Overview

overview

7

Static

static

3

b6ff7a0f63...5b.exe

windows7-x64

3

b6ff7a0f63...5b.exe

windows10-2004-x64

3

$SYSDIR/Be...er.scr

windows7-x64

1

$SYSDIR/Be...er.scr

windows10-2004-x64

1

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

1

tbu03852/options.html

windows10-2004-x64

1

tbu03852/s...g.html

windows7-x64

1

tbu03852/s...g.html

windows10-2004-x64

1

tbu03852/s...b.html

windows7-x64

1

tbu03852/s...b.html

windows10-2004-x64

1

tbu03852/tbhelper.dll

windows7-x64

1

tbu03852/tbhelper.dll

windows10-2004-x64

1

tbu03852/t...091.js

windows7-x64

1

tbu03852/t...091.js

windows10-2004-x64

1

tbu03852/u...ll.exe

windows7-x64

1

tbu03852/u...ll.exe

windows10-2004-x64

1

tbu03852/update.exe

windows7-x64

1

tbu03852/update.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 08:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          875b95dc36735823591b518bc31d05e4

          SHA1

          e77dfcfd5a3cdcec0d4e58b9b5439ce8bf40ff89

          SHA256

          0f7542bef1db047e8a575b2b98b77e88b124dc46c1b8ddbb4cb2d4b681c10f31

          SHA512

          505c62de11aa14170f9d01fd789b157a1936e1052e6b5d667d32126834bffa2825b286642d1e6c2eed1cd7b099c2e9e83c9e775b1eff51e155050727f7f0448d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6495aa4b9c57d35fe102ccaffa837478

          SHA1

          a5ce2c0b8f3e4f0e1e9abdbca94fad065195590a

          SHA256

          15b7a5c7ded364682be7ad6a8dc9cd93108207a84baca78ce917af2c719b3d16

          SHA512

          27e85b63b38096a456e40a35920d21395b676e29e7724e54f817a86e285c431716b12ebba64353739c8c5190529a99af3ff4a013248f2ad1164643a8bbdcdce1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9fea9c159f3969ab1c74762c65e725a6

          SHA1

          835a4253115807e1ffdf63d6959a862a70a6e7ed

          SHA256

          f2dad5bf92094e7712533fadb49845e805bb9ff8d9e25e2254d89829c3c0d408

          SHA512

          1157fdf26f873ca51469fc2addf57f5489d263b1282560dc495c60cbd139c2ca1fb226c60de5cee5a6206f9ec9c14ffaf0b4b4d96e2ea2bd2b6bcbd22b70334a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          83a263cbe8f8820562259849da3d22b0

          SHA1

          12fd1083f56293d5e30bf0c6c4465dd4b24af112

          SHA256

          0ee602037b1a2e94cd82f4a49d58a4343e6ed924f61b4d7cd2f6c5b25ed6d087

          SHA512

          9d9ef9417d982c3b61fb16542ea9d1ad24472816279106d2e205f0df5886f756490c983744fbf64413740a2f2d99715b3943a935b1fb53fb94bce558bcac78bb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          89fda627e9d6ba8d330d7cadf6ea9b2e

          SHA1

          22976fcd93bea5fbe5f5100e74f7cdcd67712ae4

          SHA256

          69929c3a5a41d0e979f2268860620aa8b362c8e2559d91c612f82e062bc261e7

          SHA512

          a19f823c068915e4e0cb9754a3052af712233990ac8b122bb089b40a70cbbeb860b9c4cbb26d144ce7ffb9613f92e14fecc70871187e19f0c236d512231da7e0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          75faddec109bb36b9735bd92cd3d61aa

          SHA1

          fbb82351569b96376e6a39ee770765d0ffe472a0

          SHA256

          382b98aae13484d0de725485a7e846b3384d86d3b0e09e5272c074e7389e16c4

          SHA512

          c32db4da1a24b5eb4a0e36bf939c223eda0eed48bc68916e655576d03291a01dace46bdbd2427c1d771eb839e1bf3e3a32543d2d4b1b05000b81d1ce1c99b4cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a1628fcc91d048a7fc013200b6f98b80

          SHA1

          0fe8500a425a5a812923ee3d73d6da6c140e80c1

          SHA256

          6d0d2f634e3660cfe1f97124555fc89f9b2955b199524c27df53b96dac463b1b

          SHA512

          b7ec541598eb2a93e138af7e53d8eedadf412e240b9e4ef33d7976189e8de75688f4e6274240c81cd0fa0713ace94c5740e9d1fdcd46f906326b28b8a26901f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          de93675a5adb87ac8fd404ebed39c326

          SHA1

          130eeab49bf55ffb5dbe24151ffff4cfbf410fe0

          SHA256

          550b67fe55bfb1bb84a7f81281ac8ebe598b1efdb108edb0c09b7074c80661b4

          SHA512

          5939de02bbe74170c0110392fb322951975f16d7a4d7ff19296ab3dce6c4fba502631618cdcc517d2064e47c604701990677a8750f014bb6d9bb688d55f9ae62

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ead0f1d853eaebb7fcf590f8285f5e6e

          SHA1

          5ae966ba36955e6906391f96aafe6d9d90a2e888

          SHA256

          9e92743ea6871eada6707ddfc3e6eeb1242c54f2b5bfefd5d52101bff681d911

          SHA512

          6a142acf194b1b49c49fbedb04f5f600ecb0e56df50dbbe098dad44fc1e274d9f9dcec293e32b89b3e88fe04f8d6bce704782676cf56980d702b2a6e00e8eb09

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          69b336250cfec8d8b287133b4f3079ef

          SHA1

          171a5c6849c676fee0819871e67aee32580b5753

          SHA256

          cfc90457bb5f61aed5b8bcfa3c434d505892d3a01fdd34c426f13d94dfd5bc66

          SHA512

          7b621db45d4c897a309e7279379e375a59805179d98784f32b763511d69ad2baafa0cdd2886d4ae65b679934c27bf05b123ef26b4905c047181666c5890c8519

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          62510c4e3200dc20e9b3647ee1b8568b

          SHA1

          f35ef46f9b006561f7deccb33d206cdbdf4d799b

          SHA256

          2153933781ba5f9c4aa6929cb940d1d4df734cb9c3954ab9c9929e5c80b23b05

          SHA512

          2bbf2ea11e3ee3e10f64fd76cdd7dd4fa20c5fb199d96ef5b2bf515ceefade535d343e57422a5219b6bc4f6728a9a6aafd220628cc4f8981065a8b9c178a0fe3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          96331e096652e00cd68560493833ef94

          SHA1

          ca11def1a5fafcab9aa68fc2c1bfb1462fb8d69f

          SHA256

          976a2da9d6421faf8fcd49aec008a8a6982174ab2e3b3365731d73860ba68e59

          SHA512

          fd5cc9db373bbf3c0a7e69893caf6f09ada275adc0e92803bac97f97e1014ea9c4a86de0ed223602b9d865ef4e0291e399a03d45d98519f17be53be7a7babc78

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2442d1e741c45b7d01e29e5ee17270eb

          SHA1

          9e7195cfa52ba2a7b0afe820ff4bfff33ecf9d63

          SHA256

          6110cc07e905ee30c0a94e5725ad2d9baec80b5d7ea4fc8414c04a1912e6ed50

          SHA512

          15554fd86d071cf0af6eb79349ed6173d90aad4dd925c82a9376aa609a5595770f8e236c840bd1c1996030f94d7def1fc703e9ae7e8cfe97fb95f6aecfd252e8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2548d7edcd21df7b489a36993eb1bb12

          SHA1

          bceb2474271ff9f2d526e16bbe41e23834cb5286

          SHA256

          0cb46a7bc15a3b17a8364db949d123487de6abe1806270eabaf93bf375bb1053

          SHA512

          1781081f7be70b485502303ef426a469e9afc3645042adc6479e97a6222abd8ec77357aaaddb2c88186b9cb04a1db1c6db8b97a448c9c2e0a5d8f9edddc78470

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          18d276dce4e09dcd78e1f86279720974

          SHA1

          6bc74d208ca47dfd3d7fe6e4331546a26832a612

          SHA256

          859c9c32bf9105aa9e905fc72224b0ffb4a69b7a984cdab88da29e09e56ed507

          SHA512

          e888a33105adc0a64aa1cb326042254601b91f8f6ae30ffd44da0a0cce8e5bc661794b529543a4bf7ea8eac2308fb0f755fb2b6dcec6b4c0a5edeb3c6ca32ea8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab432B.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar44C8.tmp
          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

          Download Submit