Analysis

  • max time kernel
    75s
  • max time network
    82s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-01-2025 19:16

General

  • Target

    https://scard50.ru/r

Score
7/10

Malware Config

Signatures

  • A potential corporate email address has been identified in the URL: [email protected]
  • A potential corporate email address has been identified in the URL: [email protected]
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: LoadsDriver 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 27 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://scard50.ru/r
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3720
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8d0cacc40,0x7ff8d0cacc4c,0x7ff8d0cacc58
      2⤵
        PID:4228
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2
        2⤵
          PID:4580
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2072,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3
          2⤵
            PID:3160
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2552 /prefetch:8
            2⤵
              PID:2652
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
              2⤵
                PID:1304
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3264 /prefetch:1
                2⤵
                  PID:2844
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4476,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4500 /prefetch:1
                  2⤵
                    PID:1212
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4744,i,13462431791151306327,4872211194760869720,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4332 /prefetch:8
                    2⤵
                      PID:4800
                  • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                    1⤵
                      PID:4816
                    • C:\Windows\system32\svchost.exe
                      C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                      1⤵
                        PID:2712

                      Network

                      MITRE ATT&CK Enterprise v15

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                        Filesize

                        649B

                        MD5

                        a086a2249f8447da74cd336bd8202acd

                        SHA1

                        87455c4ef7a7b128d5bf3383e4a336c4fd611d58

                        SHA256

                        b2fc49866659feef18d1914573f9ecdc7dfeaef3def2debeff7b49c76bd0583b

                        SHA512

                        6bc34aa3533e438a9dbef412c69d3a6be8c1277adbe7ff860c777c192a220db17485c0b57a6fd8ad93592639b5a17fd97d9867f0e799106dd4c1be7f6b7576c0

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                        Filesize

                        288B

                        MD5

                        6da14f0866dfe4d910119a78f0f58a7d

                        SHA1

                        7d357f9069462fc43bc388b2e6de8b3f3e751941

                        SHA256

                        d3d328e2b3d242e7eb3c71bf9a2b9adac2c4903f26c991cfe4438445b63942b0

                        SHA512

                        9af1752c5ba87d1b6189c1b5848cf1dc418a4f2d1a2abed8b459f1b7ef29aab3e4dfbb671e130733caabcac6a48989432d87c502f0792be138e4ae80cde681fa

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                        Filesize

                        216B

                        MD5

                        197a1ab4f3cafc837bf422f2fa44791b

                        SHA1

                        dba1ac4a5b747e7fad7f6f30a7e52f707e438fa6

                        SHA256

                        dd295e2c2e32a1c14973e6b8a268cc02beede631f9095b7e5693227713d49920

                        SHA512

                        00f3659434eb723bc0183fadd2d3b4c852bd78d46d41d7a8b23b1ed783bc96c1e9cdd3cd1c4c056ccba294c355643e9a44884a0d2855ff3baae4924c411fa7d1

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                        Filesize

                        120B

                        MD5

                        84d9d68abf71c610a2607d4ccdc34f09

                        SHA1

                        f12850c3170bddb875afed84203c60dcf803d229

                        SHA256

                        db268e18f8fc386db45448f5a733a6ab400b55107ab8f2f696b3099771371606

                        SHA512

                        31285002e5618e84f9dc8758e4a2d3386a5df0b8bdeeb0d015f56342b0759b2c3b6d4ac805da67b8cfe4c3137b16018ef90b8694981f92728a47247ba2db79c2

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                        Filesize

                        2KB

                        MD5

                        d642f370eee15244f7db641757a691ad

                        SHA1

                        d7896bd48ac0fa5755052673bbfadab0081a4db1

                        SHA256

                        1109888b734682e711b4e8a6ac36d251f6ac000b82d3f0eaf1081b0ab8cb518c

                        SHA512

                        4b8279cd3a7c9a7d8a083972d7d902d9d5bee57b6ae54d5eb80850cc31f2ede31f2741a01e23354b115328ea22ea3a80b58e70cdc71481d7b65cc9b39f71e95c

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                        Filesize

                        2B

                        MD5

                        d751713988987e9331980363e24189ce

                        SHA1

                        97d170e1550eee4afc0af065b78cda302a97674c

                        SHA256

                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                        SHA512

                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                        Filesize

                        690B

                        MD5

                        82e0e26ee982a58488065eff7ae89a0b

                        SHA1

                        ef643d436518714f04464e7bc7af8a75a1e9a4b4

                        SHA256

                        917ddbc119bb66a4504e08ab294d7e9f3127c7e98bd64b3c2eea09b15240760e

                        SHA512

                        0d96c8892f68862977c24d9dc68d1f0f0762380272ed0964fa73a4598fee366f7de9c840db86fd88612ec4aa32f2ef43e83d2319c935c15192ca82593c8dbd52

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                        Filesize

                        523B

                        MD5

                        8a46e3459a0dd71257512945cfeb5a02

                        SHA1

                        703a132be0d867c0c5601adc9cb46f2a900f52bd

                        SHA256

                        b2d3d4537848acac6c9a5600dc9b27f60cef83fa2b2fb7dac1bd0270fcb77886

                        SHA512

                        dd1e35c4aa084f61cb8e5c7aaebc814d64ef3846d0b34b469f88b5e290b1f5c23bb05fdc429fd5a52a4fc4329bd96f9e0cf93e54cb0d8180951d136222608531

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                        Filesize

                        9KB

                        MD5

                        ef9b7b5967554d30b2b7856250c29717

                        SHA1

                        1e3b24f048abc345fc277fd5fb6938fead61c491

                        SHA256

                        92f7eef886c1318de9feb0706e6cf9b57691192a029bcbe0dfa45f6ad5a4155e

                        SHA512

                        2fded996a4d644f6f17318c7ae1a1484275e98f25a5c708e0328b8683a0eca429923ae519f0e32a390b8629f9210cf5c687647d0a4ba750fb03df1da7e608d09

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                        Filesize

                        9KB

                        MD5

                        ad753745e244134c7c4722f35f4ac841

                        SHA1

                        c1a40adc352a4c44986cd090e42d2afbb61e65df

                        SHA256

                        a9ec8e7f3341e031cb9c79b28ea4d11ef61e936d8d2439bc9009dd3a2c7ac152

                        SHA512

                        18333c062ff64ac7b2acd4e25dcd8379f73a68f8e4f4a58235d6a3bb0e61f08c0abdcdcb78dfe2ea76e854478b73545d8e511a906962018fde35c7a2575d55d0

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                        Filesize

                        9KB

                        MD5

                        8076cfd090ae25e7281c0855755f8dbe

                        SHA1

                        66140c8063bc714c7b97189f2d3049c8d70fce68

                        SHA256

                        5323e6a22ab6023315c883d22cc7d7bbc27feee29729b4202593a654fc54ff1a

                        SHA512

                        d0caf463b0e62fcb83762b50e0ca26cb18dc0ea4914ac270b1a7b37b069d9d20f0b3346f6dacebf0314fc454584e218f8cd35b0ac73ed778fa9a27a68851a5bb

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                        Filesize

                        10KB

                        MD5

                        bca9e25986194332de78be2ff3885d5f

                        SHA1

                        db288dec1abc1ccfc5ef2db918750438866ca312

                        SHA256

                        1394efe9863fea1716d56bcdc227001c465071e723bd34e899d3597cae08e0a2

                        SHA512

                        ee5ea25022df403fe963facce09c7bcf9ee28981eb74151eb14c7a17d900bcc91bfc2997ae378d261875abafc77e480958198e659a01c1e9b59a34bf80e84466

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                        Filesize

                        9KB

                        MD5

                        a0adf70119a149ed58411fd188b740d8

                        SHA1

                        b7e1a9f066ac0752d17930090e1b07375829e49d

                        SHA256

                        073c7b1489e26d7e8b63b7fd82eef1ee73f1f2be51fbf0ddcf6e607e206b21f7

                        SHA512

                        e5dd0297365aa61cbb016efd43a362d82d70f056cea1ab1758a17dfd2fb64d70e2ac90f5db69aa287b3c7634ded34ff5f460e0af5c3c9a72655fb596cc55080c

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                        Filesize

                        116KB

                        MD5

                        65ef9988d90c75e9059754b71bbef2c0

                        SHA1

                        34a3703abf810e407146389e2c9cc6f840a23234

                        SHA256

                        a62a53e3a6fbc9edd4583d77c541d6a597bdab2c3df844e2e7df5314369203c8

                        SHA512

                        575588a32efdccadf451c9ce18c2e1bdcb6fcd64ac5a5c14088c437b9a5eb4b5254a071e4a38123d1aaef273a67f0f6298fd52470bbcaa50ce1161ba327f8cea

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                        Filesize

                        116KB

                        MD5

                        399c0db47cee9c0e153f45b1559305ea

                        SHA1

                        8ae588272d98ac995f1c894417133c7b8d4cc2c1

                        SHA256

                        e87a6151aabef7dbd31d4bc807f29ba78e2a914e5fa00c61f66a90f10806731e

                        SHA512

                        28de1a18d79831f336705474d8aa3757944ac14ea215dab78ff9ddb16bd35e0776d9b86f9fbd1791e980136b8a0e81b581458da88ee12bb6d72d7594b70d23bf

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                        Filesize

                        116KB

                        MD5

                        41d569fef4a1dfce03011885e6b680b8

                        SHA1

                        0f4baf746819e39a5629ced0658da3d38e9e7928

                        SHA256

                        19c99907354481319645e4d82cd8e53d4ed71580b0bab16305405b647c795f57

                        SHA512

                        2198f90c4ce8459d3abc1837533d7c209b53306e5e1ff5de95d30340d19ef01126c94608c154463f0fccff374935fd2a3ae06b2a21490312aef61855b07d2434

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

                        Filesize

                        264KB

                        MD5

                        f1c9aa63c3cad5ca4ae14ab0e928b8a5

                        SHA1

                        1db70e97da84503385997582f9b41c3b387d2433

                        SHA256

                        f9054c91a2cc3b8966d807eac56ce42296028cd75f2604a561146b38e5468106

                        SHA512

                        eca44f0df0c8b2c3e2fd7bea3bf6beaadd644b91b53795b9a8c7752be8bede6073d1c3b54bf3b198a797ee6ac64babaab9811c79097704f4c3a768be4e069fa2