Overview

overview

3

Static

static

3

RedBoy 4.0....3.dll

windows7-x64

1

RedBoy 4.0....3.dll

windows10-2004-x64

1

RedBoy 4.0...UI.dll

windows7-x64

1

RedBoy 4.0...UI.dll

windows10-2004-x64

1

RedBoy 4.0...gn.dll

windows7-x64

1

RedBoy 4.0...gn.dll

windows10-2004-x64

1

RedBoy 4.0...ts.dll

windows7-x64

1

RedBoy 4.0...ts.dll

windows10-2004-x64

1

RedBoy 4.0...rk.dll

windows7-x64

1

RedBoy 4.0...rk.dll

windows10-2004-x64

1

RedBoy 4.0...o.html

windows7-x64

1

RedBoy 4.0...o.html

windows10-2004-x64

1

RedBoy 4.0...ain.js

windows7-x64

3

RedBoy 4.0...ain.js

windows10-2004-x64

3

RedBoy 4.0...bat.js

windows7-x64

3

RedBoy 4.0...bat.js

windows10-2004-x64

3

RedBoy 4.0...fee.js

windows7-x64

3

RedBoy 4.0...fee.js

windows10-2004-x64

3

RedBoy 4.0...cpp.js

windows7-x64

3

RedBoy 4.0...cpp.js

windows10-2004-x64

3

RedBoy 4.0...arp.js

windows7-x64

3

RedBoy 4.0...arp.js

windows10-2004-x64

3

RedBoy 4.0...csp.js

windows7-x64

3

RedBoy 4.0...csp.js

windows10-2004-x64

3

RedBoy 4.0...css.js

windows7-x64

3

RedBoy 4.0...css.js

windows10-2004-x64

3

RedBoy 4.0...ile.js

windows7-x64

3

RedBoy 4.0...ile.js

windows10-2004-x64

3

RedBoy 4.0...arp.js

windows7-x64

3

RedBoy 4.0...arp.js

windows10-2004-x64

3

RedBoy 4.0.../go.js

windows7-x64

3

RedBoy 4.0.../go.js

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-05-2024 16:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RedBoy 4.0.2/Monaco/Monaco.html

  • Size

    6KB

  • MD5

    22b3c30b025d532acdea8f5e600e12b1

  • SHA1

    37e5a2ebb3eade5accbc90e18a3ed9f1aa13baae

  • SHA256

    d62c99db6c3c2169af9242eabf92da4981020b165e76dc220283c25dd9087e55

  • SHA512

    09f7805287407aaaff7a5ce86ace8c6feaef9ac07e90788232295beb8bd2d21edfd3a2b44b43aa62e7448705150744e0710cb867df8e44cfa070ea9d21e30a80

  • SSDEEP

    192:wEod3Porv5AmQp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PoFBw5keghHwjt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\RedBoy 4.0.2\Monaco\Monaco.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2980

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11935bd042182795a02d62c5f5f911c6

    SHA1

    ca5676130bec015faf2a986961b3d4c3d06bbd54

    SHA256

    50721e38c90cb2463e386e8579da15ec1528db580cba8b3b9ab7d621eafc778d

    SHA512

    94895e61221bdb2f6d21bcedcbb557d7e06c4d3cade7af5fdcdd29ee12e34a086ebf540dd4b99fd58075d4ae5a71ab1fa6483db8ff5d2f4189adccf64d63e465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b6682ba33a5db9edb363ad1e4741d06

    SHA1

    386fd402bc08f6c4cdbdc82f34a43271279e9dd9

    SHA256

    3655198870dee5b5dfeebc3d9b41d2b2ea1870d7c25240224354892fd007fac6

    SHA512

    6b54666e7ba8319c39b1996446b40b77555bbccb37e510fb71372090bad8b6cb41bd1d05143ee018763687098546f828b81148c67dd65444db355a008f7c65dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37bc715559c31252128f5b0d6edba1af

    SHA1

    2f3a63c926a94d067f71614c6d2db0dcee842f07

    SHA256

    21bc2c411e716eaf46c79d08e4a9117c1260a785a2014bc1b206d753d9c2854c

    SHA512

    7b32aa6cdc68fe6c384779d78ee1b72f1df8b22173d3a77a94ddc3d202bb5bdff1249a2088a6182c2566de5489d415a53c7f011532e7b7f0b8a031e7a4fb02fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01df90869c2289da721af7827543ff95

    SHA1

    fa0fe85acb646a9f99781ab7f24a57d9f69b13c6

    SHA256

    0614bc01840794b157ce33f9404f2f7fffc02606ce3c426c5a5ad282865790e4

    SHA512

    5a8dde83703a79099dc7d1e8e8050e38afd5d6686935e3586776b562f976fcf424e2a6d36dd5ecfe240e4f19428c6a685ead26216226a25a945cce4ad62e9d66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a16509d8f9e4c18ba0e7b8e12ea174fd

    SHA1

    22c9091a2f1fec48227f0be752582bec8911b1b8

    SHA256

    eec54a1d18d413b5d20a78a28866d4609ba6712b6afd066e23f9cd50f136cd32

    SHA512

    8ad73b630e54fba13f717a8a66866de80b1e810d4930c6ae2d883da37b9114f02f393e6bb997a9bfeef02a8ba0f6121272b16826ead93652b0a39799f3c1c41c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae1beb87eff88a40f27d94919cf081d4

    SHA1

    9a224265c3a6171f5df9f74f0257e44719e59a2b

    SHA256

    68854128a1891dd1257cc15e87e28021b992250a9ee74ca5b8ae7aea93943aa9

    SHA512

    be8ecbb72f13898afd04cacc3e79fb2a48c5b945e55fbed3b79f85a5c080364939b98193a32a6ef0eb8b1c8fa4ba5707774c94f7dbdb41f0fa1c295e168560bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ec38cbc78a5cc190744a94d3d030574

    SHA1

    2300de20b30298611fab45ea147f09c9cf84303b

    SHA256

    f83c6759ed28ab76661f199682b53e9b93b1ce1ba2bbfd4739a5f85e67005ce9

    SHA512

    85b1ca263aad18382d9508bcdabeeda9f01320fc0b2141b11221114bc977c2ac86f53e45d80c6be0d4a80589f42e95b1870aec7bbadc27acd586274340a6a635

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f8813b4f8e2a0a746472bb8aa82b215

    SHA1

    c674ebe1eae89d6419d3a0790c7506ba20eb1f5b

    SHA256

    6c570c10846fe0439a973d48195263b32242a4a9dd099c877b5e84a4fd5939b4

    SHA512

    ac7a5c05991896a77db361055d4dc01acab89040236d8c7f2b35bb0194b87ae8b656912609ce37de0609709abaa3a93a3013d57a15490b49c9a34a0ac9ebe48d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4626ab837924230b3dc67bdd80fce3fd

    SHA1

    6781ecaff126a12d0ebb1e2d1558deb2b83ce696

    SHA256

    889e678b4fb74b39af5de79e856cc7a6d042d4b89a94d3121a86068818a99e3d

    SHA512

    82d744b310f0dceb41e401f6e2affb649911bd1351b49d117371b55cf8b33d0db2f4724386f1f5d1a8d56642b12f0ea05818064f6e05293082e38c363f6df800

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16787c2b27915dc1c9fe19e42bd0441e

    SHA1

    af707277e85cd44f2f66452d1906c28c72299f32

    SHA256

    1072bdf64c2b9c221b8119adf8419f1fa5939cbebdd9641a23b3f3aa8ebe787d

    SHA512

    255ae1321d7d5d858394d8b12ea69a9674ae62bc09e02bc65cd2c528bfd36d2d733bca8d2a59096d29eae3768c2ef297a7faada8582aed2b172ef96bb9dc7639

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c453b1572d6e327fcc110aa8b166e96f

    SHA1

    7b7c30f271fb88a5c562901830741c20a2ba1ec4

    SHA256

    e90cd5422841d735994d459811376284b41358b83510c0834f9f022cdb14f847

    SHA512

    3c8d370e8c2139b5ed6f3439137f31204175f9cb409fa1dc79cdeda0bfdc06cca0b87dc25a4caf951188381021680fb24f16205dc0d05d559be32df2110514d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45789f1350f16c84abc6d1668de66c75

    SHA1

    4f64a434998b3a113a88d8419bb98971662977f0

    SHA256

    e5d2ccb069bd0f7755752fdf37847dda646558793d45a987de802acf86729907

    SHA512

    304e137e84b356b5c418514947d79aad1a5a064145f1df6db99a4fd2d615a6e3180319660efe4f4471a6daa3e31c150f2e1703cae592a6b0a4b020993c6b63ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1996bbe6bb3b45b55bf158211f913f87

    SHA1

    3d765843e1c85c1f882846b9ba7fe5394d458524

    SHA256

    50d134c0c5b64183e059a95bef9e836e7b59f65b3906bd45f9193462fbb9d4b6

    SHA512

    fd1c86675a2e6dcf202cd13eeba84af83f2820b095b375ff2da2919dac14fd18cedef17f431706a1858d51b67bb49b99e680e3a942ddaae1b0f64c5e4b637fc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3c3951e68ed1878af9006b7a8e5c73d

    SHA1

    72bf603e7a8a00915ec57d69d5f9cc9dabf42a36

    SHA256

    ea16e027f0a9eb7040d92cca0778e28997389fa02655afb90a23eb905b9ca54f

    SHA512

    f71c51651be6da5174bf2253e36e6add88e6e49c8cd8b65dd3032c250fde4d86231cf607c98e98464468bce7ccbcebb0d48e252f909319d9975df4b4843ca40a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3d00e58178a56b9869dbf9edd967b60

    SHA1

    41e6002f89f88bb153f7e5dd875041357222f12e

    SHA256

    46d7a34cf24e1c2d09b15db5414aff4c2e8b5980d9a24903457ca5990af13976

    SHA512

    1d3f1c7dad5507f01e604af9b32fe1485ac5e70563f521dbc60bf6da3be8d5e2be53606106cc92f29fc775f3f154ec61590731d3e27c7cadc7ebe36f8cada0d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    beb882ad7c2f93efe59e45fbde3cea4f

    SHA1

    d062b54b3b3628eec88676094652bc9c241cf507

    SHA256

    3c49d0eb622442682e32636ec6d161647ee7dc9cba69c93bd6929974bd3e93f8

    SHA512

    3dfcf6ed900029a1208b7863c62afa9923b2c97df33b3dd7503221e17fca42e891b2b93868337c3622b4d11fc62742b2d17242edef05a80144b923e955ace1d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4c0b0901c687aeba01a58818b01a853

    SHA1

    fe07aacd9e57ca473d8c3389c97da46877d66457

    SHA256

    b3ff61e24abc38a4e56b907292df15aa008bcc488cff8bcc54f32e5bfe0565b3

    SHA512

    e6c7eb3feb3ce6638bc22b440d3d96ea671bdaecdba0878fa2f18d3abfc677530e198b56973f9d06a27c69f5d0ff0cc3778718e5ee9dca7aece00bc287d79fbe

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAC78.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD79.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit