Overview

overview

7

Static

static

7

Spotify (P...om.apk

android-9-x86

1

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    09-06-2023 21:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    licenses.html

  • Size

    1.6MB

  • MD5

    f3c173ef646567649c3fb6fd8234d0f0

  • SHA1

    82db4864f815270a53ee6e3e8cbef37ce7421456

  • SHA256

    e573a3ed9f29e4260566055ebc87b4762c7b17a2335d904cae730b13ec1268f8

  • SHA512

    f9fcb15906128300755b80504e171ff47897e346dec7ab894554689061f55d4c724a38d6b1f99dd17377d334bc13bb0a6eedc0ba3647a8be6cca39b6cf0b1cc6

  • SSDEEP

    12288:h3w3J3P353/3q3q2w2S303w3e3w3a343H3S32323+3n393C38303J3l3f3j3u3Aj:6po

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\licenses.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1476
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1476 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1444

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a3f65171c9aca364429a1f79851ee41

    SHA1

    2356e4f3878c7af7c7a78584f20b9086a5825d5b

    SHA256

    7a38e5ce8071a628edc723591bb6f877f8a1db0ac33d4ad4a0f584d63f393930

    SHA512

    6126bd7650c343f62c0f6574b68688344a87474efc866bfc2357d41f329691e85e1d8ec3a223ba106d1771ebe848d3673bda32705cb855f57246d7b8c376cf72

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    955ad34924a3f7a29496932d6f61f4e0

    SHA1

    b0ec4f0ba6566b930a542fbe5fe08b6087054a9d

    SHA256

    f9e49878f14b15f922a543bff6ff20d989daff391a9e4b155038f3edbf335dd7

    SHA512

    f8e19c5d672f59b2213c1c63c1ff578e96b6a49fa124ea7810cad108126512f64b1dd42193dc4d08843c8f9d4c64ace988ba954a42794cf5c86e1ec754a01612

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d15917b3333d76b890d59453c5966ee

    SHA1

    f3d0ad9bb818980940f96648d3c238a3f4929cc2

    SHA256

    7a75255e8e178d591a5193fbdfd5ce5b119bd49c83e98b922a0de84e6780a094

    SHA512

    48b12dd15de871f37854d3058c52c3817cfcbbb0a67b8d2a687089b4f3a9c68c82d45bf7a26dffea60e5754a6f02ebf66fb2f57cdd0cecc5c037cb9f87330705

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65bbc1029bbbb058c157ce8e777d817d

    SHA1

    0c36e2791b08379bfd719f550932779a811bfe79

    SHA256

    2f3b4c2c9747ff1d7b00e96d8006d2ec10818b0a558cd6ef7ca89cd80acdb103

    SHA512

    006efd5255ebc52759b295aee245c0d6d5d4e08ba3a4d9b8fb639c9800fc4da31dc06a4c30c61487d22a3bf375b2ef8e26f4be7db54cdc4a88687ea46fefb6f8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1d6779483f0f8633134861e3519430c

    SHA1

    077130737b7bacacc945fbf8446592c8dc848ca6

    SHA256

    cda1b172effc680570f3afc25e1fc2f8d2bf98813fdcf1a9fe25f23cac425b7c

    SHA512

    997bbecbe531d9647d7e42b686ab14d044e11d1850813fea5cf0d3a348f2c887d34495f62c27f2da7bec5c5e261de6c5c7af966fbc3d404801d3dda42ab24814

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2056298634ac5eba24149db21cd37b82

    SHA1

    ef9596e7eb5a23b550b73e668675b878dbde4e01

    SHA256

    f31b34292522548d058f59ed06f0a2d16b6279147b297c96c316f41831634c36

    SHA512

    3a33834c7b2b5b812362453b4efa9179e45d931851e3db66afee2b02f45f7fa26570003d134e32235c754df1f51a84f37e63bfcf089a361f9ab171b515af84a5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ea5bf5f9f6b524216df03a10b290d90

    SHA1

    f5cf9f46162a41a9949815db980809ff21579078

    SHA256

    8b1f0c5615f5f6272a939e619fad95a40a8857f4c637b09bb1954ce077cede78

    SHA512

    b289d186260910d5863eb6517f90701b60ac98976dab2d2157e37659e557eb281728507b929fb28e9d3e292e8cb704352b59c7f66c77a05c30b545561f222ce3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33bc1e158da73a5cb1497d8641cf4c40

    SHA1

    361f42e3c267cb3b760b62a53275052df196a516

    SHA256

    a7670b1650ca0be641e4709d20c5124ded381bbe988978eee81f5a73459456b4

    SHA512

    8dea6b710d8fefb395d6bcd8b2202828fbb11cdf0d36742f1b79bf6ff9453d4ab353c40dab02625bb09fb42889d69b70f000432f38d15bb155ddc02632f730fe

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3E5B.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar40B3.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BO6JK5SL.txt
    Filesize

    601B

    MD5

    0ddc387fb6f769b9f4b86bd63434b016

    SHA1

    b174d7b82dd0213bb5ffc9447f3fc8615cb9ef88

    SHA256

    ed5f65eeea396a47de54ea50fa6be21a24884ce409fe059e8c50324a6eb1fa51

    SHA512

    74d128e4b1787a7acff6c5a5376b2fa81bfd403d1b25644f08c94b71849dfaa0c954f1f2b19347ea2e4ed265dc1dec991071e3d901d707dacfdfd5bc5337e18b

    Download Submit