Overview

overview

6

Static

static

3

docsis_cfg...54.exe

windows7-x64

3

docsis_cfg...54.exe

windows10-2004-x64

3

Tality54.exe

windows7-x64

3

Tality54.exe

windows10-2004-x64

3

docsis_cfg...bs.url

windows7-x64

6

docsis_cfg...bs.url

windows10-2004-x64

3

docsis_cfg....7.dll

windows7-x64

3

docsis_cfg....7.dll

windows10-2004-x64

3

docsis_cfg...n1.dll

windows7-x64

3

docsis_cfg...n1.dll

windows10-2004-x64

3

docsis_cfg...t.html

windows7-x64

3

docsis_cfg...t.html

windows10-2004-x64

3

docsis_cfg...s.html

windows7-x64

3

docsis_cfg...s.html

windows10-2004-x64

3

docsis_cfg...x.html

windows7-x64

3

docsis_cfg...x.html

windows10-2004-x64

3

docsis_cfg...is.bat

windows7-x64

1

docsis_cfg...is.bat

windows10-2004-x64

3

docsis_cfg...is.exe

windows7-x64

1

docsis_cfg...is.exe

windows10-2004-x64

3

docsis_cfg...is.url

windows7-x64

6

docsis_cfg...is.url

windows10-2004-x64

3

docsis_cfg...fg.exe

windows7-x64

3

docsis_cfg...fg.exe

windows10-2004-x64

3

snmp/mibs/...mt.vbs

windows7-x64

1

snmp/mibs/...mt.vbs

windows10-2004-x64

1

snmp/mibs/cap.vbs

windows7-x64

1

snmp/mibs/cap.vbs

windows10-2004-x64

1

snmp/mibs/...IB.vbs

windows7-x64

1

snmp/mibs/...IB.vbs

windows10-2004-x64

1

snmp/mibs/...IB.vbs

windows7-x64

1

snmp/mibs/...IB.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-09-2024 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    docsis_cfg2.0.7/cablelabs.url

  • Size

    50B

  • MD5

    30a714c2ac6dd0fa36424cf5f57dc966

  • SHA1

    893765b82a5bab4bd65dcbd7196b048e8e0aeb6d

  • SHA256

    1daefe9fee635e198603a2d08e6a7029b4a209b5adf1a74c85444ce02347efed

  • SHA512

    45c5e97edb680df84fbac8542347d9c38b742aa15c24eed607fd59cdd4220868bd64d3934dcde3daa6b27c2263e044c518012e0e553162436b8c1824b2201c30

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\docsis_cfg2.0.7\cablelabs.url
    1⤵
    • Checks whether UAC is enabled
    PID:2496
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1912 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2108

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    089380b50cdc441119e8c33586024c29

    SHA1

    a87b48313862836f16956ff47f6bf9a3b0c60c1e

    SHA256

    96f4b687bedb35fc55d9cefaf4fbc7d5c8ce3c25cc11d4b8957767047529298c

    SHA512

    cb800b6b6066fd05d224c98e6cbc7b9b733694b1ac5842e1337945219b109c5bda4582e9ba9b49fa2ec4c6fb2a02f4746dca5bd4f42e9578b0ecf4024fcd1b57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    720eecc1024bec223a61a0a64eb7e8df

    SHA1

    411eefa78a02804dcdcece718f73c7462f6811a8

    SHA256

    f117bcdcd6b74c8cca13c5035e31531638923c83ab947d5656670fcd915a8e2d

    SHA512

    fd82702a2dc7dab42bf66502b1f3caa73cecbe11e00d971ffbe82ce2ebf6aa4282ae0b6a72e518109353078e25984764c7531d3d1704b5d6852e79c7410c8b2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6dc98b7b599bbfacb25fa9e663da89a6

    SHA1

    c279233a6fc4d9a0c57010e05122c9f0f7165c5c

    SHA256

    87364590e72c1140f2fe440c9dcf78b85ca4603272a20d27dad9b97a565e4421

    SHA512

    bf6e6cba8c819c23ec6d1c026a7d451aded343819f34537a4cc7591c23e2b0fad5a36f902cdf3602925a957227b82d22f26c46210dd216aef9d2755a90ae997f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eeba8d10d30874cfd07abcea586416ca

    SHA1

    a4efd49b6b2929262415e17580e47e21a241bf93

    SHA256

    544013752ed164db5956572cba4dcb29b00708bb4bb24a90f20dd55af526be05

    SHA512

    787326847593ea40fae92374050400aceef5faa8a0503073cdded52b51a353b59a88e45fdd7c4921a21b27c17cd2bee829ea2a235bbb570efa7f36f103cee2eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9879a7d6b0bb9fa371aa39765109837d

    SHA1

    006543248a8e7377d1588c47e6305921775949c0

    SHA256

    15b39c54cfd761501a6c4de2d0e5d911374783a7e1238e52120775883f420b86

    SHA512

    6a9caa3562cb44d357562af2beae535773f51ee02d82051e682780c412ac0281ca835f6a1b710c6d75d06a73c39882bc1dd5a391cc6f900ad4d718df7666e58a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba3a6ca51c181b2d4b239d8bc24f1573

    SHA1

    92b03c9f84d5cd4b86c4517684bcbc49ef6e085a

    SHA256

    41e33e10963d95416380a5830bfecd34c79b20d86894a2ed3d2cee4d574b4610

    SHA512

    6b423bda6edc1532fac3735637d69553cb2133a1b739c7e73be5518f62ffd6c7dbb67bebb4419eaa37054a946e8c33a03901a577932b077097784d8c25a89c14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d225332bd3a3c21af2b547f052b5ca13

    SHA1

    0c3a2eb3c4b716fc74b754ec7a3dd0c8ba383134

    SHA256

    80b53232627b5eeee6c7b3b74e55fd3862c127297388ebec5ee8022c3624c49c

    SHA512

    f1e8c304eff3d1caa70ad8e53ba8eaf50aa3641626ddf898d9ff4894e1ff7c19887feb8b0fbd85e5169547c0ad5043c8d8f6293ed1203c626f83a8c5ea19f775

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f132024c9ce470db82bf053a50a8e5fd

    SHA1

    471030d3e412008e93db9651b6f4dc623abbd13a

    SHA256

    6ff2839f0c519c0d181f4bb2a2c76474ef39c19f77afa67543ec243bc7f69302

    SHA512

    42201b6c834ef08753b339bceb5e664be0c60f3c29995068ed2a2902552694fa857243ee75fb102d15dea9766b446a4924bf9c0518a1536488a291881bd7a3ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    888405e9f8c9a70972656b78fada70b5

    SHA1

    405b2d6c171ee25bbbcd313184e4082535143003

    SHA256

    ad8cb48af65458f776574e930386dea9aacf81006dca248db0f1b179daf7ba31

    SHA512

    1a2fa466554a5cdb9cad6a6fe2ced33d4bd87bc9ed0f2cac4219de1a7235d73e39b2c6bc416006e0bf425d833f0cd985f7b30058cdaf9bd65a5698dd6a455e4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b06f2288d78c08d6a8ae7be49e031a5

    SHA1

    887c8ee2c42991637968cb9ae29f9173febae032

    SHA256

    55509eb9e57292503c1c082188277ae514fe3243d8507d63aaefc9db69813b5b

    SHA512

    a87b46e20f5d9adc66c7c6debbbe80d7e6dd13a8ab7804c5515868d529229c7d2fdfddad7bccf3bb5eeb3d034e32ef26ef76d416072083a13e2eb5457dc9d3db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bbbd7a30ef8f40eeaf182d2e006f2f2

    SHA1

    65d0ae7377d831dd64be6fd443d88e15f181ae52

    SHA256

    ee8a58a7e17dcaf0c0e41cf6a01c06b3b07c6aa0bf84ade556d268a86b184e14

    SHA512

    ebdb436ac3f833ea926b56e2c83142a3e6cbfc928475cff3bc087c078933d488da44a7ba69535471633d3f86e9f298a9a819f98cd6eb1fd543f615c0658a8d63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fe3850b70b9ead2465129f00c82d89c

    SHA1

    ca9b759ce1ef48938df8dd674375961e773cec9a

    SHA256

    417ba66d0cccdf5ce7010156b08bbd47bfeea421281dd28c1b1bf6c33d8891a7

    SHA512

    f93d91c8a546645dfc6fb038f82950670340cc0279723237701180b55241b3ba044b09ed2cd93add6dd12cba8cf1022f5840ef08d8ad601366e7e593f15a391e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\gsz3hkd\imagestore.dat
    Filesize

    481B

    MD5

    14563c153e2a0e9b488f84508786f3da

    SHA1

    6aaec9e859addbfa11b52a5d505bdeba7fe17590

    SHA256

    cda43d27b20933e4e4e29da04b14bf28cfb2adb7e1bc31d3bd0475c9cd4ead9c

    SHA512

    a0dccadd0b5be8a70ca734a2fb4e764c2d6830e08207349ae52e6f5e8f1f8f6d44ea6852e727e8cf97332514484afa4722645ccc768f656be28f6fa0a0f2fa40

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IAE3FJ0M\global.3a84580e795d435e406b[1].js
    Filesize

    23KB

    MD5

    6734e9148c6986f34505b14302d21dd2

    SHA1

    ab49f17c54b45ca375fa945638141d5b83a40828

    SHA256

    052a26017c6be4d6126a27ddbb00bd130d546ac6307a9dd1495935bbc316fd28

    SHA512

    95aee82e9767d0b9208d493bcabac3277484e91c5b6e1b4fa75590b84acaf12e64a15eb1370fbe2f70c78e09026b9f47632a635d85798e697090fa39f2a9a20d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3VL8XEP\favicon-32x32[1].png
    Filesize

    349B

    MD5

    771d8de994e18c42f10bdb1da4b3f284

    SHA1

    89abaa24bec8163d170c86c68a8e365207139ece

    SHA256

    7044b57970148b2f1cea6e52a9df10237d7af888793a1690716bb0d1069f4a0b

    SHA512

    94c7d644c7f1d2992504ac3aed470e7034d02a121b481ccb7b1f789a2e20df43d978971b1476d42eedb4179a4e4cf1181964ff11d43130d76456eb8cbd911691

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE40A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE43C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2496-0-0x00000000002D0000-0x00000000002E0000-memory.dmp

    Filesize

    64KB

    Download