Overview

overview

10

Static

static

7

0bf73ff0ac...f5.apk

android-9-x86

10

0bf73ff0ac...f5.apk

android-10-x64

10

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

floating-s...ed.xml

windows7-x64

1

floating-s...ed.xml

windows10-2004-x64

3

floating-s...te.xml

windows7-x64

1

floating-s...te.xml

windows10-2004-x64

3

free-text-...ed.xml

windows7-x64

1

free-text-...ed.xml

windows10-2004-x64

3

free-text-comment.xml

windows7-x64

1

free-text-comment.xml

windows10-2004-x64

3

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

maction.js

windows7-x64

1

maction.js

windows10-2004-x64

1

menclose.js

windows7-x64

1

menclose.js

windows10-2004-x64

1

mglyph.js

windows7-x64

1

mglyph.js

windows10-2004-x64

1

mmultiscripts.js

windows7-x64

1

mmultiscripts.js

windows10-2004-x64

1

ms.js

windows7-x64

1

ms.js

windows10-2004-x64

1

mtable.js

windows7-x64

1

mtable.js

windows10-2004-x64

1

multiline.js

windows7-x64

1

multiline.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

Analysis

  • max time kernel
    195s
  • max time network
    274s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • submitted
    26/08/2023, 22:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fyb_iframe_endcard_tmpl.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_iframe_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          67f95994870cfb9670727467fdee2a2c

          SHA1

          1e603cc38cf99f7f135cc80e099b8bbaedaf5913

          SHA256

          eb1b145fa977cf33701ea43cbad9965b2d05a58c4814320bfeeb5b3dc3a9bb11

          SHA512

          784d045ee94e21b38334032a1e2748471c978255e752e21d7bb7d192f7334edc4b9e72503eef2ec8b66b9d4ef732a722b14fd1b594e8b92529bec6baaf965e4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ff01700e543a4548ec0f37c386be26c7

          SHA1

          b16310c0d9c5dd08556a0d5d0c7f78ab96300e18

          SHA256

          0996f2e812b2171210d44e013676e43733bede4e6d67987b90350281898ad696

          SHA512

          fa21aa704dfe93a81264c4b38c5a890ede4caf22a420dc8b3424818dcded9bee8bdfe463b9527cc10aa8a4e5815e41f1ba7f384b897df526ffc77c5116024e43

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f1751974c91eaebebffed4f43cfa8522

          SHA1

          e90fcff86c5cf39d86ef88cc05027e69a2158273

          SHA256

          336c405edcd8862cece089e898aba933508f55944a875f330cafdb564607094b

          SHA512

          de8bb2b9d513021d2fe83ec23aba679db6713c1b441a7ea5921dc169f15b6cc5eaccbb9196a1e5cc4158d4fb7fadcb0fecf2a0077d9c44d20b083e0f8cf7e495

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c48c0f283ca2bd86f1e7adefb9ab52e0

          SHA1

          f9032c3282272f1972fa7b48f512f9a90c93ff84

          SHA256

          26379686395c9cd886eed5c9efb6e1664f1d3b8aebba7cdbf20b21bd79823e47

          SHA512

          6a3f2cd0c8ae9212220f237006334ee3d741ab0cb7d7c962017c32d045cbef0c86f83a4b68f52ce23b6fe0907a05b32e360df7b10158d3d0574f3c4c1dbb7f63

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          27bd0f2a6f0b1d09023bad98961676fa

          SHA1

          c9a54768d8dc462d2166f80f6f947f8f0a67b5c6

          SHA256

          c4b2d599b7164813805fd820ec9e907faf5585b530cf1ea2a74b6dca0961c370

          SHA512

          c1a197906c8bac1616c6c323b9fd0b823775e1e431bf0076ce2b6a199996a2dfbaae479004f05993ce3b70a33d06536231bea281d8893015c4fcfb42fe67faf1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7ff91f8d475c53cb1728f8e61fae4d53

          SHA1

          870fce851da0febe59368b1c1cc45245d9c968c0

          SHA256

          775dd73399e4b4e0c2ae07357e0fd1bb43ce697f1b07b5f57507cb22a4e5f6f1

          SHA512

          946dc4b27108d6ea32da040200248513eb0de7c969721088d676b5b14032918cf53c552e2216b1a8d65e8d3edbfa57a4176efa7b9221d4a3752648b2b84714a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3a3267b90317d0ea0b5bc73782c5922f

          SHA1

          9e920776332e5bec676ba783b0f4eb2dc551c0ea

          SHA256

          c55dcff3d8760697ae26342b111a0fa15118fbdc8991f01934a51f4587939405

          SHA512

          b32169ff886693f857ba1af533de2f4cc378fe2f2f38d61a8387553cd6df72ac4b88c5836809f20a795a6621c7e28f766ae82655d5a4b12112895b47bfaae1a0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ae08afd9e353e6da559c0fcd842fa91f

          SHA1

          c24ac3951a8c1ed113b1a6f612145dd8111becf3

          SHA256

          05029699d2f92f37e9829bd32a8f174a8a05f9a45cdcca3f0595ef32101ccaa9

          SHA512

          87e5a1301560e241b0f7384a3ee8cc449ff9bbd0d1b8ba3e99875087d8d6a487ef6b45662a9ecc4881e175d048776f2706265e3812f8737ca2b77f0e3cded68d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          12fa068df9e4f4e3b5583b98896642c1

          SHA1

          323bd1a8ac440cd0c243a17ea27cb7b53b9fbfa4

          SHA256

          58d8f80becd5448eda5577ab83336b6433207689e0a157be7d8d1e405dd8259a

          SHA512

          12f9dd68b271679efc9d44a27a9a388b519ad71fda76ea637dad964eba8df83a46da3127bf9911e3d317e30b2acb89253d68b11351d3fa1d5f302be22cf96141

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2441bc2db1d9cef406b5188055a00dc4

          SHA1

          c56d046bc1f412029e178863aeca67ee538ea27d

          SHA256

          9621e9e4f3ac5150e3abc1aae02cf11c3c318eb45cacc98ad036631412c14208

          SHA512

          50c6497da6f93e788dcc5fa8fed7e6e44aa8086fb5755de87b083e16658e67c1e82b7438c9bd4f175e70ff660308305ed55710e29801ffb04d705e5b08328a66

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarC22F.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit