Resubmissions

25-09-2023 22:51

230925-2ssm5adg99 10

25-09-2023 22:50

230925-2skyaacf3s 7

25-09-2023 22:49

230925-2rsxhacf2v 7

25-09-2023 19:47

230925-yhh46ace26 10

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    25-09-2023 19:47

General

  • Target

    fyb_static_endcard_tmpl.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_static_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2272 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4797e8b8c096449da517047b0646998d

    SHA1

    63bd8e56477a8576d758af7f819b48de2a4afc6a

    SHA256

    6ad38a98e6a7aa95df0afec8fdde623bd27433782a24cabb69671ca4cb1c66e6

    SHA512

    2684c42b71adc209ecbe3c489a0f4f61a76bf05f8bb24131660a1d4591c4e83bbfeb0f39ee970d4d138a5bbf1ca7e440afcc2b3f9a9fb70d253099bd308d8104

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10d407e14224a80769d7fa96abecd975

    SHA1

    1f2b97ea8b9b45557b6ff9db5c3229c8f14eed8f

    SHA256

    5d95c6100c1dbac04808252e7d0417323427575ec8b4161e25b0795f34b930de

    SHA512

    726c5c0f3bc56b3dfe9f6b257ed16f0496e3869205865883b5474e35ad5c96661e877a6aef5a5b2945611115204909c3aec8b4d6ba717d662518ad3745d38ada

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    710e43e6d6ec82359e99c843a2ca1244

    SHA1

    3e7674f07ec9ffb6af72e51b360d1d99884979e6

    SHA256

    46d761387369da965689db14ea8d0f14a8fc819744b78249e8cb336ed086e85c

    SHA512

    40544b37375e7917c405447e52589d15ee9ae5c5e613974baf0fa1591d344252d5e312185888ce120a5fca64a829a6c8a38cce952d0b46f0cd6102f342fd9588

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cacf1041506fb94f02ebfea76e328cb2

    SHA1

    67d6946ac1832268ea58b82241bc62f4cfac6ef1

    SHA256

    0f1a94311bca30d510bb4c37faf17acddcb91561103115edba7dffc2ff257933

    SHA512

    5760cd69e05a2eb9d0b9bd62e3bbbbfc46e2373ba0b17a0efade1d2d6cc2ddfa664df9ec305054a1fc10a0e6e64398da45f516818d1bf6e8c7349064b0c19dfe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b02f899d0063be547c9a5986c8c82eab

    SHA1

    11d8b436cedd276788c9cdf6b92789674acfd3da

    SHA256

    16832e3b37b632afb663f0ea03912f2aad23095f40ed07599b94997cd1aa2aeb

    SHA512

    cf2a46e97c4f519c3e1ea359807204aa2ba72cd25934e29a0155b5ac24ede95cae4afa44f48c5072c60323dc274440da047a0c38477e8da7e9a196e0bed317ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    68511d3decbf863d57bd6fdb5791cec2

    SHA1

    bf7136a84acc0948b4965431b5609eb3a1987e50

    SHA256

    d1e77d4a02e5bf07ad90c5d6146000333d22ac051253601cf02f786502da681d

    SHA512

    bbf2bcaa56921a512a1d66a207f6fa013bd743d896142e96b38e6397696533767f9a702af804d5e181891e4c70b5c47016c4bcc5bd2586c8cf9600b01b1409a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f21203db15567a0986ce17c01b037b65

    SHA1

    b6bc9e1af12ff73a8011033069a3f10cb565c6b7

    SHA256

    bf065706363846864a980d02fa806c885b531ccdffabc6a7aafa74eb2081b7ed

    SHA512

    ff8fdf20f1af7572e9f572f3276c7fa416f0deeb2bb8ed9897400832abbeb56f941ab7a78bf46fcf172a57ea83307609a02fbdf3993f61bb47a001cee0cfa5a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0ee35fe80ed863969849436e6518b8ed

    SHA1

    c2e92db968f88ba615d5fbed91a0aea435064e79

    SHA256

    76c03533defce9950aafe958e2351442904805261686ae57642f4397b611d555

    SHA512

    d4f3fd97aa3b21b0aaca4950ae0861c6f173a5e2ba863f2ea32cca8631c91e4a84bb8df5432eecc1c1301f702fb93774b947439ea2eb9ec4164690a337378fa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    833f17ac2a31f82ace5c7acaa9f22430

    SHA1

    7b3a69105a5b9aa89d2678ba6d0558b6172b830c

    SHA256

    3e176b088d6e152498d5785e15ee683861fffaa2bedfae5273c795d70b9f3b13

    SHA512

    e7e4b20cb045f90e615fe5e5886b417c9dea706fc149c3f104ecef66d3134e9dfdcfbb38f502ad1950787665e050190797d9e92360e76eec762e1c812980b572

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ea7082082eaaf5de78618164633ffccf

    SHA1

    db7cfc0770a5d631c8057b0c755a1194c5f6a974

    SHA256

    c089abeddef518f26801e00b33369dcd2efc812d523b74e0cdaff824b14bdc74

    SHA512

    dcb81dde2a63a26d493f1b66bce08144b036d2b495bfcd72b86de1f3082693ff76a49df8a4b0de8cc5abc617e0e91da47980ad85df0328d74c1a57dd2d0389da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6c6a2755b42cffb32fc5e9247e5ebfb1

    SHA1

    681ca7d8e6047a3716f466a3f34beca1182cfaef

    SHA256

    84659999c1feb98d8d936dc42f6692b884dd807797ab68fe0640a4cd8684a2e8

    SHA512

    5f722e67005bc606904ca8450b731980617be90e553ef964fc92db42ec064dda52e513dab5718547c07c0cf1c5e319f0e5a8fdbf0144101ba6d8cf40ec912766

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87e8bc6d7e591d77f65e4f8a65756933

    SHA1

    51b66e60f12a457914d0149db61bf39f478aa295

    SHA256

    e67fabfd5154d4674e32024f0a02f40f500ee3f2e1490c9e433d689acc645170

    SHA512

    dd8cf99309062ff4bebec1dc58c92fbafe049d2ea0806fd7bbeaa350c0561db825a30cb74c2860e0dd8798e98550b4d5dc7cb0080934b76ea04062d009835948

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6c525d260c1fa936e728ffd6f92135f

    SHA1

    ff51924c62f2f88a51da48fcfefda7737c1bc93d

    SHA256

    3cbbb864ae5b162ade91627847cc31811da4a922eb27f9edc89feca668788543

    SHA512

    f6b86a20e64e4cda2c3dd7445ba0ad05bfe433d75fcb26962395c35a0b003860b9ef80319e11f905315c1236b6719183f91c41b488113d2158f7ceb39706bc66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    835e2ec730a9762d25700198aef90333

    SHA1

    983d6f4c951d0c5b1eab613e284ed8161799072c

    SHA256

    3f28169a772878762c60b2a19567f7e4d8579777982bd49fd2c0eccf67edfa3a

    SHA512

    3310c5fad7112b0b046f20eafd41624be1780335ca99972ad112e87e93fb165a17ccc45ee0ab4c154618c785d0d0dbf8b13a8289e28df488703cf0fbc72e70a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2e78fb31cc3f7b00e57e73f4b60cfb1f

    SHA1

    ec17d4cea72cfc61c4456a8532ccf31de09bd305

    SHA256

    a2f3a44872731abeb2ba97a5b6b828cf7e53eac0cdc128e9c9ddd3d568367529

    SHA512

    1d4749b31a75d6327bcd2644c10e800b2cba597da1c482cd70d9d3ebf09ca8cabbd9524659e265e8c1e8f7701f7d0dd63e0f0d1f6daed6383eae7f4faaf65bf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e3c226f031a7dbf1d03998611a1757a4

    SHA1

    27b6fa777322512ce90786c247b8f4c5bed4f50c

    SHA256

    1854ef2c85166129a4b16c9befe9c8b9511e62f4fa3481464392be94ff9c66ae

    SHA512

    d26f093166c00dcbab48422b02d77942e2bbd01fbeb143091cefa024a6687414b7a796f66558fdd83b9d30b4f2e991b6d7baf0ebe106f4d25716dc09913fa1bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8728c090ce304b38a5999bf34bda0aaf

    SHA1

    609a7e68fff711302b080f7492ec0169005cfd9c

    SHA256

    389233ed74ee962fa44b72ead02070dce1c93f5cd111351ee49ba6b1064e7a0b

    SHA512

    1c60a93a5f0f5ffab84d46bbbf284fbb546db7993fe3c8d2e0cecaf016e736e4a7a0fb7fa46bf4204a5455d8b00a2cdc8394646993b8fb0b08b12d97f611e8a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5eb33d2d809d55c383bb9af3dc6b482c

    SHA1

    6a6e859bb99ca69d00f23f8a9ea905e5d5e444bd

    SHA256

    bbbab01746c8f9911f00030b9bc5565498b525763ba33098cac10f370126ea2a

    SHA512

    c5e4ba2a2ffbe7e28181a5f9415352fdf8d2e5feeb90a5d1459a0258ce29f4fdbb9908316447d6f5c0c829a4053c01c5739a00fb2b91f01d37200ecc2e11be91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8188014480c1f23be76f447604499ab

    SHA1

    23e1c2fdb09f3893ab698befbccec740db433671

    SHA256

    963541d131f700aacf787b2aa2cb0666566b311f09ee897d82f59796c0794b9e

    SHA512

    905a587dbed2b607668ffd89397555d3da7f3275c8d0f3a62601b9121ce5adc9dea6cfdd10dc4debb15341edbeb63f62c4c9205cecf6014e4b9b29cee6866961

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1c2b3a1b85a385bc635a652825b24a41

    SHA1

    30a09e5ccfaf25fee13fbfa58d38334fdceefa9c

    SHA256

    96aa0f910738aa4f4ac92e16c6cdafb53480bbb91f45df47493e084872b9c1f2

    SHA512

    eed888fea42fd38e868969262bda492975ecb99891dcd5a1436e39616da4506f031438f3ce000067e292270d6eddab6bbbd32ad82616a17184c122d3b858704f

  • C:\Users\Admin\AppData\Local\Temp\CabE9F3.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\TarEA84.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf