Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://Google.com

windows7-x64

3

https://Google.com

windows10-2004-x64

4

https://Google.com

windows10-ltsc_2021-x64

4

https://Google.com

windows11-21h2-x64

4

https://Google.com

android-10-x64

1

https://Google.com

android-11-x64

1

https://Google.com

android-13-x64

1

https://Google.com

android-9-x86

https://Google.com

macos-10.15-amd64

8

https://Google.com

debian-12-armhf

https://Google.com

debian-12-mipsel

https://Google.com

debian-9-armhf

https://Google.com

debian-9-mips

https://Google.com

debian-9-mipsel

https://Google.com

ubuntu-18.04-amd64

4

https://Google.com

ubuntu-20.04-amd64

4

https://Google.com

ubuntu-22.04-amd64

4

https://Google.com

ubuntu-24.04-amd64

4

Analysis

  • max time kernel
    837s
  • max time network
    839s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2025, 14:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://Google.com

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\explorer.exe
    explorer https://Google.com
    1⤵
      PID:2380
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2792
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" https://google.com/
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2784
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
          3⤵
          • System Location Discovery: System Language Discovery
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2816

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      914B

      MD5

      e4a68ac854ac5242460afd72481b2a44

      SHA1

      df3c24f9bfd666761b268073fe06d1cc8d4f82a4

      SHA256

      cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

      SHA512

      5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      71KB

      MD5

      83142242e97b8953c386f988aa694e4a

      SHA1

      833ed12fc15b356136dcdd27c61a50f59c5c7d50

      SHA256

      d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

      SHA512

      bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      1KB

      MD5

      a266bb7dcc38a562631361bbf61dd11b

      SHA1

      3b1efd3a66ea28b16697394703a72ca340a05bd5

      SHA256

      df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

      SHA512

      0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      252B

      MD5

      7e8a1d1dd9b2797eee7a217842885221

      SHA1

      d81a1bc94704b9e4fbe26b9940e8ffc7737709ef

      SHA256

      c450b825bdcc5295f663fc97abb33f78debf3f5c1edea9a0a3d1abff5bfa1b5f

      SHA512

      3f5094922314812d37c0ffb01d87d924f968bfd554a39497bfdc4d94dd5c01feac6e35e25f3b3e113170e30df6525dd7fd008787d517c197336ba0bc52792049

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5ee60aa35b949164f4b355034512878a

      SHA1

      7f30bdae5a29483365d942547c4f5a0631eb6339

      SHA256

      7db6ccc1c121e172ff1ef2057a53e06fa69136493720597d68611866f0b8bc1e

      SHA512

      1cce24235e457dafb2a7f913916d4d418a6ebba78a60965f7b5afbc0fbc960765fa29d6b3ecd4e49bfa77034b13d19550777198a9d2e7ba8ac3eeea8ed4ec80f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      551f16eb99c637bc08c2917c799d6885

      SHA1

      547f9094008f1f1ba7235f186150ba0a4cdbe48b

      SHA256

      05c4ab835fd3a4cf93d091cec5f2205b3f50f3acfcc5357cf5e3240c6316ca1a

      SHA512

      0afe51926f5c2a921713dce52ef91475b426bc599fde3acce8d0d8f424163e26165451ad3019acd5a143c88fbf514c110beea5e6cf607d40fe9717188085f0d2

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      690ac3d223f4f7f5b0e2d4617e377ac3

      SHA1

      c70573a73790afd2f5a5b08cedfc19c7a3b2bbd2

      SHA256

      1d9a60167b1da308e98d421277c3d73e54169da2c657d711b7f3b3a72974d384

      SHA512

      387f692cd09d853c9dee375b778f3c0a524f0128aa3e0ad259a80672e442fb2c49e8619c41749bdf317c1d588891869620843629a1b77967c45b70aec16040c7

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      a798a492ae0b88b2300f83e7ed832c0b

      SHA1

      bfa192fb24b397c04e3bc1653b1f4adc80338e63

      SHA256

      72c7a4abc388faf752aa0e1a1b4e11f1003d9ffecfb94fd872f242ae7f51ac86

      SHA512

      f011e2b4d83ff6196053600316a41e877854fbec789026d5f6aef9b061a052d758f485063b562c9dfe275ebf6df1c835ae5927adc64f36e055696d179647aa56

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      1bdc2a2a4f8d571fd430bf93153616df

      SHA1

      360189d6fe4ce9f9879ef073b2855eb3b6fe4645

      SHA256

      e7dc7d537a8f1d6ac4ff856953619a5292eca768d507fb2ef2a0de59003fbfea

      SHA512

      301dcc0d997b0cd3c86fcdfa61bff54b6308f49cb99f9165db0cf6b1c65bcf8415e586a548fcd6bb1eebc372e91873e278a87c741c097ad8dc820d948eef65eb

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      cf7afe4c2bb539dd5a2e268dc388ea72

      SHA1

      a260a72e4f550017b268fb7349b7de130071fe1f

      SHA256

      2d99719eb1442f7cfb37565d5fc6fd7c7be5a9c63b2cd61d22f0d5ea548d6684

      SHA512

      28ecc258879583794b330082f9c7639b3fec7c6cd96305c36cec0195729c02d84011bbfaff57942952fd47d77cb266f03f317e77d9581f9205363f051e278e33

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      93a10c8ff3c9ed8a1e3581bcc6fa26b8

      SHA1

      a0a21d1ba9962650dc4146c49ea45e8a79e86cae

      SHA256

      3a1540134a70fe6091e016f8d10562b4431cf6bbd4c63e52c3934e48a496c39a

      SHA512

      f82cdfa0aa72f17acf7166cadf3f4365b739dbbd4b47da8b6423ce6281d4304aea7b563d293d111f49fd0fa5882378e090f2ee0e2858eada7bcfdac8281208a9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b46002d34d8e7285caf90ea4b3c6b066

      SHA1

      ac5d15c8f1135a01ceddb577a344bd56e4d6974d

      SHA256

      edc17981c69144b320a9f9e7617aa185fac9ed82617b440ed3b13010a2f6fa84

      SHA512

      41b95da71cd591f048ca20c1d02bd6d8bf224e540851e2716cc98d9fc8efdd5ca6b3f77c32fbbfbefb574bee16da602e19058ff67f89d79e1d01c64eb9d22f7f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3836a49be5985cc9e9c562188335d6f8

      SHA1

      db773077c9aad9824eb067e37dadec239d719b61

      SHA256

      b8a3de347683570baefecc0e15bf5637d809aa181148cb9bbd3b7c9a1eb1404e

      SHA512

      e7b57e973537bc41047601d5c9295739b3a3f3265e5d08954c71c6515ecc484ad0cd39b1369b14d5ed66d0cb811691c5cf848384648d8ee61e43b4c88611e58b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      43b13f3e7767e2dbea09486e31626960

      SHA1

      000fc6ddb922ef7d2ff04dbf2af76663384fbaea

      SHA256

      9937916f90145b89f983be4e6ebf487ec61b0035e7f6e47a8d5567581492e343

      SHA512

      c0fe8d971a3e9d46c97ffdbfd9d0214d77d1a2a2905c51ef59a8f151347138d5f6c2171c72858e406089f54d6c3252da1fb1b6f6c2ec9bc1fdec99e76a1bb5f3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c80fe0cc3854be7d1d7baa100b50415d

      SHA1

      1188aa859a09b38e2abb7dc988b272ec05688e91

      SHA256

      233a2539044f1bc3eda645cf85db234313d0013cfe895a150a1c42ce7225242a

      SHA512

      4823056208b3aae94fc1a9d26db7921625fd61e1eea07fd60a30ce6f401ab3b88263c923963b1d4742bdd365178b279b907235c6310e64b104c4e538ab795471

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      242B

      MD5

      f83d4d1dabc2b8b9c993db8f2cec4223

      SHA1

      12fafcfb1b6105206ec58918292a9e87235f91d4

      SHA256

      b034e39ed4a4b5bed445e93648460b0f14dff5aefd1b039756382b181ffe3479

      SHA512

      b1705c3b1d57bf5a36d1f0cf32d1c55604e0584696e1b9c3c46d4d7e6afe67dc5916e1b859bdaf2daa616eca806b4625fb81f79c0b6a4d2e3221b65a42cc9b80

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z8d0nzh\imagestore.dat
      Filesize

      5KB

      MD5

      fff7b985680b7a3359d2b10517134e53

      SHA1

      9e4112d9ec5f6672204f995f6329e24818e0f0cc

      SHA256

      1d3961847144954af61e0983e0c281c9d92927bfdd6c94cf559f201d54ee8703

      SHA512

      9b41036dbda74fa5b9fbe3619bcccd358f3a322d7005a366e1ca65922359bd0980927014208cc417dee7a5198b1e03b11a92b5acd48b40affcb703b7c8c357e7

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GWW47WY\favicon[1].ico
      Filesize

      5KB

      MD5

      f3418a443e7d841097c714d69ec4bcb8

      SHA1

      49263695f6b0cdd72f45cf1b775e660fdc36c606

      SHA256

      6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

      SHA512

      82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabA842.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarA873.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarD88E.tmp
      Filesize

      183KB

      MD5

      109cab5505f5e065b63d01361467a83b

      SHA1

      4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

      SHA256

      ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

      SHA512

      753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

      Download Submit