Overview

overview

9

Static

static

7

11cb54336f...81.apk

android-9-x86

9

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 01:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    licenses.html

  • Size

    1.8MB

  • MD5

    e51c452e3c0a5322570840f145bec86f

  • SHA1

    272fd93ef8bc30ad02879ef245d626b80dad9d6b

  • SHA256

    0dd6d560372744592aced2de9424b81a3f1b14a7564ed44f60d2ba471fad48b1

  • SHA512

    c6f18f42bd764820d1e1554074627c33674f41e044e8bb171a27a9279af8323705253bb1107c1fd3b928842fbbacc93c01059c6953396738160857d968fad8fb

  • SSDEEP

    12288:q3e3P3D34353/3q3q2w2S303w3e3w3a343H3S32323+3n393C38303J3l3f3j3S+:pQq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\licenses.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1408 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1864

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cf6e18e48111d331ba69d037d09d591

    SHA1

    95c4b1b5cbe1833a18e3a70a5b3712b77522b5f8

    SHA256

    aaf637a5b1cc5eb5238d7a8d1c44ce7b5c0c0f929668a7256e3d4b0f0123f9f0

    SHA512

    fd755751e37656573ac6f4093bad5592f59de715e91d17ce7e98cd4e0724ee523cf618f74829d560301a0ff60356366dec86e4c91a143473c4ef8500c0402209

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7aaff96208b3f9869e552870e280c71

    SHA1

    9e0a3024c1d7b766e21beea69723e530520fc909

    SHA256

    2d9dc5bd95d5154ebfd15498076eb2ba6e2abb50f62da8f6492ecba09b87ffc4

    SHA512

    7b46c47ad3328380b11249a32f16fc9c650a0cf7cb76775f03433e2f1737e2d6f3a7544c119d4e7138ce0e6e79847d644336adbc3ca72e4f62272c4de915da59

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c887268f5fcc5f9f602920467b986746

    SHA1

    e27e5f80e9eb0f8fdca48f67a5a7fdb8024c3648

    SHA256

    2beb1ef45f1f3cabbcd8827aa2b20d4881a1a8436a5336ff6c50fcfbd3eddced

    SHA512

    4a048d9e6a4f058f136b91c86274bc51726ac0484db656e8290e4d075ca897f3f23f08caff6f6f0563027712b92c7f8987a17b35b2af43bb5b2821398752d14a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ad8d0c5030157a6100c61af23681cfb

    SHA1

    ae1647001e068fa3f11fc71b4a337d0f11b699df

    SHA256

    0f3d8e5159ef488ac6993a7413edc5ab522d56de23ac692b73f75048a280d2ad

    SHA512

    91069dd6292ab0becd2d809befe0fa80b0eab1666feeb982cc2c73fd64d777a10c56cc273168737f8248acb547242e0e0113e5ebcdb13aac15eed85aedf4ce9e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c4d88a5137c359a77ab0688fce236bf

    SHA1

    b1f08341b9c1d56f50e734e5c0d6619adecb81a3

    SHA256

    4f6e55fa84552cdc8bcfdac4a44aa8c0d1599947e28561dbe9da9c5388b96cf2

    SHA512

    61206658764f6c6a62c86d853d6fb2f427b59bf166a4063650fd7724b8d3d92fabf4fb6c8aa378acf90fce87ef5049d82f54260d2b4bd1dda8f0e638a23a24df

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e208118c8f54cb567e07a9846d0db9d7

    SHA1

    ae00f2e7c16cc668694957efaa17bb5bfac24b86

    SHA256

    0dc3a84e8882b83facecb5146d4bf5db6f0b79ea02b78060d044ce3eecb81d98

    SHA512

    0efcf1a331b5f7f73a4ec3550fd7d625411a10a36b28b4dd9d8c97d3b5c4a87ccb0c5cf216db31344050f164d94e2868e9566939184808b73bf894bff057b17a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d54ce9534a0080cad79d4ebaf0539e49

    SHA1

    75f8ba790c5c3592b292e359fa445b0e72c7ef8c

    SHA256

    78767074d163254d5e8b7b51768e5536faa3b32ddd34ad0297d1cd45f79ee4c8

    SHA512

    312ba8d8846b79aea0667deb7c637f96ab1267c29e241ea6b6e5832fe739e95570e3b2603f59ff5b6111790733834d0031db049551b15dd5403f0e7b93a9981d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e709287283e69f7f536c722baa1f2ec

    SHA1

    a6ed805b1a9943ae2ec2b156716d91989a42765d

    SHA256

    67efb7965a2bd1075e4a887f54dd52ad1d8d12ba994786710aa1a28fca9aed2c

    SHA512

    fd35c564cdefb35791bb63ca1478e828cbdbb4d1c5ecbc75559ea0997236650b7755e113feed4d3aa115c697c52057d55802213a0b2618963fcee03c51a604cf

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3823.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar3BC4.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VRO8JRLA.txt
    Filesize

    603B

    MD5

    3b52f5fd2881a38b0aa917e2d2e2df42

    SHA1

    b0b4a4a1ac4b9cee9b611525471cc1e5055bdb71

    SHA256

    6c2a0ace4eb65f26f4f48a39f6c61a76b09f53cd5b2070dc4ce6d3621bcd2e93

    SHA512

    4c772ad1ff5894a4973e4f56d82bd5d5d5fc3257cc87fb3d690a37dae8d7abe9b4a0b6bb4f808d78fc1a2e58a8590e3fce398cd727b81882c21ab2bfcbb9d069

    Download Submit