Overview

overview

7

Static

static

3

a72f8697a9...18.exe

windows7-x64

3

a72f8697a9...18.exe

windows10-2004-x64

3

$SYSDIR/Mo...er.scr

windows7-x64

3

$SYSDIR/Mo...er.scr

windows10-2004-x64

3

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

3

tbu03852/options.html

windows10-2004-x64

3

tbu03852/s...g.html

windows7-x64

3

tbu03852/s...g.html

windows10-2004-x64

3

tbu03852/s...b.html

windows7-x64

3

tbu03852/s...b.html

windows10-2004-x64

3

tbu03852/tbhelper.dll

windows7-x64

3

tbu03852/tbhelper.dll

windows10-2004-x64

3

tbu03852/t...091.js

windows7-x64

3

tbu03852/t...091.js

windows10-2004-x64

3

tbu03852/u...ll.exe

windows7-x64

3

tbu03852/u...ll.exe

windows10-2004-x64

3

tbu03852/update.exe

windows7-x64

3

tbu03852/update.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/08/2024, 15:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SYSDIR/Mouse_Screensaver.scr

  • Size

    2.0MB

  • MD5

    36f5007eb7f1b0ad1838f7678a04e19f

  • SHA1

    7e5b381e27ab43603a0362ed4fe0493f561a36ec

  • SHA256

    710f78698a03030baf4580f50bd91f084149684f492874b8f29ed956b15ea829

  • SHA512

    7aee6135c93c16c9f45592de4ca3c1791828b9556e81fd8dc5fd7ea1cf148185279eacbdca92c56ed179f3115da61d5af70eeac8da7a2fb511ed671bea0494ce

  • SSDEEP

    49152:lWHAD60MAV9WHYDTU/JuHpLbX3TW+lYRtxVF1SkpVq:0AD6EiHDJuHp33TW+lA1Tq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$SYSDIR\Mouse_Screensaver.scr
    "C:\Users\Admin\AppData\Local\Temp\$SYSDIR\Mouse_Screensaver.scr" /S
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads