Overview

overview

7

Static

static

3

bfd9073578...18.exe

windows7-x64

3

bfd9073578...18.exe

windows10-2004-x64

3

$SYSDIR/Ca...in.scr

windows7-x64

3

$SYSDIR/Ca...in.scr

windows10-2004-x64

3

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

3

tbu03852/options.html

windows10-2004-x64

3

tbu03852/s...g.html

windows7-x64

3

tbu03852/s...g.html

windows10-2004-x64

3

tbu03852/s...b.html

windows7-x64

3

tbu03852/s...b.html

windows10-2004-x64

3

tbu03852/tbhelper.dll

windows7-x64

3

tbu03852/tbhelper.dll

windows10-2004-x64

3

tbu03852/t...091.js

windows7-x64

3

tbu03852/t...091.js

windows10-2004-x64

3

tbu03852/u...ll.exe

windows7-x64

3

tbu03852/u...ll.exe

windows10-2004-x64

3

tbu03852/update.exe

windows7-x64

3

tbu03852/update.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 01:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2576

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f5937250b71fe094499be21b299660ab

          SHA1

          6e3e4a8851456879f5e583e8549df9c9efacd08c

          SHA256

          ba86435f2cdcd6d467ded6f3fac804e8cb7b74343abdd05497af852e7eb5dc02

          SHA512

          7ea64bf35cf59eabc18e647ae27ec2a2605a807d5dd447ce43e345b5473a9dec20fe895f278c800236a69fb98d73ba32017339e737728407f6a5110cce45bf0b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          656459d82dca871483d4492d4d47f8eb

          SHA1

          6233edfa4f37aba769ad83a5b43d0b222eef0d35

          SHA256

          5722edd0a2854aaf21084ed281d14b5ba8f23f6ea2251cd1bf7724a9ad7f3aa3

          SHA512

          4b3bc1fd68fa07acd62fd4e1bdaa3de52acb33d9412461352effb63e2b7032daeb7e0cb9512d142857715ce4147838c92862145f7ac61f3b8e131251e93c9079

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          af91e9625ad76110bb09579f7bda424c

          SHA1

          7ea6b8c7b56b7382173d67d1f99fe2b877e713ca

          SHA256

          2b91f686736dbacbe9916ed5b06a91fb43fc33a6cc042ee1b97b5cda8fdf2a13

          SHA512

          61344ec4006ecc858621974beaa95dffb3d554597e7821db2800f3862bfa3f5ee8dad2cce9fe2c2b04f8a89fb70789f03bea9fcde19720c4cbb878d1d2b5114d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          95686715a1a0128e5dd19008abadb1ff

          SHA1

          71d71c9ffc6225d0e3478e674e6df7cff4143ec9

          SHA256

          a8c1760ec29fa423d805018800705538ebccadb3b7ff565adc47a6b9f51863b2

          SHA512

          e5aa41ec93bfe0d6d35d496c03bdb47e3be818bdbdae39b54c489d6e17024fde223d5d6f6345150dfc0d6c90564f1016edebe31673a95f71fcd8d85f1873b254

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7a550e94b34e940ef80024b88f355bd7

          SHA1

          8d5def12e371eb218514328ff00f85f19beb9458

          SHA256

          fa60f42a4a6c786cdaf59f70bf6100e8a8d705cd2833ad6b47a6dbd15ae49253

          SHA512

          9f7cafb8ab87924c6346a049be59e63073025487f1d3ee8d0a00df6253f7ac0a9c49d9a16fe093ed4675f2dd3e25932c832908384e7bbc54f5059cd2f87cdb20

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bb8072381699f0670ae462340b8bae10

          SHA1

          3c77a84daad51abf6dbd063672463aadbe38ede9

          SHA256

          113c6c0627fe361a322fb431545dc9c7ad3ea3cbf71ba49a0f9a896e5fe20212

          SHA512

          3985c326033672fb71725cf845ae18e6f81fb303d4b35b0dbefe0eebae43e950b9e4f39236f15fb5ae582ddc47ffe3d72244a2072d11ef2ee0481c27b1200e45

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6c609088470576f3baa8c8a5ca863f36

          SHA1

          1549c4d88e41bf0aca25f6de89f5a615fa84dcd8

          SHA256

          1eb984df6953d1235584fb054a13daceb62e646cba36e3d0721510a83fa95d41

          SHA512

          6b085f94bceddbb9c1f8c35e96e8c200de16375e6c24fc761a86ad4d3400bf127615a527bfd1a9db7d300cb1d6f04f81dd39327f9bbf3991c7c00c1dec02b9c3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5ffaa6eba8de6f0863dce9a4d5bdf6bd

          SHA1

          8a299ec3f7a864ee09a8fcbed301508732c04fa4

          SHA256

          a1bec5cf457fe352975e44bf31f37bd5dccf423e6610a9e4be52e85ffe803d57

          SHA512

          a14202f7a0b704810f7154ef362196af3f3fd553fdc9e36385616b5fe85501cc597a038fa8b6aec477784b74ef00f68955e4c871174a9a6644e72d733c362f3c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3858345da875f5cc28f3d1c44585cb14

          SHA1

          d7564918c056d78561983ceae4cddf09874e8474

          SHA256

          7fb65d0b9cfe4042461fc0700f2027bae816b1e2d5aaae8d9227b34d63cfe128

          SHA512

          1e133c9f4b1467084a6769176c76bd8fd7a93b06cb61bb5c6500875986d8c7b83637a36d19c4f44991078fd6063de8326146118c19e5bcc7d2c429a4e5fd9dc4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          52c9e9e946902453f70b108b2f5b7a78

          SHA1

          ca57a51444f06482a93a46b71beeb0ccaab86d5f

          SHA256

          0e4b0068a9ee47e15290567afb62209639bb118ccab09f1fb69fddbad0daeae4

          SHA512

          deda02ad39c211176c67bfa4df3ac3780501c753f686fe300f11ec3f55a310fc6e3dccfcd574976ba06929f18624e6283bcd15d8820bed70fc8d8d17000384f7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          80b04916b3a1423222369ae971ace5ff

          SHA1

          973f71ab194b3ef5552142eb82c56d932b41c8e5

          SHA256

          8f7e7f2f7c38a9c630560de079a00f0246e9d8946b8dcf406c2a8b7e47db2a07

          SHA512

          ebbb36076628592c3a2da856d7f3d4d47a5e2f749c9deb2759302c234bc799c2272966be3f48ebdfde7006a66b28fb3766251f7801d40d95554edc7c1c4fae21

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4B5.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar583.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit