Overview

overview

3

Static

static

3

rubyinstal...L.html

windows7-x64

1

rubyinstal...L.html

windows10-2004-x64

1

rubyinstal...y.html

windows7-x64

1

rubyinstal...y.html

windows10-2004-x64

rubyinstal...t.html

windows7-x64

1

rubyinstal...t.html

windows10-2004-x64

1

rubyinstal...F.html

windows7-x64

1

rubyinstal...F.html

windows10-2004-x64

1

rubyinstal...v.html

windows7-x64

1

rubyinstal...v.html

windows10-2004-x64

1

rubyinstal...o.html

windows7-x64

1

rubyinstal...o.html

windows10-2004-x64

1

rubyinstal...r.html

windows7-x64

1

rubyinstal...r.html

windows10-2004-x64

1

rubyinstal...r.html

windows7-x64

rubyinstal...r.html

windows10-2004-x64

1

rubyinstal...r.html

windows7-x64

1

rubyinstal...r.html

windows10-2004-x64

1

rubyinstal...y.html

windows7-x64

1

rubyinstal...y.html

windows10-2004-x64

1

rubyinstal...4.html

windows7-x64

1

rubyinstal...4.html

windows10-2004-x64

rubyinstal...t.html

windows7-x64

1

rubyinstal...t.html

windows10-2004-x64

1

rubyinstal...t.html

windows7-x64

1

rubyinstal...t.html

windows10-2004-x64

1

rubyinstal...k.html

windows7-x64

1

rubyinstal...k.html

windows10-2004-x64

1

rubyinstal...s.html

windows7-x64

1

rubyinstal...s.html

windows10-2004-x64

rubyinstal...l.html

windows7-x64

1

rubyinstal...l.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    167s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    21/10/2023, 08:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/BasicObject.html

  • Size

    39KB

  • MD5

    ddc7978feccf9c0cc8c50239b21e4d72

  • SHA1

    980b41d26cf030939eebb0b1044f5c3ecaf9429a

  • SHA256

    35df923b94fc8f2dd1fac99b3d6fdb41452a925d82a14d9b7269efbd0c954413

  • SHA512

    95c4a82583590bb18e0c687d06329330e195a463cfeb8cebf41560853262ac3597c6cc1d6e4ea29ad9308f5d1c061cbe8c015f048514b7ac45ed7f1dc58ad7aa

  • SSDEEP

    768:56oR8+xzSxRDv/KJvkpVUH8u9eGH01vkpVInXGt3ko8c:fH103eP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\rubyinstaller-2.7.8-1-x86\share\doc\ruby\html\BasicObject.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f89fb7b3d09464f6d740866c71703876

    SHA1

    8b8a7cd3cec738eecba90ac09864cc4028ec1666

    SHA256

    7b197ba0068a91fbb25fd9a7519da2e99dd073788aeaf5f719ca3e33a6269ae2

    SHA512

    3e1fffa8817cd32497128d75a48bfda1591a867f47426f09250d89b7daa7475ecd15fc08964655f8567df8abc41279a91a08a5de180b3fc029f1564a9fdc22c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6a3465e5b613d8f162132143a3cb287

    SHA1

    0718e81950eef16889564816cbfd18c69d4fe7f6

    SHA256

    4ec50aa8e7d949af1fe350e066582b3f12d70e34d53f72f703d0385a56758547

    SHA512

    bf7a6ea38b4c293091df28d0fb7f6ba72b540b062bcbb877e206a7c11ab2eb44a4325153ffd0dbeb76ca88f201980639dc34fa02653e919b0a7670f74bbecfdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb892ebc59bab77e53f985fb9a24f67a

    SHA1

    442b8b2a48eea0eb797cff267a2d973dfe74b3b2

    SHA256

    90da9d17bdfb6cafc700d6c1057fd4fb6ccb3a7b8274483e493ec7495af2507e

    SHA512

    51dbf64900ed95dfb11cf70823767dd38de5f83b41a26e19e311390d76815bb9886b212822dfbc8c34493250eed028854ee872214666e6f3685bc6e2bfa7e5aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f89e2039c42bfbbeb37ae8f7a70cd2e

    SHA1

    2dfe15766da85cac6b9bf3b1e487b99cc6c7d4cb

    SHA256

    14795f0d17e15ce1d06876e7cf85bf92a2a4fd0a0d2e8094c1628b2c5d0777de

    SHA512

    71873268182543f0ea90fedf7a71565c989c6e3d2c35ac109412506b09c308a0c094c4cece5ccc9cd4734f9b146c0c2b3c53bf38bd7be800fc7a1c850177cd72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29618016d47be1ef4c8ab8c0ebf69a4b

    SHA1

    5f2257005818c5084260ef2bb3723f4f228464a5

    SHA256

    f49d79b90599b1eb36598130b0928fd7ab3a717e86ac35aa69b8f8161569fd98

    SHA512

    b1d3d6e743f6c5153a71b541598ea78de6be7f6b8b295414cf3eb54c2a123866b04faaaacd43f4ce578a72b3eb5b8b5b378d1b407e4f8d6fff5a6861f8f719f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    837fc6a36adf7045b446839197bc0e1c

    SHA1

    0312e42959a4de368ea8f05e0b2ab802fcf11bba

    SHA256

    851055dccecc890af2d2fb8480dadba8024a104edc18918f9821a3e8a267a33f

    SHA512

    2ec73b2f6c1b731f0a8f30dae364f92b4f784e50c03500c355d6b5421139f4ce94d4b7772b6a9fe2da628fc13731678650c52633a9df19a610daf455bcae373a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5393cde903e88ac91fde9991b1d83626

    SHA1

    e59a0a7ca4814c33794f6e0369a0eb3e695435c7

    SHA256

    a92e67bc2bfda7354306f836181d743f379b0482969bfd15e7ca04bba6e2f8dd

    SHA512

    cdcaf5c11689efbff94c02492bb0c40a2c72b43b24b20cb16486d397ca18c2bbeaf37d7b2245f09479974a504ac853af7808e3770a96b55ba592f1a5ba837bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7dae3d204f408443cf52cd9c94cf6f4

    SHA1

    c9323dceac37a0b6e1c98ecc686e75c7fbcbe629

    SHA256

    6ea7b4e4cba5def76ae60f2ce7138341b93fe4e121c0b72abc8f8726b51f2362

    SHA512

    dd478ed12515ab5b8d3148b89f814d38b4c507e7a81438891de5d216ff61c7bf11e24127fe2fe7517d03d66b588ec218e3b2fcfcb8ebd276a7ff5db68ec3f792

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c11d5e6140fe22f5ef68b1e6f04f91d5

    SHA1

    0a48acb48f69c20626110252215bb21f96d0f021

    SHA256

    69d5ac1143a0674bf5c9b45b1da99b3d890820ca953d6a8c13b2270698675bdc

    SHA512

    cbb4902f8c6d0e1c47b930fe59f7e10096e8637e72d42460d6ce3903f16d11e07cfee7e1f94ad46ddea4b0fbcecda6877059826cc76dac13a0c15609c1685f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d13a1c6f1432a0579d44f491c746d9a1

    SHA1

    dcd3b78ee84bb2811e1fe81fb5a909ad9ff634df

    SHA256

    b470f6b572e25b66f7a03c4d89b3f810b395a904a4c3f8a4b35dea152635b912

    SHA512

    56c72cbf87a4cf59fcad2bbeeba5be3a8eca56d8a67b5207626681461d1c8fc05043f9923f5031ecf86572450e2e45e2467b341758e92c9fc10171cbb6109499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7838234ca99fa462ee41df625f37785

    SHA1

    a58a9b75b3e8651b48fc410252a3b6bc6170c8fa

    SHA256

    f1af86fc097ab84b0b464b9b455dd131dcfa0422ac62a4bfe50e81c5c53a1b19

    SHA512

    749ca0fe7af579e89820ebd901e284825d9798ef8972533dd175134100bb545d70b26c76ce50da0e857c179774ee7b9b1fd161d0e792aa5f921cabd354c529af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0dc5c425819a358582d1cf1e24ad8c9f

    SHA1

    46dff6a73958f4d4ea662d6fc9e938862e5212fc

    SHA256

    092ffea903d7692caaf886f1be93a0bcb6e2ecf46a79db31d383c1a709046981

    SHA512

    a9d52afdbe547c1b1cf14bd589387a03a252f1f8764b5aedaef5ad1dd0410ae211cfc17408644e3f361e9a10481eb81c4a5dc31f3967903d28ea8e60e85feda2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9762654284aa6df75db20f9459cd0623

    SHA1

    ca97308253ce04beeda8b68b77371fb4b4380a78

    SHA256

    6a608c057efc3fd5e430627e6794cd0c83374c6ba717e29e51cd8d703cc7330b

    SHA512

    65aca6dc9d64ade53262cc035d29000a3baf6446dd8f7de288faab1de8dcacf70faf893697af3283e1f86c4edfe3bce4288ad22d62327723e3867513dc55776f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33c79d82a0e43254878c8bca878d1125

    SHA1

    751bc71853e582f1d14ab9f9bfb38d914c89dad7

    SHA256

    26957ac4eac213636713540cde97ba2a93bb817e94a953cab475a2d8fd6a150a

    SHA512

    0d529a97b489796970ebfe5a539aca57f5ba1fabdb6a3e66fa81e7f82e0e74211a6c57effde1353cf2693e7dbbaf533ba1c9f9471b906c68da4460e9d2f278da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b3c0bed82cbdd9d7e8c9250570ca77a

    SHA1

    1f7ddbdb1d8c7d19b5272d7872bbeec04528364c

    SHA256

    5c2ade89d7e4f58adb80762e239c8d270fa4ca0a74c65aaaf2910645f5248fd2

    SHA512

    2228a0df35312d54a3a917f4e423389c45ace71ec4a147bec43c91dcbe9a1a7b3426c3514013ddb48c1541418d6a22fa77aeb31754882c9252957022b25ed97b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1be90fc758589833cadc8e52113807a8

    SHA1

    cd9c9fba4bb74e2437d154156e73a16071567d51

    SHA256

    d800018d95344798bb82bdaa8f2e9ece803177eb5d44fc16fa71d00e419a8948

    SHA512

    5da6a5e56f46f02fab8cef517527f8074bfac3a74dc3f7f10e79e1314457f2ae3526cbc87dfd36b83976a0064ae98f0685d82932fa230ab3d88caa43ebb77f6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8ce8482f557fcaed015a84f0f918740

    SHA1

    cd0b7113f7f445e86079d50dbab3ea0b7b286d8b

    SHA256

    f614758e5a5fca1744e0688afb1991424a73e7572354c4eaa0a4497bd5bbac27

    SHA512

    676cdb8d5659b7ba5615f3d22ae601c36bf06e516e4e287d00e5dbfae43e249933676b0f9a63226c83c54152fae6cef7e4f55a7fda71543e9eef02c1947750c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a25cfed6ba88760064b764f04c670b88

    SHA1

    a277dd3b6fe91b148cb5167c8df130685e365c97

    SHA256

    ff064981cc93c4acdc8b1b6756a7653fb24e5475044089abf87a0c1dda29c262

    SHA512

    2f7b395ed26c3b8190d0fccffc686f37f175c49dc0dd255cc779ef3be74db06e5998e443b4864dac5ca348361f53c8e68146bba683d5ae206579e104a98ba73f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab36E9.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar375C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit