Overview

overview

7

Static

static

3

ab532b3da8...35.exe

windows7-x64

3

ab532b3da8...35.exe

windows10-2004-x64

3

$SYSDIR/Ba...er.scr

windows7-x64

1

$SYSDIR/Ba...er.scr

windows10-2004-x64

1

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

1

tbu03852/options.html

windows10-2004-x64

1

tbu03852/s...g.html

windows7-x64

1

tbu03852/s...g.html

windows10-2004-x64

1

tbu03852/s...b.html

windows7-x64

1

tbu03852/s...b.html

windows10-2004-x64

1

tbu03852/tbhelper.dll

windows7-x64

1

tbu03852/tbhelper.dll

windows10-2004-x64

1

tbu03852/t...091.js

windows7-x64

1

tbu03852/t...091.js

windows10-2004-x64

1

tbu03852/u...ll.exe

windows7-x64

1

tbu03852/u...ll.exe

windows10-2004-x64

1

tbu03852/update.exe

windows7-x64

1

tbu03852/update.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2024, 07:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/static_img.html

  • Size

    503B

  • MD5

    2caff3519f5be538757c467d4fec4756

  • SHA1

    7e77344f049d9ee4d216b6f412c01ba28596773c

  • SHA256

    e94503ad0ea2a4f7002ba70f57e12da9daabb5037b6bedc7725d1fc43a487415

  • SHA512

    029814dd117053d03acc6c0cb1af2802256149c6a3588cd41334deeffad6095dc16386887e2053f288b13a5ebd3599cbf9c55c194fde81f3df77045d2609a467

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_img.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efb6639d0dadbd3de4ab5b7052b71367

    SHA1

    b979ce2dc816130df3befc9e388394b6adbb8141

    SHA256

    794164e4bce27cf4c29959902447afff71c001fe40e274348b1963d673e34d9b

    SHA512

    fb2866c8b27e8d95b41d97b3689bfc6ab05c6dc4398bc3d4e1d7c23c1e4e60e7d2e8bdae9a75766c57deac1901fba6d9a94825a1fe0d9ce87582bcb5ad040653

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    943581e76e3cd26dcf6e7ec200e54167

    SHA1

    074c753377631e56b1bc0f1349da019a1ba66c35

    SHA256

    10691ca7dda6237568e02ccf13a8b3ef48760dda7efca2e09921caacf82d8ed3

    SHA512

    f4b6bc11348fca67f25ff8a95614249578e07648524b1b1bc50b357643ee820185d9d8a76d2cbbcd64b90024cc0b99febaff2a38a658d6f6bedcef568db995cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff45a8f8bd0dd6d984f23c033fd21fae

    SHA1

    c045f8115f43b0f6cab0311623773df400d3dcb9

    SHA256

    6309461a69ec635d5686c5d9bb823d7e096b63fe64f0134c4fc881283411d5e1

    SHA512

    f9b4253061c6052a8a67374b73496de9718ec32208ca0ca94d15f270c8f126aee4565f2b9743d914383d5123756d44cc4dc46f113da8a9d428dcc4d9d62a841a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b2cadd37aa5b0ecf0c8b3cb61d0644a

    SHA1

    686baf2f7651a81dc8a2b93dab253b6fc0733ec7

    SHA256

    aaf4f5b96c05ecf776e3da0c661c42d720b0f1fd90549e35fede09ae60a86be5

    SHA512

    36dd0f6f963b82d8918bee1ec5254f5b7dc4622d06d825ec2c1d01ade55051f25fc024b72d3ca9a4e45e21662a781eafeab55a0f755e6e6edfa2f7580e639081

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f78c645b298c20c3c3b3a9463670652

    SHA1

    27a7e285d3accdcdcb9efe9579bda0e2973cbedb

    SHA256

    6b97cfe78e61af3ab88a7c8ac7751b50c008e0823a8c3e61cadd7dddee02750d

    SHA512

    d6ec6b98ea930bbf3a91b5b149eb0b6b814e773520f16b005a31b8c52a75b6a889fa8eb8c0ce4e9a4e4c46bf1c6f8ec8680ec5f7a200a33d12f856cc29954f02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    425f49cfb03c363602770243c5604f1a

    SHA1

    54adc917aadc6e8093bbfcf51aab6893541e61ca

    SHA256

    6b5b16aaebb38ffc50c869a5770649ad4f589849237fb45bac88a164048798b5

    SHA512

    79c3bf5d6f62f34321e25c6fda9afd2612c766362da02b7b0d1d76c644bfdb03d35e57da4294c20108e954ea1ce277f02df2604ff0592daa116258f176696ed5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ddbd30b1039cfe8bb31b3d0f3133084

    SHA1

    f58c106a36cc24e82dc11aa577428135e22936aa

    SHA256

    6d6d5345088160c066ee34d8a6cd0582a8ed4e9a04194df5726ec5579a265164

    SHA512

    8c38d6e9a64470c24f0ce561127aa21ef8e9e3b50a2c28a0a5b4b0c2f1d0338eef5da0c406d2463dedc465b031cb989152b8ad5380e5a90639d01576673f9468

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bf9e27142b252f87490340dbc71a7c7

    SHA1

    dbac5b068521f2f42ef9abff1d7298ad85089de6

    SHA256

    92897ac3dc10d90433db0836db35cfe60d1637a4c13993e53acc00192ad6c450

    SHA512

    2943b7d05be70c99e574e6079ffb340de7f3533eb7eec5ad0e2bda4e077e1d29b9f43426ff4a8aac974d7cf50b3f201d5ec853a17713924d23e957072537f031

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e454b7318f68e30269984830607daa15

    SHA1

    f7b6596ce42acff44f12f55d34bbf1a936a73db2

    SHA256

    023eb3e3cbff3ff5667a4768186f97e58500a62f6101bff39edea34fbaf1a0ef

    SHA512

    1c96ea367605967028aa7fe48d9670a4c0fc6b792de7ba6839646ed5b0940cf037f98d9d3282e474771e64b990752b60ea682eee3c3bd94369397c94bbe0a5ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fccc0f2677984f2712af10f265a1a0f

    SHA1

    0f18d4f7b2b0f242d185e8d7a0ac983d83101364

    SHA256

    fff07401d8a4f36dc6752f495a5dc2e781a71e9901ef862314493c288ae54e40

    SHA512

    7ad6e0c64801adaaae2ce75ffa81da1d50506087e0b48e90f0705789c9022b22ec7eb44fb7746263d0aa7ae2aaae88004ce25a202cd4ca798fdcc4ac22a9d4b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccc98ea5e62308de62dbd645030b17b9

    SHA1

    e4993e165c7cd3538bfdb4499cefcf97f31d4fd8

    SHA256

    91c2a33a7bcf428c0f2dd82cbf41801ac2a2c59a7e3f029cd4346ee32955a6b4

    SHA512

    b59e97be374368fa221b10a0864d3eb4d51fd55b77326cebcbea8f28b0f0e07a3ea615956ada59b46997f4052acb4b53d5af69a0a679e6ff28102686d554031f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdf1a1720c0de4f5105caa8522246259

    SHA1

    20cb0672c27859236534c63810dbdfd22f70992d

    SHA256

    875862e96da85924764ccf834a78618d4eb6b86490f1eb7d25310059ccdd43d7

    SHA512

    59fbe0d9418aeaf16731ad3706c509be1e3e2e5778e32985ae2e2da6251604e8a6d98e2a6c702f090f4b72181dbbfcddb4e34ceca87f5b3933dcce24f52b22e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    736446f01e4e9b4bcd2f18effcae53cd

    SHA1

    fee659f004729f841e0858499dfc839e6912cab5

    SHA256

    1e0e08ffc3a4798d08b4a2dd88629ddc40b3de44a6ef2a09f25bf0b64aaceb5e

    SHA512

    6be9cdaa6fcbece54afef49efb610768de3a6b4de806b51609f34a2ae9b9d0f0e6315809477139c0d1cb7db00e663fc89b9f680dad85b400d31c9bb342f494ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c30e2badb049e69f006b97d03a561d9d

    SHA1

    2306bdf624fe5052c2eca8016f56af8dc1466bbf

    SHA256

    41d17a5c71f9424443e35d20caa3e3f0a3b14cb823f639d6719cd303bb278aa4

    SHA512

    91d6544e1580ccc67cb6f4f488cd1174fc263eab2f6e8265b76d48de79b8e91014e9ae6c01ff786bff6ab89429c1f8f30c0bbe574f7311107836b9bb28f7da4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    248f58b8d54b9a8a6e8e8a3733a4d606

    SHA1

    6c735128317219ec51744ffa6e9dee62af780a78

    SHA256

    a3359b7f8bc98d895036569a29891262a8c5b7410c78a00b15c7acbd1e531a2a

    SHA512

    e1307f11c0f29d176a56e0b586bdd7516245311e8f1492bc5b39f5c4840bf11759bea984cf8da3f5e16f120f3d72ef8dda3f8a8ea1d9504d362c99b268be849a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f0ee946b699553df27a3663829083d7

    SHA1

    483f85ac31dc86c1057234a5f343efb0be5e0c7e

    SHA256

    e0b3fb3f57a71ed87598d2d9b4c05d7320e4ff142e85623ec4207e2a4e9dd02e

    SHA512

    dfb70bc3c7c95fc4f672a10a5442e3f06982a04669a769fd08e5e2763fbf63e6f08cd15107109e46b4f8d2153f4d97354ad395a9a19bd03aca485e781e80eb05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a376f08b856224e352025b9f6d58beb

    SHA1

    45cd8889be302aaddb6581e423dab4a4f35c9d44

    SHA256

    a20287f59b1e503b275bc9310198abb579114ae92cafa022d8e258d5cb040049

    SHA512

    0806f5ea8deef52f096c339c59f3ed7b39fc4d2a51febb62b36d6be60432b71248c130d2dfc5a5550fdde5bb80331d6cc8cf8c5cd12e9e5d6aece49c76a7be24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17f30e1521a56ec517c1e8222dee5c64

    SHA1

    19533bf3c35427d0f86e84a5c77fa834cd94a118

    SHA256

    13287218b7a78628e7ac4a130484dc7ed74e8ed398547ca1729dd06e052dd408

    SHA512

    82e08121d4707cdfca2e0a4dbcb88a3ed49884b1ef1554533777d492fb72db74aa6fad3e95dadbdd96f66a65e1fd6a8b9b91fe5c550808219cb4ddcaf4fad4f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAD41.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAE4E.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAE72.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit