Overview

overview

7

Static

static

3

a22445bda3...18.exe

windows7-x64

3

a22445bda3...18.exe

windows10-2004-x64

3

$SYSDIR/Ch...an.scr

windows7-x64

3

$SYSDIR/Ch...an.scr

windows10-2004-x64

3

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

3

tbu03852/options.html

windows10-2004-x64

3

tbu03852/s...g.html

windows7-x64

3

tbu03852/s...g.html

windows10-2004-x64

3

tbu03852/s...b.html

windows7-x64

3

tbu03852/s...b.html

windows10-2004-x64

3

tbu03852/tbhelper.dll

windows7-x64

3

tbu03852/tbhelper.dll

windows10-2004-x64

3

tbu03852/t...091.js

windows7-x64

3

tbu03852/t...091.js

windows10-2004-x64

3

tbu03852/u...ll.exe

windows7-x64

3

tbu03852/u...ll.exe

windows10-2004-x64

3

tbu03852/update.exe

windows7-x64

3

tbu03852/update.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/08/2024, 10:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SYSDIR/Christina Milian.scr

  • Size

    2.7MB

  • MD5

    8c850f83c1a7c1b646216c3eb936073c

  • SHA1

    67c8ffeddddf323bb1ab8853a1193ee2e03b2a3f

  • SHA256

    bb1240ce9ffef22b3ac0c83e8ba543e47e783900f5226d82a2e499701d38c61f

  • SHA512

    4661656c21b60342d8696444742d5179248b0c37d0044d0716a4f2fe8d7260ecb1c0c62354d25b9f81b1a7f163c2f83750f4ea88b7e024404e648e494a5751c2

  • SSDEEP

    49152:DWlnTMWtF6xp0sn780TOG0sbkuOr/ly17LH7RD7az+VMWJ9mj/DzzopxZ:4nTJ9yT3OsDRDOz+R9EDgxZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$SYSDIR\Christina Milian.scr
    "C:\Users\Admin\AppData\Local\Temp\$SYSDIR\Christina Milian.scr" /S
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads