Overview

overview

3

Static

static

1

FTPBA/aabo...n.html

windows7-x64

3

FTPBA/aabo...n.html

windows10-2004-x64

3

FTPBA/aabo...x.html

windows7-x64

3

FTPBA/aabo...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 01:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    FTPBA/aaboa/accountverification.html

  • Size

    21KB

  • MD5

    a9897e4a810b1dbeb9e546ebdf378243

  • SHA1

    6f0fac76ffcea50c7f74eddfed8d2705f1af8834

  • SHA256

    3be8a56c8391702c5ab5a4bac5e16787f6375e9385491b18d229e8659df98696

  • SHA512

    b6b7519bd918009b2c6af0aae00b00b8db1940d009edd5dd2f6a33a650371e25711c83024fc8d1f42f48593c997064a0d4fc7a6788136ab6b96b9814b19188af

  • SSDEEP

    192:PasG3LAS/y2wHzv6GEbreKKOQ5dlZ7bUEbolLqF1mty7g22di4Fw2SQNw2SQew2t:CHAaylTvWrDwkWT14TGzLEbe

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FTPBA\aaboa\accountverification.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8c0345244c2ade3db6f1e2c17165c798

          SHA1

          8bd9848bc435011d6a4bcf4ac411374d1b9b4052

          SHA256

          d134008453032d3b3dc423364cc6b3f92c65c409236e4358adc91e9846e5d19c

          SHA512

          09d2c373d60e45d230b4b03a5ef2e9811696af469beb4f6e610cc9833b5d90fd512e2bac561b5bcbaaf9b758343067f41471c2324022123f9ac7447b31572bf2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c9f8ed38d22df479e42fddcb9ac2f1d5

          SHA1

          275b4ab83704db6179751b2acbe1fde3d510d425

          SHA256

          e6f7b8d2bf227bd5e58099e7a6bdcc169b8df4cce6a1761fe5b541974fa6a2cf

          SHA512

          ed9df9daff6ea31211b5976e8dd07af9b25b79a757d845dc76d3ef866ef3248ea132f10475e0bd875799aa36a7d809ebb1cff6f2d87babe07776e64fbdef7699

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          03d9237de4f8d29c005eccdf2d834604

          SHA1

          cb430ad1f6d0196684833bf791683dd74f500587

          SHA256

          6ffd7475fd6226dd3aa2e3964f6f43c610d886971fead280ca13f1e55fabe62c

          SHA512

          1c1a5bef6c8bd1e183affe3295006ad737caa5cc0bde838f11fa3c165a5f8102d690987344764921dc24d746d931e30de3050498b2a0237584fce240e413a7b7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1acced023c26aa0af184a3ffcfc2b379

          SHA1

          0eb949be25d75c0aca6570b70f1913ecea3848f4

          SHA256

          4b613e8ac686a38401fadf4d103ecd59efb6e19eeb7d653eb7925fca8491d7a5

          SHA512

          0868de7001695a86a9b79a9e9611391f21585125887336b3ea1141e6ad97de3ec64798ba61ebc1a695e8d889c1ea04741baf39f9047d2cbd69f01acac5bfd2d8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e1d11e371360417440cb0b5562ac6533

          SHA1

          f2119cb7dd2fb06694e8f00691c17b3b9adc575c

          SHA256

          7e92371243502d174c1adb90ad4adf0a71307d5a92dfc904fad7c55d2d50a952

          SHA512

          556d9db311ddce21d3ae63d9a10816503574bd437120b37d060b2ea9f9c97c7bd5242cb157596b882e17be26c8c34370f80645a669ef0523dbae002d769e34b7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          aab36acc323e42728ce732b61bb48917

          SHA1

          16642b67538b14f474ae5e926c098984b66d21e2

          SHA256

          127b8293b33707fcbd3f09f98a44f29fceef93545074e80b02f7166edc0c1dd4

          SHA512

          2aaed4278d962f6b5df9a742654ae15e417a50b4d028cebc8c6433b65e3a5e8c5b8bbc4596d404ba4c9865047596abfea44c57e662045a3572d64a255080746b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1f80e6cb0500a0113d210ca6aff760e6

          SHA1

          e04e41dd5621c5025f93e7ce3c4be589720b1506

          SHA256

          f4b793881dc9a33ab12987b522ea1f6bc2059cf8bbda9f8ee3d5980812e9554d

          SHA512

          031a1224e4cf7428e3e51b9ad72c3f1e05f784510552b0cb695f383937a628362d679cd3e6a0fe378ac007513533ce8e98bdecacac10d97403be1a1201ea03c7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          162350c0efbde75e7bca8e427d08f3fb

          SHA1

          4155e32b11e6794f74ebd79ebf5b80132a6edba7

          SHA256

          465a6f598edf9a5d340d3aa59625108576e78a0e3c9569b54f103860e6db52f0

          SHA512

          2ad3eaa72b5f2cdf656c98ff0f3c214ce57f46743de311316c59c5103b53c57722936ae08fe347655608a468d1d9073bbe4133bd116e4f33ba248f31f1c9e19b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d414f78e4d9f5bb752f4f7c7b5ea6e41

          SHA1

          d055dfb97c93a057be6d96c8a6465e9ce6989da5

          SHA256

          45edacc9ec284a0bb6eed7707a42bf411b16286f5dff4f9b0d5386b02b7dacee

          SHA512

          c2889a70a8d4d142c3cb2894d6e01f36f51de844d2cbbd3a317238da5956ea95b6951490c3d4bdd85a6d5bf5061aab7f58a333b7598e3a1269f9e356bff7acd0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d5bf72292d26cc9984e7e1c8ec92c336

          SHA1

          e56a327f756f434e34b1bb8ce645ba6f3af6875b

          SHA256

          8909d3ca2ef239caccd5a7bc6cf48750e5f9edcc0c9d8016d9fa839f867598c1

          SHA512

          b5d507edd67fa27d0576664b99c82737857c52bf367cf66a3d2bef56af49bf679f14175014906867745d7db301b6ba4de9259ea371d537a1ef80df175dbd914a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ac66c8a19379c3013092c24af9345588

          SHA1

          6a860b90416b547afc7b766b2eba621428ecf7a1

          SHA256

          8ccf4e9113702d8216674f9163b7d549dd405b5eb18b78dbd9039c3f0145ddce

          SHA512

          0aed1079ebb3bd995766e3dfe387f945ab124036207a909a6a62edb8e429f9066ba2b2b015c606ad443b92e578be15e2d22c75cfa098c7cc66a4fecddf2fb378

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8a1c0cc58ea955e069f9862674b7dc9c

          SHA1

          2a64fd6d792576e09eda447b4c7e86b1265548be

          SHA256

          d22760ecaac7f7ab730ec408417c82b05f7ac5287c90ac80a5b05e46910f50e9

          SHA512

          0f9bef6bd985951c5ec94bddaebdf6595cfe8cd0d0e8f4ea216173b4e45b0f4314078716719bf52704ea0276e584fc5ad94b9f6e9e0e229a155aea0bd5f473f3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabBFF8.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarC0B6.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit