Overview

overview

7

Static

static

3

37e3d951ab...18.exe

windows7-x64

3

37e3d951ab...18.exe

windows10-2004-x64

3

$SYSDIR/Pi...er.scr

windows7-x64

1

$SYSDIR/Pi...er.scr

windows10-2004-x64

1

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

1

tbu03852/options.html

windows10-2004-x64

1

tbu03852/s...g.html

windows7-x64

1

tbu03852/s...g.html

windows10-2004-x64

1

tbu03852/s...b.html

windows7-x64

1

tbu03852/s...b.html

windows10-2004-x64

1

tbu03852/tbhelper.dll

windows7-x64

1

tbu03852/tbhelper.dll

windows10-2004-x64

1

tbu03852/t...091.js

windows7-x64

3

tbu03852/t...091.js

windows10-2004-x64

3

tbu03852/u...ll.exe

windows7-x64

1

tbu03852/u...ll.exe

windows10-2004-x64

1

tbu03852/update.exe

windows7-x64

1

tbu03852/update.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    69s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 05:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2444 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2284

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7059767411adc4bb1f186a99f4f1f62a

          SHA1

          48f0744c1e229f72019b0030ea4784ef39f66955

          SHA256

          c4027a74216d68c819b3866eb52295f2a6611fad919202684005bd78317e6ea6

          SHA512

          4468f3afe1d03d0a7ccb528c266f54148e067185210a192acf2cf11a61d2f647f5e69ffeaa07920a1f549c97390125be0fd6e14392e3529f9e5a2c9d3b066496

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e987c0bb2f5b477bee03beae3fd23723

          SHA1

          88d416f5a0c5cdd579d1475e7f5fcdb3f76bcdd7

          SHA256

          2f9e799e05866040809c8984be5b2866100c5849a8105d236bb42580ca775252

          SHA512

          e8b5e8d09e327cc62b89aee4887cd3057e492f4b3ba35e5e4fdfcc3fb303f99cea2c498dc1007ed066931da56a754e0d130e685722f3cfd8fd8aa4950fa9d32d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3b0da16c1dfc7f992ea2b27b68e8f03c

          SHA1

          1d885e4d40f918606594572816a5808fa83eaeed

          SHA256

          8a017bff0aab001e63a378bcddfc33874d80a8f3b832e75af20c87657ced1043

          SHA512

          b4bbe7d79dff47895900d5b0ec1ec0b5c0decd1565db9d5327b9244e98242062e9311f478e71502f1986874436af6602fba43f764275dad208f6edd6bc04fceb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6fb3529b278b0eef0a7006e78c8bdea2

          SHA1

          a92d4157d33aed0d32f3223ab98e5e9dd773ef0d

          SHA256

          c4fc77dc3e74af63ea7437a635aef3c1a1048018b7dee1a869e82a4ccb3d0d6c

          SHA512

          20f3a4419dec56f8da044dab9d7e354d71f6cc9d543985b70cd197be14b6ad1f3b39b98db4350fa1f6e4b244dfa80d8b16a0c51247dbf397f622ad2e425c10ad

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cc996750006aefc4c20da60a263fbe93

          SHA1

          6bc4b7aee87b16aac1b1e8542822131bafd3e28a

          SHA256

          fbcb1ef5927cadfa8a23eb79d8871ef601668605cfa7ec67b4a2e9b7923f3246

          SHA512

          b9ae55d439f2a1b44a96085509e0ae5c23eddf2eb46ef29310cf09848095f4fba0d362d8215ff2eff0356a255c6e764a1b72c7b833daadf22e06743ca1fc2642

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e04856ec3f4db1123894001b1ba23c9a

          SHA1

          87abcad1058ec7b738f24d7e8a45190b85e16b28

          SHA256

          6ee44dc9381b3d034457dce736b063db09c5b860b91d0119fed2c08f240be362

          SHA512

          feb15b94bfc4eac0d4d41cac4db9d1053a833addc218989f9a59f66fc539a1d01fda2f1da98fd597f1c8f69ce8f87e9c60525fca27498a1e6abdf59e968fd4c9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c375591defae4cd6c0c6736d9e4851af

          SHA1

          25d2df5151fb5ba0e090a42c948d0e9476871657

          SHA256

          2e91ff6f450b4cfafd4ede5ea5d53d40ecc9780484154997a077f53528f1cf32

          SHA512

          91bee7555fb88ced84485f4155d6671e2f256d4b8ea9f5e1627a063e58ba47c29bba591f0faa60345891d15e56474fb40ec4bfd99b27124edbe83204842ad0eb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5dc6b0c7fb4650dc523c2518590f0dae

          SHA1

          38f724f2f9dbe09eeb6e1b9455c3ea0403af4143

          SHA256

          ab7a638745c6ecf734e61af0d78649ac21fb9ed505cbc204b9069849bc855d1d

          SHA512

          c63825e1b6f54d24860d35bc49061d07442f086a2667ed35d8c28a9654a0ce59f39882cd4e7c27682564f091173c8f1f07b7d0d7151c8573f28464f5f7da9034

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9f18b87a291666a865ec4b453d893b3d

          SHA1

          2b0065a9ee665ec5d527ad819c6e8e553793efc0

          SHA256

          dbb1c89a19ff3528b80000732cef236d2359e03a23ec2fcf6f87576a88a0d0e9

          SHA512

          c81a4daacd48322e83f5ede65e4f6bd9201bd66599b89489a91fcec81ec916158c5dff7d14f675c28113a651671575438785b4a2fdfe27f63e2c8c128ef0040d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          87c29ac5a829cb68a8c6875b2ea61b1b

          SHA1

          60f5fafc8001fb99576213238161182575295e74

          SHA256

          9f1654f05ebca1ff4916bd4802201181f835dfd3a8cbf2ff49771d095c8ace7a

          SHA512

          6803fdf160b936a469a57e0b1b22b0cae9408b483d38422f2876e6c584dfd5c2ce41afbb1f2ec07bf91580e37b651b361de85d6a6eaa93ba6c3fe094cf5361ed

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9383b3dc26b6b35bbefea8dc0a1bd66c

          SHA1

          d8e53540e277bc2264b7fedfdbe3ddd307e25f73

          SHA256

          29394434033a7d2415993d0c33eb4f3e3fab51d1de1593cf4fd925d5eaaded64

          SHA512

          109d941a1a83124bfb8ec0d1c8b7f33b70a3e8d0b75c0c74aa3af453dc5066455196c95e9b2699c277ea155c47fb21357af3f2ec5ecd5a2721be13d05c7d3a5f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          150b732f1c455f794b682b4f6d34a020

          SHA1

          7c6959a46c5546b87ac8a735245e28e8b2afe38d

          SHA256

          012bfd1f3822d0cb84d6b3cdd6693bc435ff6d929153eee9dfe2a3963682dd21

          SHA512

          17e921a7029c8ad8a4d146a0662108b55d5ca9ecda665e9e0fb1d06083deb6803902844439b0a2820f5de3fb70db1c128168f178da4e7e6415fdef57c793e525

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          819e3e5770099a0d5890ed1c2ac0ad34

          SHA1

          3fa85ffb1f9739ad38cf5b164f9344cbf65411aa

          SHA256

          4c66cde730da92f17458ade53c298ca67aa154a86d6e4564dd8a8db16f399396

          SHA512

          6bafd3fe4e7d739af12ebf2c21e3a49ff2d9d18407e058a7c3679eed11c2c3d959e7e2c4a05a5968956feb1162681aeadc3a79cd7e229735413877f323e875d8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          13525df581ebdd65d1269b4c78341b43

          SHA1

          7d13f9c4cfb3bd58610dc18618f124c27b35a404

          SHA256

          fd6c7f37b36920909aa86a472d600d9576b43dd1aad565a10b4bc6cc30089f63

          SHA512

          0df2da089d21a96facb1720c26e474cddb9cfd64a7875432e55370732481c0d19b3853aacfac1cee6d9b87fc49ca9862c7a6cb511e4bb1088a907588afda36ae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e1589f1fceb5bf17bae94b94ad2ef25

          SHA1

          e698e948f5429f79bbefccaf8e2ab655c6ccbe59

          SHA256

          339d6fce8a965b3187502f14f31b4bce944fd1a561f9330861fc3b9fee3055ab

          SHA512

          166b7103bda7e3206e9daafb373a3c1c748a4b46c9e6b7c18c8760afa0c499d551f32f79d01b59fdc0d4dce9588a0ecae02ae4639ab866901d601189ddd1a10b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a316d514096653717f34d1fe9c2124d0

          SHA1

          ceb0ed9a50cb263281a49335e715f3304a072c57

          SHA256

          64694888fc310f6dd54b6b6c558e4742b3a71e3754547c4a7cf12230b682b9b5

          SHA512

          2b0f9c5fc5a6b60dcab93ac5dc1070b83ee79588b1a3ee7e5342c49ec9a2f3c6c89136b733faf5ef80cf8e19ebd11ea23a6254bc70fd70fa662a88a164af2a97

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          05befc903f88f1101b086c70c6f02c86

          SHA1

          5823fa2e22e4e474542ccf5e7a238239b2056e63

          SHA256

          dc2efb678280a32c2ba4ccae31dbb26f5df1025bb20bbd919e9977ee7f8f8b54

          SHA512

          34db2032de7cb6756aa8b246547a5bc5fdda8be766d77fa06a79e5c30a66c6c17c083e4608040a25a25c1111a0bcc9d20455e995babebd5bc7b38b7d5ba61dab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f00b76efee7d2095b88e1b98229a247a

          SHA1

          b590399521dfe8ce4cc5eea972ae45c91ecea093

          SHA256

          e615f5a1679ea9b0348c693f178407a6f1b9f50130c7cc79f6be1db9b611e0b9

          SHA512

          60fc5f73aa8b4d3bbca23ac4b6182602dc74e97027b6596270529d138ae27b1a9a153297b108d63ffc1de741dbbee69c4fd14c98c354d95cf46439f04d542319

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5b48218474173e9a4f73317548855d03

          SHA1

          ad8a4305726b3306775bcc7e124464a0f9797f95

          SHA256

          2d142ec1e4b37068d2d92dc1697b3e962735e3c2da8a2e67ff493d6125d840d7

          SHA512

          1b45abf1a051ae3286c73e674d2efd6bfbf520d578e6503e82107a60a26ea22d98d5ce2f3e8c9f51a7587fcc73801cc89f8edbef1cb65ae3aeef589ad338c9a8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ff97e7a7d5707c49611bdb55107715a3

          SHA1

          3fa3e809dcf4c03a5d76cab8cea50508f1b92410

          SHA256

          47df97befeb1839be8691732479bc6a43453f25085b9eb76a84af0a0925f68b6

          SHA512

          f5370d5bcd6bb74c05d9fa0bab8a717e0753a20f480c1e712b4dad21f8e2884b5f6452069bea793cbff16c41820397a3e7340e936b4762679ab13b990fbe0922

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab6184.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar6223.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit