Overview

overview

10

Static

static

1

URLScan

urlscan

10

https://u.to/rLcRIQ

windows7-x64

3

https://u.to/rLcRIQ

macos-10.15-amd64

5

Resubmissions

16-12-2024 22:49

241216-2r5lassmfs 10

16-12-2024 22:48

241216-2rbyzssmds 10

16-12-2024 22:44

241216-2ns34aslhv 10

16-12-2024 22:34

241216-2hba4asrck 10

Analysis

  • max time kernel
    53s
  • max time network
    52s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    16-12-2024 22:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://u.to/rLcRIQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://u.to/rLcRIQ
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0986121f1415047e472e6428bc0ffa8d

    SHA1

    30bcfe4c1138337223fc50c04b9b8ae59702022c

    SHA256

    691ccb585940e3cc62d366572771d00c1395d1c2159255fe97fe16f6d80e10f3

    SHA512

    bcc385b18cb4bc4a55b6dc3369e1a6e585c6a75db5e5cf9b94c2de4f1f9f415dc07b5dbd948fd1499d5fe74b7aa7e67b3a70498e7a2d0dcde7a5bee1ebba36ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aeb58b7f4357d884db4b43df818534de

    SHA1

    b27d128ef6c92c4ec3939f5533dd4c5d96755ab9

    SHA256

    6113f2c154f0b7cefc943082ed2e61c3a2e8257d851ecacf01daa2ccbb08f060

    SHA512

    de7f557c9da90cd1e890092d4192b8eb4cf1a941a8d681775cafcd8d0f0eb1ff042274ce557ad927fb8ed795cb1862f4726a5ff007111ddd15c1fadf99e11aae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e6656788a8962baa27be69adff99f0a

    SHA1

    20b1e09d0a070ed5ef7a0dff12aaf4bd486c48ff

    SHA256

    1516278c3b3e0aed27ab5fd3bb02010f4713937a86e8bab5b011509b5299143c

    SHA512

    6e8777fe8652f1ef4279e456f20f6153e7db7276f53c70d9916c6551b87ccf89c4b583eeda1ad50050f56c74a352cd0dabb68ee8c8831fdf728dce3c6279550e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f065f8c07115df6f19ffb7f1213795a7

    SHA1

    88d06e5c7d934d02406d8ee605965e860fd0d86d

    SHA256

    278e9f4072a3dbbb9509c0443079cc965f8fcb468d5884f0e95e94301cfa2685

    SHA512

    b63721ec23f643ec305203d22055d995861172b3a413e53187b66db86dfb48e9f4bece17318b367a62e02ceb7277ba87e6a30a113e84515ab4aa588afef6f017

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16668918a23515a925f36801cc732248

    SHA1

    1e1a3641725a8b69f85aecb493b5c64091600c93

    SHA256

    c4a7d4463e80bb2c4350a81c814d1ebf5ddca8f7454112cf3c3eb178a9ff5ba8

    SHA512

    e1bde7115c428bbe09040fd62bb6c61cb64e1e833befa7770e641cdcef6e05bb2e5cf6fc5fcc2f197f9c50469a8dbe2174fcec3baec567bea60326a87e423982

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66cfa7c663e54eccfac95b66577bc8ee

    SHA1

    3f8002d8103d752a7bf3f1ec9359755ff44eddc9

    SHA256

    c179e861b515f8b910e02ce9d464e69eda7b7fe1d297cc70d41945f1e554e3ad

    SHA512

    f3b18cc8c228d39950eb91f31590c39cd3959f0ed3cdb9940d590030fe7a8948786a1bfc16a176874dc3e19738bba4791dc0f9893557890fed84f91771616618

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6081369680aeaa716802c9b1795c233d

    SHA1

    f518ad979bad05ccf2d85b2b1e60849f498a7f40

    SHA256

    1d2432cd6e0c75520e346df35d66adcf70130d383aaa64be4f01c8c15e002b79

    SHA512

    ba3e1e9031eb6add4ff5119e7ce162ba4ee5f743b6501c719176f04025793a74825deb7eb8b876348331a2583d1f9dceb1d6c4c86045c8c23a0a477fa939ef77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ff9649aac2505b64be3fbe08c870f23

    SHA1

    334fa0cb103c05273d63d95d43f6bbd2dafd1016

    SHA256

    91c18270c2c33ca54dc3411f4d4f51e919eda892705a73a00d70bd25ab45f203

    SHA512

    28e2416ec2d34d977cefd163db412cc0898b6996335b5985e890cfe5707e4045f7895b895e8a3f0066e5360c922e69108308877fcb651c7e702848eeabdab06b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    252359df4c0cc2a8b5b1abe321be3d82

    SHA1

    104e8e8cf8155775394ff8a6af4a42b33cc8a593

    SHA256

    89770fdaa87bbf436886d8ffb89ce458e04de88cfed53148119f560942bfe8bb

    SHA512

    eb818b782c8a873bff4e2d999092d4427e463f2ec8bf5417700139c5022b8fe1386ac5a57929e3a562fab74bbb3e65eb8d7a9d9a7dd4aba8b2482e7cfe4a50a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d10f2986deeb756fb418a49b69e90bc

    SHA1

    90eaf97fbb772e323eae8d44991485b293a94b70

    SHA256

    03e64e270b94c385acbc22d9005a8f00cf7429045c2161a6f5816c0006489c20

    SHA512

    f6e721c24e04eaef612d5bca41a59e018ae5a33a12e551e3d518e59a609a8ca46017975a4700299fbd731ee29d0aa6b9ce5397b066dd9f62031f4afec4a15084

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2634c20936cde8bcc9180dc3c93a75b4

    SHA1

    f830c0bfedd38e3830f5f7e9b823e7fba16cdd4b

    SHA256

    b7e7bc243faa3703b47db4386d0e8603d518d6bd43f931fe90417973bdc1f16b

    SHA512

    1628eef01c1ddee5e72eec49ccf15d450461a9b6d3c8a00dfb3eff16ed4052515359406d76b417a31ab0d87821ff73a195c1d720350f49ca17fe0bfe00ba0f0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b6c77372eee73d091466d5ab1087553

    SHA1

    408c7e1f514deb9f6e629cdfe3ac17f976360596

    SHA256

    b1b0dfff5081b528030b4eedaef8747e0341aa4f6a095667f00158744de5e963

    SHA512

    f33f6398d9dfaf356fff67623d6f9895df0e68a1c50bd8e052bd75d976165dd0b512b7450b77347fdcad3ca63468311c306d382a0dd141f276e59f62bb6e14e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    890827e5d9a20703ce665ccc33aa5eee

    SHA1

    d0a6bbfaa6d966d4d5b94a2777b71a353fdc9194

    SHA256

    99bb6bd50d63122ddb5d6d5ff4046ab60430c7a47a2bed8de44e711d2158db49

    SHA512

    4662b7de9e10352579529133386a2702ca907a36f246375546ac6cd94dbd27b467a20a4de5db0090b50b5d4017ecf2b64019cdd02b40fca2f6817e34931b61f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z8d0nzh\imagestore.dat
    Filesize

    38KB

    MD5

    4067fb44a901eea8e0bcc2c05535169a

    SHA1

    88de549545726e10778926aa634932a897d3f760

    SHA256

    94168bcb7f3f54b6f0f8cb50470186203a6c43d176cd98a99c24bf82d03ccccd

    SHA512

    c06ba8ae81e739c585f293fa3a2c3f6a638429384eacc4ee6d4714b71b70ff2c792c623cfb68b88702ba2c747d08a7f70da213b215b147cf3765070a96dc4d56

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GWW47WY\favicon[1].ico
    Filesize

    37KB

    MD5

    231913fdebabcbe65f4b0052372bde56

    SHA1

    553909d080e4f210b64dc73292f3a111d5a0781f

    SHA256

    9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

    SHA512

    7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE080.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE140.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit