Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://www.yandex.c...

windows7-x64

3

https://www.yandex.c...

windows11-21h2-x64

10

Resubmissions

03-09-2024 20:54

240903-zp4vwawhmm 10

28-08-2024 22:02

240828-1x5ykszhmm 10

Analysis

  • max time kernel
    1562s
  • max time network
    1563s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-09-2024 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.yandex.com.tr/search/?text=bonzi+buddy+download&clid=2411726&lr=11508

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.yandex.com.tr/search/?text=bonzi+buddy+download&clid=2411726&lr=11508
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2744 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ae99adc1a8c0fd2fc0720e4788a9191

    SHA1

    63b388e38a26ef644113903dcf90a7e207a037ce

    SHA256

    bdb6b98a6e5c84397bb90c09cb0ea4c451033a45215e6c0f7cbe2ede82c79701

    SHA512

    d21bf66ed77cf0deaf0c298504f39e1f9d145dfe61979e3d951cd86580a06d412cbbadcfe84ec94ec8358afce8bda967320c2669fae582535ad003d6b3b0f094

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2bf14fb34ab79fb0ae87f4578289ebb7

    SHA1

    e9d351ac44d20bcae0ae6a0a769c4ec08971f065

    SHA256

    9e63b3f8894e0952566f98acb014ce1dab17a0a7841ab0a3bbd6abd19477f85b

    SHA512

    f1d29a2ba1acaa1faee6fa2449845793aa83bfaacb5aa584a4af6ad3b136bd84577ec90ba580ffb84fb9b5ad11866d462d5a7fcce66f0b91de1bfe42ae2aa4d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de55c0de4680f99a65bc3ddbc7281f85

    SHA1

    cea05a5faa17c59098d9c47c433ac840c8825872

    SHA256

    2307330f275c8f0bd197abd3874b778f0bf15e953a4d65bfa6b35f92dd1892c9

    SHA512

    94cc0495d11e466f3af194c4e137f3bd4befb9966ec8ef02e1a3d78def72c356e6efa71b388cf7c0cf4130fad164a2e656abc91f96b5fc3d0a67092365fd1c13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4535b225cfcec9cffc24ef28ded54c86

    SHA1

    eb5f04dfe5a84750e0d7cc55fbf35f7baf857f49

    SHA256

    6fdf1abfa5fee7661526bac989fa95672cea7c993bce6df4ada2c852b5291503

    SHA512

    f4769c797dac5a9fdfcf72edfd16945014da8848fa1fc73710539626d878dc4a2d185b50fe0131558475d7c80195973c0c6990aaecc038ee6387d0ebe3cb12f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4f9d4297e36a2bb0de69e159070b593

    SHA1

    6288ec60299113c1dffe827f9167ee56374d927b

    SHA256

    a3be4e412fb8e01ae2a0ccc968f4fc67793785934b33037ef59e3a5608fa3a99

    SHA512

    0ec84d7db720c312caa2b61cb804bf562b574b6e0599b1beb24956a67c71de0349430bf1942334513463c7581941f71a981877f69d072b52e86e6fc7e4289a10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba8096ea7256c20c157bef99f1a84da2

    SHA1

    fa50ca200b5995e5aed892ab566cfa98348828d1

    SHA256

    cae236bcfc58e750751c74ccd4790cbf9eb4f8b8f186ccbbc72621808e975067

    SHA512

    0ac41fa016460de110dc6e662ad7340055c5cf58adbf86eff150641004d926d8d159b317436c8e1438d8c28685b155f8d8275c8bdfd4ee89bdb9cf99f473a1d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b66853ed5e793c8403bf9b13aeeadf9a

    SHA1

    4af08bdd886b0f176a3dbc0802ae49f4fa13d056

    SHA256

    3ed714d7ad9acd68549608c77e5a5526432ca1b72064bc3b02a498e2d80a87ad

    SHA512

    0f35c686868761291128d7e9f8caad41c80ab79bdb608987d8f9592bf83586576b656e3688f06139d0064c27a5fa8c86635ec6ebfb94aa319f0c550080aa8b34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1c7a71c9f2416cbbe1866a3511e0526

    SHA1

    fdb5c4f29a639cd7c4d396f5171fa1b5eed54ab7

    SHA256

    336a0fbc64bf7a1f571aaa9ee25a4dd2eace42d0b1bf84eb59e8c38a815326e8

    SHA512

    f1704abb66e6337b9a442df1e4a671b9be862a3ca1a8149df5ce1385905757d83a06c082f327cca74f2009c5e7ce8055a4521e29a2e763609f180b0b04172117

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2002a5f424f3d0de7bb286c2938224d

    SHA1

    4c76817a50d1b60392496ede4459e9164c01ab0e

    SHA256

    d79600f4d8b9ff3f669eb59519b5d94796fb0d3f49f7cf452f160e001c07cfa6

    SHA512

    6a44f8acfb96ebd007b28e64e1382b448158605a8e3aebc28722108fed8a95c50ad688f6d2bdd5183ccd840ed26caf24eba037e3e88bc0447d08e7978beb3411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09b787421ed419ae3ad97b826cec6825

    SHA1

    cdd7dc7435d2d75e6fcfa51e50b39752a6721a91

    SHA256

    65ce42e31acf859245d11f5c534a9d6ef90a01e652ef7e8bbd229f7655a80521

    SHA512

    ac235f768bab24b61f939e1a5c41b3025cda54aacb1a7c283e8a131c634213d31b0dee2cc7b1d6359d780a5b43bb079b5ed596383c27c919913dbaff1e0591a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4bfbf3af4ebb60204022611ee259851

    SHA1

    fd383cf78f36dfbaff802e215c2b4293cbdaafcc

    SHA256

    fc5c20cccf883bb18791c8c7231cf05b99c7d3b233fbb2e3fe5e2f73709c4827

    SHA512

    b119cab2c970888ab64ef2aaa0d250d16d05d1422a12264e709bba59eccce5775bb25b67fb1a0fe2db981e4ea6c55e91046ca8b2a26dee08454e3c5374b0a3d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90ee72f6db70c14384d9e925d27039b7

    SHA1

    5f0fa9c8413cc7759a0b59a56b1debe4f04f9aa6

    SHA256

    f7563a82d6d4aa883b92e760837b78192ecc9f48f0ba9126a0b408dce4ff2857

    SHA512

    0f11b993ec59fa56ae53c263f4dbdc7f08953d4a3e91a245ca12c2e4ffc4205ce96628313925ade29381dc38c224e3a7b33b674ec24b45bf21eb12b546dcb0c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    105ceedfdb1409d56e40c3be21e58738

    SHA1

    89e2015ee85fc3e1f2a509c161a19f6c5f59df18

    SHA256

    797248db43e48b879739fed8ef2512b4a256873abb966c9d5d998dc625dc60e5

    SHA512

    b2badc572cf473d4719361390b1c5dd33f0ed2ada267b749c64cde4c0897c654b0816ad60de61ba4d2d74fc429ef9bead9b79df687ef25e96e935e8d51b75276

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    378ce31904a6ac550b77d26558df9360

    SHA1

    afc83275a9f08a083ccd532d043c2d0524d95cc1

    SHA256

    6acde9996f1562927f925f2df930b4f4ff7bb7b10993baf8db5c90492cf269b6

    SHA512

    bf99e3e337d479ea1c936075b2db89b529f8353bb59d99ea12d50245ff5cbaa12ff4481386939b90610e357fb51c80b4b8cb06fe208e3b86886fa0c172c7aac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5b45b5fd6086d3dd35f5308a52d2828

    SHA1

    42c1abff5436b0cdeb2692f50c37f6703e1b2970

    SHA256

    ca0a0f1cf14c8702072a1b314d7768e8ee39ce0e90a77007933fe42f0840d4f7

    SHA512

    3c43891c20087943522d19a3aaad639687cb7e34be53d139c68c4f6afd5724f185d82330a9213b515dce24d11044ea59f975940aeeebc52b4387e195c97c158c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d24f3aae7843432e59c77b8fadc01c5d

    SHA1

    83b0edd255d21cdee8e001bfff5e8bc9226d0d53

    SHA256

    c527659242715a77ce552fa06403418ce19946ce2ae3ed0091ca733581d26970

    SHA512

    cb702aeb20cb340b7dee7c33c33dc242fa8054988edb8452b282840648a3aa4ba09628307d02f09fde3ec00df212ee9772f0a951d963f454843ebb94c36e629a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dd10008816b61e91d591f642ca7f405

    SHA1

    2878fb881c80857fbeebca50898e12f4ba11b2f7

    SHA256

    6939a2bd8de45f98071879343fe3261e811c8d0ba75a38e4b4dbfa6d96ddf298

    SHA512

    493f94fb76fe2ec0f6ae2f37aa3ecfa4c693dd3efdfd495ce38b9aaf2f20be578fee36c2408f718354a03d998bcb3d9c7a90f25a19d80cb512d3f42fab1d2080

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41435732e720f82cca695b05f167fb25

    SHA1

    74df82d79025e322b24b00f2e43f76a3d35f8486

    SHA256

    34791745668cb178e6d6f073fbcef1a2c48dfa53b15c8d8610b0447bb672a5d3

    SHA512

    c48fa55f68c73005775006206b41085915818f46cd653f4d6a95d987f461352f655b672abe5c428367cca39005bb45f706f1c94b314c06c4995df206246d1e93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2534329c0275478142aba6cea7fc6ea8

    SHA1

    e01a04df9e4581923e5748f42a3c5db5cc34d3e1

    SHA256

    0fd06778e683f49c04907baffa7157fe442eca3a07982734949427b0ee06dc6f

    SHA512

    6ee44bda155bab688a4c11c09e02373ac985df17a20e3636bcbb1ed66b9d69823286a6446a580588c368a7a0fa8172e683a811410ecf1a0040a81a107982d940

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5688f0590262fdcc04728e0189da78c0

    SHA1

    5dbec9f432a441244b1db322ddefb8118e898a97

    SHA256

    1341665dbca45ce6b0c61d2393c40366e8dc594e481c7cefb26a6ac166979ae2

    SHA512

    4debe244477d8eb69cced3bd568c1fa78340ee530e9cfc6ed9c7ba23a4d8dec4f121d377b6380577df8debc0752ac8aee1b3e940499fc9919621983070904ca5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BHTLLC7K\www.yandex.com[1].xml
    Filesize

    169B

    MD5

    3f91309023bfc24736fe2ba771b1ed7c

    SHA1

    a26588fa88fface2c1d726e8aa6dff69cceaf910

    SHA256

    a1d406334752ee8556cf8585410f668fcc8c2252750872c067080a615c352240

    SHA512

    fd32045a2cb2f74ff405321ceeca98ff22053665d27846cc11bc885a8054b2b24782c069bba3ed68951308745d38abe1c40ba4e611bfb9c487bd9d926f3ab03a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BHTLLC7K\www.yandex.com[1].xml
    Filesize

    343B

    MD5

    d2c952bb7d0beec66c91e6b118dbe1a3

    SHA1

    010f5b66a69054ad0b555802b35cef012ff3dedf

    SHA256

    7f3a71c43e40297b5aafb8fdbde3307edba6568e712f5b4b96812ead5751af7a

    SHA512

    243c6c570a8d5485eb81bac2a2846f0b25c3c27ae737574c1f17ebcd262d5818fcb68930d6b69452da293d2f43e69f042e74f50942fde43523d590ddc1933c57

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BHTLLC7K\www.yandex.com[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\e1ur8h2\imagestore.dat
    Filesize

    1KB

    MD5

    6a3766ec511703de49139bf2561a5fe2

    SHA1

    9f26278d71d47a6bf46a1bc0d4e7b8d7dd91dde5

    SHA256

    903eabe24b78adf2d79d725bd53aa8c0ef8e8e322e8272bee6474e48926e304c

    SHA512

    14d6fdad339b148b6bee16a9fec2fcb9af7bdb601a99dd05487e81943dc0997ba09dd5ee3d080a3d39a1e4e13a5f245f588427a1ab17f0dc53ef7a0080a29211

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8GI6B9B\favicon[1].ico
    Filesize

    1KB

    MD5

    5135e01dd9522c92fd053b413360332f

    SHA1

    98fbed6a175593e45aefe50ea2aeb3bad3eda1f0

    SHA256

    9a8c4ab2a3a2451c6f1b31af29eeeced47745013711f641eafa80828a2b251de

    SHA512

    c97078066e23a17df38f4bfba6ae1f3df20fbdaf3f480308bd0a78916c98804bdc6c1003f95db1d9f94a40a2507d09e7fbf0653fc4d32cda4c998c6ad8870b33

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab282A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar283D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit