Analysis

  • max time kernel
    107s
  • max time network
    196s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    17-09-2023 09:00

General

  • Target

    fyb_static_endcard_tmpl.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_static_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28ccf0db871195614a826e199b70de48

    SHA1

    bb754ae23d48dbc08e2e8bcab3930adc40c5c570

    SHA256

    eba7999cc83499711883a029c5086f3dcec55adb07cb25ba4d054ebffc007484

    SHA512

    8672cdc63175d15b28a8dcc0dca26c489a9ed383bb0a5bf11a7aa155be48b77ad2fa79e8b7865d1a65c9038c86033cba45fe366a1737d58ff5eacb36c3daeda7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    39b471e2d88e42acc730dc0a314e4b74

    SHA1

    3e48988e2582eef962046396c6171c293d105968

    SHA256

    2f698511eb49c02e19de30cd9c67dff38690f3ef52c5484e277aa1949534d2dc

    SHA512

    c1e133484f28142edde60bec24785d6680df18da33f5847d11d3db75bb633dd0a987adf8fa85a1b64d4b7e79c991a388913b6d4aa001923a8727555e943a4e98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e7ea54f588d46228327ca67bdea4cd7e

    SHA1

    1c1f8e7cd4bdf54973b0254552364275659f932e

    SHA256

    d4659011f8108d7c6d83faa012ca872646d63fd77160830a0d329a8250c45def

    SHA512

    a960761932f505a4b58d88191d1e67be900d63f07cc95db9503c60aae7562f3169f0e54e049edd75387e8b1fa1006128e39cbb77d209af0efaa0e99b4ca4cc98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    22e6d00bb87724a6542a00ea2f4b1fa6

    SHA1

    f3759f672b8d699d6894d335fdbe870ec288d303

    SHA256

    452d6a500416becdf93ee5b6403ba219978ebb9ea980e38fb2dd29fb4a223ec1

    SHA512

    33a978edbc1b14a7649c7535e78fdf25f2b68db8fee83cd45f70f7e97db2671d109e2432786150b0d533b1e7a53a5cc9c4057377e9606714e5dce2aa79f01294

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5606c7864c20ef6e63500678385d48f

    SHA1

    7c3878248f093d52e4ccf8d897c42ba1a9045ea2

    SHA256

    b61976b9308e5e898765d9c3f72264f19038ce477bcc3bef136b671787b39755

    SHA512

    4ec7eea33bccd746cc2f35fd6e6069909bb023fb26d70b621a48340a5aa94e777518951d3a402e1a24029b25006ce1fb729f849932146b91e3844ee0bf23e576

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8b9dc652b5132ccea1b5dd73fd49b2d8

    SHA1

    b16df32dde756e69bae3486191a322476973b3d2

    SHA256

    cccdda81ff9a846eeeb945cebe50c7ff04a0c9f6abb5dfd1f1cdbd13c3635dd3

    SHA512

    be910b1f12861bd87a2217c2980eaa0d9c7050510af85175e03555aae933c0d7fe42b0cf7cbedf5017c7034a2a9b397ad7432e4835ce62b0c2eece0f33e228fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    52196edeca79da1f6ebe0fda29fc9e40

    SHA1

    1f9d2b3ee663cf89ff559f64c4fdd44671cbb687

    SHA256

    612936e7a7cc4e6102100f133ffb3d13afb2db2d092c039e320afc60d6b43c96

    SHA512

    bb6ee16c12439e0b5cc4fceb072df7051606f30db0cf9c6a7dc2c269bac342ad194bf7ba1da28edeb786aeb176abe9a16807b5f7a41d8b8e7855c89d7e35eb4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dbdaddf44928e08e27e9ca29a261d0a4

    SHA1

    112140e582dbc2eb900bd978c83fe2565187f532

    SHA256

    59d6ab4b80f584436c8894fc3d128a6b8375dc85bb05bf432580998dddf9c8ae

    SHA512

    8bd8d7fc92371142583d5a1070f89c29d1971f77e9d52297faacf57a04eff1e237182fb15515bd90082a0109ece2ab03b12103b3f8f2e2c5e69125c777e653e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c70cee0f2db76f06ab38d91c64f8365f

    SHA1

    efb2aed65dc28c7bf5de1387d6bd1899dfd11557

    SHA256

    809aa7a9c10cf14bc01b60cd408addb739bcb2f1da0454e3cebf199604ea5f18

    SHA512

    d9eea47e1f7bad72f4ab6c99b824b905ef2315bcab90f90df34fdb3f33d65bfad1047dd483a63862686d6568abe3f3fa6cb2477a7a7ae058a8c00a4dba7f4d47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b9261f90071ee7de949036bd6ddad8d0

    SHA1

    88e2f2776ef1f1a67905d7ba47df6ac8a59b0066

    SHA256

    b4c0add04bb7e883dcdf0596f34d6c8d9444cfeb8f53db0aa0a3a8689799f52f

    SHA512

    785c59b8959b99ae72e6dc7182b86ddd96bc26d2cfe573b57bf317360cb5a71ada687bffe5d0e80a157ab9197624ab969e80af0929de2258f61c327b7d119d63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1079e01bc401a504967d15543d165a72

    SHA1

    1ef1d021e4d42a33b90e858e10902b72f15cf5d2

    SHA256

    eb6a9b362373ab1a10aabafcae19abc69d080b3ae4529e7075984ecdc62c1b33

    SHA512

    e1aa3a30b51c57a211be05611eddc0e601af84a7e5c1ad347bec148e4ebfea8cd728582f0c229b9fa30b7dedecfb68c9465c5840f8b0597a70b8556b8cbcbdef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7a1c727caabadd1d5559c8b42711e17f

    SHA1

    3b10ae30d2079c9856362b74e3d570e7b7a25786

    SHA256

    53c843101cb272e3ebdeec67505aa4248dfa93cf08e13a7048e7ac520f097288

    SHA512

    b6223e82d724ad6ab37e07a379e04badd467686cf270a61cca1f64fa132c3c5e8a9a1bba262fb2c08d0b7c3f8493b2b21c03f31c2716548edb2b90492da34f46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae10f20890c1c431dff3e18241abd122

    SHA1

    d681b32156899a62438ecb3b42ae94039d383ccf

    SHA256

    9f2e045e4837229e89b79c220e34bd6ff89470b5d0eb494cfe4d1e962fd28629

    SHA512

    3f3b8f3518469dbe732721d41c05e6608a661f63859e5c9f320efa81e30682d21423e451b93a0f9a3e9be9f3f01c211ce227a41e0ca9d4cce32e11a962d831a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1cba03b965da7e941d3a7b039eab170a

    SHA1

    cf072205b57fe1a6f62fa76bf5fe45f1a137bf1d

    SHA256

    72c111dd05595b32e7a4fdf59439a1abc81e3dc9ec8528a176cf39d68b068d39

    SHA512

    efd815e484bdcf7dab64171e86d614da46219c544e818c55353f6c8d80b9c1fe0229845c4062118a10d0da0742dd4005b8e1cce1b1619131cf0eb67857e7d018

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    816283780cb7d9a33c7428509f701cbb

    SHA1

    aadf6530153ff349696c2eeae2594f1c21dea57b

    SHA256

    8ce487185a456073ea2416227c0507fbf0abf7a38fb933ccf066c5c3c9024791

    SHA512

    a6ba03bc46b0b97608b71faca5be0e067571f3caa31e226e4873f8d1fcd0d8a866b6f0339962051485c48972a3deb9b6c408ab4ce616986f5af83cea7155c0e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9fa80d74df238da6305bacb8d1545b5

    SHA1

    d477df0f3206176a10b9d968f02cccfa4cf99415

    SHA256

    7dbd287eef11a3da5869644763a1a6ec9d328b147ad711b3698b19aa1c3226dd

    SHA512

    6c91df63db948aa8fefce192a92bcd52ab771c688bb662c19832cd90836b10078cec66e28388964a692cb534c58bb1c4764edbf26b4a1264141a2dbcfe5a3ac5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    48d207ea6f5f8102e2ee9f02fc7addd8

    SHA1

    9753f6564f4babce50b568907a28f951f5e8aee1

    SHA256

    1c682b35f66438ffd6d90e40bda319063dcc804a8763c7feda3acf148b35cf08

    SHA512

    ea378801f914dc53e084e875a4b64be14550aae446b438e26c72ace15b1f2c972a4591e71b8da578bd991c5d5844bd0797b4976ee4b9ffece453bb4ae4e933b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cbc940fa0049beb8324146fc8b5bc0ad

    SHA1

    afb361faabffd4afdb9bd33d19937c64b9f89c67

    SHA256

    867dd9fad75ef82aed834b5d195af1e1b07d60f316c3f8745318623079350039

    SHA512

    aad064442fbcbb7c3eb3eb662cb82f4cccd2a65a25d75424f1ee04adc2b89bd81e86aaa0483782a676fab077afb6753e63c9a82fda63bdf4facc4b0596c46877

  • C:\Users\Admin\AppData\Local\Temp\Cab5007.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar5096.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf