Overview

overview

10

Static

static

7

base.apk

android-9-x86

10

base.apk

android-10-x64

10

base.apk

android-11-x64

10

Zw6IGlco.ppt

windows7-x64

1

Zw6IGlco.ppt

windows10-2004-x64

1

license-ru.html

windows7-x64

1

license-ru.html

windows10-2004-x64

1

license.html

windows7-x64

1

license.html

windows10-2004-x64

1

UserDict.pyc

windows7-x64

3

UserDict.pyc

windows10-2004-x64

3

_abcoll.pyc

windows7-x64

3

_abcoll.pyc

windows10-2004-x64

3

_sysconfigdata.pyc

windows7-x64

3

_sysconfigdata.pyc

windows10-2004-x64

3

_weakrefset.pyc

windows7-x64

3

_weakrefset.pyc

windows10-2004-x64

3

abc.pyc

windows7-x64

3

abc.pyc

windows10-2004-x64

3

copy_reg.pyc

windows7-x64

3

copy_reg.pyc

windows10-2004-x64

3

genericpath.pyc

windows7-x64

3

genericpath.pyc

windows10-2004-x64

3

linecache.pyc

windows7-x64

3

linecache.pyc

windows10-2004-x64

3

os.pyc

windows7-x64

3

os.pyc

windows10-2004-x64

3

posixpath.pyc

windows7-x64

3

posixpath.pyc

windows10-2004-x64

3

re.pyc

windows7-x64

3

re.pyc

windows10-2004-x64

3

site.pyc

windows7-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2023 07:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license-ru.html

  • Size

    34KB

  • MD5

    ac6e15df193c7135c916f85fd48afecd

  • SHA1

    bc11e538662c15a478b3cbf8cbf0873b8f19ec9e

  • SHA256

    a1b20292621b8ba67ddfb61802bd12bade68f6b930ac6ad61e89c047a1f91c22

  • SHA512

    bcd3d439b0b25ba3de815f00ff92bf3545578d90d53adacc2b272b60ee8bf3d65e460d87fbdc56eec32344d8be567b1f7384fb9c8b0934b24cec39ce05b7c8e1

  • SSDEEP

    384:8JF/uQenaw/h+pMNbK+v5AKVjZI89GThAKJPrLqCu2WVgqxk/d1NDlCPjOB4WUen:4e9hDbE4nGThAUTDmI4WUE8Z+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license-ru.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:696

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    873995f5f214bb749f0b26faa57f09a5

    SHA1

    9487bbcff8c85d571096be75eeeec7bd19306156

    SHA256

    fa6156deb31d9e0cbe47b98b6f53df99a965733ba7700339dacd732771471e75

    SHA512

    e374c9f60021f0542e7883f32c9301b496d88178547651a5f0b504c8157b85ba1b34c89463a295426af673a7db23e7a506f5e8e65bf6ff583dbda5d1327fb5eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d5577bf1df707152070db10b1da8e3c

    SHA1

    6481e7207fea7827244ef4bed306f880925b7001

    SHA256

    380c4d59b1c7fb6742ae64f95292a8c617bb11b36a801478b45fd863dcf818be

    SHA512

    c47c19d57b1328946ff528f13a09d7cec8b5f161e1d47725e98c6b93a9428840fe5ccde49da26372c08fd01cd95a26193790deafae64edf395a9c22caa9c50a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a381aa6fda4f260c1bdeef96d59d0777

    SHA1

    bed7c1ade79f0eef9c5533713a8ee0b07502d5e9

    SHA256

    af7c2df9d9768674b06b088153ebb940d727f500a3fcf5678aa8d38baa09fc2a

    SHA512

    5504690af942c7adb09ef29824f561d33324aac69fd67c955df46783d46409c38c0e8855d5f647bce8a38e352336853e22068836c98610cb52cd629412b8239a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb6598f5180d2deaa58da9f4ab54dc98

    SHA1

    d58438285f3971a2e83b1de49aa2b6374727a26c

    SHA256

    35d3fc549cc0ec9ce2ad2d9d249b44bd67f224f37194ec4c83087e5ee8820194

    SHA512

    9390fd594eba6408fd9bd6c0d073a786cb41c7a59a5812a789a143d1a69d44629743ad5df5cbaa49a19e917b0618efd75e977f95c2089aef536a4765abf49bf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c7616674abcb6c1ffa23ad9f8b46fc4

    SHA1

    5092bf098bed0912a6a7f74f369b916240aa3de5

    SHA256

    2502d151c642453fc2d577e69f272f8971df8c3cd4b48a737f6b61dec115da37

    SHA512

    bd3171f2cc50f148959bf3caacc6a6351613a7cd6e92d00ca799872c22a7b030778b2668810908d148508858846f5e1b76d126906b5d2a071c0397486738875c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2777a859a41d2587e72c73c357ee50ae

    SHA1

    534955c789d6122cb7fea2d53017b7c395b5a57b

    SHA256

    d58b98f183ce7011105525772d1230d100ac7733e7bd2cb57d63b9c8543c4333

    SHA512

    2537588091c949e6840abdbcd6bb6477918bf8905af34675a3137ab7b1804f1228e1764450ab55400d3b393705bca36f8a9326f972f34a4a0ebe739c17a1ca16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a55fbd1de0fb40aacf30ded598c210ec

    SHA1

    6328fe79da696b32b6bf526ab47d7bfa4ec721aa

    SHA256

    2e47189287cfafbf75897541222a36d968d2e9a9f5f14bf3a0b871be9157d1f2

    SHA512

    050f77abe091669c4d82e0e86094acbec0bcadc819c7e2026c57d1557d6d282c1954d928935443222c0e598ebf2eecbcc03c64f072a04250590ced9519a1e580

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    810a4d05b4630903a824c4051b8151d8

    SHA1

    3b77cb550abc6e804f561322f764abe58a281f14

    SHA256

    28ff6cdbe048a6ed9249f1b3b1b274e9ff9059cdeedc67a0c6ddc5024adf930b

    SHA512

    d2235bce3e9e562e979a0226b85abfe36d9bc0dfb31805d9a6ccc223c13d3a78409677ea50e476091f892d618b9c8e30ef27caeaddc9eeae6e228abcd53cdaa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb90ee126581639b8f3f75f1efe55fe9

    SHA1

    bb128ad8bc42fc06120b64fd03e96149155f2beb

    SHA256

    a7401f1d4acf507de4410cb4360caa59a8df00fc38b4ef013479b81116d39c80

    SHA512

    47129c74f2f0763e2f74847cb783b9d9974cca140afaac9b08d31cb271b9a43480cf7093ddf6d6fff3aff7a1dbfb3964836efc6343dc4c5ed08cc71ff90ab064

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4D67.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar505D.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H5K2H32Q.txt
    Filesize

    601B

    MD5

    51e514774a553093ffa45fa2adc1ec5c

    SHA1

    65696cadef88ded759bedb2137a31df097096d42

    SHA256

    cf28d896d48c265112fc075287b401d6f29e7480c16f01febfb2972b3987e8f1

    SHA512

    7805e66a8af1552033bbb6e6da837c23bb63383f025b2f569310bf6a499333f9d625adccb9453a5bc34d47c5f18e0eb0594eae5b6c62e32885f5c289d1e5f83c

    Download Submit