Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://816b462f.588...

windows7-x64

3

https://816b462f.588...

windows10-1703-x64

4

Resubmissions

18/10/2024, 08:45

241018-knxmvazgjp 8

18/10/2024, 08:37

241018-kjayaaxcpf 8

18/10/2024, 08:36

241018-khvw3axcmd 8

18/10/2024, 07:54

241018-jrwpaavhje 8

18/10/2024, 07:44

241018-jktw4svema 8

Analysis

  • max time kernel
    22s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18/10/2024, 08:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://816b462f.5880c482d0a3061180a519e9.workers.dev/[email protected]
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2656 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de865aa5290c6bd1fdf616af3b0457f4

    SHA1

    6de1fc4775cd6a928ef46229fbb74beca5e4aaf1

    SHA256

    c51c1e816001834d1b8996342bd54c1b8625e42890e6ef8e2519fbc2b72aa29b

    SHA512

    25f1459a6f314a43dea85d611454fb60d8c844a0a119d5a61a10a69b0fa620746d4e036e38ee41dde3e472c5abdb9bad3be1f9be720b16393d0d7a953a1eb187

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2eda668315fa9e729ccd9e0b22f27294

    SHA1

    e317da788cba66a7f1dd4cadfdb9dc752890c2b9

    SHA256

    e34069cb0eb79bb452ccff0afadee3074b407e65256fcfef95c63066d9fb95a7

    SHA512

    47fe6355e59a936a06c9897ae05117f26f064727fc1cccf5735b1eed3cc3d15c255215b1e5eed2db6795235348d7a012d64b2f51a54cca75fe29615e44d5e7b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bff8ae93249af180e51c2e44e6e13df

    SHA1

    3ecdb35b14ad2b95f92e1b9576c33000b9e647a1

    SHA256

    bdb00fbea25449724b1df7729879bfa2fba26a19b8d9521f54c85bc30adfe3e2

    SHA512

    b7e045318caa27c4a79e1f50044202607be2f5da6fc1dfe5f88311250f5b2ee1cb69078be0001fb627689ac8ffe5f7bb18cc4d4be456d63368e9df924ca7ffbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40c77dd6c630322efae43d211bed30d4

    SHA1

    898e8e7166e33425921ff96890308ba6130dfc09

    SHA256

    54aa2464a494edf68256fa352e47c765661c23ad372256aae4b9f1003e28ecd9

    SHA512

    ade6f2261176e99d3600277c84c162dedd6d8ff6399f3f027ee20c7d4711ea284ba7c01781bf96ee0be91c337caa98e7dfd41e07217a5135ad16f8dce13f02d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e776962da521b2e2b272bbd352c5e3a

    SHA1

    1f5640056a71de1c85b2d10cac338ead9dd8c396

    SHA256

    958cde98f94363be34818c80ae903ac0a39a17e5a52ad83f9ac60ee24c17ec9f

    SHA512

    a5469f952a8f356230ce5bcc36688b9931df03351fe7133b002a9a5a6813dfffc52af3c9dcaa84b062f555a864e44369b49882364f6aed47e950988015d6e08d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    401f8934e77437ebbd798b687bfe653e

    SHA1

    b14d99beaf2c7e1f4079ca9ce526bb0ad0485a55

    SHA256

    276c2c55d088a87bb89effdcac123ece05e14292834b7a8a626f7a2682a225df

    SHA512

    40e35d9d1a6a8cb7ee943c47d903a6eb2bed4f235ec821f549782d7b3350b34e7c7c43b874975cf4e2e350c7a8b8515e228a7d3498c2f5c9f49ad1a45a03fbf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7598ace3b3c21371f721e3896cb1280b

    SHA1

    20db85a7b7df65baec3dcfc6bf52ac893958f325

    SHA256

    059b8dfdeb125bb5bade9e3aee89a2bcaf000b266995aa1c6526ac4d3cc6c36d

    SHA512

    4a6754575e7893404bb729a2108b03d79ca16cd5b35fb4c137088c6e45ff69ec9daee20f7c402385279102cac359c38c816eccd9d25ec328aa6df792f70fc6d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a321222d84edee0ff8f243d3dd110b22

    SHA1

    b0f6eb04abd08e5e9c676e892f97da0b0c9e416d

    SHA256

    2091151228b5f461ffa292b48702a014cea4853d0d45e856e40c5f844eba99c2

    SHA512

    f0354008fcd84826ec1b31a79b63ca6c401833bcc8a785e8e619d1d993305a5869c5cfbfbc61eaa00deab171c38997efd39dc9802af42cfb36a8482de3d71827

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    051fec3f242087612dd187ecc30a5793

    SHA1

    e3c572b14fea82efa60a12fa913518a6de2b1f79

    SHA256

    93766f804460b2960900f505a593e6399da874071dd92f56c6311f6c80b3015d

    SHA512

    88643ba47998dc7fcbb94e2f1e33b04030c366d5ed185ffb6d5ce3314ed6d9e1aee3c8c9a75801eaa97f9f3745d3d58159fc610220a17e0af7b432b484cd0e81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3660556e10cc4cfb50d817dd3af3983

    SHA1

    ec6502fdd041fff9c9416441cd70c2fc3d5ad56e

    SHA256

    0a3bb89bbdc146aab4d169068ea1aab47920348ea99b4e77d37ed42146035f04

    SHA512

    fc192c0330536982aaa7e4bcc1bd0708c7e7859d7b7f7e189bf267e26670694e2495ab9473ac53800e85e781f36e69aecd639253d3f69a2dc48ffdccd186e145

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01LB6K3J\favicon[1].htm
    Filesize

    5KB

    MD5

    e64713f4cebed72bc8e810c88d337b8c

    SHA1

    589e4d23f937af333dd8337b30f7e979a1766b37

    SHA256

    281db182e0fdbcc52214015fc53e0200da74900b3b77c07d78800a99d26187b9

    SHA512

    1db11272c389da7a1132b80f1fa2c3f54656c5f42a81f279aa8d88860cbdc35a73ef6576f4adc5b5ad1e8f403a4bd2b1efa44352eb9dbd569dffeb0a312aa18b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3286.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3289.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit