Overview

overview

5

Static

static

5

Koobi Pro ...er.htm

windows7-x64

1

Koobi Pro ...er.htm

windows10-2004-x64

1

Koobi Pro ...me.ps1

windows7-x64

1

Koobi Pro ...me.ps1

windows10-2004-x64

1

Koobi Pro ...can.js

windows7-x64

1

Koobi Pro ...can.js

windows10-2004-x64

1

Koobi Pro ...wd.exe

windows7-x64

1

Koobi Pro ...wd.exe

windows10-2004-x64

1

Koobi Pro ...ncs.js

windows7-x64

1

Koobi Pro ...ncs.js

windows10-2004-x64

1

Koobi Pro ...ool.js

windows7-x64

1

Koobi Pro ...ool.js

windows10-2004-x64

1

Koobi Pro ...x.html

windows7-x64

1

Koobi Pro ...x.html

windows10-2004-x64

1

Koobi Pro ...d5.ps1

windows7-x64

1

Koobi Pro ...d5.ps1

windows10-2004-x64

1

Koobi Pro ...up.ps1

windows7-x64

1

Koobi Pro ...up.ps1

windows10-2004-x64

1

Koobi Pro ...ass.js

windows7-x64

1

Koobi Pro ...ass.js

windows10-2004-x64

1

Koobi Pro .../db.js

windows7-x64

1

Koobi Pro .../db.js

windows10-2004-x64

1

Koobi Pro ...hp5.js

windows7-x64

1

Koobi Pro ...hp5.js

windows10-2004-x64

1

Koobi Pro ...m.html

windows7-x64

1

Koobi Pro ...m.html

windows10-2004-x64

1

Koobi Pro ...orm.js

windows7-x64

1

Koobi Pro ...orm.js

windows10-2004-x64

1

Koobi Pro ...ile.js

windows7-x64

1

Koobi Pro ...ile.js

windows10-2004-x64

1

Koobi Pro ...pic.js

windows7-x64

1

Koobi Pro ...pic.js

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 09:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Koobi Pro v5.8/OTHER/Addon/templates/templates_dream4_de/templates/calendar/calendar_event_form.html

  • Size

    8KB

  • MD5

    9353025596d9c411f8e86f9d4bfa122b

  • SHA1

    b532f673a273013b40b95676beae54eda34a825c

  • SHA256

    eb3d1d2d63890fa993845077fc789f0fb739db8ac96e5b654e859536462f44b8

  • SHA512

    99c4fc150584afd213881b0afacc9429d93d3bdbebcfa41fdc431c67d1b28029e6c837dcdc894d3ee875379dfb224cf26e446375867f1256334b9a40dc0fa0af

  • SSDEEP

    96:18QLNrBQLvyQLfr4WxhcfsyHPxXk8fC/n+eSk5rbmhbQHYLZFVsh7/p:5kr4WxQ7HPxXk8+J5r6hbKIpsh7/p

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Koobi Pro v5.8\OTHER\Addon\templates\templates_dream4_de\templates\calendar\calendar_event_form.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    e837ed7dfd5c8ec231ba8161de4dcfce

    SHA1

    54d75f6afb1b0c41568eda886759131e0a6879a5

    SHA256

    d2150f2c233b8b096eb1e8b327a797fdf4c9fc6e1cde680ea9288440c4b1f78b

    SHA512

    244f3c3e11c9e4c268942017723fc333212c7123f3ea75f11206998961d364f08f44697b43ea30f67c559aec13261bd6e45fe6fe945d0dbee87a155d6d01147f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63c5ea663068a7bad5a1b7016b8c2309

    SHA1

    5ee5d798589f50132b21994e4f9e7988ab931372

    SHA256

    7560b7a8ffe6c0784d2f66b5f3ddfd0eb65bb504708218a8a7f9229fc9e5e123

    SHA512

    5ab26b7a109412fdd9c9de382321ac18ff067f6bfc180b7a5997e5a9d89885addf3c6ba4f18fc58cc0149c115f6afc208b371f60c257de3d40e7f7673f119f26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f03ab65b77fc29c9dc8e648ba334207d

    SHA1

    5fb7c85c29970a2c79990be922a22ef468dd76be

    SHA256

    dd916c028b4650f34653e52f704e99146d1b227e064e044d6e078a343e97924b

    SHA512

    a8bb0d1409403a85f99cc153670707b5baeed64745362ca959b22dc5b41705d37edd8862e7bc85c1517183bf9949936eb56eafa821e81348870b94894c44b284

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e6dc2c206df5ad9f80f9d662c752b6d

    SHA1

    90444296c0341eec0e6da409cdbe06db616b7aa6

    SHA256

    8277f8f1fd79b9d32e4fd0ddd0edd15902a1bcd94420ca85dd476868d460fc11

    SHA512

    9c60df795897a065fbc441171a3d703ca2fceaf0f215644c6002cfc15f486b0e29b0f4ed241f677cccea531cb9db264567188a71bc3e25521485505b9a75763d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    186a29d6783dfeec51f95491fdb3fc3d

    SHA1

    804be5d52fa5864d57b67616eefe442d36e6e11c

    SHA256

    4010074733e0b5ce1ea41ee375db303f20e0377650af5af58f27ad9aaab72648

    SHA512

    60cb12667132808ce53f556f644e3b639ffe6bc0397d206359e8c7b6b964636b3b935b60713c3d5914340ccff645d5dd85480b56093bf91843b841dc3c53dbc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da7d3d56da9d99b8903e573c75a4e4ec

    SHA1

    426a19efa7b95ef2d383ae675bc59dfd3666fa44

    SHA256

    4d77b6b4e80e553aba238c185444bab52efea79d1bf6df4d54ac7fac8f17d53e

    SHA512

    e4cd44e289ae5042489d37405acddc12e0148ffe05fa97ba7fdc3e1771857109378210df1c700be0c62be89de8341db14d62ec712fc90834a47f14caa2df5252

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b36b3e6fccb718a48bd4128a03cc257

    SHA1

    1e24a67286144ca31c16bd026577d4cb67bcf82b

    SHA256

    fa451d426b029c7cc61b1486bfa70fa098074b4a1e4f96246ff54aa7f1bb73d0

    SHA512

    b43f732a0aa27ac915ef90c733d100c744d1c55e693231b633fbccfc627494b46db1c211c0ca6b929243eb80e101717f46e27eadf25ac51a08ce939996e02452

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bc7e36ffdd17c264c1717aa1a713381

    SHA1

    28ac5ed94990f56543ced206a7214c22f49415d1

    SHA256

    dc210b6cd84b2d9e3a16abbd1efd6243c3d3753dda44151641946028b9c4608e

    SHA512

    ecdf16fddf70a80019884f3c9ef684299461cd27b794667f82adee3c1cb724ff7054b75f26b7e385c2ad9d33b89e0bb4bf5744d185c15a2ca454e6d236e54c55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b978e31af1eb755f9cb24cf7fe458ce

    SHA1

    4fba6d767b5b377d5b9d9f02881be1e08c30d7b7

    SHA256

    3ff8e15f0fe2c252fda86a6d0d5d2b18b585264880b3718b9c1b472cf3ad42c7

    SHA512

    994e37bfc4caaa0cbe730c2e95a65535ca8988bfdddbe5bf1a3983c4cd646a7aa08e0130954820311c397a045c6818b7e7bb1c62386e3888c2dcc1f5c7cc4fdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb356345a586c4061f61baa184637c23

    SHA1

    03bd11ea1f13b46fac4a3409aaf4eeccb5549e05

    SHA256

    02a85755f175da670d134b4446ab478f13ed2f7bcc6c044d87fe16c0023bce07

    SHA512

    f0e54951baff58b6d3d277337183c8623e381fdbdf83c13810edd2645efb017d5b662bb2248e157c47a7ee7e287a81fd1c81faa69e3c046c20dee3dffdba18b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    336f15691305e8d8299606f489fd5227

    SHA1

    65c9c73d39dcd551c65ab0f9c6044c94fd5ea1dc

    SHA256

    4c654185e64dfcda8dc3e8136b8205debcb9ed48674e21dbd8a509a98ae88b47

    SHA512

    5fcbeeefb22d4df4f5caee5a9249d83a47d92ecc2d9c7939002c2ebfab7bfa82e0f1857aeba24ced75016033a5f3a37aa1334da640c93a6dcfebb1e03ccb088b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52a972714e3dac87549143b99131ea29

    SHA1

    e69231d65008af4dfd4935d9cf73992353e2186c

    SHA256

    72e879f827b6a345d4b6d78745bff8cb4f1054ccb31969455c6d44ba2d5fa4be

    SHA512

    31cbd6118f5d8b02f2d1c5a8116fc58abd65d7adddfcd1f466e6155363bdfb4440e6a2ad9b7bbff7e4f3fd2b75d297fc3c1cd7b3b2bc9a4789bb8c64b2f247ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b6f8ca42e3bd35c1165012a562c149c

    SHA1

    04854a117fe6ab9dc6648a689e3c757aef83c3ce

    SHA256

    68125e6e4c1ba32c3bb03f6e5822d31769aefce85861dbf1649d1a756e6659ea

    SHA512

    374f1dcc61ec55e9051e9edc0968175ae89ac7d41f9b67d60054f62f982d80f1df636335e7ee1c1e571585b259fa01ae649460af2dd70cf323a31f615182a5cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6f5336646ab498e047edfb6f416c93f

    SHA1

    4acc2e53b054ca05f48e0d4bbb8d22cec3f923d5

    SHA256

    e15c4f02fad4d622aa982a719f43354f11ddd5738b99b4b50d3ee1de44df9a4f

    SHA512

    635eb203394f4d327447f54b65001eed1ee33586ec795d7928b9f88da8f3da9da19db94f8b572a5c74b61a59638c4a95a9e0fe915632f5194201532425f2549e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3884.tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit