Overview

overview

7

Static

static

3

b6bc36bbe1...18.exe

windows7-x64

7

b6bc36bbe1...18.exe

windows10-2004-x64

7

$1/Tablacu...ff.exe

windows7-x64

3

$1/Tablacu...ff.exe

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$R1/Tablacus.exe

windows7-x64

4

$R1/Tablacus.exe

windows10-2004-x64

3

$R1/TablacusApp.exe

windows7-x64

1

$R1/TablacusApp.exe

windows10-2004-x64

1

$R1/script...und.js

windows7-x64

3

$R1/script...und.js

windows10-2004-x64

3

$R1/script/common.js

windows7-x64

3

$R1/script/common.js

windows10-2004-x64

3

$R1/script/consts.js

windows7-x64

3

$R1/script/consts.js

windows10-2004-x64

3

$R1/script...g.html

windows7-x64

1

$R1/script...g.html

windows10-2004-x64

1

$R1/script/index.html

windows7-x64

1

$R1/script/index.html

windows10-2004-x64

1

$R1/script/index.js

windows7-x64

3

$R1/script/index.js

windows10-2004-x64

3

$R1/script...n.html

windows7-x64

1

$R1/script...n.html

windows10-2004-x64

1

$R1/script...s.html

windows7-x64

1

$R1/script...s.html

windows10-2004-x64

1

$R1/script/options.js

windows7-x64

3

$R1/script/options.js

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17/06/2024, 04:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $R1/script/dialog.html

  • Size

    1KB

  • MD5

    d800fdd62461179fd537c8c4669dd5e8

  • SHA1

    d44bcee9d9e63d50e8ed42be2ce1a3964870a5aa

  • SHA256

    4af54a319e8be177e2d48f4effcce3ca98c3bc564e3f46b4b7e14471fdfba1c9

  • SHA512

    e0670d9dee7e15520085d269224a4188f09fe753bf3041a9c1f0246771b1928c4fc644e17633a2e08fa02e4064518945afaaa6bdc098ee41288dda42854f5083

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$R1\script\dialog.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89d6a7da44ec2a688cc31ceebf4bb7aa

    SHA1

    f593d18edce3206d4d9a07e61af18c05f689c241

    SHA256

    b82bd690d077a88e012ed0219b0f95bb7c8bd17d6623d53977531851687a928e

    SHA512

    364ea7ceeb2fabbbc308694ae78f3bbb6cfd1c413c1c3def2fc40ac5d19fda3f002511fe39c5cfb30023f395b3f81c6b8a0fc76ca325c5c2167b5bc26260a66f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64550421b9eb7440f662fde6bebc8a87

    SHA1

    d3a2bfc0de15c6f196ed0d3ec55ec24b774dc85e

    SHA256

    1cbd9bdd6db097d186f038100ae90537e826fef7869f5fe425c0f24068103ca2

    SHA512

    8fc198f119b33d4408e7870a44f45059632fba793afe1f8b091b572af909c12bd5d48d435f187da0641804ff789be45be4bf2e02ebf575aeb3f55c404aaff9ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    074353a292cd88913b9a2f2ccfda79c7

    SHA1

    3b495511af2488cf4c1c93844070fd8d95f86391

    SHA256

    f243063f9272860161c3c2ab6067725d58bcc0d171e5e5c674302f2b265c8085

    SHA512

    0c246939c95ac517c453ab01bd2838616874a570a5672709d019862b55d67e25a1e79df9df9f7e7177096582955760174aef56fa8d6a5a316de94cb4d41698af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e8bab58678573573ca8ecf91a5b9799

    SHA1

    11337d223cebcd625f3e2029399876141146c832

    SHA256

    6d801a597feb2b759c15026f255568952ef0923339b8b162631a340e36a2cb85

    SHA512

    646465f3118e512d0ffd6b27a639ccfbd1fd7e984d1fbe064f16af5d341d061038d2891a34441b0cd4121ed7887be524046deb4f89a5b0c95ef06cd384586347

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a742eb13493a8c7ff7655a7b3b439eb0

    SHA1

    54881aca1cffff0a0055fff45f680ecb37acc985

    SHA256

    b51b25a3a1cd3d89c90a5cd406719230f7d2932e72a886f584a5a32d8c9b617f

    SHA512

    4f212ea02b799d2af4f2329a75b50b95b800c3656151e0d39d21d30b6760c4bff53caa7818db5f7c18feeb2be109a52fd2b463a5b851fbd639b8299e89c18d56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb6c85859fac786280055a0d58f821c9

    SHA1

    bba24267b4e2585dd82ca87c4525ad1b36594be1

    SHA256

    1cac3f314cb8b1c1bb4b61692e58a3a9b81bca2ab16936132300edaa1463e0b7

    SHA512

    0f6794a4500267dc6ca008ed1870993a5d3bd884b59ebef1a7796c9e0acb6aa619cb80ca5836dbf70feab9da19df445f582206a20adea0c2ec9c7a31f808ab3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    615fad76e87ad13491c8b70dd42759dd

    SHA1

    7ea78baaf5bbf6891b65bdc8a5ee1e8c5f6ade41

    SHA256

    bdd2f0429f54204414edb870f98c6c8b6819c9625821dde638a2a2b8aafa1f9a

    SHA512

    8b366720172f3483662cd87b19ce20a231fae48131c1b9d2d98cc072236d17ce5c095c9f191a3caa8f7a64045e20a9bd076a5408d48217f78abb6f15e8e4e307

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a7e678a9c1a2929bf94ace19c23b654

    SHA1

    bc6373f1e54e949ce0fe5ff986665ddc64521347

    SHA256

    293807f7924294c23faec1741c2696a604f625ca3246d7aee24bfd8396c51a07

    SHA512

    00ccc2bbc219bbaa46035a9cbc6dca7e4b2927541d77b34afdbfa73c5a742ce2a11b8e66f316b27be9f011fb114c0e28ffe2e75a130b413321c7cd681bdf4241

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b11816fc352d0a536bf0f40bff76f590

    SHA1

    e9df30084626d7709de571cdaf7002e020ad5997

    SHA256

    c79761eacffd70619f987a8cc3401428b6c85c0e8cf02cc32c95f57728a278c5

    SHA512

    2b41de28d38c2bb5aa3a5b1200a14ce8a34c0c85e47ea96e47b7012c6202a0be8e5306dc7220df3855b1b833ffe222f3049d52c6ff03fe231efddee5b260cd8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3032d62430e6a8c957bec738095b03b4

    SHA1

    d0d7f1cfb8d1542ea3bf9a4253f6e099cba4341c

    SHA256

    9f6d062d3bbf8f1b17e6d249668450f046c8a51d8efec9daefff791dbe374a11

    SHA512

    d8fe8a5ae900e800c0062c4960b3106936a35e80e46b09a1338d733814cae927af0134ce482b7a40308da1023d24de23a90ce1d84f5ee475e07c0fe4b7649d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f41cffbdd47b0a4382a670716257e114

    SHA1

    0023841f77015a24094b9bbb06d4e9c496909557

    SHA256

    0e16a28024f3ae9eaa2de4af4de067e5005ad79648f05a1e2e2ba9f7a4c7121b

    SHA512

    7f7335d7f3acfe942bca4231bb62807b1c219b3f045575c4dd658183662935b9e2f5f0ae5a1aad7db59bed8699e58050190847f9305c492681c919acf4515af1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fc982fc17ee70a29fa45b81ffa5672b

    SHA1

    992858ed1366dfde3015154f03a9c1bddf2d3754

    SHA256

    fb24ebe77b37fb6a05eb4082f6989d89ac6a8b8fb34add9ce39c3c847f69fa8d

    SHA512

    245dd6b25aa0ca56927a34e48deed43a781eb042e528d09e246e1fc76e22e335f05fd08a9c1608dd45b9baeb680758400af505de220ce141f53d0c64ac370e21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57f1c22d8ef7d185c5acce6b7c62881f

    SHA1

    cd026845c8a2c44eecc5ff809524205c928cb504

    SHA256

    0e694a87a096b075ceadf45d52980e5c322481ccd259995046dcbf0490cbb716

    SHA512

    33ad18511111fb54bf5e9f1386948efed78f340c30b48e85ee65bed9ef0b3d27777d0e7a6e20fd4d2e6f9520bb7aa6b27a24a688dddf18ebca1788c81ef96579

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c82422b71e8c5c6adda5c678ed5e2ac

    SHA1

    5c2c8f3bca9dffa4965f5db1aa3e3473003c247b

    SHA256

    77d8444a11ba1013a707ffde72de153f98eab4fd50362dba2468ac9afc36a468

    SHA512

    72373ee3f7c7b050cd9a5519df032bd23b497537d1c3963d2243a0f0bc117d05658f12a22e30da3833038454a203396771ed73020aee230e0531c5c06a7a5acf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee20cdff0fc4b9f3dc5319ddc7f6cf97

    SHA1

    e91aa3472c2282a81579a850f92382a77db64b5a

    SHA256

    ae083618031eb58420ae32cefe71560c5ac14eef685cdfae726f0e4ba7edae74

    SHA512

    5e6765206900ac103a5fabc95b2efd40a413dc8bada3d81882961f853ef7ceb82bc83479a0d9ea08c9a03f6dbae8d975716c005fdb36647f62d2b5a64641e97f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05bf5bb4a9b27972767a26fe808c7ee1

    SHA1

    5b002b660586afe56c9cb0a38266492e55860c14

    SHA256

    28dde5063adf1651b4524d82b9149d1d115b7816171b35dca6e58dadc8add16b

    SHA512

    db0fb32e3a598537f3357fa2e3a94ef6a512ead1d1b6ec7db1479b15710c033e5710caf101a70ca7d4ca3b97276c70b1e7f4d50cfb5fe06e4b0c6ae9ca3f2c0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a4d9ceab49f79e0a2edf47b4246c032

    SHA1

    afc73fd98ec10d670863b86955c8a3f7d4361fb8

    SHA256

    5b860d0d9cb0079d4db9020124c4ba31858246a9b630911094f2fb2ed4e409c8

    SHA512

    baa905e109a1bdb0ee11a905fc5514baed692c36df703004887a14743549f49c59824035a609e5d5a31b9a4d9aded8f5745125089c319672d7cf937e40aef316

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5161208baef883a6889fd8df0692e61d

    SHA1

    4222b3502d74972c053b073066d36972c43c2ff0

    SHA256

    11b1ab848012dfd3845b8b0d3264b9681a099e154bc3377081ae8ac435c4a92a

    SHA512

    a08536615d0b4e0566cb05d94a482eea6a397e05f9fac5ed8d795fa2fd8763f522ec038f72cea6d7f12993e7283caa7a699c8937d34f8c96ef1f20325a065b4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bcfa4df8d262e697d2cf0debe0b9928

    SHA1

    0559eefac3c0e32334af451c6fca693468266e04

    SHA256

    217364fd5d21f485990619acaa96bd61d15e414673d2139fa6d26e716eeb638c

    SHA512

    afb852f951d63b310e2a38ec223389714f50cd64c1c0a5914a1dac02e4cd19599fe420ab5fbfcbd27a42f01da3372ed335e1b5f90aaaccbad931ba8864420053

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2C31.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2D13.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit