Overview

overview

6

Static

static

3

docsis_cfg...54.exe

windows7-x64

3

docsis_cfg...54.exe

windows10-2004-x64

3

Tality54.exe

windows7-x64

3

Tality54.exe

windows10-2004-x64

3

docsis_cfg...bs.url

windows7-x64

6

docsis_cfg...bs.url

windows10-2004-x64

3

docsis_cfg....7.dll

windows7-x64

3

docsis_cfg....7.dll

windows10-2004-x64

3

docsis_cfg...n1.dll

windows7-x64

3

docsis_cfg...n1.dll

windows10-2004-x64

3

docsis_cfg...t.html

windows7-x64

3

docsis_cfg...t.html

windows10-2004-x64

3

docsis_cfg...s.html

windows7-x64

3

docsis_cfg...s.html

windows10-2004-x64

3

docsis_cfg...x.html

windows7-x64

3

docsis_cfg...x.html

windows10-2004-x64

3

docsis_cfg...is.bat

windows7-x64

1

docsis_cfg...is.bat

windows10-2004-x64

3

docsis_cfg...is.exe

windows7-x64

1

docsis_cfg...is.exe

windows10-2004-x64

3

docsis_cfg...is.url

windows7-x64

6

docsis_cfg...is.url

windows10-2004-x64

3

docsis_cfg...fg.exe

windows7-x64

3

docsis_cfg...fg.exe

windows10-2004-x64

3

snmp/mibs/...mt.vbs

windows7-x64

1

snmp/mibs/...mt.vbs

windows10-2004-x64

1

snmp/mibs/cap.vbs

windows7-x64

1

snmp/mibs/cap.vbs

windows10-2004-x64

1

snmp/mibs/...IB.vbs

windows7-x64

1

snmp/mibs/...IB.vbs

windows10-2004-x64

1

snmp/mibs/...IB.vbs

windows7-x64

1

snmp/mibs/...IB.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    docsis_cfg2.0.7/doc/config-format.html

  • Size

    41KB

  • MD5

    75a87fa29a9d909f34e95c0ba9d58a4a

  • SHA1

    ec6ca9d0fe21e43e671cf8a01f60a20c51b0c92e

  • SHA256

    33166c43cdd2906be9ddfb171cccf5f03153983141b2993b0f35c81a23243749

  • SHA512

    ebdef27874becc95a37bc3b1dbdc63c447370b00868d1e3c9478568e972295aaf22bdc097026d79bc1fd14b3a3c7c88bfec78efa307a34964737750d625eb9c2

  • SSDEEP

    96:jgN7SfddxddGexnTdddddDSIddddd8dddddTSadddddZdddddddddddddZdddddF:jgBS+iv6KhBx+kYZ67wRP9Jkpyv

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\docsis_cfg2.0.7\doc\config-format.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    922e8c36d63ca600ce11ba2e6ea3f931

    SHA1

    0debdf6cc63d91c8e76a7d52f90ef660e262fbc9

    SHA256

    fddda583c36241432cc577d741e5e7f9d2ffbf5dbf3ed4d526bfc3e8adc52eee

    SHA512

    8cce5189e994205fb017d65004a5d4398785314f553793d01e95cf437734ac0e1564996f211676d63656735d89f7267673630c443c09e2d14a625f38947e38e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07d19d25bcfcaedb9eaca6a70b2df6dd

    SHA1

    41feb197ce3b820c5ec1558f28d71496a83aaf1b

    SHA256

    3b30baf1b0c594b5602b6f67037a12b0b249e5745cb60ecb48b727c74da554fe

    SHA512

    2f98c2312bc12ef105ba93c5bbfdc1247f1304d90c0f1a9ea5671f6942222cb5ae718f7d9721593242f7493cbf07011296d9b0e5b9fd7c61326637afb1933793

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46d99be89022f213f6f1b57200df8899

    SHA1

    4371d792b92b91a55923adb1d0701f82c077aa54

    SHA256

    32bd9c56742f241971a9cea09eea509e22f274a683d049dbb2711a2ed59f1b40

    SHA512

    4fbc63c00573d7012368cc94882dad6f29d20ef8704860ef2fa9387070da27b4c4156c4c5c8cd6cc647ade9d220d6c4fe02cb83613a20d6db593cd6eed3cb235

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98d69f034a7cee846b27a823916ab9f5

    SHA1

    0edc0fb88ff4280f0fb42580d3ef02c31222ec4f

    SHA256

    102b98a0177fc32bc88ee10dfd8c0b3f357c4df4453e6c675f3697ff2b44adae

    SHA512

    93151a21f2c24d0191214e6db36c094991960355166577df5ad6b23d7243548dfe1eb0a95d6ae0aade9c0e0f642ec0f47f39dba27570c7f97721af2b394d462e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    602ecc3ab612b7688ce8cb5bcda13ffd

    SHA1

    00f60ce0477a9ebf39730588e744e56af9db9507

    SHA256

    ab546408db49baee6dd5cb2d842906da8ef64b73cd6cdae3d7420a0fb30f54dc

    SHA512

    6434cfb00ee55a8b1e50963c4f3376e4976f81e513cc57aeedd6da71a40f44a302663b40a00b77130b0c3bac72b57c19eb8866f36f2ba7b980246e4691c0a89c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06f973480fc1affb967e515f2cb27494

    SHA1

    c7eedcdc2b465b371affc4d42ce23423aee1fa60

    SHA256

    db6d4e2d11960f9c06839b07420146df135184ddd8c5c75513ce9bf1abbd7a63

    SHA512

    3dd83be13b59ff058f42fa89dae62980aa64ebabb11ac323630c73c20a692417fb94339aa12561b1871a60aa68a01e96518fb7abf0385a5404ed4cd4a727531f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    230c6bbc8d97ee09b39ff8973cc27889

    SHA1

    358242668bf82aef1e831b5823d75f62b700943d

    SHA256

    e1ea52285ef32212ff15bbfdca6696cf41782f1c5601b72d6255e76a1f10aa5a

    SHA512

    3a0133dcb953e47f8606fd44f7309e4726872b5851665cd7dab3d923889e8b8dca1283e93591f693e3264c7707553d270923034a351c2d7c18278bffb8bc5abf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb70e7cf51cbb3033dfaa9a09cec8577

    SHA1

    d0e651fd094ea0387fd04602a3f9dea3d3a27cea

    SHA256

    a7d4c50a3b1e9f41feacdec9f2c9f24d7ddd28c6886b52bf7ba78c400dff64f5

    SHA512

    1982c2098fd623bd1467c23ad932a7046f7cd3486f4a6a276e61abf5fc7ccf48f90e186487ee93d3a985d7a4c0c62d2077b749291480a93e74c4b811fa0723ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6309b4b06a62e2cc64b73dde12e69fef

    SHA1

    bebd17c2f479ac624a854245309d221d28e3be12

    SHA256

    31b6138f7b6722526e21d482212f70a4fbf073673eb5268c9aa6e92e2fb2bef8

    SHA512

    d140bba6876d1c4007e072d7145f54ea7f1a0dc051e1a762680e4a7054c0cc5f60b621fde3b7b66ac37c8c34bf7ea68218fcbf75798146ec94093ffa9fd084b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08f0374dd715ba7d2a35e43ad594bb66

    SHA1

    c38ead740831555513a5eb0e1ef251a902e0c59b

    SHA256

    7f7c1a32e467cbbfc685e22ec02c997e27a921e47b2a631189cf28d17d93d1a6

    SHA512

    74af6f8b60d750dfc29c755a314fb0f925fe9f181a2758ef84a7460d08a3aaf776b60a7823d32333c6af133f5c32e8f3f0d71cd26cba08c63437cd634cafa086

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdf85c735238db06a38f1945135e0c5b

    SHA1

    3a69e0aa3ecb768d2a54a70e960a1a176057ddd5

    SHA256

    d41920be0d80398df0d4711908d777374e1e143613092a85ad4558489164f90b

    SHA512

    e87d3ad99fff4cce46591964179d717c690bfe37f4bb1797317bf3084086ef013d5c6928c140406bbe583c3d2661ffe232738ee2ffd892c0b582134b25a69297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b56c3a3e08a8dc507747561b104aac6e

    SHA1

    537813746ea108ae34ef23242228ad93db5a2eac

    SHA256

    4640ee018e7f6eecf06a6858a6ac697aec93ba08b57bfe76dc4aa24ea926519c

    SHA512

    30f78f5cfb732d5960d7e19f9aa05c3129cefd38758d3a5ef5224eb2540401d1e903552120fa5e9b17ed2cb62e7a28099f280b8020cefed3dc8ff3528b6a65fb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD9A0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDDD7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit