Overview

overview

5

Static

static

1

Surf VPN_1...re.apk

android-11-x64

5

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

privacy-policy.html

windows7-x64

1

privacy-policy.html

windows10-2004-x64

1

terms-of-service.html

windows7-x64

1

terms-of-service.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2023 16:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    privacy-policy.html

  • Size

    5KB

  • MD5

    af007ce309e00c2c75d5b64533ef6dc5

  • SHA1

    c0ac911f4406f1235fd34abd1f9ad629351dd882

  • SHA256

    89954e9688a396f497551c10791ba83f53b3b7046b26b9bd08628cd62271766c

  • SHA512

    4d061f61aeaf218629f0f1d21cc1971b17f177b20490cfeed5aadec81b059b616c5b7cdd923776ad7d0c51ea04c92a1672e4f2569015dcf12d5d862912defb8e

  • SSDEEP

    96:JjBceEBcL7c4shDeKzY4gRK29HUjeiRVqIrtiqbAWuyusM:Jddfc4speKzY4gRK2dSHRVqIKWwsM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\privacy-policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1460
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1460 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:580

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9c78f88fd84021553096fbfc291073c4

    SHA1

    49b5d731f6262721755e283ebabfb97cbfe17cb4

    SHA256

    8fba2078946927968c87263c3115a512e9d1c79c7d991e2b62fb05637d0d2b60

    SHA512

    a44dd1d15afca7b54534262ca17e11ed5c6aab2037d896aba17524fe3c4d69cfda04f68f21c7dfa16edf9caf094d931a882450ee2cae43ba85dd6939e3787bfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4810aa913c992411d61a0dac42f14553

    SHA1

    13f1e08796b3621d96abf31aa5bf601bd5dd4025

    SHA256

    308d87b3ff51ea8f4cc331eba14377fe8200015df2bd6571eb8fee8c80b1c636

    SHA512

    b0e29754b52f3243579cab9aa72064f4781f50111dad644f56280f3c2ade7d4087f5ec120450836ca2e2db03761a982df2cb60f401605ae24f3456f46c974218

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    45d96af40de91c332781377aad13150f

    SHA1

    46ae0c8c21ec6294517ee79fdbb68532b005af29

    SHA256

    3724312ea8d4dc28f1cb4f5f7210b3ff0281b93174e230fc8658e1a3f19c6bf0

    SHA512

    8176b2f49bdc64ad1a8e1223af34325cd7b53e0fff991b4b00fe380d620d117cd2d9021ebc0e159f00f7a8f3d406a2dbd2ed0ad483baafce575b42351d1205e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1a79e6fc6e4be30f20740338d938110c

    SHA1

    ab9315a85fc2b0dc04480956e88fa2551e186418

    SHA256

    a15da837269743718d17c00df23e260b6c85321004b92c7b56798b047f86e30a

    SHA512

    425eb4a221504b0363ca4572b3e76095c8ed8deb7b39568ab93694e985546c1b873e9b9f59be537e53be307e0ee933841bdc64ddb97ab5e8f3050df83d893d34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7efe22c91b01d353aae85773c7dedca7

    SHA1

    f8e0cb8ac21be69d29e3b085a05461685d9c6c31

    SHA256

    ecbb63737741d61dd5f4aae31e46758d159a5c45350f85f6e04d9a413b50c912

    SHA512

    5de30e1dd98d54d95d6d94ac8e7adc6bf5db472f0dec467306738739123c2933a5d9025515417523517e96793c666aaa4e70b0dc7510d8f2627b3b9630288da2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f50b2998b39a5de20010802e1ebacd25

    SHA1

    92a36bedd316ad08a90de89a8d0b4c3669c2556f

    SHA256

    0e5b763d58802548bca9c94bb39824b6b6df356e592b2282702a9d0bc8ac30fb

    SHA512

    0af304ce602f52cc69a3113483c57c1b9e0d280f7abd18745788b703cb9eb3310cf8ad07cbd0b6bc354f0d62a4888978ede2847ec01764c7013bfd183e4e1c32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7dca90c550223fa8f2f0ed1a327468a7

    SHA1

    3a13a7a57aeeb25d4c01d9943989c07895c54bd8

    SHA256

    00a0c8b24340b9221ccbd61ef0d7213614c0e06647e1d3349496f18d6a128f3c

    SHA512

    b8e271464864f9f8fe6590d9f3d74b8687963905e738a50d142cca6801313128d18e639bd4c4519a4aada90e3d09868a0c0110c128305678a2d95002c986ea8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1586745a9c424fe95cca0f744f833f91

    SHA1

    61408c25866d7e4260f5a22a8502907fb7ea0547

    SHA256

    67ad304c5804093975ce4d0cc1e0b77643afdad8d9d8f6007f308e5fc60db099

    SHA512

    d674a23714531c919515611e603c6570f2bbc78dde1ab83899eb6e3634ff38a763d236202f331fb8e53b4dc0b19b1113067995782f37dec5f7a0d823f9e5d56d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9c7b112bede89c51a7067062e6289453

    SHA1

    02e406179970ab4ed5e454b88ce7c9c2a0307a88

    SHA256

    03c279a71f843a0dcd74f6b5751404e8251046bfbc53daebb8e107fb3042131f

    SHA512

    73d95e8956a6d0ea02838c946daeffa59766e28704cdfef5b6ebad86798cdff33e790d74b03a3b529a2128c08158574d7867961b822bac2e5e722d22471a5437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    618c378efc7ae81e4440074545374830

    SHA1

    088df752907aa24c1eb2ae0d180807565b927e8c

    SHA256

    adc613dfe94e1a7bff2567af73e9c9658a11ba89c0bbc92285ac63f160a59b5f

    SHA512

    9359ff7c69beb32b75bd12dc2b9eeb5d8f70ce49e42fcf8078b89246fe71c22029da720723831b81938a48badd2db0114f419a6a2a56b2f7aac2333b026ba365

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    28201c66ad94b2c9a878880b950f62fc

    SHA1

    b7fa939dccf6f4bdb4c9d0adf161cbec9c37d29c

    SHA256

    9369ba4b30f0d19479f6dc933caca7116d058a3b80f6531a9aa5f2a0e599ae64

    SHA512

    af904eb1fc7cdd10f05ab424ad6073a11536b3304d5c08f890d2eff51dd756ad4f03338523a05ab0f9e0f609c7567d1723c9e8813f437b9bfe5c3a58afd551d2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6E9D.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F71.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\IK2519XN.txt
    Filesize

    608B

    MD5

    2a25e70d755221119e50095e643dbc98

    SHA1

    7f507b2f1600f033e2e0d13a7bf9d69c6a49d64b

    SHA256

    f529951f37fc3432859a6c56a9e5c84684536b7132fed49ca0521d6769c2da39

    SHA512

    effa9218972e8f1c0fd2ba57966e2a0cd711454533e08f39a6b616ca3c6ded4423ca9f924a6066dc3ff1e240a7548516141457b0cdce37105614562b1f8f5416

    Download Submit