Overview

overview

6

Static

static

3

docsis_cfg...54.exe

windows7-x64

3

docsis_cfg...54.exe

windows10-2004-x64

3

Tality54.exe

windows7-x64

3

Tality54.exe

windows10-2004-x64

3

docsis_cfg...bs.url

windows7-x64

6

docsis_cfg...bs.url

windows10-2004-x64

3

docsis_cfg....7.dll

windows7-x64

3

docsis_cfg....7.dll

windows10-2004-x64

3

docsis_cfg...n1.dll

windows7-x64

3

docsis_cfg...n1.dll

windows10-2004-x64

3

docsis_cfg...t.html

windows7-x64

3

docsis_cfg...t.html

windows10-2004-x64

3

docsis_cfg...s.html

windows7-x64

3

docsis_cfg...s.html

windows10-2004-x64

3

docsis_cfg...x.html

windows7-x64

3

docsis_cfg...x.html

windows10-2004-x64

3

docsis_cfg...is.bat

windows7-x64

1

docsis_cfg...is.bat

windows10-2004-x64

3

docsis_cfg...is.exe

windows7-x64

1

docsis_cfg...is.exe

windows10-2004-x64

3

docsis_cfg...is.url

windows7-x64

6

docsis_cfg...is.url

windows10-2004-x64

3

docsis_cfg...fg.exe

windows7-x64

3

docsis_cfg...fg.exe

windows10-2004-x64

3

snmp/mibs/...mt.vbs

windows7-x64

1

snmp/mibs/...mt.vbs

windows10-2004-x64

1

snmp/mibs/cap.vbs

windows7-x64

1

snmp/mibs/cap.vbs

windows10-2004-x64

1

snmp/mibs/...IB.vbs

windows7-x64

1

snmp/mibs/...IB.vbs

windows10-2004-x64

1

snmp/mibs/...IB.vbs

windows7-x64

1

snmp/mibs/...IB.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    docsis_cfg2.0.7/doc/config-settings.html

  • Size

    20KB

  • MD5

    d7d773b283f4a5afee6fbc640bb078e2

  • SHA1

    756791374149e494fe49a8c72874b84015780c84

  • SHA256

    31109ce62f0bb418a5a1fc8a98489d1486929d668e063e90e1ae70500bd293f8

  • SHA512

    a8b5404724e4bac0d12231a3159ee6f7c50893be100f4adcc0b205ee3623937ad71996fe168736f64b9ae6e2b99e57499c294d84623cec98880b9fa72e489788

  • SSDEEP

    384:xlxX6sOBNz2zr0Nz2zrMTTpKbi0i92ubCZdKd2:xlxXW5q

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\docsis_cfg2.0.7\doc\config-settings.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa99b497484458709c2c7ecc93c66089

    SHA1

    56becf471ff82d9d0f5acb16282680be2f7429b7

    SHA256

    de649c0f1348abd7c56cc598e49e64aa8e9821789afe26495d6cb2c206aa4f1f

    SHA512

    57d879fd4697dca980f295a3f0da44ce210886793d2b177494e7f5636c2b3fa2bf16e5bead22fdf75740da47bf894f80176e620ece46a7799c9c360d4eb15281

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17025f02c22b3885e846aabedbfa3f79

    SHA1

    cd58975a216a6b540062b90375549e6456e4eb18

    SHA256

    287d5127ca3c5a9bc5f5cff566a661db33e71d8f44f77307270da78614070c61

    SHA512

    7fd51d1af897d70e290111be2fc816a0e90d97222deeb2531b9df5f00397c4eaf573757d622acafc9c8e7a4190c48c879b8ba7b725e683a3e403b2064cda975e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdb12dd5a15b2b0d0ee3290614302aed

    SHA1

    3fc8379d5cbd88eb1e832d4335c1017e1b281123

    SHA256

    040154d7e2cae78e9c1991de4c72c68e865c54d1271021bfd3c7779eaebf98e7

    SHA512

    876a98fa19d197fb69e172ad607a81b162131e9ea2d470414045aed42df797c0117672603df05239daba5912af27a3d596b3dfd1035c61e92fe650e4bffe9a6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cea652683c41afe8abab2f64b92d5cf7

    SHA1

    3050adfe425268168ef7921aa8debc99d2333e9b

    SHA256

    2eff33b75a1dd99bfcc54a5badb2eaadb2a9eeb092bb9b07229e16e7994ad077

    SHA512

    33d52b9f54dfe943c966e0c504c75533972796cf818fe7ab52de375a1126157ea2ab35ee80aa2a9706d9546a9722b6ea1d0cbe9a2ead8f4c53982e76ec00ad9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9017ffff82122443c2fc60303d6b2850

    SHA1

    f86d393ba264a57b121f879325017908f439c907

    SHA256

    5ba105aea3a757976ce605296bade57a239e10ec6c0202bb5787a8bc6b661a75

    SHA512

    5f463e5bc080415820fe61d0b85051fb3d0ff38698a837ea38ed089139b351ac3c95c0d6a81ce3c0f342405a1810b4bd50b620d27e1421ce4118176bf11ea47a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7bbe9d2436a66c8ddf9d8c529e49866

    SHA1

    1cebec8e87ba5a384d8655bae3c16bb0cfbd01c6

    SHA256

    08c3167e22ab658a35c3d9ccd9ac824e1e40a494b9b24516bf4a74f2cadae6a5

    SHA512

    1a13cc7844911211dee9400e1b8151973787298ab3d088e51021da5b5ac130a0e8349440bb0509444e6fc2809af16ac9c8af34af3304e1ba8a163b0ffe452943

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3a25172408375810824ee896f4b80ed

    SHA1

    3b8d46dd9fa036fe736c788c173e7ad2c233c6d2

    SHA256

    0ea947b928514391ab3e86c5a1e4a0dff2e69e37188a188dd742108958757f04

    SHA512

    e33ef93e69ac8b3cada19ff5277e5a1272a64c13f066928b0e75acc33b77f070cd78380edd2038d9dbce817eaadf9ea27e9190ab31c601982d53d45d0ebca0a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ad203b5989b7bfac5869cc4b9ac2fa8

    SHA1

    2823e5f7bbf9f6531c50fad5562029626327c85e

    SHA256

    693450038b22941c569b9df472f322804912a9f3998166e633acd45c0da26485

    SHA512

    7599eb0fefccddb3040397ade21d6fbb83d7b0bb7f8c055117fecdf06d00ba5002f3437eeba5df2193936441dd169c0c7f69f418c7ddb130bc7a2830f19e305d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9431a41c206f55e42acf05c0eb95073

    SHA1

    f0374a9f3ee438bdd646ae9d4a416fcd3fd1fd2b

    SHA256

    2c5f9ee1f8f35ae349c9cd74086b0354a809af03d875589bbee7ac39b32c61b8

    SHA512

    24f5fb1d7f91d0458924e56778b3794d396a5eb5aae49359cb1bd13132a35fd72fab69befc8381a3b31957b4061aa2ad5e411624691a28fa2b7f7ca89d095e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f7b76ecd281cc93f741a58b802dfb13

    SHA1

    086e206b9faf3c7145405b82e4d58f2a415ab33c

    SHA256

    8ba9a20837200f2a29ddc537a0e6f19a3ad81e9ac1935a7c9aa430a879892773

    SHA512

    db6d352cf734832a5502e6d4be42b3b7c8bb28b194c4aebc0b653ba141b232bf6290b22ae6974449a1779cfec151ef2f6ca13e5b67a43a9e0caccef8f89bdf86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dff263e9d43587cd841f26f550179836

    SHA1

    d77933c8bcc6385e086f669f49eb0834f947abc1

    SHA256

    0670eec7d8d4cbf07396b2cdef500c01b2db102cfac057a67796f0a67b542e1b

    SHA512

    d3bd0513f11735c9c2c9ad9be2e85e2670f7e69b01184f452da9a6d42ba54a09dd87cde014692edfb91cc619441a33a7a1c95de50abdbdd6dc70179c01a408e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15afe43af0d96c3ded56d5830ca57aa7

    SHA1

    4ddfeeff2efc52f1efb2ab6b33840345e18860e5

    SHA256

    8628f249b0afeb25637d2351753b8ec26d5f9fef9f8bc2053e0df6d2c45d488d

    SHA512

    12bf9fd72952e809687b586d21376899e3db2cc4c40cfb5004f0484c25dd63c427eff577dd9446a79564a61d992e87cb2fa54d7e861c58714abeaa36e0aea7e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a475a3f51589c46ed926739cfd4a2f6

    SHA1

    49302fc333a342c507757f73aa9d6f2b1638f2a8

    SHA256

    d8e691354ddc2359bbc641f87a165934cbbb2e778f821f9d46ff52ec060a67ef

    SHA512

    947e13e16017b0341a4aaf8ae796fbc7c8efcee7aa827ed4dfadd517936e302659fd1f87e592621c776c2cec8f802d7153a0625dfa8a99f7fa74010e89486c28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa53682f445c360c0d9afa4b6ff821a9

    SHA1

    7b4c91e44065ffad302e0028a4bb954a3ed2398f

    SHA256

    5db731f57ab202d4c9274e1873c0e6f91cf443567b5f2b96f8f973d4d2584ab5

    SHA512

    991e60515b8dde9528970a483edab89d46e0c1fb4e6cbaa5a4a2e6c46e86dc09bbdebc77f544eadd57efa4b9be08e838820e31134805b186acb24ce665107ddf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC0A2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC28A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit