Overview

overview

7

Static

static

3

201037d0ab...18.exe

windows7-x64

7

201037d0ab...18.exe

windows10-2004-x64

7

$1/Tablacu...ff.exe

windows7-x64

1

$1/Tablacu...ff.exe

windows10-2004-x64

1

$3/$APPDAT...er.exe

windows7-x64

7

$3/$APPDAT...er.exe

windows10-2004-x64

7

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$R1/Tablacus.exe

windows7-x64

4

$R1/Tablacus.exe

windows10-2004-x64

3

$R1/TablacusApp.exe

windows7-x64

1

$R1/TablacusApp.exe

windows10-2004-x64

1

$R1/script...und.js

windows7-x64

3

$R1/script...und.js

windows10-2004-x64

3

$R1/script/common.js

windows7-x64

3

$R1/script/common.js

windows10-2004-x64

3

$R1/script/consts.js

windows7-x64

3

$R1/script/consts.js

windows10-2004-x64

3

$R1/script...g.html

windows7-x64

1

$R1/script...g.html

windows10-2004-x64

1

$R1/script/index.html

windows7-x64

1

$R1/script/index.html

windows10-2004-x64

1

$R1/script/index.js

windows7-x64

3

$R1/script/index.js

windows10-2004-x64

3

$R1/script...n.html

windows7-x64

1

$R1/script...n.html

windows10-2004-x64

1

$R1/script...s.html

windows7-x64

1

$R1/script...s.html

windows10-2004-x64

1

$R1/script/options.js

windows7-x64

3

$R1/script/options.js

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 08:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $R1/script/index.html

  • Size

    4KB

  • MD5

    6f44e35e505abf551740619a53bd6034

  • SHA1

    97a24684f8672ff92bae90da19473a557873e2bc

  • SHA256

    cd99cbcc87c55ead5a5f6b419fb75c99e20a136f3cb2c4ecfd531c0ceb66810b

  • SHA512

    db991364462289d4ec196e3bb7ab7e9fc717796ea7664b6467b85e1e7d8cea8f94e9fc25809f757330b4909fd4711ed996fca7e814a8206b97741efd7ee82c02

  • SSDEEP

    48:pEJtNzTZcKxpKtoobr3NYWwSLDEa3ol54s:6VcY4oIdnivH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$R1\script\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3b2d128b301564da1f2ec18b6442d13

    SHA1

    9f14173989ef3c2e9094d3d9b14553e32ce2efdc

    SHA256

    654c8d598e7cb7410c550f9af78e4ff780a6034b4921614d1c1a01ef2b0a4905

    SHA512

    1115f2d14052fe1d9b66386dfd8e6eb4aef325c0362b9cc1ab75120399df506dcc17a3cab372e143924157e433215445d0188126fc822a1c0a4dbdfe13423dd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    231aa65c6dfab3987ca4f20ee8e5626b

    SHA1

    4b7c1cddc52f442692d3fd92e4bc3fe5ee7e83bb

    SHA256

    93305d708354a0a08a32031a4917b1f8593b6f49d60f839277f82bf4b190cd0e

    SHA512

    ac8395ae7ed3aa1800e5035123e55d530aa31ee03127bf3c364ccf3c1aecdfc214a285998edac2e50aa6904be71df01534be64fd9190b09f71d8032a39f4bc77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc6d2d94e0a04f5e51563951872e75c9

    SHA1

    ad8de945a4d891229ff5d7fd3803facf401ea57d

    SHA256

    5cef40bfc954b0f1d3653fcc1a8bf5b315a824d0b367c63c22205c6a6ac349ed

    SHA512

    95ea6ef88d0d0ad20d16a8553156ba9d37010eb9aeda28339669684c99a2c3c312755cc8e10c7df21995ada71dce7878300e7471071295a23aeee25771a1d92d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f753732093f76d440e842bc3b3fdce5d

    SHA1

    0441a1cc74bf857e9c1db742388f19597fea3d13

    SHA256

    5bcd616422c8fe9736d1265f06b478857e3b8bc4a7b831fa3371193f90cd02fc

    SHA512

    116cdad3c56d2b1db845ce72b33eaf0b89d8d57057adda8cc9dd7e1cf701e7c49af781163589754a90624b4b7cb72986d4fbed7fd9eed1d06f74965287aadb24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98f7cf4cc4df027eb351502ffd134fb8

    SHA1

    abb3e5592241584377a1aac1ae002ce80edd846e

    SHA256

    ec868caf15f26a73005aa3553be479aee86f40b5c62d6e66beb1ccf9541a4e19

    SHA512

    7e4eb15e5cb7ea3d980c1ca715a65ddfdc033ca58be6281cd841644e298147bd9a22f3b90d8770699ff6a6379b4c22082a121ab5d192beecf11dbb0f49a35e42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46cc29ea4272636804830fcaf05623b7

    SHA1

    b0af1fd530271fc2a6ba1a65569b6680c6d46a08

    SHA256

    bc4712ccade6b24b4540f7ec911556df3091f8ccc036e854c6608dd54c51c960

    SHA512

    3c38f490fd2d256fbc0fe6bc5a60ed64d63a489ccee60ddb38d68b4a5076befc2976bd225c0c1fd6d968ac306411119cc8ad6f074ab74809211d2dedf4e65358

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d369d1c62dac150f63facd1fcea013c

    SHA1

    2a1cac0cf1779fbe2b61c19ddbd9c06811460c30

    SHA256

    110296d6ed59a9741b4f9ed832c7f1d773f7883af6077ebcd626d16cef6013c3

    SHA512

    de30144633a72a0c7d0b4491064b06c8641e99596ef71f3bb824ad8988fce3f81b23b5b948397a014658ee4497655ac4de9bc427025418f0a462c5ef77764311

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7f3cd435d363cd2429621cf2b731ec9

    SHA1

    cc8b092a4398bbb58e885d6b0e6fa5a46d9922b3

    SHA256

    745201cb2d9e2ca8470faa81b819e2e6a85e2abcccedb7c9c55e6cbcb7d96e0a

    SHA512

    d9e6ab2893b3d88de3d62d0405c9302592703dfd38e197b0f69f42533f0b16a96bf8fd8caaf356e50f1025f0a3a49fd2bb053426ad1b50931d36d3f9230c0682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    461dde9204a3671f366022a174408274

    SHA1

    3f3a501fdeda146ee2a2b778904c1e0a0f6fdffe

    SHA256

    a32d5d831b3987a25096f268eedf2a2cdbc96c51e751c364807bf151cf00aed0

    SHA512

    726da331b72bbedf3ace296f562c21f99bcffc33884fce9b2c1742f5b619990f99c8e5ed6a7b6d29cd7b326e1449e98732b136aa21cb63120a90a5530adc4c0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40690272ffd9f45f516215f8237c4968

    SHA1

    8c77049e32755bbef2c3a4cebf5ff8560343e914

    SHA256

    aa468200b7b64b47ddcd2d8750b63400942fba29c6b523c857bdc0b2c08b682a

    SHA512

    998788a3ba763f47f0f2efe377d49ec0978afbc321b62271b40a6985b20ba9a91ebceea3b47fa539e91fe9ee7731669e9c2acda3562422fcd01101cd5063a733

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52a44994196402bafcabd00d44f025f4

    SHA1

    c40e2dc5ac9cf31113e7c267dbd12435e87a0806

    SHA256

    b5f7112e8882b537c3850a3062b9f8610194ef2565ce342ff00b66ece45fe278

    SHA512

    18b4e9dd057e7036eec045ec2be219844634167d459969274659984c3ecb39e28c46ee8bfd9d9305649518d7623b14237c13af86ab4b7e86ce381cca4814ec0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08a0d919a9c88292eb09aa1272728897

    SHA1

    c37b48b2b9b5a343de3015f4347a9f15e71e7d80

    SHA256

    eaed3d827745d002046c8061c106c8ee20cfe4090680b5c2b777a649a34c6548

    SHA512

    705c0cc1e4d3d141051ca844509956a91eaa305b5707fccb188ac45c2753ddd866f922bc76d9d363271574e24089f0c906e81f754690c2cf2453e4d0b3d5dd99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e92b8d9b7fd494172c58f9d28e5d3a57

    SHA1

    cc691d5fb184ddc20db09d4986a467fc7195ca3b

    SHA256

    dabc0d820479da3458ba90011d886fbb0ea72421d6384b68548909708ee089b3

    SHA512

    4be77a25fa905d04cad16442aa5d1df1ca428cb33eb8b220c55fc8bd3def78564cc20554be540a8462a13e1f66d21ac670b35b06b38b18ab80eb33a8fb8bffe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef30a745e3e26a6f6c508de8b592caf5

    SHA1

    c04d4dfcf2e312518f8f2314325959251c37c85e

    SHA256

    d91e928d77a54e01cbaf82f24de52e70e5bf54838672eba82e2fa3f93d735503

    SHA512

    4e86d0900c382dd7b21fb9a96a66b4cfe1dd5fcb1a97ec4a0c9640fb1c8339460e0027649fad4c995bf824ea2a3f56415c57557557f1ba6ac1e5b35c17ffbaa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a71f6c98cba777ba11866ecb213be43

    SHA1

    39105f206d82507a9ac9e20ae8b0b6bc46ededc6

    SHA256

    538215be7c9b07436b2dbe1d67f2fc0a46e733e7ff4230d0d2230b8f6ad74799

    SHA512

    186f47871562a8668aa7b91047ff3e0c70bf0fcb36db8df7eb88566cc6cf5bf10a36d81606f731fbca0c52f3ecc1c8fca5ade3992186891011f2300657ace70f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc6b7735edb014faa9f68ba3913a4c4b

    SHA1

    e567919afd6bf32f00ed9e5a0e9aaf28cba894e1

    SHA256

    92bc72e3df6e78c6459459690308a635f77cd7ac72ba1b9835fccc8415062403

    SHA512

    3cc97d4b883093e190b380f871225995f86a278fcd1ab6626e61c194283ff9f213fbf9d028a99f99a2062dc6650cda9b54b12067b6e1af8f90b35eab26e3b82e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddf9a8b303e26238f1e507279ed44a93

    SHA1

    bc3d7f37b003d917b18aed4a61103e8d5765b628

    SHA256

    5a3e49506883443e384f453854cdcd81a823ad50a55e3f40df757b8657ac5579

    SHA512

    1462158c364ec658a50ea2a00067e38ad07510a21558a8e8d5a22454e9fbf034dfe3f2683e22646d22f989f643539beda2a43bc12c2e3f03e54e4998d1065e6c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab85F4.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab86A2.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar86C7.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit