Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

ic_content...on.xml

windows7-x64

1

ic_content...on.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ld.xml

windows7-x64

1

ic_content...ld.xml

windows10-2004-x64

1

l17846d7a_a32.so

debian-9-armhf

1

l17846d7a_a64.so

ubuntu-18.04-amd64

l17846d7a_a64.so

debian-9-armhf

l17846d7a_a64.so

debian-9-mips

l17846d7a_a64.so

debian-9-mipsel

l17846d7a_x64.so

ubuntu-18.04-amd64

1

l17846d7a_x86.so

ubuntu-18.04-amd64

1

stella_e2e.xml

windows7-x64

1

stella_e2e.xml

windows10-2004-x64

1

stella_wa.xml

windows7-x64

1

stella_wa.xml

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    141s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 08:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    credits.html

  • Size

    3KB

  • MD5

    64ecc35282113e2de83eb80221a9c379

  • SHA1

    236417851a07204647043cbec1570bd2c86d1b3f

  • SHA256

    98573f2746aafd2c7dd8313b12021da2fc47d7b0111a1a0b79eab18c4730fae9

  • SHA512

    39cbeae68f7ce7d22510c22c6542168969ed789c6ab66d9d41c3d443fe0815c84571b833eff7e4f5139a61b7776114ec7194c1d1d87b2c7058ad5b51381212d1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\credits.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2960

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f692e64d7c44bfcd7c1d12ccc0c10497

    SHA1

    37f842ef4138297bf7d9055811f0b1f7736e3f2b

    SHA256

    64820974f4d848269660e9aacc17a1d27f6331b0b09d684c707a131342f8dafb

    SHA512

    c7ded35c578584a55da3ab261f3b8e7aba52ff9dbd4fe3b891dc5b0339a6504d46eedb567ca8d68794aa2681f6a2828e16cc30adf84c5a463f1d4929646fdd18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ee7327ce7d0259212fe38cc69dbe19b

    SHA1

    93ddce179d40ba84b3dd6e2e65f818d75dafbd7d

    SHA256

    67a5763da847a16c50873cc10d1cf4948f36a00c91bb66c3c40de4857b18e646

    SHA512

    6b7557ac95c8c617233b229391d8dcba34803c768447d190774e10135f0d04bea7238f05859508bb7e7838d27544cb3ba37e50890a464302cf3d7737a0f1497b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    707e535c6739ae693a9039966e9f45b5

    SHA1

    8b377ab2f929507c711dfdbf59173af9c8afcf74

    SHA256

    a48260c240017dc870c259d7eeea6c8474eafb3f165b1f15aaced3f6455745c6

    SHA512

    d88e5484b13c39c47c604f5c4c24c1244b489b34261f47f4e3e5e98af2e4ffcee45152ae5218f64e6b790707d5984ccbe0a6b46a81dcf37030b36dc6b2697b28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69367f241c34ebe10871f663af63e66d

    SHA1

    1d4307e298d92a70c9bb645e7d4d9af01c1f1de5

    SHA256

    ed6abae85f05d3b38318cffe599e327596f2ef7cfd012ae876f1e2490424b23c

    SHA512

    e469671812249577ba355c3c3db2dea7cdc24f22a47af771757198b9d77add46bc8c818c7909285fd80cd749ed81b8869b8f9e791d96b89e08033ca741ceb6bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89f3989b6b751dafa2354220e286fc71

    SHA1

    28ca2dd975fef9051a4d688bcbbcd6a910c6417f

    SHA256

    40923c34f368bf96fa6770f501f42d49bb0d5d242034a057205ccc09072e1120

    SHA512

    51a418de9c47fb12a5d3fcbd3c69d6e4d08a3b2c465e697d2ee3940c12065bb069449a2fc82db3b40db098b71f6abd9debcf8a611493270d70bf82f386360ba5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99fa90f64f195332d306ec7a856c3a53

    SHA1

    412156cc9d25eb159a8cfe53224bb1fa468acc30

    SHA256

    1bff4a8f1c34bd6c3f2480357e4d79dd595e549e7ac59ff7ea9eb3f82c26e46e

    SHA512

    5e03cb9bc759a72badcd8af3141ee6ca8c26b8b999f0fc0715f6b8180709c1521bc078976b1185cea57e89ffdcafc91eeba94f90afcf47eecb0e8e9264f72901

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    576ae65623d222abd7b8b37b48fc9491

    SHA1

    a4b77274126232f312ed1cb8975c8f91c611fefa

    SHA256

    17755c0c39cc99559d5cd7102bc3c38b0beb6ce503b9310c3f50c6d43a5621d7

    SHA512

    bfbe3c97858403edad780bed5c0c0ddcb35454eb2cba2bca7423c1586953e6098d22206e65ac29a22c2d7132aba5f07c9a3c4f6ee0e782c0e279f0719a645b97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6208e22ae4d8d2fe66cc726068c7607d

    SHA1

    f2fd8f52ba59d9bbbe406b3fa9d06f1f6c5df81c

    SHA256

    3702b907a9f882f466230b816b9491098bf2cf1f00c1431980a6ae09082ea4cd

    SHA512

    557c7def45dea6f00f71bcb8956f14830e11fdf0c1e7a01b99470314c8b054aa5ed348544b2bc000e2b9737c45a94e1515c948dfb743c3d9d56ce79e33e89192

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9efc75f470f7ffa98f10cac08d8d2080

    SHA1

    d3ae57eb966f309e1be909cf99a7f4a5f90e7f80

    SHA256

    903014895d936f939c5d45ffa1ecf0b81ce311d00b83d3f5fdaee4a4cfe26547

    SHA512

    7968c3f97838a1bcbd63933c8d8b4351f32bff26886614ca72ef41019bb9512826857bb6a6e9b2efdf04bc56095e7e3b4f68f955158efa392451da95efc40b68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32b8e12099dc30f2576cd3726cfc5a69

    SHA1

    94de01d6d6b5317606981e29d9263d63778f4e15

    SHA256

    8f1d7f43494b104117d7f924fe1fcb9f1cf7961636ea8f2b916e7ee0f282e1a5

    SHA512

    614e7c0946bd716f4a5dc6844ee36790ac6020f81834ade6ad0eedc22018837262e039476942f1d41edad1dfc0adfb447808058eea8f22e0124b0725527903a3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODRCOPYD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F88.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7028.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\QYMOPH0K.txt
    Filesize

    606B

    MD5

    f9a461fdabcf457bbc1f631d01a93850

    SHA1

    1f05ff218e743cf05222f6178774b01e811084c2

    SHA256

    8e9b65455338782769a7925148d18353e5b548ea9c7f7ea2f604cc0df6d03c83

    SHA512

    ba6d29340889d008f8b4eebbbfa3a33d50b92db72cb795c150367fddac4d156756132e12b7fceaad8be17bafddae74b04c20a62abfc22de415f70a3a9761c335

    Download Submit