Overview
overview
7Static
static
1boredape/a..._store
windows7-x64
3boredape/a..._store
windows10-2004-x64
3boredape/a...rt.png
windows7-x64
3boredape/a...rt.png
windows10-2004-x64
3boredape/a...nd.png
windows7-x64
3boredape/a...nd.png
windows10-2004-x64
3boredape/a...ar.otf
windows7-x64
3boredape/a...ar.otf
windows10-2004-x64
7boredape/a...go.png
windows7-x64
3boredape/a...go.png
windows10-2004-x64
3boredape/a...rd.svg
windows7-x64
1boredape/a...rd.svg
windows10-2004-x64
1boredape/a...ta.svg
windows7-x64
1boredape/a...ta.svg
windows10-2004-x64
1boredape/a...ta.xml
windows7-x64
1boredape/a...ta.xml
windows10-2004-x64
1boredape/a...er.svg
windows7-x64
1boredape/a...er.svg
windows10-2004-x64
1boredape/index.html
windows7-x64
1boredape/index.html
windows10-2004-x64
1boredape/p...k.json
windows7-x64
3boredape/p...k.json
windows10-2004-x64
3boredape/package.json
windows7-x64
3boredape/package.json
windows10-2004-x64
3boredape/settings.js
windows7-x64
1boredape/settings.js
windows10-2004-x64
1boredape/s...le.css
windows7-x64
3boredape/s...le.css
windows10-2004-x64
7boredape/s...es.css
windows7-x64
3boredape/s...es.css
windows10-2004-x64
7boredape/s...aim.js
windows7-x64
1boredape/s...aim.js
windows10-2004-x64
1Analysis
-
max time kernel
1374s -
max time network
1163s -
platform
windows10-2004_x64 -
resource
win10v2004-20231025-en -
resource tags
arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system -
submitted
14/11/2023, 20:14
Static task
static1
Behavioral task
behavioral1
Sample
boredape/assets/.ds_store
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral2
Sample
boredape/assets/.ds_store
Resource
win10v2004-20231025-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
boredape/assets/alert.png
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral4
Sample
boredape/assets/alert.png
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
boredape/assets/background.png
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral6
Sample
boredape/assets/background.png
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
boredape/assets/fonts/MonumentExtended-Regular.otf
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral8
Sample
boredape/assets/fonts/MonumentExtended-Regular.otf
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
boredape/assets/logo.png
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral10
Sample
boredape/assets/logo.png
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
boredape/assets/svg/discord.svg
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral12
Sample
boredape/assets/svg/discord.svg
Resource
win10v2004-20231025-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
boredape/assets/svg/insta.svg
Resource
win7-20231025-en
windows7-x64
Behavioral task
behavioral14
Sample
boredape/assets/svg/insta.svg
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
boredape/assets/svg/meta.xml
Resource
win7-20231025-en
windows7-x64
Behavioral task
behavioral16
Sample
boredape/assets/svg/meta.xml
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
boredape/assets/svg/twiter.svg
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral18
Sample
boredape/assets/svg/twiter.svg
Resource
win10v2004-20231025-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
boredape/index.html
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral20
Sample
boredape/index.html
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
boredape/package-lock.json
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral22
Sample
boredape/package-lock.json
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
boredape/package.json
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral24
Sample
boredape/package.json
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
boredape/settings.js
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral26
Sample
boredape/settings.js
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
boredape/src/css/style.css
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral28
Sample
boredape/src/css/style.css
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
boredape/src/css/styles.css
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral30
Sample
boredape/src/css/styles.css
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
boredape/src/js/claim.js
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral32
Sample
boredape/src/js/claim.js
Resource
win10v2004-20231023-en
windows10-2004-x64
General
-
Target
boredape/assets/svg/twiter.svg
-
Size
1KB
-
MD5
f187011912fb221211e9f0c33daba3e3
-
SHA1
d84156c0f20b66a798c345459462d064c01334cd
-
SHA256
d8dc87c6394a23c04fbac03bce3e1226302f2bc41ba014d31300d8cd1669ee91
-
SHA512
5a4b26fc99b670b675592ab8084fdfee0ccdca069efaa67ec8f3c512001457f165a47c8144f215c0cc2e702883edd7101088f44045b21f72fd14116139a14bd5
Malware Config
Signatures
-
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\VersionManager IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 904b4ac53f17da01 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "406761504" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\VersionManager iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3289831965" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{EFBC65C2-8332-11EE-8286-CE2221A208DE} = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3301550921" IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c673c30fa5e1df4483894e0a711271f900000000020000000000106600000001000020000000272886297df826140ac71107387d16fc5e5786d0d250b9ddc861488dbbe03d98000000000e80000000020000200000003815a8a3214301acca8f8efafc8c9cf3c630163e6011bd646aee1fa34a862c722000000014539380c4aceca82ed315e81fc9063bd556d285262f89dec359568fe149a9d740000000f95a580fe9c784fb7114de2106ec4183a9254d2ea47932dc7829b91b05a1cd3cc39efed44613b292e4e2feb28f04dcf6c14aaeeb2d280bd9dc3fd0f230aa499a iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\GPU IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31070015" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 604062c53f17da01 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3289831965" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31070015" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c673c30fa5e1df4483894e0a711271f90000000002000000000010660000000100002000000048db21add443670885d4bb0b84609a8af28cefc06795acd6736c53ed3188c6b3000000000e800000000200002000000074055dd9bad9fad1b3593b7a9a113aaae7c9fa3dadd155ef5d6d063fa31527af20000000e342616e6c1de8cd963e4abc12a33e07a814060d48bd4d8377d0e04ecbba8b78400000008f8accbfa23e6446a02ad3b25b3746c14430c0c2516f2da723550bca55deb3f3812bd4516620feda6e2b8dbe15362e84d30b800f03d87e996ca5e9e1a4bcf384 iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\IESettingSync IEXPLORE.EXE Set value (str) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31070015" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames iexplore.exe Key created \REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 4832 iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 4832 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 4832 iexplore.exe 4832 iexplore.exe 4312 IEXPLORE.EXE 4312 IEXPLORE.EXE 4312 IEXPLORE.EXE 4312 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4832 wrote to memory of 4312 4832 iexplore.exe 86 PID 4832 wrote to memory of 4312 4832 iexplore.exe 86 PID 4832 wrote to memory of 4312 4832 iexplore.exe 86
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\boredape\assets\svg\twiter.svg1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4832 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4832 CREDAT:17410 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:4312
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
17KB
MD55a34cb996293fde2cb7a4ac89587393a
SHA13c96c993500690d1a77873cd62bc639b3a10653f
SHA256c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee