Overview

overview

7

Static

static

7

Spotify_v8...om.apk

android-9-x86

6

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2023, 15:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    licenses.html

  • Size

    1.8MB

  • MD5

    e51c452e3c0a5322570840f145bec86f

  • SHA1

    272fd93ef8bc30ad02879ef245d626b80dad9d6b

  • SHA256

    0dd6d560372744592aced2de9424b81a3f1b14a7564ed44f60d2ba471fad48b1

  • SHA512

    c6f18f42bd764820d1e1554074627c33674f41e044e8bb171a27a9279af8323705253bb1107c1fd3b928842fbbacc93c01059c6953396738160857d968fad8fb

  • SSDEEP

    12288:q3e3P3D34353/3q3q2w2S303w3e3w3a343H3S32323+3n393C38303J3l3f3j3S+:pQq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\licenses.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1484

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fc99610572b8b2fb24c3dad5eb04615

    SHA1

    613131e2f1023f6d0e8576ef59d3053b8cd7d860

    SHA256

    168b3aa0b5dd40e2d390478df8c86932111a5c627a0de712a39b085a138b6f5a

    SHA512

    f9be23aa6d4567a60ca8e2d6e344bc3b2fe98c2f68a154a5d757a2cb03620fe0fb92b98e8f9252e2c4e957300c57701bbcede0db623c1d20dfe7d508dabb78ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b00a3dd0005d70c307979e0fabad3f4f

    SHA1

    45d5561c45f664d5f86141c776486e463a3f5793

    SHA256

    18b0f7b768740e80681684e482e6c83871bd4520e2c6d6bf5f5856b74c523027

    SHA512

    609e301eb0c924282e32d7ee1c0bcae9241562f9f697e8c2eef8f33b815c42226deeb1501c97983f3ed3c76b8a1c758d3cda4e84ea7c16dc47f6373b08af0d43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31da1e6c8766401705e73aa74db7848b

    SHA1

    52bf2f8c1981ab62391c9451d59c8dcfd18b3e1c

    SHA256

    e21db69db70c78852a4aec71869f8e65eb2e3ccbd35212cc35231fcd5c2095dd

    SHA512

    20fc50d8879c1ee0a071d79f8ed0ca717bb01abef2cd5a7eb1a6215aa848ddf1810bfd38b9919ed4adb566ccd9b9ef0e21b6edf43ecd3b47b8b7c1c884775f07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a5395efa5c744da9c4caa45be59cb6a

    SHA1

    ce3adfb5fedc825ed014d437ddce30b26b0fcb78

    SHA256

    6b2255ac7684889804f830ff2d1df986b36dc3678e86d10a259e7c5ec77888f1

    SHA512

    5599cf532cd452b3b8231a462a7791587be039786440e7df1aeab32244f421bc795ad20bfccf8cd364a2bfad5300318442cf607cfb0d0fa90e82799fe18812f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c826b31dc977c8a23ffb4d066f8067e0

    SHA1

    0abaadb42592364018403dcde225573703182f29

    SHA256

    97d6863aabcfe6b24f0680a952cc4626cf5e65d394a5f0c5a65dbdf2202e40a2

    SHA512

    4785cc27d40b1a49dc0a8fd1ab83e933123c795703a8f6cd14bf32b35c54a7702522d0d2e29deff47b3dca3762a166d2733be19650f68a488877e38cf3a8cb47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b8f355a7e4c5823747cd4446255f815

    SHA1

    db8aaf10a8e09c10b160c4700b3e7bc4d54bc2b2

    SHA256

    71fd5ec879aaea23d4f0c3819c608a2ba8d32d410943e1e9c4dc373e75a2312d

    SHA512

    8861191ad01e69d4f4597aaad27c1336c25a18e49e07805bbfef6322ba698466580ec5a1e1386fc33f42dad7a2d4a25c82bf8d91cc3367f71df403a4595e86dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4480a2a4f1a8e9ce683d295b88dc4ffd

    SHA1

    e8146619d77b5278c08c242444cdbcf7b15fe179

    SHA256

    481b89ae85c5d7cc00be6c82e16e3bdd4dfc0ec75af7c19ffb7175ebca1e9bbd

    SHA512

    ab4006cee4ee7204a43023094b2b79a2f57302adcadf0d6182938188dcfbdd2882314828b46dbd89edfa120fbb8157efe70088293cf2fb544faa3017d6569020

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6664.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6780.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar68FB.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\2ZV06GRO.txt
    Filesize

    608B

    MD5

    31c5f3b66f6d7126bd83b8a34de8682a

    SHA1

    1cdc74b785d11cf03768ade747152c57e638753b

    SHA256

    695a17e0c438a867493c95445dc86872e6ad777d5affab4f957e8cdbb95cdc9b

    SHA512

    1bc9a80c94189e68febcf9e3474a73c1c3259a0bc03a1909b99795e184db80478d65c7eede668e2847b7f6386a047af8c851229b8832d2441b751b0359f1d454

    Download Submit