Overview

overview

7

Static

static

7

MagisTV v4...om.apk

android-9-x86

1

IJMDal.data

windows7-x64

3

IJMDal.data

windows10-2004-x64

3

af.bin

windows7-x64

3

af.bin

windows10-2004-x64

3

amazingkids.otf

windows7-x64

3

amazingkids.otf

windows10-2004-x64

7

cacert.pem

windows7-x64

3

cacert.pem

windows10-2004-x64

3

domain_test.json

windows7-x64

3

domain_test.json

windows10-2004-x64

3

gomediad.so

debian-9-armhf

3

httping

debian-9-armhf

icon_max_d...yy.png

windows7-x64

3

icon_max_d...yy.png

windows10-2004-x64

3

icon_titl_...ed.png

windows7-x64

3

icon_titl_...ed.png

windows10-2004-x64

3

ijiami.ajm

windows7-x64

3

ijiami.ajm

windows10-2004-x64

3

ijiami.dat

windows7-x64

3

ijiami.dat

windows10-2004-x64

3

image_icon...ed.png

windows7-x64

3

image_icon...ed.png

windows10-2004-x64

3

routeMap.json

windows7-x64

3

routeMap.json

windows10-2004-x64

3

sign_verify.png

windows7-x64

3

sign_verify.png

windows10-2004-x64

3

signed.bin

windows7-x64

3

signed.bin

windows10-2004-x64

3

test1.html

windows7-x64

1

test1.html

windows10-2004-x64

1

Resubmissions

05/07/2023, 09:09

230705-k4h5dsch8w 7

Analysis

  • max time kernel
    144s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 09:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    test1.html

  • Size

    314B

  • MD5

    54061017a555259127101e7ee3d05cee

  • SHA1

    71a337f65f85b7f18d1b45b506ae9d37b30fefd4

  • SHA256

    4aea4fb039368cf36833aa9968146ebc07361c246d230cc45dd6f69107475c60

  • SHA512

    4029191e7fd37377487afb5274f14c3dc11510cf5e5cddb4a4afc6cc819c39f5f95f57c5b82c351993a6f3310224453551f8b99835af70fa667d4e91b47a4497

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\test1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2272

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fe6ece22e1bc95d11ff23fb88878c87

    SHA1

    d0d7a6e9fa977cc37ea4604350f74b586284b1f8

    SHA256

    ba1fad71ca31ce7c4ad00ed490a5f9475f48986864fcc23d4bb91bb333c983b4

    SHA512

    204d9f35c63a4cd8b9243a001c26ea35626f918088ada5c36a759352394a3cf472c9119e8b87dce231d2e9214522e90b82fbf1adf8aabb1578b494949a728fb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34d695d055a73240506145846d204b4f

    SHA1

    2f148096b8c17160a62a112c72e5d0a25c15dae1

    SHA256

    414e1de3ad56fe53a5fb9af596a90182f6b1deb36bbe2f783270789f172b338b

    SHA512

    9ca1a1902f1c57784b19525fbad3b84b4cd2fa9ccbb9fc9326764efce635cc8e6b21d53f5b2635b4493544ad94abc2f12286b0ddacdfdb43d249607e641537c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aeeff14311c5142fc5223410f09a062a

    SHA1

    6ad13e0b792240fd55758668f9bb3798ab6d19cf

    SHA256

    18b6b9d1e56d933e51c35f0051d1be5c5ae42d277d8eb7dfe8e391023b469363

    SHA512

    e73d6e4222d15caa00f3d502184c780347c758d240a671d2a001de5d62301866a004337e87e3bd86a2f47897cb8788eae2eb20e04e77b341736edf59fce055a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    faaa6e5da35bef164c2fa21cb31af843

    SHA1

    9adcd9f5bd81003f68314c7c7b50d33bd3f68fb6

    SHA256

    a4376d25dcc52157015f023a69cef76c5e623db273fbe845c2f8c29961f4155c

    SHA512

    ab9c8c3381e35d9bc537a4602abe49766563e38da16a479a0030f4cb379455be01a17a387e973b8f0d69281e4a6167427229d5a54dac35c9b112ec3249e61fb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    853e97e2e0a8b795a46ab5d79e6fe74a

    SHA1

    f171cc4608e3c98c6b1234b382d5d9735cc24e67

    SHA256

    a42314f440c181628eb2d5f102562bb34de9adf8a9dc632798271d27b80e0273

    SHA512

    22aa1f519fa5e986e7d7ae1a25ad20bbdb8832be04e807de0ab5d48688fd6d60cc0c983ae4a48b1441616a65522fda356a3e3c017d2be70587f94cd5707939fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6710b59201ba6f973c7fd869f99c291e

    SHA1

    80372863179b6507cea84fb63883d828de791882

    SHA256

    c2fbc87a4974361d78d4621e2f16fdc285c8896337a1cdb2b2982bfc491a700c

    SHA512

    e7f6818a3e463010ddb3a0ff892efd7038feb0ecfbbf0394eb57c10b5260f10cb5339dc2e14f951773435ecde06ca532090323603f149bd1910b861ca1e1f22d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87e992955b6d5a3381d762d1d10800ba

    SHA1

    28d429515645f3a7a64df308eb4fe988903a38be

    SHA256

    d8971371a1ac4e94eeb41236f1171a31e5e00506430be5b6d93cec2044dfc0a6

    SHA512

    a280b41e5f5049e20fe27e0b58d415e1baa8d2d01cfd8ad3b57eb1afde824ef8aad9423c1ff9bca03b608ff0103bb6aac4cc13de3e94565787ef4c20628ead5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40daaed618d4b0b1a1f03510d0afe041

    SHA1

    bfa249251e25a2bb36bf22e27969f74d94b6abbb

    SHA256

    fc95018825ac80ec12aa1680beed16bb5e5262fc53b09ef6e57a1989fd79bd6f

    SHA512

    f07e1e6692541400364c3cfd107c71add9d25d66501216748b37b1cd1700320d51957e380754b95ca246fb8016fdc7bfb0479b4c3c0bdb00ecef3ec2fed60d71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a409b7b163d51cc4dacae0b0cf89ab8a

    SHA1

    5f5977c9b79802efc9e0d974f0b4b0623f85e80a

    SHA256

    44303a621110dcaa2902f8e66e8bb0be5dfc3fb75e041a70d45e6707d0dddb44

    SHA512

    aa11a38fff9369884e0ca3b8ab252158e7ef8cf69d164888beeef21ad3246627f7b20967cac6a7d78874451aacda280becf6e6ab6b81203721fbfa6b68e8f9bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17a1f64fb3b327bd6972f6cd41f411ba

    SHA1

    b3132eaf49e6d5f9ef13fa3cc45ea746ba6b3291

    SHA256

    86798f838281642476123f97d5c007ab957ff0020ce34fa651226e3c74ba9d67

    SHA512

    4aedfd56672c7e1799fdf9752775f8786120fe499787e48c650cef07075351b3e7ae873631688a7dee972020bb561c3f0eec5a7fe076f8c0ddf3ff18cadcfef3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CM3TD3CI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab60E7.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar616B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\RUWOTRHP.txt
    Filesize

    603B

    MD5

    3674ecf7134cb60adf2afe07452b988f

    SHA1

    4f548cc4806a223fed674e9f5bd46c96c7298818

    SHA256

    bd6f7b19d6d1f6acb6bc060ca219cc6595b976fb4b8ec067360458ebb4b4fc37

    SHA512

    13e42b127bf7e3b1f7932d0f9eec81b37c9e73ddd4e29d1bbb50d3712089eb080f01c4376277239064c0ad7cca7ecc758bd8c777cae980db350e4f6f70ebe364

    Download Submit