Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    06-11-2023 22:00

General

  • Target

    fyb_iframe_endcard_tmpl.html

  • Size

    521B

  • MD5

    331ab67d131439c4c50e02a3d7445008

  • SHA1

    675ac8d91e0a2fe211d49a8e42f20f018c4bd50c

  • SHA256

    efdac80cdb4576d2e0d93512348e9dbdb06e69e23a1db81838dc5e40a16715d9

  • SHA512

    eba60283d7d5562d3e27a9d5f9f382de621474796e68c4c7b8bf06fd20b081f5aa657ab58d988f40e76883eb8459e3b44f8f31f10424f6d181bffc3c28041e04

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fyb_iframe_endcard_tmpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d3782c251a1403afa0c3dccd597b112

    SHA1

    24d32b479e2e37adb2650522bbea4fa891382a8b

    SHA256

    739b5d9db8dc0406c0a67c7d0157932f07b05d05928c25bd3e8e2973b4837971

    SHA512

    294a5c1b76db33e3f11abf6a686621c6988c743ad8672e0b1a1b63f4819a907baade2f5211580518da1e8710ac74226827e4a028677b4405869145d5789ea905

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e44dc1af53006141f836f1166660cc1e

    SHA1

    21def68bdd8a48572cf4dd2d6292457251150fd0

    SHA256

    d7f72fdfbbc60fc87b4fd1ae9f44d62d95b2fc87901cf910ca34b0f21f54b6ca

    SHA512

    2837584ad5cb6471460eba9f6d11556d415b6dcdfba4f45a843e9004f7f39854f48d3a556dabaa1fa00f9bcbfefe8f28e0ef679039b98e273e1284e684a62e78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c7814cc835885039b7c12d8969c4f282

    SHA1

    4b064845d0aed8c3ffab5c930a741320c166d1a3

    SHA256

    7317b9c634e4270cb2be8b469c0180178aaa6a76a446ce9be5eb44ed8155d1f2

    SHA512

    094600d5a1a86f330c8498b76ccb43dd9583c636b7ef6236495aa8da449cf26e10c8db69d09a7cb32552ddfd872089ce4238a9afef633d8e0d122ce488afaaa9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    323d478deb7c406f24f0540817d90211

    SHA1

    9137020e271631b9835e00cb82321ae4d1a6cf07

    SHA256

    184061f04b95e6062902a5ea4d55adc262a0002457930d070ec90408ea6181fc

    SHA512

    a8ab431b1a797bf76bb0afa008490756c125f99072cf40c02bf9e6ba498de6928a4591410084bb06b25010359bf215ca637844cb24fccc02b64ca088d6afa60a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f6d4034f9416b2791c55a916db63efe

    SHA1

    4747f1a7c5ee5cd37761e862a12cf56b0320e005

    SHA256

    fe4c59aca80a5cd4ef9eb179584fbc3116cb20df3189494277b4c615bf00ea7b

    SHA512

    4b02d9cde1b40bf31f163289a1c7243c6bb6fe7bff5af4c870305cd3f2833326a05698fbc248f918a8fb33d7b11c9bec22859e2bbd2ced640ac5bdc527ce7ef0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7baf9c9d435d0cf9cb1546a6e8480ef6

    SHA1

    785b5db0049415d81640c0eff64c4fc835dcdc6b

    SHA256

    a88a711e3f6c1309b483e44422bfefedf940a821b1571b3e53b4dfb1f6abf903

    SHA512

    87e776df50a1800f5ae46504ca7dd5fe4d96eda95af89afb048cfbd86be9f91b64dc7550ca8870827b87985a5f3bcb09223261bb8ca88fb2a81932639b38b47f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8292f0121ee8ec05011e136717b3c219

    SHA1

    f6f8c3dfb3846168f7608efc21e3b0a1a5628b04

    SHA256

    ac7124dd5462f70514addf71d59e6a360e8e096a91af7cefc3e5e85df2204ad9

    SHA512

    2a18ee7af96cd9e1b85a5eabda1ad60be789055915d59360219fd88f0a66896a67c915f7b8f964bcb285d370ca98d30365dd1c7405876a75df15a6ec7fdd4b53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    77c56ae3981e7c14e54855c3310dac5e

    SHA1

    6b9bb8e2cef28148a42e4e6bbe4212487a7bead6

    SHA256

    a82e715c028bc114c80a05d10fd80ddd5db412d97b5cd443e556dae14ca815d2

    SHA512

    2f4a73da5c3c2aaa6f39af43cd21112192338601c54906211297e780f10a1ebf10d0740aab9ab7c47c21e273dc6b6ba4bc94bd9b11678778f7fba038b45e7d9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17a8bedc74dfca33781dbb1217e9fe65

    SHA1

    c178fc853bf9dadc3dd1daacb4895943dfcd6936

    SHA256

    add2979711dfa035e19241acf8abfbbbcb658608d2321b773a62148e6b9118e8

    SHA512

    a684051dca8b9f0d681cc6d3a7cbb04431d987123da7b304b5a203a992cacc3d583943d8b0b8eae6acbaee190f69590063d45827cf69a34f6196bf6210d49f4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4079bb159fbfaaac3e1db6f47d67373c

    SHA1

    7f83c337323892a8faff89290a24dc79559dd14c

    SHA256

    5c50f20c98b78f6ee6272965058e0c8493ab60bc72bf274a2e2dd479deebb6d4

    SHA512

    1de4d05b3b8b445aad91b456b7dd39a1bdd63e1aabf61a793a00ea0f7d818b5ba06f33dfa564f4d769011a9c2a81554b4a3bd311063888f83bab533668e718e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4452bc37ebba8a2776a6fbef4deb9625

    SHA1

    982ee4f16daf1002d722c5ffd6db284df09cc8cf

    SHA256

    a7e5662af6997360f78781c5a484857a058e7f3b391afff2f1fe239548907162

    SHA512

    88507ad4c669cb160e6e579b3d95d50267575d811884e2251d2e0ef10200cbbe128a94fc09bd3516b4734061e7e35fb39a9d52d3a6813d88e7676dcfa85fd811

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    af0695cc91677bbd24ecbbd139a0e8ef

    SHA1

    c53bcac1e6b2154a581f40759e6cf2427758309a

    SHA256

    4bcc771c07b6e2a0798e51d8fb378a06057b137f1f1122aeca374b391436897a

    SHA512

    eea2b4c6fe94a78136ef9e4339fc10e98c6cd57efa6617f40176e40da4513206e2ff588e39c10eaf005a6af1b9e13aa02bdacee048eb5b8e71b9b06a89a1d22b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eada2680208d58c7e7704a471d009944

    SHA1

    3b09ebed2a17bb972f2ef699917c5cc2c5ba7e54

    SHA256

    b86e418161ccf78a0a6883e4ee886809077ef2caa3076866ff86193fe4347e4f

    SHA512

    8fb53d31c27f217f7513361abe7a9ffb08e132d7cae7fd07ffb2028fcebb97a7dafb6210ea5d48a9ecbcdb42c28810c5f7a988980d2817cbb8557b68f7d3764e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f5cb4be557d0084eeb3ac78f84e5689

    SHA1

    b54b58036401481798f0481dfd7e3d2813ba672c

    SHA256

    2ca5f4815b64a29c04273e32fe15e424fc0130c5fb255b1677982e97095bf33e

    SHA512

    fe5b003a77fd9eaef37ab018bdab1035ff0f5569a43047828e05c7bdacb9cfdc9408ce4cef811a9b881694ce6606f1fc5c641b9f110a0f30528c1e2b3d99beb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2620ab9f66b3461c7cd108d8b5fb88c1

    SHA1

    6f49b4f3dd3193189893a7229d414d6dfa45c8da

    SHA256

    3e6cc66b8e5f2520f22b7f31fc722d7b313dc7893cd04d8b7d65312ee25f2567

    SHA512

    55554e82a662b608c35076d1a62230d30076781a7e591d2a15d2c3be954cf0937dccfd28a912f0f2f1554e008feb5942e00e4c944df02d15c3989590236019f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79f8e4279fbf7bd5030e3d6ac5876bb0

    SHA1

    99d7027aebef1ec3425be9a02783b2245a8611e3

    SHA256

    88943fc73b8780500d43fa1d2136b58c37458c89fb59b09bcb9deb085e221f7c

    SHA512

    18302bec93267965b987cb43d4420eccec37c7270b45909a6baf936d08b3992902c52f7fc3ef2e47a81bc9d77118806a0a279f189238ae132cb2ee39768e505d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    79f8e4279fbf7bd5030e3d6ac5876bb0

    SHA1

    99d7027aebef1ec3425be9a02783b2245a8611e3

    SHA256

    88943fc73b8780500d43fa1d2136b58c37458c89fb59b09bcb9deb085e221f7c

    SHA512

    18302bec93267965b987cb43d4420eccec37c7270b45909a6baf936d08b3992902c52f7fc3ef2e47a81bc9d77118806a0a279f189238ae132cb2ee39768e505d

  • C:\Users\Admin\AppData\Local\Temp\CabA989.tmp

    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

  • C:\Users\Admin\AppData\Local\Temp\TarA9DC.tmp

    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf