Overview

overview

10

Static

static

7

com.amvery4.apk

android-9-x86

10

com.amvery4.apk

android-11-x64

10

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

floating-s...ed.xml

windows7-x64

1

floating-s...ed.xml

windows10-2004-x64

3

floating-s...te.xml

windows7-x64

1

floating-s...te.xml

windows10-2004-x64

3

free-text-...ed.xml

windows7-x64

1

free-text-...ed.xml

windows10-2004-x64

3

free-text-comment.xml

windows7-x64

1

free-text-comment.xml

windows10-2004-x64

3

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

maction.js

windows7-x64

1

maction.js

windows10-2004-x64

1

menclose.js

windows7-x64

1

menclose.js

windows10-2004-x64

1

mglyph.js

windows7-x64

1

mglyph.js

windows10-2004-x64

1

mmultiscripts.js

windows7-x64

1

mmultiscripts.js

windows10-2004-x64

1

ms.js

windows7-x64

1

ms.js

windows10-2004-x64

1

mtable.js

windows7-x64

1

mtable.js

windows10-2004-x64

1

multiline.js

windows7-x64

1

multiline.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

Resubmissions

03/11/2023, 03:44

231103-eapr7ade77 10

14/08/2023, 23:16

230814-28586afg99 10

14/08/2023, 23:14

230814-28bpjshh6t 10

14/08/2023, 23:13

230814-27c6zsfg95 10

14/08/2023, 04:43

230814-fcfsqshe37 10

14/08/2023, 04:42

230814-fbpz1she28 10

13/08/2023, 13:51

230813-q5sccach63 10

13/07/2023, 06:05

230713-gtdv5sfe43 10

Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • submitted
    13/07/2023, 06:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fyb_static_endcard_tmpl.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_static_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2476

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5476cce3543774925f83d0076aeb21d1

    SHA1

    d01977a8b280cb8c5d05989a3ee07a49c42d3754

    SHA256

    bb16a7be8403c027a825a583b677c6919bfb4c04a13cb126f5b50dd910c3bbd1

    SHA512

    37ed12ede461c41397c9b0a29abf75387bf4bc14e2eed26449c5bfe9a06660cb0ea71b9c17f824b4be0bf6c90b2683cb58c9fca461440b39e7b740719179eb98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f94379396f4252a60423bfa03f91132c

    SHA1

    d4d4850ff30f6138b7d87d36bf95fe6b9dbcd21a

    SHA256

    32b013b53a7ecf5e3605641dd822ef27680865d18c3385a754c0928a95f42997

    SHA512

    2537f5cd7f5834620427c1a5646b016ad92d50c38440535e709066be2478fdbc4319171f9450b6f1f3d4cfc549af03a7d6861c340b97f8e2988371c98abb5f2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f94379396f4252a60423bfa03f91132c

    SHA1

    d4d4850ff30f6138b7d87d36bf95fe6b9dbcd21a

    SHA256

    32b013b53a7ecf5e3605641dd822ef27680865d18c3385a754c0928a95f42997

    SHA512

    2537f5cd7f5834620427c1a5646b016ad92d50c38440535e709066be2478fdbc4319171f9450b6f1f3d4cfc549af03a7d6861c340b97f8e2988371c98abb5f2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f92dca314cb842036c2b68f471cfc4a

    SHA1

    c9ce5b65d28a74ab64ac39a5db4bf1f84ca86739

    SHA256

    3f9a4b6973dfc65da2d9c6403f240c16457aebf7086cc6008b568d39cac4acd6

    SHA512

    50d8ac3de5e9c12d84e71881c08561f9df81d0254519b65e9695019252f3fb7450ad2f54570d9009d396795e1aa37b930b06d0289ab9ca7b4fe97fef81847dc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2f48e3483931a822231c252fd6a8877

    SHA1

    93364f5ffe384d6b598f6986633f1150dd567a03

    SHA256

    7dab6805b90029b10ba0ec9db86c34b6d054058e2a7e0137577e34b7cf4baf22

    SHA512

    4492e07dfe3c9870c839d60146ae1a09b9d464d18b96f75a2616f93fdb778171deb8664e10485c294157ac17451dcd213c86cd4637e7f8c99d5cc616736a1402

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    616ade5f13c2155b52546c2b7928c085

    SHA1

    21ae07028e779876999355eb62d7cc7de5e85d76

    SHA256

    418c587fc7d92bb95521880b11b1fe2053bee04c63284ae33d2e34d94a9d61d2

    SHA512

    a03fdca7f836d38f13418742074e766fa40d9e42871f6c464a9a4ad0f44ff4689e71aa55b9fa59325323ee9bb7edea1a0db4fb4317c20e9942f5bf642a9c0c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64d157f8894e9bfc4a3989dcd6a01625

    SHA1

    ad729ea94b7a93fb146f60eaee9ef2e039ed0580

    SHA256

    1a9b687ba3bba6e70c9ee4f1ed0dcf862c6d6771267ef6c952759d9fc446e5b2

    SHA512

    3cb4ba8bda925d7cf74b8d271fd2e7a18fbfaf33127155f9d5b33a523b6fac0bb233584487c6fc37d8aa48cdd276ddddbc73b11470fa2fd7e9a76ebde3152898

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8bdc5dacf9739d0bf8c34926a3e1baf

    SHA1

    3600c00b81c82b52959492c8a9bae2ba8db416b0

    SHA256

    e1bb258ba31a90ca2b5236b3598b034274960ed608ff342ec3b96392b3fcb132

    SHA512

    6f3bb447e9fb5cbdbbabb37b2566a1fca3a15f5637ec6e99bef6b4d111874dc1e517d9abbcfe9ae8c6376185d63e38cd0d5b6f20b2f0f672a7a9cba78873d5cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5920cec8cc06b2c049337d9c53d4e079

    SHA1

    9f734bf1d699f727575a2d31ac1679f134a5e9ce

    SHA256

    8c5b5a48aee5ad412927324bff8aa6206e6771fa8d30cae7cdcc06745446e93f

    SHA512

    67c0ff96cb251551952c4ad22a65bbbc9119b10f981b4d858750740c29a8848d876a4aaae9bb2ceb2e781e44537b42239dd0163dbae67f9a00d6145a492b4090

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEWWZC8O\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9DE7.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9E58.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UIN7JBME.txt
    Filesize

    600B

    MD5

    083b6100bae580fdf894656e2fa58d95

    SHA1

    ca221fec40021ffeae3244c135b99decce758272

    SHA256

    8a6f7036cfb5396c8b9efd17ff80a1f3318413aeee4694657116e862531f5fad

    SHA512

    34ae773b4e32848f5692a6cc8a8cc0de4dc680e97df087c861447db6afb1fefb93df741d86470760377d5114ab38019f901b5b15470272973fb066a52565f177

    Download Submit