Overview

overview

7

Static

static

7

ibis Paint...om.apk

android-9-x86

1

ibis Paint...om.apk

android-10-x64

1

Paywall.html

windows7-x64

1

Paywall.html

windows10-2004-x64

1

TipsReorderLayer.html

windows7-x64

1

TipsReorderLayer.html

windows10-2004-x64

1

TipsZoom.html

windows7-x64

1

TipsZoom.html

windows10-2004-x64

1

UndoGestureTips.html

windows7-x64

1

UndoGestureTips.html

windows10-2004-x64

1

createjs.min.js

windows7-x64

1

createjs.min.js

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

paywall.js

windows7-x64

1

paywall.js

windows10-2004-x64

1

splide.min.js

windows7-x64

1

splide.min.js

windows10-2004-x64

1

swiper.min.js

windows7-x64

1

swiper.min.js

windows10-2004-x64

1

tipsReorderLayer.js

windows7-x64

1

tipsReorderLayer.js

windows10-2004-x64

1

upload.html

windows7-x64

1

upload.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2023, 13:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TipsZoom.html

  • Size

    1KB

  • MD5

    04f3dcd6a2b4326cc0e85b959d472478

  • SHA1

    e29ea6ebd37d0ad5199af0fa34444d12d4a252b7

  • SHA256

    49e8b2dbf8df37e127ce59160497beaf13b35d190277b3ca310ae51bd66bf5fb

  • SHA512

    0e95500121275013785f1caebe17b89e69b1c217d98b5bb8b6ecd2c87ab1a1c7fdb6137819422bc8bfa20c834c332f2eb5cd1b1669150c524415961919dc02ed

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\TipsZoom.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:680

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f2087bc56a31ef446cb0828c2c5c543

    SHA1

    482cd1fb5e9ea9b38fae65b3fd80608df698aaa2

    SHA256

    262095c33c3715162de72ce31b19d01f97d8b6ddfaa37c192e9fca7dffc3f022

    SHA512

    c4d6a7d4f6a652f98564311901407b31d59aec5a57f8e9f7d68c36a8df24179e3a01bba3a6d0a0d6dfbc83aac3df70a7b3612adcaf96b869b37f39c612aa6e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    698806a862f5f1f4b64015eb1ab76a18

    SHA1

    227bf2aec1b75ea5488ef39cedd914aba698277f

    SHA256

    50bfd56fb452b764ebcc7997ec9803638ef3fd88669dca97f42218237505c2df

    SHA512

    1fae3c9e2090ccd391c8f76615fdb585bbc8c48ee467c01b169982903699bf57a6b2d57eef7011db8ebda5453177a4b8c1dd00ec853a366a74f19d736919c8af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fec0917b5f60bff6f8fadd9a76643fed

    SHA1

    dcc0b2a09a1a8542b16d8c07ba328e77f8e3bdb6

    SHA256

    6922a9a0dda1017f3ebbdb303908200f2c2c0c649a973dfe229afe7b87ee28ce

    SHA512

    f9ea2f0d658df7dd342419bc140b9c0837f943bdead3c8c8eb32c37aa20a91304cdf13199bce942d0742e028e70558d63bb82b056764202fef6ed748ac4faa2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2bf6dd721912f69cf3c2b9d63af09f1

    SHA1

    777a5b87e83c1008ed320c8015e67de8f926b749

    SHA256

    1e87efd45079f21c615054d36e67592e88a75a37dbf78e56f00503c5f8651c49

    SHA512

    0f1437cab54c19e1be5094d13d5a17b0055f2510aa34875ce0f28329670b8f2d4bdcf58a80e17915eb294b722ed04d09f9c1b06aa350e9e45a643b03f7b701e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29ebd09b2dca7bc8ed20cf09a07c8744

    SHA1

    fde7966e14fcd20ed808f1c76d6cf6d24add7520

    SHA256

    fc9f8a30d6ffd3a07cac25dce39a7b8b2395a320b9ebc57a2791f8c98bff66d9

    SHA512

    d43d809dba7f4c9b3396e3f138d3f64ad207b9fc6eab7c761f70794a0c0369cbfa66cf8fed30c018fade2c2eb82a550754c75e4cdc80f26b4300186e8c556459

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad80edde6b17436323680664cd85f788

    SHA1

    044903dcce91a796d1a2d6bc50b6be109ee93f7b

    SHA256

    191efb3dda42805537f3f18f41d9d55ef004ab7882eba9bdb08f3c11aef69266

    SHA512

    585e4779e5d9fa754fc322e1dbefd00d36c635cc0ac5740e9f95e8e04b331865b50649d83103de6dcc48aefa873cde5335d0cd8d635373a4225ceefc0f6171fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73fee7de3f55fa5a5ca7beb47594ef14

    SHA1

    079101001594b302d0a51f1c6a4d18145dbb0b62

    SHA256

    704d49e8841019b31299117b788f773a7e299c8160ec08018eb7aba17d2fcb07

    SHA512

    89ecf4d8f63cfecbc74dc7018fb358745a019e22a9e4b06df7775c6d32e8f19432525263b5bdefa875efc193462e58f2ac5b293b3f463977090c522f56de6b03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dee1f02426d848deace0e1ca2beb4bbc

    SHA1

    73362f9219c148ef5baf27e56c7eea89266f9e48

    SHA256

    4b7af2cfc4c82c0f3363faab53da265695368d0ba3009f4a4fcc6595c93553d2

    SHA512

    029a340a3a705558548d528ec7b1598c3252722f34643dc6848f1120a3420322eda33bc46e6029838dcc35ddfb887f5bc093ea6f858bb5002af53333e4f17b40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22bccee837300f09a802068f3c7cb296

    SHA1

    aa904db5c607a904b5fd3af1ca7419a173899ccb

    SHA256

    7085a310d57114f4f6dda6bcd242017fc6e4a87ef559de59380ac110dd426bff

    SHA512

    2203f702fc515f5b8654fafa43bf8a05c99b9ab6a4dfd26346df97b8e96774d3c051d07b8bc7234da1175bb73f80271122982b78fae053b52f68cca22b7f9eeb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHKTFKHM\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab51BC.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab526A.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar52CD.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\70WYOZ39.txt
    Filesize

    608B

    MD5

    d14a1e362987b3ded0bbe3799bbcf5e5

    SHA1

    f5501ce0e2bbf76daf74e57e0c794db811d035d6

    SHA256

    2add8a5cc015989582ba507552582981a226189c52bb50c86a9a910b8af07324

    SHA512

    b65b3cbde5e6763c36d54e037bf78823bd069b80bd78954b2ff194ff2428e4fb9127e9c95191863ddcd9aaed58b8e4cafacc681b37ef6ec85094567ba4fa9889

    Download Submit