0c35f5b724faaa4d0f4f17f62272610047408b381df876067c98fca735a3682d

Submit
Reports

Overview

overview

Static

static

The-MALWAR...ot.exe

windows11-21h2-x64

The-MALWAR...ll.exe

windows11-21h2-x64

The-MALWAR...BS.exe

windows11-21h2-x64

The-MALWAR...in.exe

windows11-21h2-x64

The-MALWAR....A.exe

windows11-21h2-x64

The-MALWAR....A.exe

windows11-21h2-x64

The-MALWAR....A.dll

windows11-21h2-x64

The-MALWAR...r.xlsm

windows11-21h2-x64

The-MALWAR...36c859

windows11-21h2-x64

The-MALWAR...caa742

windows11-21h2-x64

The-MALWAR...c1a732

windows11-21h2-x64

The-MALWAR...57c046

windows11-21h2-x64

The-MALWAR...4cde86

windows11-21h2-x64

The-MALWAR...460a01

windows11-21h2-x64

The-MALWAR...ece0c5

windows11-21h2-x64

The-MALWAR...257619

windows11-21h2-x64

The-MALWAR...fbcc59

windows11-21h2-x64

The-MALWAR...54f69c

windows11-21h2-x64

The-MALWAR...d539a6

windows11-21h2-x64

The-MALWAR...4996dd

windows11-21h2-x64

The-MALWAR...8232d5

windows11-21h2-x64

The-MALWAR...66b948

windows11-21h2-x64

The-MALWAR...f9db86

windows11-21h2-x64

The-MALWAR...ea2485

windows11-21h2-x64

The-MALWAR...us.exe

windows11-21h2-x64

The-MALWAR....a.exe

windows11-21h2-x64

The-MALWAR....a.exe

windows11-21h2-x64

The-MALWAR...ok.exe

windows11-21h2-x64

The-MALWAR...y.html

windows11-21h2-x64

The-MALWAR...ft.exe

windows11-21h2-x64

The-MALWAR...en.exe

windows11-21h2-x64

The-MALWAR...min.js

windows11-21h2-x64

Analysis

max time kernel
1793s
max time network
1804s
platform
windows11-21h2_x64
resource
win11-20231129-en
resource tags

arch:x64arch:x86image:win11-20231129-enlocale:en-usos:windows11-21h2-x64system
submitted
04-12-2023 17:56

Sharing

Copy URL

Twitter E-mail

Static task

static1

15 signatures

Behavioral task

behavioral1

Sample

The-MALWARE-Repo-master/Banking-Malware/DanaBot.exe

Resource

win11-20231128-en

windows11-21h2-x64

1 signatures

1800 seconds

Behavioral task

behavioral2

Sample

The-MALWARE-Repo-master/Banking-Malware/Dridex/Dridex.JhiSharp.dll.exe

Resource

win11-20231128-en

dridex botnet

windows11-21h2-x64

6 signatures

1800 seconds

Behavioral task

behavioral3

Sample

The-MALWARE-Repo-master/Banking-Malware/Dridex/DridexDroppedVBS.exe

Resource

win11-20231128-en

dridex botnet

windows11-21h2-x64

4 signatures

1800 seconds

Behavioral task

behavioral4

Sample

The-MALWARE-Repo-master/Banking-Malware/Dridex/DridexLoader.bin.exe

Resource

win11-20231129-en

windows11-21h2-x64

5 signatures

1800 seconds

Behavioral task

behavioral5

Sample

The-MALWARE-Repo-master/Banking-Malware/Dridex/Trojan.Dridex.A.exe

Resource

win11-20231129-en

windows11-21h2-x64

2 signatures

1800 seconds

Behavioral task

behavioral6

Sample

The-MALWARE-Repo-master/Banking-Malware/Dridex/Trojan.Dridex.A.exe

Resource

win11-20231129-en

dridex botnet

windows11-21h2-x64

6 signatures

1800 seconds

Behavioral task

behavioral7

Sample

The-MALWARE-Repo-master/Banking-Malware/Dridex/Trojan.Dridex.A.dll

Resource

win11-20231128-en

persistence

windows11-21h2-x64

9 signatures

1800 seconds

Behavioral task

behavioral8

Sample

The-MALWARE-Repo-master/Banking-Malware/Zloader.xlsm

Resource

win11-20231128-en

windows11-21h2-x64

8 signatures

1800 seconds

Behavioral task

behavioral9

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/001eb377f0452060012124cb214f658754c7488ccb82e23ec56b2f45a636c859

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/041bc20ca8ac3161098cbc976e67e3c0f1b672ad36ecbe22fd21cbd53bcaa742

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/0ab8836efcaa62c7daac314e0b7ab1679319b2901578fd9e95ec3476b4c1a732

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/103b8404dc64c9a44511675981a09fd01395ee837452d114f1350c295357c046

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/2378e76aba1ad6e0c937fb39989217bf0de616fdad4726c0f4233bf5414cde86

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/30c150419000d27dafcd5d00702411b2b23b0f5d7e4d0cc729a7d63b2e460a01

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/3205603282a636979a55aa1e1be518cd3adcbbe491745d996ceb4b5a4dece0c5

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/453468b86856665f2cc0e0e71668c0b6aac8b14326c623995ba5963f22257619

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/5fb29fb0136978b9ccf60750af09cec74a257a0ca9c47159ca74dbba21fbcc59

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/6fe6808b9cfe654f526108ec61cb5211bb6601d28e192cadf06102073b54f69c

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/7745b070943e910e8807e3521ac7b7a01401d131bf6c18a63433f8177ed539a6

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/7f18e5b5b7645a80a0d44adf3fecdafcbf937bfe30a4cfb965a1421e034996dd

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/90b61cc77bb2d726219fd00ae2d0ecdf6f0fe7078529e87b7ec8e603008232d5

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral22

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/9384b9e39334479194aacb53cb25ace289b6afe2e41bdc8619b2d2cae966b948

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral23

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/985ffee662969825146d1b465d068ea4f5f01990d13827511415fd497cf9db86

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral24

Sample

The-MALWARE-Repo-master/Botnets/FritzFrog/d1e82d4a37959a9e6b661e31b8c8c6d2813c93ac92508a2771b2491b04ea2485

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral25

Sample

The-MALWARE-Repo-master/Email-Worm/Amus.exe

Resource

win11-20231129-en

persistence

windows11-21h2-x64

4 signatures

1800 seconds

Behavioral task

behavioral26

Sample

The-MALWARE-Repo-master/Email-Worm/Anap.a.exe

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral27

Sample

The-MALWARE-Repo-master/Email-Worm/Axam.a.exe

Resource

win11-20231129-en

persistence

windows11-21h2-x64

6 signatures

1800 seconds

Behavioral task

behavioral28

Sample

The-MALWARE-Repo-master/Email-Worm/Brontok.exe

Resource

win11-20231129-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral29

Sample

The-MALWARE-Repo-master/Email-Worm/BubbleBoy.html

Resource

win11-20231129-en

windows11-21h2-x64

1 signatures

1800 seconds

Behavioral task

behavioral30

Sample

The-MALWARE-Repo-master/Email-Worm/Bugsoft.exe

Resource

win11-20231129-en

windows11-21h2-x64

3 signatures

1800 seconds

Behavioral task

behavioral31

Sample

The-MALWARE-Repo-master/Email-Worm/Duksten.exe

Resource

win11-20231129-en

persistence

windows11-21h2-x64

4 signatures

1800 seconds

Behavioral task

behavioral32

Sample

The-MALWARE-Repo-master/Email-Worm/Emin.js

Resource

win11-20231128-en

windows11-21h2-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

The-MALWARE-Repo-master/Email-Worm/BubbleBoy.html
Size

12KB
MD5

bb7b91d1685db89b58ac01a72921e632
SHA1

4a1dd457983a7f1bbc7943eb5fca3da6d93d4176
SHA256

940a563df059604ac0dc6a92a845da2f04236b86887208b89969b70c6781c3f8
SHA512

09e26d197b22a4553e2e87a9ee0957700766c2dcd11157b5b71744d67abfa30d71d45c7bf1081bf9337527e3b8aabde99b09bd2bd30aa302329ebf480078307e
SSDEEP

192:W1VoVk8X2TrWAXaR06qVoVk8X2TrWAXaR06LV:Giui2TSw6qiui2TSw6LV

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3240588775-3651084335-2656120175-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3240588775-3651084335-2656120175-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3240588775-3651084335-2656120175-1000\Software\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize = "1"	iexplore.exe

Processes

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Email-Worm\BubbleBoy.html
1⤵
- Modifies Internet Explorer settings
PID:1376

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads