Overview

overview

10

Static

static

7

7142344ff1...b0.apk

android-9-x86

10

7142344ff1...b0.apk

android-10-x64

10

7142344ff1...b0.apk

android-11-x64

10

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

calendar1.html

windows7-x64

1

calendar1.html

windows10-2004-x64

1

circle1.html

windows7-x64

1

circle1.html

windows10-2004-x64

1

dtb-m.js

windows7-x64

1

dtb-m.js

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

libc763d2.so

ubuntu-18.04-amd64

libc763d2.so

debian-9-armhf

libc763d2.so

debian-9-mips

libc763d2.so

debian-9-mipsel

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-11-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dtb-m.js

  • Size

    13KB

  • MD5

    17d5556290f824b58a130e7f6a5db5d8

  • SHA1

    3eafe6f52c5b153ed19cbff77eb8d1877327a736

  • SHA256

    1c4e3003755d1a0d72116458dff81df000f053894e64f60459a544eeb6f055ab

  • SHA512

    007009f03e0b3d677dcc4690e99908e33812c3c370d637126a6c0b42bc9b514dbec4f7aa2505769d5111b743ef7da57c912930870622133d6d200c905ec582de

  • SSDEEP

    384:LHJ2kLj5UGeSiJsAJcehNBjjV1Td1Zlts+d6I7:LvdMWAPpj51PZlts+d6I7

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\dtb-m.js
    1⤵
      PID:4500
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3868
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3992

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        e5c2b7071d78f47092d6e57270828644

        SHA1

        2449ec02cd2ecda73ed885145bf7d91d633f6748

        SHA256

        8d61d78c1b0267546bd26581bd237dea91441ba83a3f67e2725b211393d4c28c

        SHA512

        159a656b16285f5a328acd5add466ab2b98f3f53f409ab00c06c58639accf9416beb2e4d1b32e5a471c78e716e7f94f13c4aff5990521cf83ca9a87bdf2086f4

        Download Submit

      • memory/3992-40-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-33-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-42-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-34-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-35-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-36-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-37-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-38-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-43-0x00000295A3D40000-0x00000295A3D41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-0-0x000002959BA40000-0x000002959BA50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3992-68-0x00000295A3F90000-0x00000295A3F91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-32-0x00000295A3FF0000-0x00000295A3FF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-39-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-44-0x00000295A3D30000-0x00000295A3D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-46-0x00000295A3D40000-0x00000295A3D41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-49-0x00000295A3D30000-0x00000295A3D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-52-0x00000295A3C70000-0x00000295A3C71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-16-0x000002959BB40000-0x000002959BB50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3992-64-0x00000295A3E70000-0x00000295A3E71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-66-0x00000295A3E80000-0x00000295A3E81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-67-0x00000295A3E80000-0x00000295A3E81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3992-41-0x00000295A5110000-0x00000295A5111000-memory.dmp

        Filesize

        4KB

        Download