Overview

overview

8

Static

static

8

Hybackup6.0.0.exe

windows7-x64

1

Hybackup6.0.0.exe

windows10-2004-x64

1

hyhelp/howdo.htm

windows7-x64

1

hyhelp/howdo.htm

windows10-2004-x64

1

hyhelp/postbuy.doc

windows7-x64

4

hyhelp/postbuy.doc

windows10-2004-x64

1

我们的主页.url

windows7-x64

1

我们的主页.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-03-2024 06:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hyhelp/howdo.htm

  • Size

    3KB

  • MD5

    7ecfcea9db032da912ad1cc1ff43a5bd

  • SHA1

    81d65e278e3e1a3a96401d3c13cb53ee31679567

  • SHA256

    b04ac5caf38c00b9333ae97aed744a925ceefe60eb52322aac9f31175635522f

  • SHA512

    81d8729bf3c93593692adb35ef33e136873fdb80031f80fe87fbdf2cdc5bba555f572dbb0ba50eb2a9ee49fc44d667ade2ad7c2309fd31ce3945dffcd8e30ac0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\hyhelp\howdo.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:808 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2120

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8bc5b9d111dcebbc3c3f80550df2f98

    SHA1

    be29b9ac43d6c50a7d4c7ce9145ce45beaf8c04e

    SHA256

    5861e03b50d3fc966098415bb41385084aba949efeca669c001d6a6eae03bb6c

    SHA512

    ef1b32b46f14c98ab3b2178c63395fab4b7dcc9279f2ff2fbac040919a48ee3a3853bdb2aa348b36d29bb8019458bf58ffea0abfddcb55b17435a687f001e797

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9efea2782216baeeb4f789899c5daaa5

    SHA1

    a59072aa9b4eda57f1ef0430c58895ca0fc1934c

    SHA256

    d75a7aad3086544241db40f6317717d9e3982bc73f20ae49c75a58329fdf9f75

    SHA512

    936981db956d570e5de464987ef7ca8e5a29ee6880c1118a073fabb19876b4ec92b520f45f124a66461b41037298e565afa4917923984c86e9cc845473e6e60c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2dbb713163a4e14d4c9eba433509e87

    SHA1

    a63dd1502f4c0d2934695c6e4b63a3c190000995

    SHA256

    a695de91c2e348354a079e48a39de25542fbdd1fb6af4c39468dc56664d9044a

    SHA512

    8e2603ef68bb59a70ba6fc21ecbb1f3dde4c93734edc7947693c994eeb0f8c0a7ae1bc78f65235edc3c398f4b8985adf6ce0e275d3f009da8e789d8eeb505dd1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61f6aa9dc553806372e311465f9c5323

    SHA1

    1e201cf4f8a4b2a6815d92353f0ca02a222cd73c

    SHA256

    2977675a6380de10464a3e36d2a2182e5d90c01471ffa9bedda777ac90fc44ba

    SHA512

    5beec1aa94009338a9d33c1d82ded1e590cab29c5654731b6366cf3c9841ecfacb24c439f6e29047cf47142b872cac34a462576d2b855c0242fb352dcd0521fe

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e89e44104968e3cc4756bfef50c57e84

    SHA1

    dbb7498bc5e185a6fadec3147def855f9242bdbc

    SHA256

    dd1b6da0bd6d6b1d537d59cc586fd16d2698995f591134494bf27e54919ad633

    SHA512

    ff23cc6ad8e79f8d1dda032153e04db72caad86f58ad86a1ce69fd3b790e1854d5668efac956e4e6025ccef9b1b68b936aa29a07f60c91496d33710a63708d31

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16170fd30f36d75b67f24e59cdf9f704

    SHA1

    6a727230bca71b0a60163ecf64a496be1864eba8

    SHA256

    f9af8d3353eba843dfd83219bb22025e9de94cd931ce424ddf37531c4087e1ea

    SHA512

    c8f30c4842d21c059ad9953bc2cddafa86e0e559b0478f0e93c992a4c5f983fbc55aaf59fa49f8955442c72741b7c739baaf3813aded9b2c9a247956fbdd6e21

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e68914796203bcf992526dc343783c37

    SHA1

    1f476216015f930644c75a8092fd285e2963e1df

    SHA256

    ea6cc277f67bc0817343a0e1bb53c5a9f3e32df508d8c76909e32db49ca2bd55

    SHA512

    d2a462f235ddcd50bcb5a060e760ce77374b70b48b82babe475c8194b487d9c44685b7445f56e9d395886ae857585176821d9724809448841bdee6a74b39245a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cac58df3d6d8896ca604aac16485a932

    SHA1

    240d209e366b75ed414834a7f9ebfda4970bbb76

    SHA256

    01129fe4cf1af207249ab4a042c5fab3d4e897a5143d52467b248a46807f4239

    SHA512

    3cc2e3514d82abd443518530798309cbe21aee234fcdb021f010d0cf2c1d93d9df05212d7757db3f56eebe32102d1a8a886610c7494925dce903815a9a97e429

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa68ffa01f9679c52dcfad15a86c2632

    SHA1

    95769f4e825029be882aaeb31ba24d78462bd7d2

    SHA256

    68608a28019548b51554e2f1ea045beee763fe39fcfb81373cd5cf53a2bffcd2

    SHA512

    6748ddaf0e6db75d1ff689be769f8357a54091dacd3037fa0d885e2d8c000c7c189c7ac4738ffddc5c4049ac727020e4bfbbadfa8978bd5c68d0e62c6c17c5cc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    023b3c79fca63b894d654d3c632b8fbb

    SHA1

    0ee1d694c789b4b33c5abf695779e57acfff3d83

    SHA256

    28cfb76cccdfe9d0c654beb7d18eebc92336b2e2034668373c599398740e46c5

    SHA512

    3a61e7f22e8d5566b1febee488fb26ef3009a58cd4ab009dd11aa639f0b605fbe085efcba29fc897574fbda4a8213b6d6611312fc0f4dde56aa95a24abb10fd6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c80cf438b6e9343283a6f3fd95529af

    SHA1

    942d8fdb0d85dc3eaa6ef8dc3aa302e8cbbfcd9e

    SHA256

    e0dbc605002b0d446b1b86edbea6aa5729f6a1a231a194ef88a2dde0e74be239

    SHA512

    ce1cf25ae6637c09ccea02a640d6be17d3aef22d149841952a327ec2934b934dc257f2341feb900506c49d682c70db13daf1f31ec13a83304e4dd49006b5a9ab

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3112.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar33D7.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit