Overview

overview

9

Static

static

7

de52345ffe...f4.apk

android-9-x86

9

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 02:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    licenses.html

  • Size

    1.8MB

  • MD5

    e51c452e3c0a5322570840f145bec86f

  • SHA1

    272fd93ef8bc30ad02879ef245d626b80dad9d6b

  • SHA256

    0dd6d560372744592aced2de9424b81a3f1b14a7564ed44f60d2ba471fad48b1

  • SHA512

    c6f18f42bd764820d1e1554074627c33674f41e044e8bb171a27a9279af8323705253bb1107c1fd3b928842fbbacc93c01059c6953396738160857d968fad8fb

  • SSDEEP

    12288:q3e3P3D34353/3q3q2w2S303w3e3w3a343H3S32323+3n393C38303J3l3f3j3S+:pQq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\licenses.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1488

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    367db33078274548120e5871e7c9a5cd

    SHA1

    5e81e3ab83856ebcba5cf3ca404e46dd94211afd

    SHA256

    423f9e3d217d0d8c37d480dc6b43a62d9fd3b3ff7ab3fcba2a48ad6f732d52a9

    SHA512

    ac130082b6d855f3dd5da09cd86a344e94461e1e72be9e795f9e88669ff2a6a964b2c66985466a1d7b21c1181143147a3a425b6e5d092bd6dc7c4ecb3f4c6fac

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47f40cd82cd4dd61c12522e0d5835825

    SHA1

    4ad76beeb546bc791a5c2118c4d5fbec1681e0b9

    SHA256

    f02a9d3b9be2baf55f392d592272b5cb02d8ced2254969771379bccf1d2f304b

    SHA512

    fd3d53b6c968b609c7798eccf8552d7e15d23b63ab6ab64e835006e5780dbb8d9212272aa055471193688a888731d7d147b5fbd769124129d221aae752a2f052

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ae2ae1b8487cca29385a2c8cab760dd

    SHA1

    5ee074e2cd4b86a51fe27f839424f889334a1a11

    SHA256

    ac8e8c2a37686456cb42405299960fba5f01dc6f7b94a331e8ffd32d5b7d70a8

    SHA512

    1f20cb8606a235cf7c8b8542a159a09d746c8948b671b037751490281c470f709cff474119d625e0cdcfcd42dcbfdde2fcdebbe9840b90236f13517297ad9502

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad3fff71dcfeee1b15fc8978f408f0cb

    SHA1

    cf87149e51a98058cc7ff2d0a7cca8a0c9af2e2e

    SHA256

    3bc4ac6fc0524a57335cc4c21644892fa453c347929fa9fd4c4a1d6d2ba71c49

    SHA512

    a47c0ceb133752ee186473cfbd53d28dd8cf72ba1e87eac350d81d90d56fc502594bffc4ff2c5e842895e059cc437267b3a3c8b64f62e7d36385493650255e1d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58f59b28d2ebede0cc31f55d55c5e7d4

    SHA1

    6e37aff13b04f895500f7572929da57a606c0d70

    SHA256

    307c8a03261c43741757c8be4ea07be2fce6929f61c9f9eb95f36fc83ec5adcc

    SHA512

    c48f38a879d7662c6bdb3d8c4949ee40ea24ab170169bee034323b91d4593069ed3ee61554aa09700ffd744fe7540a525086698318fdabe86d2e1f6f94e0f4ad

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0eba825f8458f375933de5bd5bec6753

    SHA1

    d9d286168617902f7d966527f77c1e37fff20f7b

    SHA256

    7cc4ea4cc26bfdb4e1cda8d22906a3278ad318592a0407ff7e7e03593fc4e856

    SHA512

    c86cb35892e923472e593d980419dd18f9f4daabeb7919276d174ee34f56ab4452e8994519792102e6ebfe915271082d0bea7c741e92126ce56f68149b3c1b67

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f03f7857a5efc32b1a52ac0843636803

    SHA1

    481cc9f9202ffea3212fa4d8b7a20688c4973268

    SHA256

    ef4cbee2c6d47ae93348686afe03d2a92c1c554bbf73bc8f5c1a1c302679f101

    SHA512

    4c68740d95ae166491b714f35318065e4f3261d2b29163029415d3470945f77eef489054590cdfa2f797b7f5966cecfd5a263aeeab4e6fac92415fba54b9d498

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95ca86f8bb900a2fc0f2d61e6af28ff4

    SHA1

    635b6d655362745aaefe2ae3e11b6a41a68d1f13

    SHA256

    90ff0426ca7fad9d702027ec7b3ff72854cbdabb257244d9b8050e1e4f8c2a8b

    SHA512

    4212f0d09c1fc0475575946948c6a1c612093e555a4ab75aa27f3a57b1e51c1bce5bdbaa3eeb39c1307d14c1a5ffdd32740354cb1a4d7997387472a27012eaf9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27ccbcc13cdcdcbb80c9f413721f173d

    SHA1

    1b4fcf20b4e2d9db5f12e1a02df04613995bb9de

    SHA256

    58789d1c439e929512ac999e392d195637a3bbe0be956e4f9b7bd7c0c6cb1baa

    SHA512

    e9a1f87ac5767913d3b03e9c16f7a63fc0e1f1803f33eab1b4e63aa45124c8049279523d948a3275bfdeae27a6e61c0cf2d0556f88b8f24b63811ef05a533424

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df6e69efbf33cd5ea9b2798beb44885a

    SHA1

    ea183ae4b780ca9339bdf5150905bb73c0b3a42b

    SHA256

    a1520eb9a109a0ad4c026fb3a9388522e7e51ffc0671b2d77932dc8adf4a9874

    SHA512

    4114e438644de200dd68977d3943544451d9abd03380435facf5f7fb08014dba37ce61f32b4d733ba602aa61703b9b55f9c4157dc47c713f93d24ba4e1322bf5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab4453.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab4562.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar45C2.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JO17NU2D.txt
    Filesize

    599B

    MD5

    9bd05014afc92340d42454c8720b38e9

    SHA1

    1f38df4124e339eb45792123b06340a61995f1ba

    SHA256

    40cb366c4d56a406f35e851bf08955f310d0ebc47ff8dd8c8ae5df51a1936c00

    SHA512

    c966f31283b7232bbabd6646d2627ec73891deb84b9779a0cc5914a06339e3029f7683b6b7b945fa240e18e709c74233ea83f3f90426dcd1c985022fe6906202

    Download Submit