Overview

overview

7

Static

static

3

dbfman131.exe

windows7-x64

7

dbfman131.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

DBFManager.exe

windows7-x64

6

DBFManager.exe

windows10-2004-x64

3

Homepage.url

windows7-x64

6

Homepage.url

windows10-2004-x64

3

Uninst.exe

windows7-x64

7

Uninst.exe

windows10-2004-x64

7

dbfmanager.chm

windows7-x64

1

dbfmanager.chm

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 03:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Homepage.url

  • Size

    95B

  • MD5

    af7470f1aa0a6d2633063e216cf77d53

  • SHA1

    16b15e79e61019ce7155b2e42d6c6bf1e067ca20

  • SHA256

    9989a5b161e31fccecf852a1b315952f3ba23753a536100dd6b6be2c79725f8a

  • SHA512

    b292f0aa16ea15aed39a5cefbb3f0b2d2458c9b9ccc28571a0f4ffbe9ebb1d9a14d865a28ef49460eb7a646075029ae100e37a26a396316db22ca2018e6cc31f

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Homepage.url
    1⤵
    • Checks whether UAC is enabled
    PID:2648
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1972

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ee5133a859a9268d4d1588394909b006

          SHA1

          142fdb722c58bca62afb0d88feff5b1b72f5046c

          SHA256

          4ee4f18556e3f6a5cdcff5d46c941ca11f7f626a05039a871772c5ed10db5a04

          SHA512

          7caa0edae8d43cb77429d49abf539623fe9a0f50ff6efceaeffc5bd03bfad891b6da2a1c27b8d3fa93b73d4199c41a307e5a60034e3a6a7496b354ea524eaffc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          099b9fbff4b3fae5bd6a773856e2aba4

          SHA1

          7586e8f2016e9b2fe73a35833cb8cb699e8626a9

          SHA256

          a199a3c78c61d111af86df10bc7783c1319e64cc9627c5b4ebdaa66a6801bdae

          SHA512

          d407dad0096f93b9e07f5410ea91d040d10f4789d870aa837a47043e09f7d899928b08901c7b516b2348225c0e3a9235b388d5299db1bc2e896f155b2bea4489

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4efad429226ea411627a0f6ffcece42

          SHA1

          57bfc0622ce8526f7f58fd1df56f8d28194db2d0

          SHA256

          67c160674b2023badc3915145241860fb7c9e38e3a247b9199f7ce8aa8d96334

          SHA512

          7024fabb3c90a67ed9cce4e8de04220da91c5e1da43173776d1edf895a5782a554e7681a7eb59fe0c8a7c6edabe8238bb1e9a30f80735c1da128e38a6c44101f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3376a6baffb9f52a8c16e75e83dbbf60

          SHA1

          c1af69ac3c198ad43c873af3a2d5f68149f8ad86

          SHA256

          d0ba760034823c0fe818a0465d6456f6e941ccf3197bfd2b419d25cba006d72c

          SHA512

          ec1fb2fa2e3a2a2ee751c45c404f7578e37cac280e8946a0d4975aec5990587a3ae22ab137f4c79e340009e66f88ed244d586bf69e5eafbd78eac75d4cce7e18

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          13b129e3c9ce7a1c0fb7e321f0a0ae17

          SHA1

          cb4b5597f015ed7b50d7b3643fc315753432d020

          SHA256

          4fa6afe0948991f2dee3d5e30838d971fe1ad3d4aa2b2534e647a0a1791ab40f

          SHA512

          4c1517755f0e2c53615762fedaae8b3e8f6e9a3f6877445913b0eecf7547a1276df6d153e3d272217d9b7733c3942150021350d28f8ca58260134793f2bae924

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          239d3a2acd8ed7a7a384817b890227c3

          SHA1

          055a3171e0c0480caccbc9ca039518e7af3eb3b5

          SHA256

          1612d81e2aeb575767dedf5b2d4e99ebc8584402e79937293017d2e81d315184

          SHA512

          8c0fdeaad0fda0b653d38378cb0f6c474ad37aea24d786cadfee04bdd429cf1fa7b595c0bdb77b542b4f0134b2c037d501c567570089957776be933d351d4d9d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          79edc2eec5a1c2e648f92d65e3d12fb5

          SHA1

          99bc0c46ea9a4cb3c7f5051bf47662a348953ed9

          SHA256

          253cb7f5e87fbfd1efc893ee387a0a5e8f765e9a968d66aae036c04977b0f028

          SHA512

          3cf501e187fd2af150167bfceab8e3bb3848f2f52a9456a5a412c635e7e373160e85f1e4f62a023a8cf97c12b0bdf4e20067d865fb8dfcaaa3c99a1ca697e704

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2582fdc548e795e54c82e082af152668

          SHA1

          232e12c1e3253b49b4d041534acb0888f62a7b49

          SHA256

          6ca05c1140c4c5b70bdf943455d8bb0290486cf2b57c2e56caa4ba8483959c37

          SHA512

          555632fe96dfb0a3159b95011dc5fa031e66639e5430b0a3b468181453a36b67ef8ad4d757005964fe1c11a02f40cab0f14c72e814e9a691a972d979a30a82b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dad056ed78f508fbc2b9f1e5ac98d0a0

          SHA1

          d3e2470b7d15a15df78047ebcba4647a8626c0c0

          SHA256

          562f5b49075bc33230d21bcc5aa449eb1ba321faf483defda59550096f47b3e0

          SHA512

          f1f13276df03c4578d9ab99346506e90e9aa037d5aad524070c6f7aa3120416350895801ddd488e6ce3e6826055c4c25cc0d8023a23af6bad87e6bdd51ce6218

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fa224fe5462313d3df0eeb6833bf899f

          SHA1

          99e74ff25c8a40d97370954655da32372e3c01e2

          SHA256

          d6724acf8d06399fafa6a09850cc07bfc0acb7786a96fb239b4910878f36cc76

          SHA512

          3c7035704ed130838ef20c925383dc15620a4464ab2b0aa7a62b6f2c11b5fddaa304c3cac6214ba7fb429c2457983f30969a40559c2dafffe7a9b0578e8076af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3a8e8c06372e79b006b2ab8359870024

          SHA1

          beb386248e9945e48b84dcd76724c8783c497a61

          SHA256

          0869b2620a6750e04425bc395b799781874c6513e25aa28427e68f59b3e7f89c

          SHA512

          4c5a09438b191c0f03373672b68ffa5684313f8fedf39c2383302461a70659b2fdf14b8124771da7d875a89cf7934b9f9c6ebe496e50c56d1aba8704455a7d66

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b7acd7f51f14d4dc8dfc0a9a034b7d17

          SHA1

          4768d49ea2fcc6c7347de5a7aedeeb9ee4fd1f05

          SHA256

          a093c7c40be09d0af0e422255a68c51a7d99bc30ec766f762d6d141c393d7997

          SHA512

          01ab833d3cc568d2bf9a38a9125348b27d32f5c516c7cb45be32303f54a050db150759442274bbf5373dd8b9a2806f3e2eb496aa1a0c23d69913427628febf99

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab33F.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar340.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2648-0-0x0000000000150000-0x0000000000160000-memory.dmp

          Filesize

          64KB

          Download