Overview

overview

7

Static

static

7

460bbe6038...d1.apk

android-9-x86

5

460bbe6038...d1.apk

android-10-x64

1

460bbe6038...d1.apk

android-11-x64

1

continua.html

windows7-x64

1

continua.html

windows10-2004-x64

1

error.html

windows7-x64

1

error.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

instalar.html

windows7-x64

1

instalar.html

windows10-2004-x64

1

instrucao.html

windows7-x64

1

instrucao.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    15/06/2023, 02:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    instrucao.html

  • Size

    2KB

  • MD5

    7097277cd9b370e618bfd301ab6b7c22

  • SHA1

    6cd0013d1d2663c1aac4c2eb2402c151487b8933

  • SHA256

    5fb6600710350f5783e18b5f843defad7e132d4f82e88b7ab5d8be7a8d1ae7dc

  • SHA512

    e071b068af02624926a66f7071434c05fe7857e3a9235084f912cb71c9f33acbbdca154a52b9a348f6c9f03ff6b0d42808be2d5fe2691b86c7f5d11bc3248741

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\instrucao.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1616 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:340

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3632b5959e82e12c2d83d36c06c155e9

          SHA1

          5bf02bf67c5334ae705f562f6d878ee80baf4614

          SHA256

          8ea70a606655f620b8f5b1557ca80961441f00ed8081140b352111c8dfce8397

          SHA512

          0053793fc2a6c65796779d5c3f49482bc998d13b2f76a96033e1596491e4c077feb2fbb10f7a1cb04d10cfea10b8512e790ab3f5e9b32e30ac73f829da44e8e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e6fc56633bb936fefc1caeca76cd3fcc

          SHA1

          9583d96f16c258af69a34fd342c6c0fdbce17bef

          SHA256

          c9ed6c1831d713edff6d82b3f3a94148f02fdba932015a45f294c772a5c17f01

          SHA512

          be6abbce4a8f7640272bd7d10f95357bf1d5024ae3ae21222f20ba3353c760bbc791c4add6028b21e46709740c84f5144c89d7b2e8ba38096a22e287045da95a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0b9869248aa8281612f5a6c5b7e53b80

          SHA1

          4d82bbe1f81c74d81a96423baa655ef51bc42543

          SHA256

          fc52931af122b8a3e7acf885b8e1ba23ac12ba2ae656ed7309328706ebcb929d

          SHA512

          0e2f5cbd729bd757df8384d7f8ae3c1a46270655260737fd90b17e87f148e64ca680d1474d09c60ad730035c82eeda40e9c04474b104c16bf37c518cae433fa4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e128f7ed92e9e4c1697e07ee16cd86f6

          SHA1

          ca46f2ad05735aa48ef9aa8e3d705033697641af

          SHA256

          5b869b3eaf7749c5cecfb69ee4b3215b8e02796f8a6c3d442646fc6a6790e59d

          SHA512

          e3f93bdb06b3b6b66a4d30f4168a18c88b6ef1ff6fde5c8854c82617e5d67b91b802fc3495529311937d46788214918aa7a2be30762533481bc498a08931ac93

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ea9a6dec67752b17e28105fb92028c6f

          SHA1

          f0e3ee4893e8166ea8dee04cfe2b063ea2819725

          SHA256

          f50b2bf3ef9ffa02c35f7c8dc6a66a33130ec31174fb35fb51cb830b8d67f1db

          SHA512

          0026b869540e68e5cdf1dfd780f84d9c4d2dfcb99b981bc977a0503ef1cf1c9de07f64f4a98462c86907627f8d4c9e6981819bdcb9bd3eb729640ddf8c9d4e00

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8c7e0c9dfd83954ad20a1e1277bc5033

          SHA1

          4ff7acf0817c2efc158c54b0e0113a8cbdd868da

          SHA256

          d7d3da50db979ff2606d7cad263478946e1f337bdd6162c7c3968fd94bd5b938

          SHA512

          954ba402c82fc608bd0d157b45522c8c8ba9d5f72dd8ba38228f4522e3f5c9433600f0ef3cc1d5ef15bc0fe06de13e2a54ba57475a4e43d39c4353cfa34cab08

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d18c16f203e105dcbd780c4e5910c09c

          SHA1

          5ad9724f4122b733a68fc2203d01d0b1bcedee76

          SHA256

          be004513c88e8ae945260b4c2d7afd47e341a0e83270827a48ff73d0452db391

          SHA512

          ab22bf0c39b6ffa198cb0c56054bbe274dc6f541e02a54977b2bf867313e9b2b5b287556933d994f7f4c4ab82278435611fe6d120fe4dfb9d292a488085e14df

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          844a81635f7789ad74c1e792b4761a43

          SHA1

          5c3eb162c8679511dc5869b91427623effa3fb04

          SHA256

          9b34ff0c498796030382ca79fbc534e235eebdd05a6078e70c0528af80a1a51b

          SHA512

          17ca6792823e04211a966a0fca3a9c932da757fc6e84660cdbe7da811588e6d04217c1773b1c966b09f02a5fe08f279d00d69b49484d467bfbba83869c4a61b5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab81B0.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab8250.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar82E3.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\IKB0NDXW.txt
          Filesize

          607B

          MD5

          2cbeba8e90b036c381209151c19deb8f

          SHA1

          9377a0a13e323618550dc6dd730c004152793d2c

          SHA256

          e00cbcf8149a6ce981ee87a73dfaa11b96617bf6fd2f0013bca4c1d64242ff46

          SHA512

          e1ceaf3e63513475db092c607d9e7a8beef679af46f234a89848d3f6f8ebf783611265173e6cd2c1baab03bbfa04cfdd6e29b9fa5e2043a8f8288ebef824814b

          Download Submit