Overview

overview

7

Static

static

3

a560e02df7...18.exe

windows7-x64

3

a560e02df7...18.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SYSDIR/Vi...am.scr

windows7-x64

3

$SYSDIR/Vi...am.scr

windows10-2004-x64

3

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

3

tbu03852/options.html

windows10-2004-x64

3

tbu03852/s...g.html

windows7-x64

3

tbu03852/s...g.html

windows10-2004-x64

3

tbu03852/s...b.html

windows7-x64

3

tbu03852/s...b.html

windows10-2004-x64

3

tbu03852/tbhelper.dll

windows7-x64

3

tbu03852/tbhelper.dll

windows10-2004-x64

3

tbu03852/t...091.js

windows7-x64

3

tbu03852/t...091.js

windows10-2004-x64

3

tbu03852/u...ll.exe

windows7-x64

3

tbu03852/u...ll.exe

windows10-2004-x64

3

tbu03852/update.exe

windows7-x64

3

tbu03852/update.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 04:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2840 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86ec7c83022455edd458b8cd63a933da

    SHA1

    a4bd623bb14a5945b678571d59f6a91ef2787111

    SHA256

    5dae5d60a57ad0e2d2acc9d7e58bb32e36e449204b64cbcf98e0fc08df7eed48

    SHA512

    06e0eb1e79d1f24dcd4073cddc3878909fe1f8f10c7f2bbede49740bc37cdc4c35fa3d55f6a873578a1fb04997ecd1693efe56fb18b566db6b23df33b680d967

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba66e0915e5b952d1497e1d9ef16a73e

    SHA1

    3f3e712a66c75481920f21f1a0464d4219c0d1b3

    SHA256

    1a609785c7cf4b78c885cc8f906269a8c575cc73f117004c728e7d4e27957b21

    SHA512

    55d7fdaf842be4f652b475561641668af71c53f092ffddb1bb9c52ea4fae2081c2e07ad7ebe7128efbed7b02d06d4fcc81ed14549472d881b18856a4c255b181

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    705665878cf81014b12441839acd712b

    SHA1

    712a3cb7e0728520257c09dae4f391e2b6d666bc

    SHA256

    4bcfd12b3dc04b9dec07cb2e2d47df2cb4210f69d5310cf5609e9acd590fafe0

    SHA512

    2aa6f3dbb467e827c4628be23b72d9d842f977dcffb1f7ccc4294f49b48859495cbf6a5b144ebe4957b6bef7f93a636745b1bbda01bfad34b51995ac9d59bb7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63676dba784060327f9acd0f61cb36e7

    SHA1

    d8aae4847dfd6177be5662acf087f3bb73629bb1

    SHA256

    1ce92fd45d9386d957cc17525696e44aafe3c19dfabcc8010b44319475b8851e

    SHA512

    ab066789ded8a669426ba6f8d0adb771a37642af6f2dbcf8e12b0210165e896ba106d0b63e846857d9f73e426dff3dd6b961710a2a44c81cbaa05423baa281ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d565715b5b267eeaed57acc10b174bc

    SHA1

    80ee0d517e4abf77dfc04e8a40240e53e9a22d8f

    SHA256

    98e21aec99fcf510e19d662faae7efd0fd935d66fb8c7d8bf3b58299b2851715

    SHA512

    ca234908d43ace73e3271d06a9945be2e40b0968486a988a32c6693dac5715605ea789deeda79c5a4747b5b84a0d2a0c876a2320822e34866e1cf481f90937e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a353c20afc69c2c183d9189554a4b17

    SHA1

    5128b4b608d2e0f376be22de85073b4f09db3391

    SHA256

    a0cc9a602f2b80ff19bf3ddfb8474b24202e9e70419abd63e654c28ce2491d8b

    SHA512

    19a9231f28472c31efbc529ca8cbfbd9ebab539bbf13899f97be00297f648093a5c2ca5d2303f90ec0a92e9e35e86b241f06bfe04841ed94a2aca9e062d3bdff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ddd67ea228f38d49f354bb2b11ddd0b

    SHA1

    20b333d15d3a34e7a10ce51bc8d3d736c3c5b48f

    SHA256

    9318d17f62d89528cac06d51dcdd725ed1c0eb85131e84e52829fc3f04ecba1e

    SHA512

    adb1afb62eb83b77e02467188ed64a15d03e29c27c43995b661da78d5077318b950e52c79a7390e40bbb89ba9aaabfccc74514f131b731f92ef661035745a089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77ca35f2878a3ec470013226274af589

    SHA1

    7b3db2cf3b7f3a0e3904e57600d092de2aa5c5ab

    SHA256

    914bc43142c197163d7a1a8723c354ca652686fc983687def29ad20b2fe92a29

    SHA512

    438e82efbb1d72ecb0bfc4aca630e9341514f4889a1896d27530d179f3782f1deb5f132255fea72edc746cdd8a0d8f8ded20da0426c2b773195683fccaeff797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ace5235fb8e39ca5c5f2f4cdbc2467e

    SHA1

    ffe02c73847943869eabf652d01e1560b8662e1e

    SHA256

    c69246252510602eb32b8562d85b958a89b8a3f1a5d1942329a24b02458cdc05

    SHA512

    459864e401b17aa2f4e7ae871c60e139bf762cc1c2c9af7e680494aa6c121d4b1a2c4d41629c6d74528cc032bdc31af7e64663d60c956dd5dc8193bbb4b537a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4a5a28d4673a9ab0484cbb8bc2ca459

    SHA1

    e813c10783ed8a762507e2a6819dcdbdfdbd5008

    SHA256

    79a7ccf9a818f51835c461e1c7fffc345060f796e507879cdac99c34d6fad346

    SHA512

    834e477bfeb719643d187a7f7543972850f15bbe21e97636b163105134410431bc7ccd29f0c295e1098db7efabd9ea6d921977eb36b4634098b77e06bbad823d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    815f11c1e34a6608bfce5f8fa37ba466

    SHA1

    10809d43459f537e544a537b9253040d846a0e66

    SHA256

    90401f9c825213c63c6f84ba44a161540f9a07c773a2183fd1eecb7858a73b53

    SHA512

    0ac7718f293a6d86b546c7d484483b2daf474b58d088e2b1888c52f256a7ac8bdfd2d36b0a5539dd09effb0e8b2f4f2b11f018f8cce121e3a994949b551c6ba4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c81575d25450166e20a19ec0c3e3b29a

    SHA1

    98cca0ec7bccfe0274804fdc67c7bbae68391d40

    SHA256

    0720b59f4a8544bb0be8076db98f8ac5f450c7284a41a70ae0015d1ff47392b0

    SHA512

    b6e8dd5dd228b559954c70fb5c4def885677a7ae91205cb2fde3b15d60f73e3fa4bec603e52fc4516f3d1cf5a4228a5bb027ea3b5617a996e3b0110cbdb64209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4323ba46721ea0557a25f482fbeaa0d2

    SHA1

    1056541a112bbf17072e8fceae49e6ad94682272

    SHA256

    4f7b6ec1677778d2fe204f4793cc0aa7f3a28a284c8c82337556c7059a11ce8c

    SHA512

    f4696debdc9264d5329355c4803bf24c09da5e78c50fe6b3586f1bac9a39d6eb4045fe41b347153cff891bb912069073a33db1185a420a6bf721ac102855869c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d32464cd3931058deb9f889d5c084b0

    SHA1

    3aaade2a5b82829b682a5542ec3fc600dd7162db

    SHA256

    2cd98b3d7bfa9e3b61277776c52d2d1e52df3becf6361a7ec58d63ec374ec1de

    SHA512

    f99c8f4a6c809d94d117872ba4e0cf26155f32e4abc1addc346b7da5682e3667376865d6d8bbaabbfbebecbf409e986d4b598033396aa1d687d1d675c0dc4430

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bef2cd5f2a72c3bd16e9071e78e3101

    SHA1

    c5b0c78e79cb3b39d11f735bb780b0dc87a5f789

    SHA256

    220159b4df753eee866350549a3f4381b749fbdc062349ce8e5d89b2095aa81f

    SHA512

    6a3f184ca2148225ec5cce8dbcfd0d67821f6a57a7ad38f3b8666f536117170e5fbca69e63a6a1deaa2982840a5746052c8103eed97d8d81c3f1383ad025ffae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ac899700bdb9f7e75351c3b201c3b49

    SHA1

    b8b17562952664b47557737e09e62132408995f2

    SHA256

    52dc1d47c487c62ac97a7ac20a8361be28582f677eef431259027b3166f1f2ad

    SHA512

    0eb71a84b4e7e976ea3c5bdb2bdf78c71152041dca371b856bffb123f7e029b3eb5405d77d8276f50d10e00af1f3e2a428ec1a634b60b04926ce6305416c218d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2aa4b471714420b23e96dc60e9bf63ff

    SHA1

    69d2e9e9d017e03e77827263dedca2c181f4880b

    SHA256

    ecbbbe9de05500084642c5c4c1430e45a604b3abb8c36ef2398662527efe50b3

    SHA512

    54ce7b75b8d3e306f3ae0dfcc537a9e19db8c64a7e79de5ae26eef1e35456cca72d75bac0c83b8043d1b26b2d757cb68c7eefbae24981b5e0e990322be9190e7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8088.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar80F9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit