Overview

overview

7

Static

static

3

FileDaddy/...dy.exe

windows7-x64

1

FileDaddy/...dy.exe

windows10-2004-x64

1

FileDaddy/...dy.exe

windows7-x64

1

FileDaddy/...dy.exe

windows10-2004-x64

7

FileDaddy/...et.dll

windows7-x64

1

FileDaddy/...et.dll

windows10-2004-x64

1

FileDaddy/...e5.dll

windows7-x64

1

FileDaddy/...e5.dll

windows10-2004-x64

1

FileDaddy/...op.dll

windows7-x64

1

FileDaddy/...op.dll

windows10-2004-x64

1

FileDaddy/Onova.dll

windows7-x64

1

FileDaddy/Onova.dll

windows10-2004-x64

1

FileDaddy/...ss.dll

windows7-x64

1

FileDaddy/...ss.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 23:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FileDaddy/FileDaddy.exe

  • Size

    415KB

  • MD5

    49e694885d5823411ea302fffc4593e1

  • SHA1

    b18cdd7aac2d19f90d55ba7d35f8352787f05756

  • SHA256

    44144a5aadcb5cd3e7e684f70a8e1a399085cae6f4ccc42401d32495f436848f

  • SHA512

    a8d71a99f153a148125bdf55a6655abb1a0ddb447e9f81e5a87ed89ee0a11a2316e9d7c37673931804b32278f8c890103c05cb70b39d991019f3ce2b1c699a88

  • SSDEEP

    3072:pcNyhtHjhzN2DSJrm7WWy1fb8jO/rZEt94hKoBxRtSWgrGn7:pcJeZm7mJCt94ZBxjS7rGn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FileDaddy\FileDaddy.exe
    "C:\Users\Admin\AppData\Local\Temp\FileDaddy\FileDaddy.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=7.0.5&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2196
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3de9d317136ba3606295abf676601d60

    SHA1

    9b5c202073d4656ca90def6cc8303fd049cabe6b

    SHA256

    a764fdab9fad3041b390f0d730db328ecc94827f45d5db6f20bb96ff8cd8b2ba

    SHA512

    e48f31beea3588fbfbe91118ae7e4bbcb1fc33fcbc8db237be4b4beca8946d445d0e6b3e01f1cdae972f853fa3c48bbc85b9458e357b294b2d51347fe5fa5a8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91a3ebd7aa021c2ea2e416cc0ba36774

    SHA1

    844586bc1db66594b92632f6a1cae28a29798ac7

    SHA256

    a63c0bff9c379bdad6f66d94f0d274a2f2ae4fb52ed3030ee856b4c235799901

    SHA512

    c51d8afc61768a1b5a99dd1d20e2191ccbd16a53223a7156667f455d094e76247bfa4446775e2f9bca9647a8cb79491814306dcb0c15e67fbfcf39449af6eb06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93ab05c763b2f133fe83a035b836cb7d

    SHA1

    631b173f0e80d5212c51531a7e7f2d23f5abf4d9

    SHA256

    2835baf080a46d13d53468c5eabfb3bdc2275fc411a422a3d0b0b339abea4069

    SHA512

    fc218c2ff02c69305261d682432e87daea022ab168dd8a51b20af710b2cb590da7d2b9db888098e768c7355a55bc196bced7de4816a4b3efe0639faae7cca1a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ddd9ac8c59561e894e3e39ac340301a

    SHA1

    43dbc420a185e245cdb73da998d864104cfd0cbd

    SHA256

    47c8bccbeed188dc3cc8c34eb58692bfb3c257b47019ef3fa51580b7615f89d4

    SHA512

    54a6099ca3be5543dd4ce1dae4c9642414e96f9289275c2179a480aefe98fc75fb339778cb3bdb4b5f8bfd1818e23f6945664d65be6078f1a8e38eda44899492

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dbebde157d01b4d02921dd21a71411f

    SHA1

    758ab7ee3f00c4d9822b73eecf3125be69cb06cb

    SHA256

    093e7c184c999b809d85bd62252ef20404b413561d21931e6015ac79882acff7

    SHA512

    f048ede3d23d914d5100eeb5962391a72985cd29d7d12486c80870ab528cac122ada861158356821da7e4574de28cb804960343a0ee2d9944ce4694ef307613c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc6c0ade553fb3b1addde98873ff6a8b

    SHA1

    747b6f36b2dba9e79e84d7cce02d6992eebae7fa

    SHA256

    66e0bd01b0fbf9db2dfe9f04555061b3bd21f5726f42cce7b2e58389e4f8822d

    SHA512

    b4e542e2e95167ca906a66df83210b267a67c0b4aee142929aea1d8bf5cf3e2694c0a99b2895faf62ac85c50ccd2f2c27433f94dbf6be79c389b7ab7e2db5772

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fdeaaad5a6594280faf25393d691c26c

    SHA1

    058826021409d887f20de3661142c6740bd5b4b5

    SHA256

    87589715c9fe22a91f9cac1c8e30690f9eec5067bd40642d421cd78b92afe057

    SHA512

    d0adbfe39eb727a1238093d6dfe3eb2cbec2bec93d50ce9b6066886d1e8fc2940bb3161f73744a7bd372a06d30daf0105287c6add7b68217b28cf519fdc0fdaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c30f727d3ce42afa33e5e3d1abd3038d

    SHA1

    abf76dead3d9f4ed00e80c31f799cdabefdce954

    SHA256

    64d5c121ac4d671adf7bc05cda537d51d449a696c5ccc8ad789e0cb6d5cdaf7d

    SHA512

    f42d46aa6a9607aedfaa2736d59cf2cf603c6861d3c494a3f42c411c15daabd4a1a548c07aff8dada2e74b7d00e41217466f7d150f17f53f8bd8f366f08ea321

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1347323017bf2111771f27e285516c6

    SHA1

    ef1ac9cb8acc67f98099e05628a487e0eae272b6

    SHA256

    a1e5018adbd0307cdb3ec114b8ed4d7788759cb13d44cc8dd0077a6846fe5272

    SHA512

    cc92663ecaced8927ddb1367a47ae422aa166910c8856b64e327722481c4cd15c5cf8cba6048cae279ca885b4b9aee7190e313c3d4b4718bb896da98bc328ca8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa90ef471813955e4265d6090b1aa9fe

    SHA1

    10565c7013d128a3b6c773d3ea420839bc7f38f4

    SHA256

    40169a96fc01972df880d1cbe4db2e4e38e2e365b96a2a18657cc8353a87a033

    SHA512

    8c7ac39e9d5629466759156f48f207baaba55271bb6749a5127e48f6a454bc8fd95356efd9c237d58d199710d06a17f52f7700a2981a9a1af21d2b28e2c463f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b6ada77d678c9fc8c7ff27ee989766c

    SHA1

    3c1f14a518b1bdba72b3dde5bda418181466bf43

    SHA256

    478028c4714335a024e1947e4abb586d4cdb91eed8a7df0bcf9f9a5701d2d085

    SHA512

    b30d9338c3f04f8cc65ca8a709541d17c77108d6f74336e85d260e483cceb2a6ac1bdf533744fc27bf98bd9876b2065e0b17360f0d54316c87714bd2d0d2cbdb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3FB1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar65CE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit