Analysis

  • max time kernel
    137s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    22-09-2023 01:34

General

  • Target

    fyb_static_endcard_tmpl.html

  • Size

    3KB

  • MD5

    d18fb1787ce0e84567496b8564e452aa

  • SHA1

    007033d0824685600611af6992060577e127dd23

  • SHA256

    2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51

  • SHA512

    ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_static_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e39a80a0f5db7dd7ee2c1a2c46d2c8f6

    SHA1

    f11f551ce14cab2aa996fe03ff2c91963c00c98c

    SHA256

    c75ec1a3f844bd85afcf560758159e51b6ae32c6b08765a2730a7d4760cc6e24

    SHA512

    c8134ef3a7c13eff6b223a6b32bcb0ab468a1b0d280e3988f4cd7259c172f74a2329c5a05f20d75d5b177bf50c8470d3f7324c3a65b7eee413890c6c1e131606

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6d85e6f7b02c3e9dda5242bba02dcd5

    SHA1

    0109d0055a0bbe0cd2e53c8f820b20fbdac445f1

    SHA256

    4f7d85cb214b2447e2459e89b55606c99d7143a22c34d87dfd2a8f0ad0e5cb8e

    SHA512

    d3a13e1fe628f9ed6ec3b01a4faa008e15e5123699665acf6b9016b0aa3be3820b611908f0fa3fc1e097b119136f8b327eadc5a29211d61f2dcf3d0a8f4f5e1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b6b4cda5d1b48601afa7d882e195063

    SHA1

    cd4b7c01200460de9907c5ba6f7638c780ff136d

    SHA256

    3b2100af99cf5ef298067390c59ba67cecc69d2cb39596db6cf3a1de803ed20b

    SHA512

    3698fbeb1db54b134427e8475f2da06e2812f46aa6078993c6863e0db5539f3aeb6ce14d06b9fee6ce1318289ef26e2e2bcda9ff8913192fcdfa8f19cd908a43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bfc93c7b12439a24ea2a07b650045051

    SHA1

    75fb6af3c10218e87a3e9bafe9ecb409f38ccf0e

    SHA256

    f47ce9679157a71e810329c4585681cea52c22639bf756f3c03e4bc90f059180

    SHA512

    1853ccb3d174c6075b8c3a37588e37f88b6c4ff1a8bf1c12dca7f91b4917b85fd163c77b3e2fa52a24ea3fa83176bafe0218a035a06ad598b526eb7a513073f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    101ff868a3c94e5f337d267e7254fb7a

    SHA1

    61dbf53417abdbe0d25e18c89abc707b7bba945d

    SHA256

    6ca40c839c2b96358246087f7b2bd9cd211f4920b32c4fdae28641f4b3ebfc1b

    SHA512

    5ed4458342cae19fed22021a4897cb3da4aa094e1316c2b88e9b1fd9ca6a2bbba51eb65bc4484bafd1fed235c62b17ad4bba85e0a523202a39fd005b8cf45234

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    736431f5ea36a287104ef51d40146600

    SHA1

    028a01d2b4d1d40be950f18b2700d7ee1e55ceed

    SHA256

    ec06a8a1e53c7e3cd1b12a8f0878b126fc36b50bbbe6b875784127acd87127a8

    SHA512

    c1ed1224d049b7995b58553b7b2279f7cb3712da698e0642129734bd2de929b28b8c472095c8fc60cac6670c2e62e71f64f88961e768562f216ff1313c94a9af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f4ed7e28ecbaff247f8a8876c8e879b

    SHA1

    0b48f0b5040fb28b3165a318c91170f0e2f7513b

    SHA256

    e7f924ba3a6b85b718ca66527270f101df4658ff0ffd1329288f984d320799e7

    SHA512

    d9bf819d6b1a210a6a9cbf3f6d0514b960819b779323fe14dc2696c6f11c3302d0dec4e7df172b1cc992b89ae81ebf30b3d7589a2ca3d955519abca3a1b103ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2bafb1c792c5f2874073acf288721183

    SHA1

    ea3d5b3f8c5b1334d1b4c24ee0b4c6bea6140aef

    SHA256

    378adf46331f621a23d82733f1098cbe95ebf40f5225c9e448de4ca1d7de95b1

    SHA512

    3765b30af000170333ba7e689e4fa1885bd4b4409b4b4b527202938ea4566fbf0951eb87ba417163a7261d53631cf18601bf377b265089f0c8d55f3f44ec40af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9c51febe051c462edc17660e7849f159

    SHA1

    5ca7128ae224eb3d817ff747f6f04ed71ee962a7

    SHA256

    33169a4226b36c3d36f2001b81f1c6056116695b7957b25f83dd6a1a8006030a

    SHA512

    9ca7b2c46dd2b6ad071565aa3b684a3059ce4ef2e39cff3d8afc9a8e05396371432a0afba36797e59adc7292ed4e4530cff4b4c2cce54e36f6c1ca8b3a4f9383

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    879b915b4054ce4024629519f97de6dd

    SHA1

    c7476dbf9b22286efe371961feefc7f97b20343e

    SHA256

    32810902394b4cf422e69d6d8401501a6989d56e47676b173b276feb34052ce0

    SHA512

    59903174caf1a0184c44f64c363cef920e6b1fa0829e32e98e15c5f8038ed7f4391a29d905bbbc00f64105ace54f455891141ac9675838f2e20675dcb30d2ccc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    00f36ecade2548f1f69ea94aa5c884f7

    SHA1

    aa6c53d7e81e3f4303f6d12f669eb1fa21b2880e

    SHA256

    e11757ac3075f793d8142ca800a872d1721e162687b8eba23560022eea95e31d

    SHA512

    68d1d8f2e59944491e72f0a82fee7e286d7f8699b94a407165128ab6d19f3a19e3b1028ea1926b537450089563e20c9e53fb17a615a4e162e0c56de538e44cb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55cb6125fdad4804fb91dfe6e370d120

    SHA1

    e747d4da63647c780da82f8b32caf9ea6fe55870

    SHA256

    28f8f966e58f0e8cd8e0838175cbe3ba7d70e12b75fd720e7734aa1581320995

    SHA512

    1308395180e81d913dbbca42996d6ef259dacf1c3652dd586746ce162c285892268f1365c21a905c6c6108b3fc8083d497cd3aa35e678a1e9f6b58752f24fa14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    872026beb3c4cbc5d0d2ab35be8f9c73

    SHA1

    57af8f72f25b078601e21bcb56c09a9c2aeb3090

    SHA256

    ca50dee8b89d8ffa8aa05dc9f85475395789e3a2027c5d819b5c31313953880e

    SHA512

    4b86f82072a9cc8be1e7b07a9bf569581cba8f503f5929ff670428f4adfa2560887b423c99c837a4bcf0f20685a9cec9dfc17bb346dddbc4b63a21e3da77c6b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bc80942946c010b2aae76295737d168c

    SHA1

    bc582b2c98a33efd846935f19781c852993a497b

    SHA256

    428bdeb9eaa650c6d90484d3268f1c12abfdd732fbd4c016700cf2075a2a80c9

    SHA512

    11d74ae851e30cfad737c9cb3fb8bf938783fcee9b02ce54dc05e317f20e840558aece970b9729d044e12fdd0c131fcaeca0ef22bca931ccb05807110821c45d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d06ded09747f45a77cc0de345d545b6

    SHA1

    0aae9f9a44efd42c46891f0ced9d6049e7b91600

    SHA256

    92573075c22b6770dacaaae85411e6112caabc66e911eb9d3af35310d29ef38b

    SHA512

    32893adf57a655d0de985b55c4ecb8e8bf4c3a46250e52112fb73d2e0b14e5872b41f14986c1e5f31c1f0b3220c31e9d2874411bcd46c11bc7d5883dce1fbf57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a456e0f39e03b79d3cb9a689a131e63

    SHA1

    2513255cfdfa54bcd5a1ae241bc6c56364d57118

    SHA256

    dcdb00c204e0c63acbc7a23034ff490ac900d6fcaefd8020330002a65d7932d1

    SHA512

    06556bbdd974cc8ec9691536dfa60bbb43c83d2c3790e57bef13da5d0dfb2cc494a65875d675316dd125d3b937c602a9ee844821f53f3ca9accdbea8c2bdb04d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7524a3451f6e7ac6aacc6074312e235a

    SHA1

    d8b761672b2ccf7087b6c2bef3fb65b1455e89e2

    SHA256

    3f61d6d7e70048408559fb36e8749d814dc77060e32c0e7bd5052cdeb70f0621

    SHA512

    1fe63027662c745517f9b02692dd818d5dfd1fd0c9253609d30bdc05c3d6dbf0ac71b24d2454083d789b11e3957ab724b0b6e055c6fb3785c24425ec70868659

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7cddc8f3358c472ff86eaf2ebc090a2

    SHA1

    afc73c9a04ee0268bc77396bb2f12e16cdc29cab

    SHA256

    0566dde46a6bbcb4fe55bfdcf5a8184c555742a2fbda1d0a519501ea30d329cf

    SHA512

    0f96078cf2682f9c6d6fe435193fe989ee65b6b659e225cd3b981bdcc9dd5a1d3dcc59fd7a64e26e7d7d93a43e2fb256701798f393802df08352c1ab0ea97da6

  • C:\Users\Admin\AppData\Local\Temp\Cab66DF.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\Tar687B.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf