Overview

overview

7

Static

static

7

460bbe6038...d1.apk

android-9-x86

5

460bbe6038...d1.apk

android-10-x64

1

460bbe6038...d1.apk

android-11-x64

1

continua.html

windows7-x64

1

continua.html

windows10-2004-x64

1

error.html

windows7-x64

1

error.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

instalar.html

windows7-x64

1

instalar.html

windows10-2004-x64

1

instrucao.html

windows7-x64

1

instrucao.html

windows10-2004-x64

1

Analysis

  • max time kernel
    99s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    instalar.html

  • Size

    2KB

  • MD5

    1da87f836210a89cbbd120fb527d31cf

  • SHA1

    c8a8cf3305d9969796cc940378713725de834727

  • SHA256

    c7407ad78bc1acddeb84e27e1efeaf9cada362da4bdf1710f31587a8f6b0f0a6

  • SHA512

    29b7ef8cfc8a23bbff261acce89d25f63f4b076814ca29d35ec605b2e829c35656de50a57cca2e3080f4ba2e63ac6664e8a606ddc643d818ccbb7b6153f82cb9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\instalar.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:960 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1712

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8f8cf2e4db297b78d243a0112478d9f

    SHA1

    2936ca3894c4fe8270458dcae4715efc17dc5820

    SHA256

    1140c12bd03855f3646eb0bc4d03d25c2a18361a32d20df62e8b2c07128cfbb8

    SHA512

    853c5e58bdbee7d33d3b78aa3118b2d5bb4d35e98edfbd840a1a4b54a135c01bf55de0fd06e11d1e1cfe44b0496cd6fcf84b8d4e6e57ae84716bee0dd69d7a44

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0652bbbb5e1c214af7b4d5e1990ecf8c

    SHA1

    312a087b3430931575064923ba55fd41ba8fee8e

    SHA256

    099813689e948ee3ed5a76eaf7c382119835ab34a228cf31e7fd6faed6e3915f

    SHA512

    09df4b2e709ca587220e09e5ca49e57a19d01be2b6a89982dc73c7aa4518fe2908f49cf4943d7f649da1565d9644c6e7db8c3e96e8a24eb1f0a1edcdac80ddcd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d115e778947bde51208e34f5ec6d045e

    SHA1

    2b3aa54d1c461c81502d84ae4dc9d80f6fcc04c9

    SHA256

    2753bca6c9aa159603dd4a0ca9e58aba13e2f535bf82dea6f95b49e9617482d9

    SHA512

    f61576fd80bfd39d95185e276004c4d90ac50238b0d715e6f91896286bc6b9e432a8dbe7b59b6ce49e1f104f578aea15d24e244c7752377eee88ff4989e0f14d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ef604067f85f9f1565a0d912672d27b

    SHA1

    a277a8c68eea8eca2a378939d152e318d00f6b46

    SHA256

    d9a4cff5bf73a4d657843e2993bbe94a26dc20838940321bb4416b0359d3fc10

    SHA512

    a8e65397edb6882d3117d9b398fb339fc403e533fcb6d81a551cd7704889d93e5bee47e0583a034e9607d4054a0242a5b5545f93674e90f2b2946d48ee916bf6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc7255f06f53a463987c3d8973eeae1a

    SHA1

    43cee885583a4f56e2e25bee00e6ec58fc7a389c

    SHA256

    4442092cc1ffbfe8daf12f198e293bb73ce143d90eafe11629f4929d132081a0

    SHA512

    d7a2f7cbfafaa6bcf624866accfca769b7963b1d0f8f474a95a3df0ad40454e6a029130ef0a6f1c3455a4929052c13acb48be0d96532da7b63e4fa8c597b2937

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabBB07.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarBDEE.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\C84I8IKL.txt
    Filesize

    608B

    MD5

    b8b1dc6a539fffaa6ac752e54b1aa83c

    SHA1

    bcad6ac2745ed0c960bb57c7a91d5b954e45e365

    SHA256

    f0455d8add4732a4c08a58e472f7be4f3d3961a2f2844dbf1d040e8793ba5f93

    SHA512

    bad43ac240c972766513649b29cf2965267e7b527a2d2a358662c8a8674759d2eb03f7220f0ae60c367fa947e5eeef4f5efc399db2bf7446223a7b551d882a51

    Download Submit