Overview

overview

9

Static

static

7

YTMp3_YTMP....1.apk

android-9-x86

9

platform_d...e.html

windows7-x64

1

platform_d...e.html

windows10-2004-x64

4

search_dow...e.html

windows7-x64

1

search_dow...e.html

windows10-2004-x64

4

Analysis

  • max time kernel
    148s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    24/05/2023, 16:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    search_download_use.html

  • Size

    1KB

  • MD5

    37e7684c5ed67d4dbc24e5e91a56d54e

  • SHA1

    10aa27c6e1f9f34077529f75cdff2fb19debb2e2

  • SHA256

    87a9d44bb004b1f7e6242ee5cafca09066de91eed8aa2baf4796260644648dd8

  • SHA512

    6d52193fc1050d98c867abdb07f367ab187175f566e0671183969379599ba6479160924be55518a77a75e6bf3dd17f3fe0505fff6f36950976ed5e8b8b2ea370

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\search_download_use.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:524

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          b5fcc55cffd66f38d548e8b63206c5e6

          SHA1

          79db08ababfa33a4f644fa8fe337195b5aba44c7

          SHA256

          7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

          SHA512

          aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c6b9a5cbe6d1439a7d492223285c9a53

          SHA1

          46d103e086b2bff0f40f7e516f22831a91a532e8

          SHA256

          1d3b55a649d27a56072a25835a72575e42c6c17cd7fd4132a3673ea4ca4af97c

          SHA512

          ebbf9d8a686ab86a827ad66d4604abb09798274c96d4d1a0370ccc27f045858f266153b41c6ce399532ecc32d8c39434330358f679a9ec77d4def6aa78457ea2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d6f568d8b0f71f49556f4baf16733f55

          SHA1

          267e331f52388b3b523bdf77ece9d801431ece82

          SHA256

          13c95f89f2d1cb58794fc5f5d67e3cf3778f52ba49e75ac11c48d83b33c16b86

          SHA512

          2844e937aa42b175310d75547bcf43113776808b7c810b5da62bd4bc7138e6cf2f7e996abef9f918326eed0b2b9e2c0262e0e92de91137771bab2e38b47d415d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          79599acf533ade0c74c34925462f0b2b

          SHA1

          db2a6e588198dc8b306f9d4ee10826307493c9ff

          SHA256

          5795be9f5015488dd4f5c4e81b0d0a4cdb671cda9932c3a0b44176a99aef3b3b

          SHA512

          ac9d19873401d7f74eab922ca1c567de1624813988329bbee1cf9da661b6c26eeb09891d4e3359e1321b6133e88490c45ab1b80c590449bdae805a7a896497b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d79dd0b089f88bf732c0e4254120aae8

          SHA1

          466210b9005793faf7ed305853b2ea70924e588c

          SHA256

          0a208ebb7e10c0802d9f54339901fe0373e82feda0f429c1d66c087d00fbacd0

          SHA512

          df2e6e3e4141cb98d0fc0cca2d56b0c782965e1a8c209552dddfcf83ae139e0cc80b4e3480497f67718782ed9ca67c412f3ce6e54812e7d8d70efb2b04dfb56b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          55320fb4a69d865fc6c654618d4bb3bf

          SHA1

          64dcf34b9e9a3f19b70499bc9301818a67e3632e

          SHA256

          2da6901e829d96cc21fe9e7ee0b162bd451f433dbfbd5678983ccaf5714cebd8

          SHA512

          a6de9ab69861eb5f1b677a58099a05cd404f73d7761da54670a22cffdd36af6586045ae7c92abe735a0e6d5ddbadf64b5421ed23a59e17b910b323e3be091636

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          831598fdd7bd2666f3919f0fbbfb2ffc

          SHA1

          80d13d7008b8b754fa8b6b8cc9ada05419f21b11

          SHA256

          f5266208e594054c0bd86818d572edc1807edda5ed997922fe368994da010cf5

          SHA512

          218a2c72b701c66d5a039ba6233e5ba4bc2d876cf3aa80a797d268eceb720656431158a6ffdf077728e91cba4e80478ee2ea29da8f4d1f143ac23686520211bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d04538fe88c8c65c5fa2def3bff81a3d

          SHA1

          7eeac52bc3e29a7b6ec22b63389c96a0818410a1

          SHA256

          4e3a5e77c50714af3ebfc14338631ddb9355ec4bdc2fbb4ba56fbc83abc6e501

          SHA512

          dae164e78153df67fa0b03970e5d822e3cfe6ac9f4713177e6a406d3210d1ba6956837081e128296bad08c0816875cf37e03c934e31fa3bcfb46418ba1254948

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          939d85eea4ba189e9caf215a98630ce1

          SHA1

          6c479dc933a7a0d3c52dd2e6f8ae3f4d3f17be20

          SHA256

          10ce42c9d038bbc2a5c59e8a37eeb47ff3b0c4e8837fcbae5e18711f8a5f2e60

          SHA512

          2d148f5c753f7f4e7f7e25caaea275750dc2e4078bc8a81bd87e9519ea6befe8be51ea9194abf1544fb8c460e66b48696aa05f220924c6bd0477e8d7e194b67d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab44C0.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4930.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\KAK4G96S.txt
          Filesize

          606B

          MD5

          ed4b757f27560b0153de3074b05ae433

          SHA1

          9ffab682bfeffa1353da0ace0fc5c23f767e0035

          SHA256

          685fdcd271b398d691f80ac6e85f1fb44e924655978862071928b3c15b09b872

          SHA512

          cb9311ae7da08064a8c06688484a72ee5cb9b5764def93f0e3a0dd2d536f58ee9bb17f6403132ec2766bdb3ff8c050cbbc560a00e418af6ebebb92c4674e8691

          Download Submit