Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows7-x64

6

https://drive.google...

windows10-1703-x64

6

https://drive.google...

windows10-2004-x64

6

https://drive.google...

windows11-21h2-x64

6

Resubmissions

27/08/2024, 20:12

240827-yy2lfazcmf 7

27/08/2024, 08:25

240827-kbc3ns1gna 6

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    27/08/2024, 08:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/drive/u/0/mobile/folders/1PPIHNKNQOrbqj_D5UxDgaV6cqaIuqMzx

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/drive/u/0/mobile/folders/1PPIHNKNQOrbqj_D5UxDgaV6cqaIuqMzx
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2840 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    3bc45a07f30fbbccc01f9e372b4a740b

    SHA1

    1d4200bfe9c495f706a765f72d53c41d2171225a

    SHA256

    56b892894b79f00207d137150deca1b56d96559949f6f4d7a4e614d441bc9e1b

    SHA512

    ef78f3e11dafc4aad8947abf760976e1cd2035d0f0f210858e84e4f1cf181be6c06e8fdf7d9a055d13cd1d786f7257c62e797cefa40d8a2fe3fef782de715a92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da79e3a46fbb88d4e1bd71a519ab6394

    SHA1

    f716e256151b948b3f7cad69a5b901d6c73b62d7

    SHA256

    97446551efaf953593c933d501d51dd153c0ae87ff13bb05ccce690442e55a45

    SHA512

    b959b8350f5360867a99ab4b3de944a40a9487fae360d4755c628983fdd5004a0daa4adc7a1328197540536eae45094b040e5fa146cd3cc038ab18185ca64f3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddc95aec87305dbfb1962ccf9893836c

    SHA1

    3f61ba0f949afcd1a3ea73f72c1c056addec8745

    SHA256

    c5effeccbae8bebf509b068e9f4759b65c8b869a169e3adb841a3fe1a13d65ee

    SHA512

    a9b4c7c461e84d8c0abecc24ed75a5f2e2e7e90ee564347cf0be947a8710a6b76a575600a8e306537d94239fc9666b9dc04144e9dccba879bb9b6a19fe888bc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ca0612864d0b1d3ec4c3dbe67edf125

    SHA1

    8f090a865e6b085b89bbd3049f95717263f0a301

    SHA256

    c71288243dbacd6b859ef3ea5dce86e360fbab9f1e0a39b2abaec458029a8a60

    SHA512

    baeb55adcbaf13e24ee893c35b1f3a9259c8e83893573cd3c69b816f6e0a43f9148c57752314374ba4b71d52c864925826345a0bfc1f4ffa10808f8036956d84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0c0774f88ebe5ce04ea3194ef4bebfc

    SHA1

    1feea8db4a4e8e9cfc531174c07c0a64cd5918c0

    SHA256

    370e365d899b96bdab2348b78f6e4bf1f8c95add57b739595d152e5c2003d562

    SHA512

    0313a4e6dc9c012738904495a0bb40408926c21d3d362c744faeaf3ec06c9d970b79c7f1e988f60a5077a93c2967c4f885d26fe368ebbbd03accf0b06f88aeda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89844795b26e3df398c57de86cde7ade

    SHA1

    6a32e9b517580aa6a332c863d9f0790046df9f46

    SHA256

    5ba365424e29485ac8905b92136c540a2f8ca8ef11d11de58703e12c53d86290

    SHA512

    2f9d7bf65f8ef84453b2cfeee915d5563e43229463656486ec1686463ee010bda45b62a2fd6f7c4972f2777be698f7c046e704768ef6c471a2d4c67a60fce902

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60d0b59149ead90aa9b7d8d28b553be8

    SHA1

    8372e6363dbfe6bc3fb3db7b56b6db86e1527e22

    SHA256

    f1c95336fbba50cf452ae0be87758ac66ec3292022a42105c4abc9c74a2968a4

    SHA512

    31a899aafcfa945d3ef172ffcd98662ccde26009f29c02c6d84ccd85958192be714d73cc3f34b7f87b9c27bb33986aea55c2307b755def72166acfb7c2ab0cfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58dff67d9d95406c2964b834165cfb26

    SHA1

    a12c004b83020df226921c549422270037a81076

    SHA256

    a7beaa9b3cbf93b4a4cade1037ba781c857edad3e426aeab43c870d87629c161

    SHA512

    5dd2b005089fb1c66b9ea6d75b046d586ca06d147733214d973fddf6da0eef7a9685fd6b278c5daf043dad30094c04ed065aa9d0123a00288b597ca90de403e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b70db89b69396b780d428c60d334066

    SHA1

    48c8222ef7856cb5d8afc3846782d12136c42ba7

    SHA256

    aa0eb964465a45a5ef4b6941650b82cefd01bbe2ccb3f555d4c2fd71cf00b52f

    SHA512

    b37eef22020ffd831c19bea1474996a7c25b0e439eeb52d12f8af4144970ecc9e431ae44f6a573cadbf28fb13dd4c29381775fde5ccc014030e0267c5d85cc2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea0034134b362f86946dc535c4082d80

    SHA1

    420c9bacac9be3f3d481ace46b40b95151574008

    SHA256

    6053153685b943ee6684648f9952b58a47f53e4f6183359d1f14a59139b7cbb8

    SHA512

    6e411c9dbba6f1ab29dea0dd13738df545f37e403dbb316429f80052ec837e0fb470b56b39266703cf906b1c64c89f1688524383f69690d0f1086f2a9e9692ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bd813163dbe20b9d9edf4f565585b65

    SHA1

    b89989efe19f8de18465edcba3ee737011e68816

    SHA256

    b2e776c73724a2c1f45d82a1d063103e0f1fd49e317b67d6788c2b46b10ef3a3

    SHA512

    49ef014ef12cc2a904347edb9d1e40cf747d096b4ea2c3e7249b84a26d485b9783349e2b310ca725444a1b060f76b0527fd314779cbbe9b1db4a64ef9d040d22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57050bd8540de3c60d91565a48ee7b2f

    SHA1

    2c386b5cafc9ff006a4e5b902c56d6573e1957ca

    SHA256

    3af2f253bbedd951a8e899474fa9753ff84e84bbc7c6fa680222eea53e0c7952

    SHA512

    f6136babb1ef4f332315f8206c4e4d17ced938fae30a641d79bf4bfe8df15bccb602220ca5bbf5cc10038345b9570da32e2d5dfb0b3e7b8212ee019622f8f1f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1962ce26a28969455c67439b3306334e

    SHA1

    b4afa596d0d81f0c9f32a12b925280a787eb3ac5

    SHA256

    5b77c19f1f3bf7fbcd22c68f8e091767fbbb6e0d216acc718ec9acdd5585d17f

    SHA512

    63e76e179314dc72d395bebd65b4c7fd3fdc909a9064a6a83b2b2698e5af568d5ffa2d1993640abc25027cd6b415e3d8efd1dc579b89744e0f44e607675b2907

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a0c2adca3632add8daa4f01466b55900

    SHA1

    b9ac346f0010f00605369db1ee571572cd4a14d7

    SHA256

    0ad6174968d5411d46e3db365d4b56f64db6c60d9e1562b58db7fc96cc8bac12

    SHA512

    b5b72bd8639260c7ff596cf98984444e914c4c14014e9e4baede3c1945ff8d2e1a44aaf4ea97a120ceffa1a9722c5599c51856e325cbef2b22117b78152bd4f3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\p6d9oj1\imagestore.dat
    Filesize

    5KB

    MD5

    67d2953ef92311ab2fe0fa2f1ff98069

    SHA1

    4d17c04f5efa07d30d7fd8dbb847fd8701353293

    SHA256

    cefa09bb217f545acc419df6e800e4e37a7b94c91bd2a3aa11fda6ea529b9340

    SHA512

    6647f7dddbd91d32f6d8245363fc88626a05ad0dcf99790169ae5f42c0d6d9210812e95b7db59fa6e757860d466ef34ff3b1a1426a2d413c2707d9e88af8026a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQ7VMQEC\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2D3H3V6\analytics[1].js
    Filesize

    51KB

    MD5

    575b5480531da4d14e7453e2016fe0bc

    SHA1

    e5c5f3134fe29e60b591c87ea85951f0aea36ee1

    SHA256

    de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

    SHA512

    174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab364D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3660.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit