Overview

overview

10

Static

static

7

update.apk

android-9-x86

10

update.apk

android-10-x64

10

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

floating-s...ed.xml

windows7-x64

1

floating-s...ed.xml

windows10-2004-x64

3

floating-s...te.xml

windows7-x64

1

floating-s...te.xml

windows10-2004-x64

3

free-text-...ed.xml

windows7-x64

1

free-text-...ed.xml

windows10-2004-x64

3

free-text-comment.xml

windows7-x64

1

free-text-comment.xml

windows10-2004-x64

3

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

maction.js

windows7-x64

1

maction.js

windows10-2004-x64

1

menclose.js

windows7-x64

1

menclose.js

windows10-2004-x64

1

mglyph.js

windows7-x64

1

mglyph.js

windows10-2004-x64

1

mmultiscripts.js

windows7-x64

1

mmultiscripts.js

windows10-2004-x64

1

ms.js

windows7-x64

1

ms.js

windows10-2004-x64

1

mtable.js

windows7-x64

1

mtable.js

windows10-2004-x64

1

multiline.js

windows7-x64

1

multiline.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • submitted
    18-08-2023 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fyb_static_endcard_tmpl.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_static_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2464

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f6b73fb1e74698139dd7bc3596c24a3

    SHA1

    7204e63b3bab6e02776311ee2d5fd84372283003

    SHA256

    bd319c00cdce35f663ec90e7e3c68c313c4770478ca98636c94e030b8e6ac667

    SHA512

    74ac2b0457ae7b98da15f264dfe641b9c183fec2282367e26027f15ec24f34f43ff7affc0ddc9e1b931d078c25e83e64dc030afa539b244f4ed4990d95b84583

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c10da12407e320539d11da13d62a83f0

    SHA1

    e5615eb7762f3100b93c798907c008c0048b138e

    SHA256

    cb38a689f3ded7ed8d677710775cabe47e12dd7b7294fbaa1c35395ab35f91b0

    SHA512

    bfde10df43e18c2c80ca969f4df82352860431dbc09184adb83e10c148b661a9356d01fb26a359a0f064ee53aa7c28f4eae3fe5c4351f5c99bec4f9daed3020e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3471e7341fea59e5731eae555d15bd57

    SHA1

    8d709325ea0ff087ded54c22ac76c94de00eb928

    SHA256

    0a7649c55e04cf7c040d2310930de5a813c92ea6e2195bac530365557652033b

    SHA512

    5d6f37db484bc40fa316734d9623e798dac4fc211373f6a8315a2e4f1cf1f0dc1da21b076b75658c8f6ecf04f0728250bd3202c55a2ab9a7296f608eddb3a784

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c87311bd28b8b96455536cf9fcb392c0

    SHA1

    ec8bd79d2d44800d25c3ebff28b63f7914793295

    SHA256

    ccebee3d55f8d5e904108b390158fb8a802945e7465934902655a9c0397fca72

    SHA512

    898c7a676caf9a97fd216898826f62420ac63f3081ec791e150bcab0bba0e363757d38423bbabb8dcc083de44c7879fed9b0035842eaad0880e9b2a1e13cf9b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cf30a4245911c7ff2a2795f87103fc3

    SHA1

    f08ea6d61a1749c3aa54490e49f35c866a515ba1

    SHA256

    d1f3ddfd8a9ab9e240b3054e4cd6b77ab897b519328d6729197e9ab499cfb927

    SHA512

    a0371bce51654eb06abe4021ace7bf920edb5d4066209b970f88c33deaa77deaac2f9b287e934c820557dd69cba16954759901cb79df2cf1fb34a343c1a7d10a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e6eaeacca571f33618ed25d2e1accec

    SHA1

    aad0808cc2ecd27ebc83dc9bb3657ee87949e81b

    SHA256

    10157f12ea69d1535316bc8bcffe9e478a82c9cd9e3c048d889455c688be426a

    SHA512

    32856d6a251ce46fc8f9f46169305f68ebb527364d71bb399d424a8b2a0f84d1dfdc042f1758877f5845c6ac1ee2adc611e0c679731722a7c67f9892de5abdf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e108944eeb8950e574f26637d4e2b58

    SHA1

    56df9080171f120f9a10ffd6073febef5b7d12b1

    SHA256

    f736e42558a16360d33ccd89eb38606beece0951dcde95470bba0beba3a09870

    SHA512

    8c927135903b7bd35c9de91d390fe74715baf0bf23f08f9c5d27eef773059fbcc3d5239513ef0855e0061260f6fca399341a0e398f6e7156b61789ec42a251d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b1b197b2e6f66df6782ce9a299ba3f3

    SHA1

    099a07082c692673d3e320e6495a2c17ab9aa79a

    SHA256

    a34715d186c147cef5f304b38bbff7097367e6f2017b7360799616a63bf76f85

    SHA512

    601b659c7b1b06b88726f28b0c20dc91f8a40e6246955dd010c21d4d578a1b7dba207095c5ff8bcf0756ea55ad8fa2c641430f44a197d258a7a596506d5dfe20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2a46c5449f3957105351c7b3144c4ff

    SHA1

    cb45b464d469932580a55b699e84836358f02f50

    SHA256

    9986a1e13211748052967a606b34d35c61aa0cc5e186edfba5716665343811a7

    SHA512

    78416f443eddc7b70b7e339789316f6be9e00a5adfa1d4c12d22ee111da82c19c385b905ee62c845eccd11d0b225dadd16cad41a1f585bd07ec0d8c7238c76f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2cf4b9cd4a6baf4ea0cf2cefd3f5444

    SHA1

    ce7128268df4ae4de9137f4aad1b382eb40ae185

    SHA256

    bf2b1eeac9418ca9b33dac30d3673e23236bddc133357ed5eca90599c07e9f78

    SHA512

    690d5cc483d9f4565817c71a1d8f4dd10d72bac03fae977056a4c00fcd2254ac04d57f91980ba93ed7c6969a8bd333d80ef3b07f0afc39c5214c03ed134a413c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d441037ec61f8f2ca7981551938f7241

    SHA1

    a369582033c14e14af7379f6f6c1bce42fe9a35a

    SHA256

    c991479ea21efe43927482cd107b3d279f1ef3667e1a935b9255f3d892a3c4e9

    SHA512

    1d2fb3c795ebdef4286ed4a92c28c17392a61b3d7316cf2ea497c56b46dc78c96aebfddf45d68052974743278e8fcb253016e0fe15d967e1be3a302cea7933eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA354.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA376.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit