Overview

overview

7

Static

static

3

fe1c426cb9...18.exe

windows7-x64

3

fe1c426cb9...18.exe

windows10-2004-x64

7

$SYSDIR/Em...er.scr

windows7-x64

3

$SYSDIR/Em...er.scr

windows10-2004-x64

3

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

3

tbu03852/options.html

windows10-2004-x64

3

tbu03852/s...g.html

windows7-x64

3

tbu03852/s...g.html

windows10-2004-x64

3

tbu03852/s...b.html

windows7-x64

3

tbu03852/s...b.html

windows10-2004-x64

3

tbu03852/tbhelper.dll

windows7-x64

3

tbu03852/tbhelper.dll

windows10-2004-x64

3

tbu03852/t...091.js

windows7-x64

3

tbu03852/t...091.js

windows10-2004-x64

3

tbu03852/u...ll.exe

windows7-x64

3

tbu03852/u...ll.exe

windows10-2004-x64

3

tbu03852/update.exe

windows7-x64

3

tbu03852/update.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 08:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/static_pub.html

  • Size

    599B

  • MD5

    0bf3de7de6f6a9ece7674fb245c7e428

  • SHA1

    a71d601820676d5741734e825c7347d59570bc98

  • SHA256

    29101ddb9fc880b921c78a8aa0952310ccf0fe4eb03479425500fc2e779d4b2b

  • SHA512

    30dc0cf67d772a79dec244882f24c4a6ad71a3139b1b92d6e059f1e677ef138596e71c7bf12c2283b591ad64744b9abd15895fa29c4a600f64c784423bc270b2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\static_pub.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2864

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          da84721ad231952fea2d403d5302d794

          SHA1

          0fa1f4fe95bbc2208c573333cd0c812d8a5f9a8a

          SHA256

          744ab710e2b1a9563db0db365f44ed75927754814b0d0c187f76123c0e10c4dc

          SHA512

          44218c9049772a07aa1c88aeba8e7e4ee0392e98bf1cb757336f1cadd6eb1ae1602ab36067aa15d1d6d70b44e47ffa7d5fb4e10dbd5d914b65b422aa9f44eb8c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ad1d3cc309a969dffa499ed4aacb6c6e

          SHA1

          9cc31c1401c7b50e7c6f3946293b309bde1d5675

          SHA256

          906fec6556908c2705aa36bae3349039ec3fc3b104d72dfe1d081b350603e734

          SHA512

          cdbbead0c143cea19843b56fa7f7e7492666ced98e66246d400dcf748f6832ebbb74700e805c15e0099c9c587861e5552fa0f02bfcdfdc705456b01b3c73dd84

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fff0627a875ed6ce572a1c77482b4b34

          SHA1

          3ea3329cc1dbe9dc45d579a99bc7236b2538ed99

          SHA256

          29bea3b00c56ce359ca7513490836eea0e9c9e99354b725e4abf0abb3e084283

          SHA512

          dd3a610f2c7a58fb3f2df5412f5e5115227e850bc0d60ad2fce5c0450f7b3c715227eb5cef9b4bea8806e8c4e4ca15d2df1cc702796acdc44c127e9e465fa80f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          88230534b474a98ebd376abae85206d9

          SHA1

          b4e8fa7df3ae334308fb002e54a070e78df0097b

          SHA256

          c159b12ce24368bdd03447bdbf9f5c3fffedcf38f03923319beef82bd3de92da

          SHA512

          2bc2a99f2f5fbecfac48e9018d7c43cedb9e7937a1cd6804d7a389052846e91d2868c9c7dbc9f5fc49974f3c0ac1584753d46fdc86c5efc2a98be87858b216b4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          41c76a99868f8ed3c978c0bae54518c2

          SHA1

          4f0ad40e87abbacb355773f61a56b03275681898

          SHA256

          02c6d3ae6f130516eadd2128851c84d6d626d1486f94343de3a21ff618276e6a

          SHA512

          004ff7ab7c9cda70f9be1fbc554978beb5cf925570aa115ab6547b025de4995998849714504ffdf177a744cff59f7f8d706ab7fa96cc062d3eceeb20ceb3a145

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          06b7b96945eac78d74ac77b8913b41a4

          SHA1

          4bbf14f82910c9a56892aca76bf7d3d8c4d75a9e

          SHA256

          314589c0d85c394f48dab4604fe32424a61c17e5e3c626b80eafc375cfcb8242

          SHA512

          ec97a5c5a2008ee32b3d07af7e36ca5e2673cde37ef11d4956dcf2116a94b431e711a9c5df3a264e45a5d4b6cf84217b2555e16ec35b28c64674391693ea8ee1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7660590766e16e56b215c8e7e8988c4e

          SHA1

          4ce3558cc74a8a89001d0ae9b87263f72a764ce2

          SHA256

          f2017d599355adffc1139e83e134a2789786f58b9bb6c29987b53d50898494da

          SHA512

          4320100f575083d71899d131c5603bb8409de9f12dcded8c9c07f76f1adf5623e3648a25a71b50578d1e61cacf3024a50b59f709db0699fa07288444fc44a8cf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3ac8844808845137944b603d70b2e8ff

          SHA1

          cc07cb16aba51731f78426201cc5d5d7c9be8893

          SHA256

          e6171d54be62dec57742e3ca937dbd89fe9e8fe0c68073c9fde2b6183151abee

          SHA512

          9a9b6a4a9835a53263cdd4ff583021837bc4312c9de1cc902d34ef952bd6cd63d72c2f985f154483de44ea92bf9113d2cfe7d4ce07d00d80094a7422a4d392d9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          423932cc758e6a3c77cbcfe95b916521

          SHA1

          c34b0e244c285e72faac973f14970fafec8d974d

          SHA256

          be348477d17bba44c2abd6a4de1934c0892fd34be90746d01829ade51ce2f35a

          SHA512

          4732287ea022c4979feb29e409a9afcf6ecf2d9fb07ee7a9f5ebfe92837dc26322d26a9a9c139792bb37bfbd3a3be242d0db475f8f529140dd66d31b459f29ca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a10c0a9500c2e0e213dbd001985beef9

          SHA1

          4fe4e0e99bcc351c20e6f6274e16a08f2d8224c5

          SHA256

          dbe113bfe314f79a8db6702cceae82e3b5e6a97573f62c0d3727a4762f5055fa

          SHA512

          bf1248580007d707f46cb44f14a06261b5b3df35a08244ad88652534503d2210d41121ddf9bb5c887fa8aa0c68c96da230a509d323d2ca4baebd136a2ab9e59c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          73ecbd0b49010ae8218c5f2a042686b2

          SHA1

          c22fe7bcb9334353bf578cc0eb498a44731da524

          SHA256

          13c4bbf601a4b7dc69a214d31b7931c409ab68a60535eef7720c167bb8516f5a

          SHA512

          20fdd1930914656f9998e71940a6f5a32ca1accc7ab048f978e95f08d74bcb813553116aea4638eaf861644e8654321d6aa98ef77c763ee8d83473b00ee47b7a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3f2ae4a1ef8d5b07b81d32bf1cb41515

          SHA1

          8324137cf88ba7d2c1f9a8f182f91b9ab71d0cf5

          SHA256

          b2366fe84ffac15cc87a258a585dd7ae4239a4966da2d7184b8d2baec73d72d4

          SHA512

          b334836306d59514ed25626031b7f43edfa269229ba88ddedfb2ab09742cc55631db37bd746944f4fbfcbf861cb4c29b045f354535cbf387deebfe53e9e6c6a7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          57e6ea1ee35fdc2a8d66b931944ccd0f

          SHA1

          5d763ca254e08d2446608f42508239fe9f66fd5f

          SHA256

          2af0de1222fc68f89de3fcf4c1c43ec68918b80f597db0b61ba10b890f2b7966

          SHA512

          6f8c30b22ba63fee88a8f90b40774303a19b786a846fe7a7fb0b8b043c8796a0fd510ac89b9a89eff87ad77a69a024beb199ce2f84a5fea2027b81ffccc6b6a2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ae9579fa2e6df0615582389780ef5b91

          SHA1

          0900d065110d2962145e07afac974d01a8ffddb6

          SHA256

          c8c1273bf6449683e47f27a090e9c96831ef2ed638414f32b8fdea53eb85f5d9

          SHA512

          620a4b8c4422c4afcc5b535036ca08b31c3063b5d0ef56dffca8b8b85ede6f51b6e361d1886ef041392cec9b42ae92636524076c94a3307ff69ae2d9e1de10ea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c89b06edabf443a9d7defdf699b23d7a

          SHA1

          6876615eb5b92cbc8df66b8ecda5b2434175830f

          SHA256

          ea36ecd4d86fb79b2d953ea3db4bc8d88339a5dc22ff6d0d1dec4f870acb6cda

          SHA512

          db62bd5c4153069be98658d98cd55b3b36bdf0e9f5c82906b886d5536d2042bd55dd3d9ddcb3f93650abded5cedf0b9853d9e259c0087e9fdc2a3a2140e9275f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          75c6de91d24d94134d82fcf89822a40f

          SHA1

          5430d973e48f7f9efe87a764d0336654f30bdf18

          SHA256

          82824b3f4882dcf0e253e875e42b4e155bf5c37ffa1dd2c974b8d0eba45fa5ef

          SHA512

          adaf9890ac00f86a28dddc3b18afce199d7221ea012e9695d673d0b7b5ee80e4ab31a19d5b4b4157d211a3b477fd1c601ea2fbaa5bbd2e4c34698178ac035132

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8ca14ef8513f8e124a73b21c52c423af

          SHA1

          23976ab15006edbf90af029f0dcad0654915e261

          SHA256

          4ad10c8f5a845be9d930cf532e80127ca75164cb8434e4cddabc5b4bedacfc76

          SHA512

          d7c82bb747be9ca9c4843962175203e2e8382aac6f54842da0e5d7b2e0ae346f261c72b0b3bf25782db324d45ed17b5d68b4a714bbc1d773c0dbf561afef7b66

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b37cb918f5ddabf2a7edbfeb606ed387

          SHA1

          094c4a19b17fd77961a0de1194d5a842250fb4f9

          SHA256

          49c3da394ffb1b8a8998da5a680b980282b7aa51346ea992fe409483fa040554

          SHA512

          db603237188ee2bec0cbe36c952016eb98ffdefba2b25004b8ea6843724abc249f98d07bce3588d52373ab5d368568e924aeeeb8e10f0f599ea184864d7f5169

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab35E1.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3643.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit