Overview

overview

7

Static

static

7

460bbe6038...d1.apk

android-9-x86

5

460bbe6038...d1.apk

android-10-x64

1

460bbe6038...d1.apk

android-11-x64

1

continua.html

windows7-x64

1

continua.html

windows10-2004-x64

1

error.html

windows7-x64

1

error.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

instalar.html

windows7-x64

1

instalar.html

windows10-2004-x64

1

instrucao.html

windows7-x64

1

instrucao.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    instrucao.html

  • Size

    2KB

  • MD5

    7097277cd9b370e618bfd301ab6b7c22

  • SHA1

    6cd0013d1d2663c1aac4c2eb2402c151487b8933

  • SHA256

    5fb6600710350f5783e18b5f843defad7e132d4f82e88b7ab5d8be7a8d1ae7dc

  • SHA512

    e071b068af02624926a66f7071434c05fe7857e3a9235084f912cb71c9f33acbbdca154a52b9a348f6c9f03ff6b0d42808be2d5fe2691b86c7f5d11bc3248741

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\instrucao.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:564

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bdb251568e138bd9723bf3babd1f26ae

    SHA1

    ed3592e141a9dccd8812b16a690b0a75f43a7696

    SHA256

    ab603b470504d52053b4eaf2463f6b2448b6391da4723155052500343e6e3f95

    SHA512

    a98f75c86672fbd345e9f6db40f1053c1d1d4e528be06e0df53e88dfdb2106d8ff8a7602497718c44b411f9855e67b76f327da86c0fcd986623ea86af3ad485c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ee0f877bc4ee932d83635c0a7d3a70f

    SHA1

    a22ce1d0fe350db9f437a08095cc032079f43813

    SHA256

    ffda511a5a73728a5a922daa503a27fab807cd5cf7af8eae5dbe32e0aa37921d

    SHA512

    72d59d4a06624ac9c72cf525ef113db0562efca120fd5b9f2ba00b07b72a1e38da7b55085c3c65c90db8ee84505efd18e27cbe6dc0a0376344c50dc6edeee8d2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    397dfb3f5b68253ef6a837f0720e5604

    SHA1

    8ea9a9524d3f020b9d59d7dde52d6d4bd8f9ec17

    SHA256

    a0b6bdec03b6daf88834a7bf0d4f41fc129779677d1804cfff44a4b2c16428b5

    SHA512

    d844f70985cdc9daced7ce36c9e5d2e2f15db7d4121580ecd732ccc6c3176c7d549e147b92f859d937a190923844d7dd4acae9752ab353b528fa66452f3cecac

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4895d2644fb274d5a43a5debab8bbadf

    SHA1

    4d4025cb43d176a02ba8e0f6602b2d4d0ad6f16d

    SHA256

    4bd80fe6758fe5bb7c42d7c284158dcdf434dbc4e1c14bc303df67307f8f014e

    SHA512

    0918c9a4b508afd7b00df463facdaa3d3c2d9eef7fc3cb44d1ab996a6ae439a14a723ca3becc1cbb561c682efd3a2e8aa1533a740ea268dbaecf23001bfd26de

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    000f8f781c59ca37748fc028dd0d9e21

    SHA1

    a1ee6c8418049d994e4c143e66ea22c4b90f936c

    SHA256

    fa6ab2655e3b8c8afd87df80802a830162a9de3880c8f58bd55653ec5bbd5166

    SHA512

    a44f4bef78da00075e2614ebdbd891be0812cf2b7ab536953a13c2184a108be7406caa3f8cafd43ad3dc9162e2df23369f33543b4a5c441ccaedaa1d22965bba

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    781e8e58caab4cc4997d53820622dc19

    SHA1

    db95df1057c0e642d580ebbc6ff6a0c175c2cb1a

    SHA256

    2a2601e9f73e721e68f947c765dd3a9e11bd496e69360545819b3baa7526965c

    SHA512

    71d40fe1321b03d864a8cce060a290f3f7ad42095b425e53cd99c6d27ed39c8af9ceb9f05bafdaddf4fe6648475cf296e620ab0c34ef0e093450803dd32baae8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6c259b34e8ef15fd5484c685cca8441

    SHA1

    b1808c6f746bc40ebddabd5b4916943bc8eb4abb

    SHA256

    57fc11ea83fc26e8a245768f56ffffbfa61299e8b51a90ed583e7d7d8e31ce53

    SHA512

    09e167ec489febdddb2bf99022dc86f10b90184c60256c28d0e18c47f619efcbae8b5ec409ce7d817fa52c57190db75ad8eb190060293b78b7d9bf3c64ef6d67

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ab28be5221a6771b71f98fcc27bbaf2

    SHA1

    6f39996e942892df0db6dc76c235cbe940fb6af9

    SHA256

    94359a081530feca68078e1a227343db196ce37bbb4fd326df73fc6ebbc7eaf4

    SHA512

    4db4fc0eaa9c09a1a9ea777e8cb0c4eec2e7dd9174bdee8c834e720381a451021d13f6d9f201d4cff07f344f8d6026e5266fe81d881f09e034bb8190d5705346

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87a620afa654a3264ec8324d4f60ff75

    SHA1

    d628b9646d59a338b561d941d7b225fc2ecb133e

    SHA256

    976dfb79fcba665075b8ca47c748bdcc20379b1e741fd094199cc5976d29e4f4

    SHA512

    68f3c873f405d3710bf4bc6db101333efb59db16152c02f11de61e546561ea53472f12cb26c0c446c1b554da456fedb453ab9f2c77849bc573cc9296c94e0106

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab43F5.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4565.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\EALJQM6A.txt
    Filesize

    600B

    MD5

    8344930d21684d467fd464d54a920795

    SHA1

    eca0473ec3557cc984519bd9637466b07fd5b3d4

    SHA256

    e6becbf2839661e80d73e274a82810fab0021a9654f4f361da3a484532b0e867

    SHA512

    3a0a3d3172727dfc05a67e0eeffe359332e9745570040bd769263d6918a9e69549575914badc16acb716ab6766fc95ca8d5803591d559eb170f082f9c4c51db7

    Download Submit