Overview

overview

9

Static

static

7

4d6e3e1241...08.apk

android-9-x86

9

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 01:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    licenses.html

  • Size

    1.8MB

  • MD5

    e51c452e3c0a5322570840f145bec86f

  • SHA1

    272fd93ef8bc30ad02879ef245d626b80dad9d6b

  • SHA256

    0dd6d560372744592aced2de9424b81a3f1b14a7564ed44f60d2ba471fad48b1

  • SHA512

    c6f18f42bd764820d1e1554074627c33674f41e044e8bb171a27a9279af8323705253bb1107c1fd3b928842fbbacc93c01059c6953396738160857d968fad8fb

  • SSDEEP

    12288:q3e3P3D34353/3q3q2w2S303w3e3w3a343H3S32323+3n393C38303J3l3f3j3S+:pQq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\licenses.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1556
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1556 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1756

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff4e104acc3abba7945b1f6bb498cc4f

    SHA1

    7f8f276a8da70d58c32f712cc8d557ab6a69115d

    SHA256

    a7efddf6f6a874f413ee98e23cfedea4626ba98f6d591941022fab7b7f7c1884

    SHA512

    d61affdc5f83fa9e0e6a3f4ffef454f86f24ea46a5611068b24bf060441472eb97da04e72f3b22bfedbbbf082229fc986cde66f4fbc4eb175e12f9cfd55203b9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cfc31e6970db97e98574e910e587e50

    SHA1

    116aecd97d849405b0240239dd4a118567163795

    SHA256

    d930b70c8cc26d778a19a8644bc8810488aedf1d98cdfbe1bded72a4e3276ab4

    SHA512

    8f47ce02c0f909df406f7fdc2eba06e6f092590fcb06889560a635ae6efab3465d3b0151284d69bb6db930bd6658e8e86133f7256097b3e69a97507bc9643b7c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21296f10de243734ba595e0894df0b0b

    SHA1

    eab6a41549d0504d518b7c96831a54483c2dc21e

    SHA256

    fd56f12b3a9e587ae9d03f52c15541ab30ccd1c6478d41c3e0cb191cdbe2462c

    SHA512

    3e6c5a82201b70fa8294f783b16efb1d840b6a0312ca8739b9f41be3ac931bfed9b47a1047a7c4f63d53f19c347fe3495e5f639257ff1f0a81ff4cd19f794eb9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d135c7e18986ec34d5d8763729b02fa

    SHA1

    9b82223715d66ef3b350e6c4aeece4daedcac0e7

    SHA256

    32c7a2ac6fdb0e9a6b3f782fa69ada30e93624edbe95c987bd4b8ad820455c80

    SHA512

    33d888ca865d9d50a32498fa2279c0307f5cda38c2befac41adcee090d750f6967e53b8d364b38c3d403a4ddb67a4248e8dca31b49568b2d83598326d1ccff36

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6c5588b8b5b35ded1005e5b6e8d68ae

    SHA1

    e90487bf1af1c1ef6089e5885adcc25f218311b7

    SHA256

    579807eb8aec2d2918e0705e157ccebb63913e3d1d22bf4ca4b531b5f5566208

    SHA512

    dd02611a638e9897f11d5fa5309da51e9510bd628f1092a3385b4383f067392e2381415e943109bc90d776f04ce08e252bc20df288549a98d64133706e584b79

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    135b001d72ee14f50d7014281a912851

    SHA1

    a86da0849f78a5bf3e8233c56241dc8e1921ea1f

    SHA256

    2f85736ad94873652ecb696734a4a81bd5879c3db01028815606a5db006f2935

    SHA512

    650b2e989e58965d0ea04dde96d09e0c48536b2dc7e7d4a57e7dbc1c9c93a33eff0279f59b5103b550bca408e8b8da03dcf3f83b49ec15f098a04eefbe9a22f8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    684509d40323c2b55c7ec7f6282d00fc

    SHA1

    20d523234993dfec242c3fef4f2c020e08cf58c7

    SHA256

    266fb68097e76a1e1e7a78187be203be8d05318560a837a5921a7b088ea20aa8

    SHA512

    e8b9af34c01bb8cc4ca81f91b4718d8e3097e815e084a4a538fc4773eb5dd85646f6df55e0f7fb61bde6ea2016376a248da5a5648f9c6c8fd950491d345ad1f2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2c2fab530db5c03105521b83d579a0d

    SHA1

    a4d58c01755d1606bd645b8d4cba84c64ec5b1f3

    SHA256

    4c22cdeece6d56f991afd85e5de5db0dc9d477c80bdc9182a929e42228c08d76

    SHA512

    6de59f91001f9bbecf32036bc73a3d17658ed6335e2c647dc010177dc0cc698e2152a244ed71373c060d769ac513c944abfd9d8e123b66d7dafc54b911b392f6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7a289deac080857a96d442f81c30e55

    SHA1

    82a040d6abae5a756ceb0eca4372076e0e7f2e9a

    SHA256

    571eb507ffb23d9b9dd7abf1561ee5e48ecc779c65be2285c6907879120cfe37

    SHA512

    9ca0ecd112efd381f72a9314e4f297913d3e053ada10c26e350d9325b5182097b45938c16b2b4a8aa999b16f55a9f44c7dd43526d4581c2c1f8e5874ca51a27b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab4A4C.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4DDE.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\SBAGZRZC.txt
    Filesize

    606B

    MD5

    125b274e7b9bc849bba17f4e973053a5

    SHA1

    8c1258bb5bb1cee97be1eb44ac701cb71931e95e

    SHA256

    bde4e15f3af9407de4f5e8b9b5ece06405986ba85578d7228a8a05fecabcb1ce

    SHA512

    dac07ed53ce02ff6875b9e39d6c9abc50b4924bea979c51018a6c45c407508c3d942ab503c75ef4704b720344c76d0a2c8d305f42179f202784cea1e15bd8f86

    Download Submit