Overview

overview

7

Static

static

7

a37f233569...c2.apk

android-9-x86

a37f233569...c2.apk

android-10-x64

a37f233569...c2.apk

android-11-x64

createjs-2...min.js

windows7-x64

1

createjs-2...min.js

windows10-2004-x64

1

vpaid_html...e.html

windows7-x64

1

vpaid_html...e.html

windows10-2004-x64

1

webClipper.js

windows7-x64

1

webClipper.js

windows10-2004-x64

1

Resubmissions

30-06-2023 23:06

230630-23nrxsfa33 7

30-06-2023 23:05

230630-22xcnsga6z 7

Analysis

  • max time kernel
    100s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    30-06-2023 23:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vpaid_html_template.html

  • Size

    16KB

  • MD5

    7d7cb3d6c22da954fccb084f6c18ee01

  • SHA1

    529871b15146f802c1c1fe2342b31db9e328bb7b

  • SHA256

    05cb7160ec6766397cacbfc5d57373edbcb028917d81e2f2d748e27086db23cf

  • SHA512

    a73d034079dba15d38bd14ddb81afd8af51b31a5c80cd83346556e7ca7f2ec927511ec3c151abf7cdc108ac4671b7623066e0375b30536e1503125354fa1a15b

  • SSDEEP

    192:mrLYJFkVvGFQshArPtP842+Lw1wOEeR6kad8bWXSrJEBOn8TsjNC4ck8aanlDTtI:8U42Fn9qW4+EQNuSXIlodo4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\vpaid_html_template.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1372 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:868

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48c2da7d8abefdedf201aad66f22b552

    SHA1

    2d38df409fe3274e7b9d457e93c13a057c364e37

    SHA256

    7414c19cfbe34c2f756e78875926d3ad88bdda8d89228c582cb30bd2640ecb4b

    SHA512

    059a91886691541c205dd060324bdf34fce1c0cf4de208d861b03006c9179a503a01d9903444f7378384b1156e3583832ddbed236a467690b569367d4715d6ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cde5a3c7e7b2d2c294d89aaffef67e46

    SHA1

    0b71c8f6b4a3f50b0b3f51aaf68cb6e8f078eb3d

    SHA256

    b4c397f5fbca8fcf66f71dfc283d79aaa7a170604eb74bce218e63e76b573c17

    SHA512

    555bcc1ec4e0d775499c1fd9cfec5f435d60a0935f6f9c859f1b0496ac3b4ff59d83189b208f2a8fffb0509ec8963f9a05859f102989cbfade8f9fee8574c169

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edd360a2aa459b75012558f92931add4

    SHA1

    960776af4eac07e4490ba8d31c82fc01ca01e0d1

    SHA256

    035a3d180b3179dc481942a39f090c7a47362dc69e6ce43cb082ea22d568be09

    SHA512

    6a4c1c168e4acb3cbf9f94d32125deb3711685f338a5553b0577c3dc48ebf58dd37f39cde2b16cba38c648c8200843ec13f40c921aa8370a5af916183f7f4bee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fac31da596768e2cd034cb6e6b95179

    SHA1

    6817f6e1fc3a1e6343f417fdf74fbdf92e13ff17

    SHA256

    2b2da96e855025c38b6ec6630c5b19b9749598451df05eb310e8bb1c4e12cc01

    SHA512

    d4a03178d649968e30522a4d9770b869bf3151798417a2d1c4d219d77540002c7ae2b7c3b2a2f390f819b397b7efa789575ca88b5c942c5073401af05050f7e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45d850f486dd1e837cb2c6570b2b6a5d

    SHA1

    e3e6fdb7564040483cff7a955b36a6db07f9a6ba

    SHA256

    a2362d688c0bd638853b1f5b1df86c46ca6b32dc1c597fe6126aad8949449385

    SHA512

    d77eba4df3f50520ead3e622717ada01c7b5a16ab0f6589a1be3556effcc529139a4c1a46246dc55f306f2062c8d81a9aa8bb211624be35a7499c78ee52ab86d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c73bc9b2afe5a590a1609f3d0b3085c6

    SHA1

    ae920f7ed414f614ad1c1247e6a80e2d2eef2634

    SHA256

    b7cf0a5d61ee0e0f405cd4170dc7a65d64ad44b8d6a7f18e4e75022506384458

    SHA512

    95eb00ea624b63faf1409f67ce69d5b1eedc543e8ec5f250403cee88876f25611c42f7f9f8c01824141d36c4434adfec67bd037b484702b421063c9548f0432d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81230a2fbb01c13d6d9480ecf87a973b

    SHA1

    e4343987d6dbd012779a0c89d5f9dadac27db760

    SHA256

    2df94a57b6bdc6908a84364274517e9e60606c9c55a78e88eb65e98f7493712e

    SHA512

    8b63da705bd0afd9291cb93a62a5b614e82baaec1b65f6600a48a3c07994449f06276c11563c15dfb2208b1988d17d709a71f64d9f3a0a463125c98c2baec02b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebaffe82fef3411c76f98da9c377c5b0

    SHA1

    0b5adf860f488c29dee6bafcf10086c74f4e25bb

    SHA256

    e6750db75a01a6d299a1de8a09bb13bc885d0cdfa135a31d74dfccf2c1377633

    SHA512

    a44c589b20f575e96ad74f26270b0d7e3cb3b32dcaa1cde5a1919b248602f4954f5ce09e6f9064feea00b0ab6bbba14c0e4b78338712be2d53ab50099831fdd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18dafcc4b5fdab599e0891d6794e94d7

    SHA1

    ca758c168c0e5c2b8aca9ea5564b9f8c6c7e735d

    SHA256

    78f4369fabdcd53bfc863884fe8b2f08ddee91db4ea2391001903bbe4a7db7ec

    SHA512

    0d9afed866b8517bf6a92e4f16c774a7706d20313e6ad0837838285f13a5d66301dc38d3ef64a939c502d06313d49353d4d88621ef251b27779b06a5a294d6dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7aa9e8ed5a3ee420d5e802f35809811f

    SHA1

    f4f2cf22cda1f0534e5284a0ba82c752bcb46142

    SHA256

    ea31a23a553d3c76bb9d78a1826414ff440cf4e8f145fbf509410b88bca30ec5

    SHA512

    142910d4a95beaa4c038edfb1fa7acbe316d4b08f1e4a27fdf26704feed135961b47cf1d56cc679b2645ec148993dbfbe30d7947daed1c3588f6f95adaea321e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3b6ab49fda3950c8511a19119c63c88

    SHA1

    1c9d8ccb49b5e3940b0bc0673d431db8c89839f1

    SHA256

    ea4aebe6846c9971d46bf6b4def97be217235cbdd05c9a5c44bb7ed38188a155

    SHA512

    637faa242d175da4bb4eb483022c5815b8acade77936521b7c5cb50115140741dd9339fd2b7e7c399b22f62e4304ccd1d6346957e05406ebca50fa2f8026a8ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67007245db306172f71cbad53dcea0b1

    SHA1

    4b9371763f641ea5ce063057ec7f4eb63ef2c53c

    SHA256

    ab8e3dde2915f44c70b0b911173704ec4d9fac6e201b2727e88f05dc3044b154

    SHA512

    c91389b473843d47b68861f1fc4805ef2324a7dea8b07df69cc2fa4ab3899e4fd2311d96aa5f518fc3103b49bf57dacc4146ac06499a8556ccb89e5c72b9bf2a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\134K02XQ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab42DD.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43BB.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\40VN937G.txt
    Filesize

    601B

    MD5

    5f46082c81ae3cfef1a83b04f6c60b18

    SHA1

    a26f7336ab5359ea1014744f2db002fc97650b66

    SHA256

    52d768786960926dc52417f432dce635fd39be067d5b2136f40ff3cfb2f71968

    SHA512

    e0f60ce95632c874043febdedc73e65defef3079204af9a91f67d04219659c167ebca574c56fde847d6ddbbc0e211b5dbc5a609d230f52674d86d465a27de500

    Download Submit