Overview

overview

10

Static

static

7

78e6f36b84...JC.apk

android-9-x86

10

78e6f36b84...JC.apk

android-10-x64

10

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

floating-s...ed.xml

windows7-x64

1

floating-s...ed.xml

windows10-2004-x64

1

floating-s...te.xml

windows7-x64

1

floating-s...te.xml

windows10-2004-x64

1

free-text-...ed.xml

windows7-x64

1

free-text-...ed.xml

windows10-2004-x64

1

free-text-comment.xml

windows7-x64

1

free-text-comment.xml

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

maction.js

windows7-x64

1

maction.js

windows10-2004-x64

1

menclose.js

windows7-x64

1

menclose.js

windows10-2004-x64

1

mglyph.js

windows7-x64

1

mglyph.js

windows10-2004-x64

1

mmultiscripts.js

windows7-x64

1

mmultiscripts.js

windows10-2004-x64

1

ms.js

windows7-x64

1

ms.js

windows10-2004-x64

1

mtable.js

windows7-x64

1

mtable.js

windows10-2004-x64

1

multiline.js

windows7-x64

1

multiline.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    17-09-2023 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fyb_iframe_endcard_tmpl.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_iframe_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26df6e1d1c7afb8429d10ef5525b4391

    SHA1

    0d5aba07e248b128c5fe5a089798a95cfe1a8fea

    SHA256

    3833b2fac39c5e1020c45d6cf3877d0c5da6e21690c1c30e98b52cd35210317f

    SHA512

    ec86e08bda18057eadf44109682f733a2327874757dd969bfd07f390b347504d03bc3bc4e8a7dcf959b5871c58b7767744c4478a27e5f9b59c2cd8fc85c4ea25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0605789a4773c5ca33da4f46572a49b0

    SHA1

    a6b236042e31cb57057d977cf1e4f901b5c73bab

    SHA256

    6922c982db38b65343c7ab8f6129ca70cbd7ca66f55c6dfb048cbbab6e66cd07

    SHA512

    5253a8e94a64532bc350e194644b3a44ad2cdef92b115f4fd352f208f95f89a615d9a7f2eb3bdac33a2b0524670d23679f5ef4fe74f3a2e9d1a6329234257341

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7ea65358ca582824f605d42f61f48e3

    SHA1

    666bd471a9f3eab78042dd844a934e51a89b4322

    SHA256

    9e31b89ba6a581b3d97e2e37cdf2377e2ffd1f8fcd955d8eb763f6737579be45

    SHA512

    6bb3e8d8de818dd6618ab258140744de37c417664a837eaf56b71b203e2124d9cd090cd7911a01c5778f5dec571166e7e24b47a434ab8edf29277576e6b8a94b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    405b6180701bf0b59c5be22ae33d47cf

    SHA1

    6c18b6c34ed81c416349118e29ab85ce2ec19ed4

    SHA256

    17c305a0d061f17b2600406afa975cb26c46bb9caaed90e9c8ced47d51600958

    SHA512

    c169e7a8c061b7bf327bd1d517d7afe7be041b0a84bd26441f6a6572ec8e639cb388c2d66393e0aeff4eed099c3f3d4a21e9db361127f6b434e61733cf0e7108

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    167fc026b008515eeb2fcc8845d359f2

    SHA1

    2a8c24e5265363ed065b79f90d6e4f14e9b670c1

    SHA256

    6ce7c898337008eb49418f1b2b7448faf611e5583c6ffa054d5096029f9ea081

    SHA512

    6f53e649d528cbf8008f1d19f955855a0fb4d5d56ab6d8c71c6f77486f6666263d58c6cb5383f14f578ace649362ec60adba39a6cbd5e7b275f6577f7d9562c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d68e74d28e318990cb95e5c18f4fc776

    SHA1

    84249c1d95976afe0342fd3f1b25d332c1b77881

    SHA256

    066d05c0269c0d64acb9647722b804a46be0d6e9f992f26093bd4ce6e6db1d82

    SHA512

    2ae1a3dbf73a348301dbbfbd21cdc74dfa02ff76f59336cdb133e6b6b574d8dfce5845cbbdea5d3137389e4b69b591c9db4f58e17d2fe9e65d814dcca15b5c33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65ed85065ced0cf974920f1c72b684c8

    SHA1

    c50960dac78373bb042b23e0800bfc2534a4d191

    SHA256

    4a5d623d448c477c2893a0d39b54e7f1f86e29fbbac2abba0c35be8d5813f277

    SHA512

    3bd9996cd8346f03b94e543da3524af7580c67491570f06be77dd5cc543908596eca43da4e01b477fdcb0e31612bb3ba7b0d78d597c1d9745a53497ec9d658d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6769d914f14c9768c450214ac3acbb7

    SHA1

    49fb521273f175c887949720d3232edfd1b7faf4

    SHA256

    f1faf7f20e76df2f50a01bbfa899337d970fa75ff15bc957c476c8be7ff5b236

    SHA512

    9adfdb4558263b7991be461073765767312ef059a59fd15ebe36aff0b8db757da5718742baffbd338ba2761bb4679b05a37a2e50648bbca76e41127436343a26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41df7a5f347040161af6ec09a331dc72

    SHA1

    c9d500772b6ed301971ae0c73df62fd288fe26b1

    SHA256

    8c41ed78eca2a9d014c9c367f8aa2472dffd2abdd83d4fb63d63edb8763ec4db

    SHA512

    1599b5eb0d46dcc36f2afce9d17df11f9b23b8d12df7097537d4493745cf7634e9c81d40fab5c727aef36a80a278dfc53d6dec9df9d285b2fbb7693c54e6f049

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad85beea11b7f1e0aa5d38708d7c58c9

    SHA1

    f9fc2a13bccbe8f1c5b4fdfc97e610c71c16e0f5

    SHA256

    c447f53aec64b8ee86b23e5868bf5df724e93ecb82756135b1cabd64c2880f14

    SHA512

    33ff6e2c85f9ab3304205996c68ee72e08e3bb2788b53523cee844bf0cf1f0d376edee6a53d4b839a648001a5ffd52d6b0478fe2ecbb4b7b6d50dc789ef82620

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d8e40c55936287c45b9bd0e0f803173

    SHA1

    9f127dc09cfdbfa349825857776c8412434a54ec

    SHA256

    0735c7c653850faf3f8ec37ba2969fca6093e23af6858387fec26a30ab12cc09

    SHA512

    62a40fe33ef3ca3c5c9a0b8c063d63e01ef7c28c7a6fdc779a9d0e0e54a2409c7a8cf570c56c40c5317b768fab1fde4ff8e3fefd7b2bce57fcb1ca94e4e9df2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f93cc6b9b1bf8b4c270ae5c15b53569

    SHA1

    2f9708a9c5f7e18da4f0e9ebe5ec76983c365633

    SHA256

    af5751b33af3c1c0a19f4b04ea91f92e5ef3da2a0c457d863ff348ff7a967ca2

    SHA512

    677c7c494eb41cfc0cdefe2b52c2d1f3e3254ca578c39f8fdc976e7d1bc154751d649c8dd618a67e183a4cc036bb293049b7eea1706cd876914405a030888ae6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed12a176d95ccbb8d06104ea29e756d7

    SHA1

    3c095cb0b7ea58b593d7fee23fd65a0959718acd

    SHA256

    9f2b1e0886e9b2d5e439e43f25717b315b6a437dbcc4cd8312eb936915312d85

    SHA512

    7b2b97d54f19507c8ba43dc7a9b49ca10eb4481ed882541977b57c6ec29e0298ed3beb19518be34d688e1036be0614787089341268e189dc4869691bd012d570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ba35a181cea4724bf3a6cf8f6a178b4

    SHA1

    84287195f2ef332ad7571c0db2db79bfe582fe88

    SHA256

    1af84b60ab22ff9f0ea55f73a0d3ef64e26075c9d8fec5282702dfbf030db9fd

    SHA512

    96c85fde8cba95dfcd07847a01f1ba69592ac30c3d91c6516389cd1700b91d255c14f64e7e9bfd89e3e124d2dee7bc9f8bf90587fbacafcf7162af89c34265fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bb5c3e5b84c3413f384ed0011ccfe89

    SHA1

    eb79cae5e1b7602760f576e9bdd16374c99e01cf

    SHA256

    779e2633b4ae55d372018a24453019df65eb51a55a1a61d0e39ac4546c0a4d59

    SHA512

    dbf95a9955e07f20304c70e69b3ae55b3e3ac9ce7eeb264d146e113aabef09e651c7d65ec3c4d4eea1f309ded4c928e19312d7d049ae2a88f355126f2256e734

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba6272c39ff3167a2a9686664f083185

    SHA1

    cd73533e6a80ec8a6950c7107be53e191e0417ad

    SHA256

    5df9e2b7b2e7129226e8da19f5de0cb849c125586dd82e040fa6f91307d00e0c

    SHA512

    73da9dfbf2362e18c8ba9d5ceb6afa220ab1e97a0e1737283e7cb6208555d35e7ca41aee283315a8fd55d774fb9497cc5d866790b29379da43af72f5e7f8f46b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6AC7.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6ACA.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit