Overview

overview

7

Static

static

7

download/Pardakht.apk

android-9-x86

download/Pardakht.apk

android-10-x64

download/Pardakht.apk

android-11-x64

download/f...m.html

windows7-x64

1

download/f...m.html

windows10-2004-x64

1

download/f...m.html

windows7-x64

1

download/f...m.html

windows10-2004-x64

1

download/f...m.html

windows7-x64

1

download/f...m.html

windows10-2004-x64

1

download/f...m.html

windows7-x64

1

download/f...m.html

windows10-2004-x64

1

download/i...n.html

windows7-x64

1

download/i...n.html

windows10-2004-x64

1

download/j...n.html

windows7-x64

1

download/j...n.html

windows10-2004-x64

1

download/j...n.html

windows7-x64

1

download/j...n.html

windows10-2004-x64

1

download/j...n.html

windows7-x64

1

download/j...n.html

windows10-2004-x64

1

download/j...t.html

windows7-x64

1

download/j...t.html

windows10-2004-x64

1

download/w...0.html

windows7-x64

1

download/w...0.html

windows10-2004-x64

1

download/w...d.html

windows7-x64

1

download/w...d.html

windows10-2004-x64

1

download/w...1.html

windows7-x64

1

download/w...1.html

windows10-2004-x64

1

download/w...2.html

windows7-x64

1

download/w...2.html

windows10-2004-x64

1

download/w...3.html

windows7-x64

1

download/w...3.html

windows10-2004-x64

1

download/w...0.html

windows7-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2023, 04:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    download/webfonts/fa-brands-400.html

  • Size

    315B

  • MD5

    a34ac19f4afae63adc5d2f7bc970c07f

  • SHA1

    a82190fc530c265aa40a045c21770d967f4767b8

  • SHA256

    d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

  • SHA512

    42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download\webfonts\fa-brands-400.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba1bb44d8d80292187ad68d868286f89

    SHA1

    2c5a3ce20ed47fea62fc3cbfe454c8754caf68e8

    SHA256

    1d29655881ec2ac1ae4ac0274159185e842b22a2ed9d9f90d4a5fc77c127d507

    SHA512

    f86782d0cabcfffbafde1c8a67da5b771050b0bbb8f88df9f4d76a1764c86180526f06654306318e3b4c0d6b84fd55758139a65f6fda8e63d41d249ecde871cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ef3e73186595b28db1769ef0154d69c

    SHA1

    1a12682c3046bff1b16957aceadebeaff739626d

    SHA256

    410130163129707100bbb23dcb30a730e25bc8e472eb6c450b4c2fd1179e1294

    SHA512

    91a64defd8d9acbcc2bdc3e845dd51d5654801a32daeef7c7c02872829297d71907d5372a220d539e3b23c6d8868f1e470049e8d4f39f2108713497836ad73ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    605702996aeee5872bc3f53b77152d90

    SHA1

    4ed2aa0daa3af4a531df5ec84e1fd33c2dcd8c02

    SHA256

    8db00a0ce787069888c5036b25f87e856446d54bdf8c046a4cd8b87c96561f09

    SHA512

    ea9551bbdf2d31c773408b09c8b79865a706b04733406fe34dd801b9e5b720d4b6423324843e4f2323aae6b0f376e83b1ec6a9d82d4960c8f0bfe6bb54cd5680

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3804de7cce02f3b90bfbb41d6d983a0a

    SHA1

    742c0e2650744d255fffc0797314cb8d6c070065

    SHA256

    e49ae120b1058e0adc8f24e97cccd979a8f9da9ff2c4e2efdbcdc3b199362ff3

    SHA512

    a5bbb9237c3c7c8e2d98e2509cfeb2fb4377a5726b69c7b7e624bc265d977a65a72c01e1af5cb5ebcc9fc6ea280517562ff54572002f91f541a26bdfa73cc7bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da06703046c2d7e5bdc97bf9f7a72e34

    SHA1

    6e2c2743697b78d1dd508aeb467e819d0651dd04

    SHA256

    87255d92fa152fe986b02cd5265bfffcd80480ce6b359e59c1ca1ba636ec21e7

    SHA512

    00f25a21aacea9b483686b4f42d0d00d9efd01dca2a5285818f833898586363f0f16b14a8ef318b12e32482b287f5fbcd0c8fb39bf625346ce730627bbc54dc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31af5b741a903d94f341cb8ed319c159

    SHA1

    4591f3def586abfc7a5f2e20ef19959005fc9f70

    SHA256

    8096d0010f7bc5b47f47f85623deb322465fa1011daf7a260f68aa35eee91d0d

    SHA512

    5b0a0c58746b8b554fadfd09f91106dc2786c2828269b84c66bcf3c902ea1be262c16f60c59a3469d873ef97032c9c8bed622b00648652f9d83d63b261e09263

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64ba476b5459d41409ce933c14e30c58

    SHA1

    39ab6146cd4b6b70b2d3436d21fa8f3528f58fc5

    SHA256

    67336cb615d9018ab2da4b8c9d846be2ef4f8172788ae339d87c889a0b658035

    SHA512

    7551ddec62964d9b53cbb50994856ed5ec8c1cff009769052e0667a2d79a9e3de405ac9991768b2f92422074f02e3d7d17f5ffbeb560904b08ec4d1de1ad864d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1a33c95c221ce6fc9bf993fc92a74ef

    SHA1

    cf94258aa41c5473ae7b340c1c147824c892e856

    SHA256

    c034fb1f3c01d131f23e562d4058958ca523a8d9b7e37358982db5dd35e57859

    SHA512

    4f937ae75e310602ed931c93858e9d2a60c5788bd87cb58ca5a09e103865e020ff98053d8157fb993813159b2823b8b17a2b26b8e17ea6c3162106e2236ef6bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    780383ee6a351ab7d513cd6a0b1f5e99

    SHA1

    2dc30441fbcd720ea9d26d740a7090ba42c80b4e

    SHA256

    9a5bb21fe094bc6f0f82ae032a919d6ac6ae0387c388c9912e618fb4ae434ad6

    SHA512

    614ca34aac9053cb02ab4bd23627ff709ed0b6964d2791d2254bcf17f9ea511c29c49ce8688dcba5f41c5be270f331fcec99e7c5fc52a577476fdd7280af18b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee1dd1a8d27a4d3b022cc9a9031c1a7a

    SHA1

    505c7c788ada08df988358769d412e294ed86b50

    SHA256

    3aa884d5163727f6f48e6021a34ac38517508a7e2d1448ca2aaf47b6a26e049f

    SHA512

    6cb733c34bd2644ac6ff8aebd2c24f061e9f9217be2f83abfd2912bc0815e859bd318185945b8b8889144a4d52d5702580d3460c00b235e0af71dbc15812ab27

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M70DY8PN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5035.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar50C6.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\NMP0NIQ9.txt
    Filesize

    601B

    MD5

    17ffd7c37e8c4db012d1823e781acbc1

    SHA1

    d3348f59a84e41d96131cab01b34551cb1357d81

    SHA256

    ade00204d7edfad21e6a34bba03b78db811830ff5157c34fbfabf4236cc129fb

    SHA512

    d464f653d903fa66e4e14b8c997371aaa3e35e6007152883353598314e450be5db6f460f101cab8786be6dcc8b514013e490031024eb05690df32bc8b2f979fc

    Download Submit