Overview

overview

7

Static

static

7

PicsArt Pr....5.apk

android-9-x86

7

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

1

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

1

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

1

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

1

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

1

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

1

callout_oval.xml

windows7-x64

1

callout_oval.xml

windows10-2004-x64

1

callout_rectangle.xml

windows7-x64

1

callout_rectangle.xml

windows10-2004-x64

1

callout_ro...le.xml

windows7-x64

1

callout_ro...le.xml

windows10-2004-x64

1

callout_shape_1.xml

windows7-x64

1

callout_shape_1.xml

windows10-2004-x64

1

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

1

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

1

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

1

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

Analysis

  • max time kernel
    96s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2023 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    consentform.html

  • Size

    27KB

  • MD5

    7a2ed1a6df8839dd8936a86d9edccabe

  • SHA1

    7bc1af528444afca678905059cb1ba9fade65352

  • SHA256

    d02fbd55c1b5da3fa1f77c52f5633421395a3bf228457521512b37cdacd65f9c

  • SHA512

    ea0c3e512b37e340f4c0a49196344f1dd5aef38c469ba124605518e913be601a5b6a92a50f00e962bc90041bb80e51480254c7902032d894b7d24be5aec47097

  • SSDEEP

    768:wEh4FOT6bJdK0D7fkvaqF1b6cY4c5rC28c54NTc5Jt:th44GbJdKoncY4c5Wc5wc57

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\consentform.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1644 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    513744ecfb3406cc5cfc746cc6c67aa3

    SHA1

    d897a385392ec74ef253afb3d3054cd5daf244f9

    SHA256

    3b48b999f096f6ed390c855fe7f9c013d5b54e2fea77f0125ca1dac29836397e

    SHA512

    ba6967b60069e545c5437faec37f817101cc528f9e3cc5b543d368697ca7f05a2aecae258dd6e40f17c8b8e52915137e828e675e3185893dd8c11628ed0d5fcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a916d9af39043a3bab84af434945cfac

    SHA1

    371cf780377b21ee71de314c559a916a5bec5a1b

    SHA256

    705e9bce5b59ee7481a694dec448d535b7682598111eb6c22b54848fc678d082

    SHA512

    030d3891c854225e26e9a56ed3651c148c9c995c509ea788bbd6f622a0616674ae2bad8496527d7fced7eb634186fb23d842823193d46a6eb33c16295fcbf660

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de8bfb2f0886de03340b8c3936fae3da

    SHA1

    af845c6f592fc0d5316e95d25d1ad68841eb8a11

    SHA256

    c4ad96b2431bb2841b86e7b223d47e3895134fd0ee8e96dd8d71b7544a76dbf3

    SHA512

    60f6b1f20b3f373ce33edfa08a2490566dda0e368d8efa6b3ea0e9c1398dc72f6344ab903c4162189e164f04125e41eeb2db83d45be2c1188b6e4b0b94343a96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcdca0ffc4359d01dab1ebd816e3d156

    SHA1

    1a19641751290023e489c4c9fce551819da5d791

    SHA256

    36ec70db9c91855bf29594c6ac81d01fedd551b3a7e0c64decb465c583bd2338

    SHA512

    a60c364375b770b8e3a9281bea263eec1f59bdab25138ae89be75eebafeae27e90977f4a40b2a9c441278902b1be6c0adaed6412d546569d0d36f0a61010dcea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c339282c22c9f4cfda4408655e59ad52

    SHA1

    f9ce5a2f5623382ec5b68ff1656b45811a7104da

    SHA256

    fffe5711f1843930939c34893019840ce85f079c060bb4b7af360f48f167118a

    SHA512

    7f49e5526fbe3de0d7e109faa156db491476fcdf50f2b56d75bc31218c72e07929e83839508230c9945e33122e7fb8b4e54a3810546f61bcb18a92c3218a90a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cefeab1c8b3f5701d21972a74e983601

    SHA1

    637e7a33890cd295a09919716d3edbf8c66ecfd9

    SHA256

    f726e8bc73ae1ed42bfec30bdc55f7b802bf8969a85a7595ffa4d5e9aa767be9

    SHA512

    a578fa714a18846cb6703e3716743d5097d1a44987e98997d44911e2c03afc339bfc7ab2d22d601a49a573b13b1e7925ec33be928120f65b01670a6d54104875

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y7KFSYY\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA133.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA134.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4F7JJUNG.txt
    Filesize

    601B

    MD5

    59953ee2ae76e3ee6fd01f46facbdc59

    SHA1

    8d08ccb9fdae4d1b5934045156ff5f4efd424863

    SHA256

    b61a1573d529b127c3f8934dbca783e24a4a54909a5dcc49fef365313ce7f097

    SHA512

    fed9de8abf1e85e79cdfe3ec93a5c8a3d8cae2a558ad2c49ab814dd2572608c10662e79866125eaec5c42094cecc66beed15c22f31ec858cc8ceddcef9dcc539

    Download Submit