Overview

overview

4

Static

static

1

URLScan

urlscan

1

http://duckduckgo.com

windows7-x64

3

http://duckduckgo.com

windows10-2004-x64

3

http://duckduckgo.com

windows10-ltsc 2021-x64

4

http://duckduckgo.com

windows11-21h2-x64

3

Resubmissions

28-01-2025 02:34

250128-c2rdzstrdy 4

22-01-2025 20:43

250122-zhwwpavrcp 6

22-01-2025 20:37

250122-zd8dxsvpgp 10

Analysis

  • max time kernel
    140s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-01-2025 02:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://duckduckgo.com

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\explorer.exe
    explorer http://duckduckgo.com
    1⤵
      PID:1992
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2056
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://duckduckgo.com/
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1608
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1608 CREDAT:275457 /prefetch:2
          3⤵
          • System Location Discovery: System Language Discovery
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2400

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      6836785df31bb4385016e88a9493904d

      SHA1

      079dc76c00d52fb415e9a2070619386acc9403f0

      SHA256

      b289ff4ff4d5be887c3a2d20d4b743c0669f00f0404d0cd16c7060d12c9c1065

      SHA512

      e432b8dd7e9fd727ff8da17d09becafd43acbee157c49f158236083b74cfecf588749598532f3bd0ab08557a2e20d4619d85b79fff3120eb078647c3149d082d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      056430ee0f9e7d70645aa732be6ca713

      SHA1

      33d2881906f56dcae6cdf76c783b8896a1222e37

      SHA256

      e1163e9205aafcf14dfe34ae754448d930e9a97b11b4220164bf5d592f8b6cc5

      SHA512

      bf380ed34b39787b7527e63904dba96981e5b65328f265c371f71651399478ad7f046556bc04ca692717baddeebbaaaa0a2de6ffca173921592aed082029b2c9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      292df067ede98b3fb53e5ec811eb550d

      SHA1

      56fc2ddb39474506c01a5c1414c7a173bdef9d5c

      SHA256

      b137541760ed55ed9192bcc1c8a53f182e062f932620d0b6b291e59002706f56

      SHA512

      411848f685a49c52f4960b447ca7236e979447543053d8261937875ab063c1e39dbe31ea64351706107fed5efd23cd609062e29e7f34ac6af9680621866873c8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      711a512c10f6e02d260787bd057f93a0

      SHA1

      ed0d7e8cf370f6c6169927e5e87006383d908326

      SHA256

      8155bf918f630472bd46912abac1fc51c72a30c92334f6d7aca4bb87875c6bd5

      SHA512

      f28d7b1434b0fab63501179f030b4b78dd7ec8eb94408afc8da5ee37a2f84fb3aa0dc1b0c0f392d74f72e132dc126437d7f116eb39843b3b63eca55ab5560c09

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      95eaa734835dc31b53116cd5dc6f8216

      SHA1

      c0d29f89cbcb507560a6cdd0d178991ea2781f1c

      SHA256

      b97f846cb8a3248a66286831884f8eb6359746079a59bf17f6da845ef86149d3

      SHA512

      e1dca2d41f1136323019f636ec428a164be1d19ef808e9f415501b7ebfc6c2b7bb505d31b3d3c054e4174e29d98bbfa129cde7d27b520c9ad9b3ca2da97f2375

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      290ec090ded47532e866d8a181e48ce0

      SHA1

      6674a68e184d2ee564ceb8ee8b889b7589a80d0f

      SHA256

      6002008a5c074a101e35a2e38ece57c38f84382a4fceb429ed62e3eea5db5d98

      SHA512

      7fbc4c824bcbb305bdc41f5c22877749b5683f3be9d9d2123a80b9a727d1756943594b6d6937574fc928e90b7d6a4f44179dcacf491c5ad401540ab61bb7dccf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      fa8ac372419aef4715eee624d35df773

      SHA1

      19b3640d5ac38a3de9aa188ac6942cf8d28ef074

      SHA256

      c451d05cac8774ebb29c8fc4e68ae62d52620b864e02d850636a4fe9643f3e50

      SHA512

      8fe76260e45ee620944e79b14e0d32796869c650ae551b70889d7a317139240fadcbf8317efe8de60e3da959370c27e436ba8ae96782ed855fd706a85e45ec68

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f48cf289071f79645b0a85e607f28dab

      SHA1

      c938deb228a1f8f3833c5e45a02cab1eec34a550

      SHA256

      739eb352cb5d4c0113d616b029468549e46655d1a744b38465de54c90f72951f

      SHA512

      b17dcf4c92aa124eb8c11edcfab40bf0dcecd18e7cc1a59b84f1d4531fc12571d48da36e035915452af26310558ec1535d413318ae78cb8b96d19769f3d12626

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      5bdbd2305a3fc20374cc763064f5ecbb

      SHA1

      c8bdfa03b2eb9ac7c1fcc3b3cf8b8ca62959879a

      SHA256

      5b63ae32461eb02073d361bf5f20f6cf22015c4cc5bdaebb5830d3222c7a9929

      SHA512

      bde63617390581f33a18af08ba66fb8dbdd77d2c9dabfa2d978be8d550bc34594e97b9319e2fca690dbc2c7cdc84c8ee100e437def48ca5ddce8465676dfe2e2

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      fa3847fac907e8c0d85946f8f90d52c0

      SHA1

      bf50726782069905fc6eb703462ed236001e5e13

      SHA256

      88b91957b4c8e437c3c9c138ae2ce5b70f023a5d9f9f53ee0cbada59bbf9662d

      SHA512

      d06353618dcbdbc46ab032af95acf10e243837346ee7eb1a583da5baa14085c9d125ea5088b51094549c2e6aa0eb11d63c12b79ad5b05f50e7c7f2434a659dda

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      35b83468bd85fab15b1a907711de9178

      SHA1

      56bc911da15c292b3c70f47965da58d8100778f3

      SHA256

      aa06d87566d835441cc57bc5f52d9f52c41062ccffda7cb06875c71c940615c3

      SHA512

      5d5507c52ee907f9b9bf1cff05b2009b8c53f2a73735992231d47663b1815be280675abdd4d9350fad53aab690378ca23d2e32a73ac62ccc542d505466f8583c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      032b77bdb8033ca3198982aab8816f4f

      SHA1

      c17607836c26646e28678a84b4d06cf9ec9054c8

      SHA256

      deb7c3c2e17deafe05896d5649264e2c4788ee5b608c117737c42d07916674bd

      SHA512

      3d39842ec1b49880cb042d0daa3195ba376dd38a5f1af7f6907228e9fad7aac3920b680582ac58e5fb6728580ec6b7427613f6b1b80b6fc07d4736d7ce01d913

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      2c533fcf12764e6390ce9c84fcf1d321

      SHA1

      e36a2e9aefa4dc28b6dcafbf50572da20e0d63ac

      SHA256

      496cd870a25787dc482981b147992e8bfc4eae0bb782c7f6db205724a757fca5

      SHA512

      848d2965dc9b10bc1afe95249f34a4891b947c7bb748f6640be4521e9f324e9dbc37400c993d60c1dae51e9354d4d85c33e6aae5b8477f0402e91c0df49fbe49

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      368446018822647bb36f853db8f03c1d

      SHA1

      0f1ce895b858ad7681c64111dad9035be4405002

      SHA256

      52cba60552be1a7c3e20455c1445c3338c7ee8593636f55f1046fb5b280680ab

      SHA512

      02e3d69360c4b35e3b3434de8c2c606d43318539b1f2085a32e851ab0048ad93ef16ad6cc0cd16897e0fd46f0972be54a8368d4cbb65d7925530a95aedc64b9a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d673458143a9589331c2c430862bcefd

      SHA1

      0e3254294c7a819045131cdf372476185dcbf102

      SHA256

      f182e245e45c1a710d64c2835d78753610b870bbf9f692e78fc989a5ca082d80

      SHA512

      31caef9e0044cc27a0fafd40ecc32acbd3cedf859268c7af8dfa49b845649dc58a2d3143904d50e2208018be82a9e4d30ff137c57fce9da1551f88bde2a7e6bc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4ad308669cd154ba3a528412a50b8a66

      SHA1

      9b474501615f6abd167c1e785c2ea9b4962731e8

      SHA256

      d6ab82238907d5839ef72b95fdbab82d4bd5a72d18602fa9d88dbfd4ca8eeba6

      SHA512

      43b4f6cda4d00921f76959b64c97973483eb27271f856e314da5dd9aa2eed6b72249d0463764e96c3538af6f7eb72e3ce15d873288c9a718ca56672ebe66066e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      cd77c8c43ae889c1279524fbab245b1b

      SHA1

      fe1ec7664a793d70280cb9bc6ad1e61a4a145b21

      SHA256

      e00446ce636a4507676f8cdf1fa87ab904ad07209060c6f8025123393ca19e7f

      SHA512

      4890c5ba8da003dc2198a93491c9adf0ac28acd90532ea793dbf112a910afcd2ebce8d8ee065c0f14602b75722a0c383e72d34970afa1f3246318958e119536c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      8d498a06b0b274adcc2fc15d5ddf7257

      SHA1

      5042bdab01f7331836f5233a9dcda6fe2f6d4756

      SHA256

      31c484f8753e3c946904cb0fe7067d7e177b6c7a6fdcc52f9901692da762549f

      SHA512

      83605faab76fc292ea27a068cd799fd3499f581f2d50249ef1f3c351d67cbc8b280769ff17873d90510318c383ca225238d1e6c3d1f3754681b3fb1609ce5905

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      be46fc9a866ad3eea8f55e87c8cd47f0

      SHA1

      fa477901c9e45b9c7aad57a353adb011ecfef2e2

      SHA256

      df41ca1dba6bc2f933986bf5700037728d51ea8ce7b2462692a5daec24b10bb9

      SHA512

      df91c217e3c2aa33d8c88a2a9e87d9a92e1a8a1c27c651af983fa139d8dc262f7bad994f89c6f5f5d743c39d2d6f5e28f79c12c1a18ffba1f3c699fe028a954a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4f0c5d66bf921d674b298c4062897e6c

      SHA1

      800dc26b5ed8bbac151f6faa327ccfd408f206e2

      SHA256

      e0a677acd22b43fa22f6223d2491f28e4101276f47ac280cdfd5c8bf1f92dab4

      SHA512

      27cf1cc328c671d2c24267a79b0e70183bb3b26ca1473e4557aebab1fe35833df575d751a0d02bfe2baa953cd548d14d16a8dcf885853359e2edb8c54de35579

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b28671ab106548394783be10ab13121b

      SHA1

      5cba2d3f02c674f9f2b3e41fcdfac05ea66b7788

      SHA256

      80b9da8683da29530d022e9eabac6cb94488b0aa31d082727677909a3a893683

      SHA512

      a4362706014a3c5a0d166b86846682617a9bfffeedcae3ca69e81d81afb77c5f4f00aa7fd3d1a7f2cbc33f74827509e9c63d86959ccf6932880e20354dcd3f66

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabE707.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarE729.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit