Overview

overview

7

Static

static

7

DefaultWsd...tor.js

windows7-x64

1

DefaultWsd...tor.js

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

machine.xml

windows7-x64

1

machine.xml

windows10-2004-x64

1

sdk_core.min.js

windows7-x64

1

sdk_core.min.js

windows10-2004-x64

1

settings.xml

windows7-x64

1

settings.xml

windows10-2004-x64

1

vpaid_html...e.html

windows7-x64

1

vpaid_html...e.html

windows10-2004-x64

1

web.xml

windows7-x64

1

web.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-es
  • resource tags

    arch:x64arch:x86image:win7-20230220-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    13-06-2023 05:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fyb_static_endcard_tmpl.html

  • Size

    3KB

  • MD5

    d18fb1787ce0e84567496b8564e452aa

  • SHA1

    007033d0824685600611af6992060577e127dd23

  • SHA256

    2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51

  • SHA512

    ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_static_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:508

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a3a0736876e88dc46bf72180572c622

    SHA1

    879001238886665d39631037b7312793ee92c62e

    SHA256

    54aaa70bfd93b54e5a9ac3654ac9d1091e38aa6915cd928058fb75f7ec06e1f6

    SHA512

    26f4057b1c564dad1c1dc0f08d411f6354d8c3856887803dee12de10f617f122409e01d89da0fdff5b93f26ecc9b7bf72121cba0afc0be5a5a5def688dbbfa8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f943b8fd5a496c3debf05f0e37b364f2

    SHA1

    d74f79a086dc102770fcd2b8b23d2a9cb16f23ef

    SHA256

    097fac4307d93bb49374017b632314aa0f5bc16c6cc1fa10c7abc2ee13b82a38

    SHA512

    a4b879487a757c3af3db90ee02ff5baf97c3fc1d1bf35421ba7ef531b4979a4f7f3cce6517a1d7b4625707273bd1739079a4b4f21227742b5879d39f2fd52462

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3638c4f979db52ebb6b85f54a8179fb1

    SHA1

    bd1f9f7bd71da1ccff6d9fc27aaafb9e096ed6e3

    SHA256

    b4d7230515321bebcda9757ffc2dd128458aecdd2a0e1f46ae72a6381065a113

    SHA512

    1953222a13ad8bb8ff3685382e3b418853a7f11f2dbc1d4cdaea20aaf56ebeeeebd42f2d7c2c7414718e167f8022c6c0b87e9a0e6576a986ba9740e45a58f2d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18540d2ff975d8cc5745930ca1408889

    SHA1

    2d9acceddc44a01535dc123b1d33b325fbd2af97

    SHA256

    60295df5a07d76fafb5722f96f47d1a19ae6a1e5107be44beaee997455c2e921

    SHA512

    1d676646c4244284ac1fc3e645cc30f521edae9d6f18fbdc32f6661c16e2aaf5b524d1924baafaccac26d305e8f779f0b2fae4453966d9bd628e049ff660249d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de7e0a35a713112c7e109bc375d7d7e6

    SHA1

    049e124fd3685c7e764549946d2adb7a1c5e416c

    SHA256

    33b37f93d252bddd7ace1ee6848fa8c8d52c02684ca26e0b9a2028a7258b3e5b

    SHA512

    4cd21403b5c59966203c2357e24aca62a032fd5a62458a23746170f1d215c0a9d51070606c9b7a837bf742c6e4f5ee0fa1d6f0469a4d1489d89d5cd56cc664ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62a289245f53e338921f191776787a55

    SHA1

    b83d0c6e3f4f242834b23b4026d5a91f498e3831

    SHA256

    9ea31a1153ea02a36ec2dd225a9adfc2cf182d8c6e29527d5abe8cf601daee6d

    SHA512

    4c8675bc9e452450114fe7268bbbace0f28ea76dccb615adaec9a0f05906ee48cd3a30f06d7ec207d9c772c2ecfebee202d467dd3b120f2bab280d47b3cf6410

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a6701e648cdca0598d66808a0c3dc01

    SHA1

    30f52927df6d2a6328e714eef3d772c43c79b2ec

    SHA256

    f1416cf62b15b18a00b0325d08cb63648921ec5e1f8762e62d4c7f6f5c97b760

    SHA512

    0639e5ca937ebe6fd0ee8cf7744b4bf15c2a950aead5664f746470c8635ac8fd08f5dd7a149ae965be3579a1514af11586b02a1921212c31f9976dbcf57b5652

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c16ec32012493914a135f770e85acfe5

    SHA1

    0d1aa53acb7f4763e00436a7fcecf5b8bf48418d

    SHA256

    a681130f4c26fc9d2fca382a228984941c33934b2c7d1349b1872bc7fef301a7

    SHA512

    eb87baeae04021333065654493599da68e3fa5a420dc6dc27b494dd6052573f160acda87b588fb0778c108efd75df414a995117a4771291171d620ded0f41226

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8ab5dedad80e5a3a7474c674b666248

    SHA1

    224dde44b27e43914adaf95927a26ff424338ff0

    SHA256

    4f1f41fe7aa1bf3ab3469c1c514be38d07309786bd4a26504ec5b94c33ce03a7

    SHA512

    eb933f11261883393154f0d422580b2fbd8cc599e978d0f666bfe5b2de9ac749484a5738e067b4c838a1f1b79546e081394b4472b9cb571e275bbb9ffd7b97bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].es-ES
    Filesize

    18KB

    MD5

    e2749896090665aeb9b29bce1a591a75

    SHA1

    59e05283e04c6c0252d2b75d5141ba62d73e9df9

    SHA256

    d428ea8ca335c7cccf1e1564554d81b52fb5a1f20617aa99136cacf73354e0b7

    SHA512

    c750e9ccb30c45e2c4844df384ee9b02b81aa4c8e576197c0811910a63376a7d60e68f964dad858ff0e46a8fd0952ddaf19c8f79f3fd05cefd7dbf2c043d52c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8C69.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8F0C.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8F9D.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ET2QPYS6.txt
    Filesize

    608B

    MD5

    a5af362f7aca3466b4a8c603dc3326c1

    SHA1

    dfc0f825292876333a03ac11be2c62a99c7c6ee5

    SHA256

    d26f45cd3c196c7e7c8f4857a7b3a7078a280444efebe7ec048da5b887af698f

    SHA512

    b7ea947c7e004dd598c4e46c65baad8b010b1365606ef0c95bfaabb2a1c6832d3cafa2ca19a3c761d3f502dcda80c26c4524159b96d7ed5ac0da1f4e5a3bfa84

    Download Submit