Overview

overview

7

Static

static

3

c7b0a4d4dc...99.exe

windows7-x64

3

c7b0a4d4dc...99.exe

windows10-2004-x64

3

$SYSDIR/Ba...er.scr

windows7-x64

1

$SYSDIR/Ba...er.scr

windows10-2004-x64

1

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

1

tbu03852/options.html

windows10-2004-x64

1

tbu03852/s...g.html

windows7-x64

1

tbu03852/s...g.html

windows10-2004-x64

1

tbu03852/s...b.html

windows7-x64

1

tbu03852/s...b.html

windows10-2004-x64

1

tbu03852/tbhelper.dll

windows7-x64

1

tbu03852/tbhelper.dll

windows10-2004-x64

1

tbu03852/t...091.js

windows7-x64

1

tbu03852/t...091.js

windows10-2004-x64

1

tbu03852/u...ll.exe

windows7-x64

1

tbu03852/u...ll.exe

windows10-2004-x64

1

tbu03852/update.exe

windows7-x64

1

tbu03852/update.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-03-2024 04:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/options.html

  • Size

    6KB

  • MD5

    adc6e16ce6e97bd1eb19d3a8dad7274f

  • SHA1

    12b55eab3225b2250ba051803f7d791db59a46a1

  • SHA256

    29e525a91d8ac4ec6bb2fa299a404d9f151b45400c7cab09675a23469373435b

  • SHA512

    2c4bc233ae8741fe0a6995845aa88d707b347cfc78745fefac346ce27ddd5b799dd374bbba15516f6e61348f52720be3639cf0cd925a599250a9947a33ab7103

  • SSDEEP

    96:BKQ/O9mOdYCQiLFyzNYs90Yi67mX9gPui39bnLNza7/OBgx4wTn:BFj1cFUYJYnV6Bm8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\options.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d30f121ed1ce7fe9393ec906282ad7e

    SHA1

    e538dfd97621b2d7646471f861bb340b7964c49e

    SHA256

    d0009d5c588311acb2b2191047e7e4906b763d40384f7329ee029833ee01cb40

    SHA512

    6f539752ed871f8242f8eba2409cf5d1046c7bc7d00080afd1a88027bd9b23fcad20f4e2ce0fc7534fd72bf3f86d2c4bd2762f21b246b5a9540e2d3d2a304b26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e865c5b49f2afeb27eca5daf0922b3d4

    SHA1

    4c062b22567edd1f94fb638d963cbdf2471c1765

    SHA256

    6ddb9121ed71f99e70cc5df83b8423523ccff7244cb2f0ab4c8db3b39987051c

    SHA512

    142f479cc3394e8099763868ffcd7b7546cdce42df9944705922144cef15bcb12b63930f31c68cf50e7a50035ba256fe3590508667d5c24cb29c1ad15456f295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d9924297b902c82fbaaa873a1440c10

    SHA1

    144a0f9ab797658667b88150b40a44ab5402a3a6

    SHA256

    1cb0487b05bf752db54eb207fe73072a7cb9e996500d3f52ac4916e86f99e661

    SHA512

    c4cb39dd36d6a165d9b3b418b57f5630263094867b0987e5d6887c463159b3a0f634a1107918102e22fe65d2cf7fee74be3377772aaa63a887378fd8a54feb06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6c985f5b0b9ff8cd6587b83dca1993c

    SHA1

    947cfb3d2b8def266d81c8be0cae97f717a11ac9

    SHA256

    9bcdabf08a70abee3aca2a0db615746ba43387cbe0fc3e1d4e511f2a1072082c

    SHA512

    8d12b3b69c0a74872707caa3366113d9399925bad742d05caff34b1b43047ba198e7067d80db48a83fd5bd6839a12e0ea259a925acd02cc5be18416b43a5ce93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11225fab49536cc1c6b34cd828ce9aee

    SHA1

    3734065568ae814fb8864dd388bc388431367121

    SHA256

    7cf74dea50b165ab655a7303689a6ffb39b34310de950ad76d32a38311206236

    SHA512

    5ff05ab064fca9992e85b72a667359a1ac9b9598cd3b38fcc1bf2db7a239a0dd55e270b743c53c39cc4043d4e34748b6c0d93981185cb994c7af7bd586fd7c9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3e4a153fe5d62ed092c9e01d6de2659

    SHA1

    531de8c9200a800db90cba2f7f08883da7b67273

    SHA256

    f15a294f56d804b8b12fd2101adc942823c5d0611c03e420a05ef78c8fdfa708

    SHA512

    dfc0fe1432141fe58b7444665272027eab7eaff5e5ce3fad6dbc21be14234f449e2c14cbd1c223d94689e528022c75663c999fe0cad9325bcea944db8b534c49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b679acbc2bfa27c4542056dcbc4fe4c

    SHA1

    8a85bf4642255fb3cd3c4f7a45430bc04012f3a8

    SHA256

    36d9d6c0fa3f5f96001cd971bafc88b6eed178fbde23291ab4c177324d47b17c

    SHA512

    1bc28411102977dd9ec3146b3858e678044e9873e5b5111d4ae3e9ccf49c175642114bfd55d38061cae26c87edb8e3e7ddc57a0e00af607282d141c1f87d42d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8b751482a900b1411536ce45f7ac504

    SHA1

    50369d2cd9be3decc64a6f35f3359f902465f8e5

    SHA256

    4e2a8862fa15d05654a8bdd9e02fffafef4c5a7b56aa636256648af90073b621

    SHA512

    708f05ef97cfa70a815ae5088bba00084ff42f9d57e8c1da69526e2393d518c19363a4207af5aa952514dbe4c3c37ec477c99dab7169fa0be556acc20a5c1df8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18a06d21661fe43e022eda7c4b037449

    SHA1

    de46125d8ed9f8d4d5a738adbf513ea439876303

    SHA256

    a163ddd22d2b061b41330c37a71b25ba5734b0e9fc3f08dd1a3f3d1b78feb07f

    SHA512

    1b7dcdf333e3e889045764754630e291e148c3e3b22ee3340e594e909c89af5163db4c5b352e65c2f728ea964456e21f1ddda7a0c9a7d5cc93ff8a3459b9821d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fa7947cb705f2882016b0d224b9da60

    SHA1

    92ff39a16a01b43cfc57d52af492bc4171f86c71

    SHA256

    8a3b2ae2667858539072175ed475cb06fb6d11f9af8889260f0d9dddbbbd6e28

    SHA512

    2595d7fc70c75e3de161565816a822797135b34ed28af73bc69ac1a74e3884a8f209673df130dbeef23502a1c88b19d4ead0aeff23e925e6d1e2719dbc9aef91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    daa6fbff31f57f1a150f40f97961972b

    SHA1

    b2071cad01fb007530118e650e4f9613d4284d7f

    SHA256

    c34c1445f4801cbc3d2893fd25e92b910ec3eca383d1b78647a4f3eb33f123dd

    SHA512

    8957915a5249a9df83a25117d8c015c97efc41364d079c94439ee587d5857175237b7e74be391211662e49c8a9986209d0450944a52cbcd80dfcb0a98c84a324

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c6b976a24bc3cf42731ee1867af5697

    SHA1

    afcd3090157f0021ad0d3ddc5ad785ce7847be6b

    SHA256

    1e9421798117b1589a9c4861b7ade6577e99fdd615ae4a077205da97e38b139a

    SHA512

    e09d098aa4c97c3bb020544becc60a362f174b37adc83f79df4b09e502fc1e57130bcb1bfe24524059783a9719b1141b84bc5fb23f8d726bc80ee5db8273ecc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95e6bf51d31595ab3abec786d3e15e19

    SHA1

    3d75de58d0c235bda12ddb0d897bc687e0b0f702

    SHA256

    6ae6403587b35ad477c5099dd8de1a7ebc25bb8fafa880bdff161275765eaa8e

    SHA512

    46134d0c582efaa20b7870432fd8abf4d1e3b4046649a0a255b1f492f02fc408c0abaa08322c96eb24de8acd7f2721383a067aa4cca974990333a707ed8cb110

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC43C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC646.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit