Overview

overview

7

Static

static

7

DefaultWsd...tor.js

windows7-x64

1

DefaultWsd...tor.js

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

machine.xml

windows7-x64

1

machine.xml

windows10-2004-x64

1

sdk_core.min.js

windows7-x64

1

sdk_core.min.js

windows10-2004-x64

1

settings.xml

windows7-x64

1

settings.xml

windows10-2004-x64

1

vpaid_html...e.html

windows7-x64

1

vpaid_html...e.html

windows10-2004-x64

1

web.xml

windows7-x64

1

web.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230220-es
  • resource tags

    arch:x64arch:x86image:win7-20230220-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    13-06-2023 05:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fyb_iframe_endcard_tmpl.html

  • Size

    520B

  • MD5

    7844cba73b7b4b439b587dd501e92d82

  • SHA1

    25a452bc6886d0e05d4a73da785021fd4c477a04

  • SHA256

    e042e304cecd19bb6816de0150d3895e2717e66dda91f7e189610687c049dae6

  • SHA512

    f54c2d7c0b265aa7c6feb18b8fb6740e01c9e3aeb19bf420d39832737fa59eed8fb959c8aa8a99c0efc87ca3399a244a918f0b4e90b0ee831a87e8afefdf2711

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_iframe_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1000

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    629eaa330863fe0f7495e0979c6ec21a

    SHA1

    41278db3d58862136ba1963ad2461f6fe2bee6f9

    SHA256

    9097bac860351e81cc226e2c9a7ffd088dce726b6278a014ead4ef6d6edc1a10

    SHA512

    c80a74aa9af6acc9c2c1b0d949eecd8727320893437cd166fac7d6f5766b2ed16b240c9b63c7a380cfbc70dd4ea28b74242605e76ad4146d81b8a220d000c4a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5ab7c0199f9ee9fbf70cdd37424fc49

    SHA1

    03bd4160b06e9e92b6ef281150581e971b5f1321

    SHA256

    64bd827e997e94b1e9d6f913f35dfb6bd1487faa576ad0da8ca68add7f4b4937

    SHA512

    c7a734eefcf479e4efd0b7318600eea5a54c6092de974892a3fab6c3e67966880bd811cf4817d776c1b7f62e9ae58547285d012adabcb3fbb8f64d8e84dc130d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8387f9259a508dbc05df78417c630348

    SHA1

    8a98bea8019cfa8c4a9db70ea9c9553c8615a91c

    SHA256

    b7ed928195298be6b9cb203ae9239a3b362213b4afb4ac0a23a689c8b9df63f8

    SHA512

    8d14402e31ec03e645da8ee822854df10b53781ffb296179d16dda19a3da5cfc6d091999536cfb74e9e6af80fbf86ca817a1d47a5efec1d2f669839460df2bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec2537acf08aa9159281d4729c9da9b6

    SHA1

    9b9451851dc61a1e60b408293b8f08bf60077356

    SHA256

    e620bc2412a4439efde2b3adbdd79042431303ae49dcfa7d39b6e84655d791cd

    SHA512

    3c1e5313d21639c105739cf03b4e57ca1257e9ae7e1b0200988454a832a1b09ad6c585a3889c05302638305a9ddb5d3ee3533a36f1d247d0aea02c57f4d6ceec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed4c01b6841ca4e1c0b3b0237aaeb247

    SHA1

    9e5568a2d903787e407741430033e0f8db683eac

    SHA256

    825451fdf51ebd7d2298d1971ab12d7ca92c111268502ba63abd7529601be6fc

    SHA512

    73b07829523c5ff90d717ecd3108fc1667bb7322506366401ffffeaf9c440daff9b25f071dfae2123862b47b953a26f38b07a516ed8af2f0ff69f8d85a458ded

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c75e044b7bcdf891277591e30b1b38e4

    SHA1

    0f5cc0cbc0e088817d49adfa04de03b51cca071d

    SHA256

    670882ac780196f5404b45e4d776b9c8191fdcf69158bd9bf21fcf0ad9518a27

    SHA512

    c6c81f48d4d1465553428177e89aa9ff1bddc3259b2110e3519598a49c94cf6159d9c80964f0eae541ee51083b8747b4771b38ff1f31663df084a7a90854774b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    624085eb840e2d4fba748189c84805fe

    SHA1

    db145d8806414160aaa91c9a2d8499179577a6d8

    SHA256

    f2701c046a6f827b915d6fda035113b0cff81ec89cc2895d673374b08a236cfb

    SHA512

    ea6d83c68e976cd4abb96d6d2a27aebb6ba44918362bf3463a1706aff92854b6211da4235ffad5113f66cff0566b61eea10afe5d966927ba6a1983341ed68d90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36895e42b1c4bf62fef337fda3337c1e

    SHA1

    bbba12b519f9f6579d7cf667f4221405ee564c19

    SHA256

    881c20054f4926b721bd4c258b88612ff2b09e122e962257027d020a1e51e025

    SHA512

    0cf35751968480e344cbe57e7aef2dcc09552fec0cfe53b567d80064136823c322907070c60c06a46de35abf08b994e0a76e1e7438a82a09036cb4199859077a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    982f9b8a59bb549cb47efe64bc133028

    SHA1

    9b707c3952e7164d3d00526c760b28d9495c3cc9

    SHA256

    9d22ad7a8c16c67a683c996a11c76cc4b2ebfa23335ff188fb64987627a13f7b

    SHA512

    88ed5607043adc64df4118323ffa2ccd5a7167ccfcaeebadb6f2740a9272f56f4c03ef5a51c0838449f4a811a64b6abad147c49364cacd5e9018d46d6360a771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0c3bdcd164b783b9f6225ff7a86b6cf

    SHA1

    94f46bf6017880e889a595be6584d27dd3c77e72

    SHA256

    cceddcb465501e48f99d4a94c54c95e04bfac41a9fc0a38fa5bae1974321529c

    SHA512

    c047a737eddddac19cd81cbd30190f078c60e8d51b154477a95e56f7bb4ea1087e937280f1f63805bc2b76a91327000029f668a79301448b6fa89d6fbb8ea77c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].es-ES
    Filesize

    18KB

    MD5

    e2749896090665aeb9b29bce1a591a75

    SHA1

    59e05283e04c6c0252d2b75d5141ba62d73e9df9

    SHA256

    d428ea8ca335c7cccf1e1564554d81b52fb5a1f20617aa99136cacf73354e0b7

    SHA512

    c750e9ccb30c45e2c4844df384ee9b02b81aa4c8e576197c0811910a63376a7d60e68f964dad858ff0e46a8fd0952ddaf19c8f79f3fd05cefd7dbf2c043d52c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6A88.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6D8D.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0NR4CATY.txt
    Filesize

    606B

    MD5

    e4f0f946c154b9a7eef3bcd39b607473

    SHA1

    541ccdf9a9786fb7043c405a515b536c9f2c6266

    SHA256

    36aa9a06a5f092fb5c40a33590f53179646763b82cefb30c84080495eeb771e7

    SHA512

    0ee43ce354344722329af742a8dfee4909dca42272a15d0ad9751f59f1fd87a9e6b6e339bfb7cc535481e16f237f9ebb47b6f63ab07bfde15d12f41bd06261bf

    Download Submit