          SHA256

          a29593dd03ff89db38c19f7af98859502365045b8f3f8193be59cbb9002c0e97

          SHA512

          66afba5d5ce99c8b9cb3c2faa5952081f717d4121d4cb5f2a7671bd1d4ba6be98fb2bbef830116dde42aa9aba84fad28f07a66ee075db050c015e01119ab2d1c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7a9f17eaa48e6d2811b5fa82a063caa5

          SHA1

          9296831a909cd80266f144686a53119f96ba7560

          SHA256

          c4d6a5b3f9cf5078636d96be0925662b94ea072421a4bb90a9c727f80ce1c1a7

          SHA512

          4450646e2cf3e2570a77be649c5dbe9aaf9c98c546cc8c1a0d7f062d986afccb8313915e32931958e54342252e6bd92e30cd2c96e9ce57f349aa5eed1f866321

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3dffab04e2b7cb83d074c5cb66398bad

          SHA1

          a73356c6d430482dc7acc39d507e5e0c6b504cf2

          SHA256

          dc9371eab0ac51ea3a52323d32bc963f59941ec15cd999b0333392a866a918a7

          SHA512

          840dea6ddf8ffe83931e1d1f73cec1b09f7c03fbc6c9bb53acb1ce73dc02b51a55ba84d361019b6ce8b40698ad5abd8fe94b24707d7213741e7d7ddae7f54046

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          244165dbac6481dc060f303a1d8777bb

          SHA1

          2d5da6d16c917a557f2d972af8b40a0c1261ff1d

          SHA256

          c9e2381c97d1bd1bfa8ef02ccff7715f05f0fb4144a22852cc997c8b5a2d2c83

          SHA512

          cd6752b82a099f370bc56bb9b36ff86cba09061a3fb38ce5a3e3fd7c3157d4e152644e0c7004c73d5978950cfb2504e584f55e01c18db4d4c9d3ee5d68fef682

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f06084aa9b636a806b260d93f30e547c

          SHA1

          387028e014342a73ff9a9c09e556c73069b8d561

          SHA256

          4f3004ac250c977aa1cb2480df92f00ba50c636baad4574725b011bb1df885d4

          SHA512

          f346c5bab7a9d56a6eefd1eceae7ab943bc2d69787e2887ece8aaf901debf0cef352345dda94a27490cbce91b480055b53b9e9f02208b6a559dc234206f36ccb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          232fded661b013226b7724530e394a0d

          SHA1

          d000c6dc654ffac88c15da4c2896206090c55fcd

          SHA256

          485bec601a58fe7239d635d23da35a5f571eb75573e2df779d9fd8697b5edbe1

          SHA512

          3e95cbc5c764ba1c74905d340d18c8c498566983c22d01a0b9e1e442feb2ca5b93cea7b45dfa8a6fa90df5a3e99b15cef8cafd7c77ace534be35a003b352e105

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3f16bc6a53c7e5dc8512d94a95dab6fd

          SHA1

          8522b4d9d3391b64dd71ddbfee2b0a159a627695

          SHA256

          f30450cc150b9ac3ea068ae913e60509a089708e575b7337a15cc4877341acde

          SHA512

          ec5934719c25881786e50cad9a35575cd052e9d6103a931d23ef56a0e9b14fe9583ed529d7b1e97e615b8a549fe058e4db32c4e6c5299cace7793fcee453c894

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8876403175b70b9df920f333131b5ad8

          SHA1

          0bec7d6010a9ad77f08e7ed5795ffd48c8380d62

          SHA256

          d63f83fcca0da821e64577fcca7786e1ba027b32a3b07aae677385045d91a52c

          SHA512

          7ef88ad8606de146ad257cc56b507029a037d2172d0af6e31ed410803a037da270e0b22ee46078603929e329ecf1524605f506fd0a7d332ffd81f4e299e26a54

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          55cd820056bba8401ebade8eae713793

          SHA1

          eb15c505e2cf976713d2926bc23f08518cee1783

          SHA256

          6c71b7e58f654d8c66ed2956a08b12423f6d63669d714949dd0ca3f8f89a5733

          SHA512

          f96f16085dd6d16f95d8b2e7a8afdafc18f971f7d6a376df9e78d185003e7487ed5ec4f4bbef4574bc1e741601aad59c6ecdb5b5c887b790ea96256ae006472b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          480ee59f4bc6489903b5f1bef5f20503

          SHA1

          15108f63df51582817b90ee0bed7bcea73b3f83e

          SHA256

          1802c321f3a4515c2d18085ba8f0e12eaaa494e072d90867ab6381e36171b218

          SHA512

          a74d5ac5ff58add8dc5c9f36b219cc8762cbe91e5fc76fc91db122166254488c68fa5bd7914467bcee17618788a1a9265066ef072c3f71789358104d2fd0b208

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c2ba766a5b1ab935661c3f6d60272a94

          SHA1

          8b2b297eeeac60993fb6e222815fb74b7b4e76da

          SHA256

          568ec7f875542b219262f26448fc7eef42ba0ff0fba1b1f2849911776dce3bc9

          SHA512

          385de560b1a74a7fc504c75a62dc606eec25756285ba5d02c4c51685b502da19b4767c8a4d6a7cc3797ca87d7638e5c11dd3a21880a1a30386d2b8276d9b8b28

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          24352372a99b0f024d4869556857e725

          SHA1

          d41b65226d43e0ce7cdfbc5d509b8780253b7ddf

          SHA256

          5e6b367d8779ca63613c09125c6b71673b42b26e7baef1a61d280820a016a27c

          SHA512

          438010d2e622932d558ed9d088ff7c6a9315a93f197b9c5e9d0037616c1a8e63c544aced4f8a087a071da845560ca372be3a7cc3dffc3f1371141dbf2f6328c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8f04196f9bca14a40552b21c3bebbf63

          SHA1

          6335fb1eb1ff44173817fc9122bd92488fe1df17

          SHA256

          f5c8484716a66d7ff287ae858d45596ece08fcf05c830d3ce08a9a0647469966

          SHA512

          eb67662b611d132bd52049b7a00b1c4eadfc07addba809d1210c459942b7f7ec246224c51fd9db339541e9bdd5b267e2291995c80c503f15d9d97978dde02ef6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          24f7dfbdbdb2eb03665f27946fed832f

          SHA1

          8a0fb7952c4f0005ae5b965a8c57bc378a55d10f

          SHA256

          3bcf38ad94cf95493b5957874d58e08e968d4e718a4efe88539d95235151379a

          SHA512

          d405fe7fefc7f2ce019f193a42de699803a3e0b77ce4b0e407409c7c0912c18f5a8253efcbc2e5bdc05ac2935e74c0faf129125328b56ce9c36981038efc4e9c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b208d181062b1dc5d459a75110687de3

          SHA1

          666d979a537787e5c3682e7c74349149937b3b96

          SHA256

          454ddd5817799153338d54ad1a19efdc2f51446398693c8b79ff7ddc7e1d4c2b

          SHA512

          a5f17cc0659674551fca15d4b3effa68462793958526d82cdc1d532c5ac3d579cab75d122be117ccc7b5fd31966ffcd3d98e9720bd6fba0f36663e7ab5e5044f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          527f18ffab4345cd365ba2f6344ddf23

          SHA1

          82538baf6e9e8781b1ae2d6ca376c21eb0ed47bd

          SHA256

          c5e88d675efde044e05a318431e07196f50de1637edbe7895fe429895e39ec45

          SHA512

          439210acf064704f8cd96e10c6ac8f0715fef57cd1001127ab6f4da18f925090875f1429cc80de7906e2748f2e9a6bb302fa8f05a1821bf68db2e0cbfd26462c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6bac64ab5452688daa73661ead19b963

          SHA1

          6fbbf346f77accebf8aa7db7336d8dd4c2f7ad42

          SHA256

          d975458093c06b0f14568dc9c75d4c632965f8ff8c7c9a832f265083388a076b

          SHA512

          5ba65b3490d822efc48a625eed2248bd9e69142f6ec8762de0893939b020a429a3407009c2348d41eeb94e6bede78fc88625c8cdbbcda2e82ac2b4ec7be89998

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fbc466d467c6c18845c6521508b269a7

          SHA1

          c2ab9cd26d311802e8253ed0e8dd02971031c414

          SHA256

          8bb407e3cee54dad98c002ed9bcfc45ee9170769ac09f8b6b45e5c3f8f38f6ed

          SHA512

          3bfd430a334b2d8f91b2ba5dece5935b9b0de0d1a8b6f9e253852744d097f14c546c6dd558063edf3818acf6f7b09c2bbd31a8ea9235f4ef3a8eb0e1b43ec692

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          40aff2d5335673af786cfdcedc6218fd

          SHA1

          90f10d69fe22bf0b911f3697c8efd2c58b9fd9b2

          SHA256

          8362fd0be5c040c7f8d336af75165b58517811481ac76c697d7e139a97d77525

          SHA512

          6cc63caf9ea34300cd2be368809d65844e4a225dfc96343ecf58d5e69f4b098d71b14ba09fee3efacb296444da363dc06bc9e0ed6fd83f790b2695591672b860

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9BF2.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9CA5.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit