Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

ic_content...on.xml

windows7-x64

1

ic_content...on.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ld.xml

windows7-x64

1

ic_content...ld.xml

windows10-2004-x64

1

l17846d7a_a32.so

debian-9-armhf

1

l17846d7a_a64.so

ubuntu-18.04-amd64

l17846d7a_a64.so

debian-9-armhf

l17846d7a_a64.so

debian-9-mips

l17846d7a_a64.so

debian-9-mipsel

l17846d7a_x64.so

ubuntu-18.04-amd64

1

l17846d7a_x86.so

ubuntu-18.04-amd64

1

stella_e2e.xml

windows7-x64

1

stella_e2e.xml

windows10-2004-x64

1

stella_wa.xml

windows7-x64

1

stella_wa.xml

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    144s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 08:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ic_content_sticker_location_black.xml

  • Size

    1KB

  • MD5

    fb77f4f57cfc4c4a6016d10c56e879d9

  • SHA1

    d98ed1a853a61e722f35525e47b16616d5b56fce

  • SHA256

    c6f4e62c0d25cc789058a5563bcc546bd10f492f2e95fa5cd3824951680f1b1b

  • SHA512

    78ec21798b9adca5822ac03446a8e66017281c6767d99114e524c57952942c745699e58e3228441e54ba42654f91156ee5a26fd8025afbe4e5543e053d63f627

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\ic_content_sticker_location_black.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2932
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2260
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2792

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17977db28f5cfdd4dab08fc45a5c005d

    SHA1

    024108499740d8b062d6810d9161384de57d830a

    SHA256

    f716963ddd4587a467189202bfad7047a6c20b27a29fcb36a08eef7850d0cdd3

    SHA512

    a60ccf8502b2bf94d1f599ae8833d366a3567cbfe03810e6966debfe174c91dda15df54c88d4433e112a804cbad74ce78a0bbe361ee792bde2cea6a4ffdf6043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56905329be01900c6a09d8af0062d0f7

    SHA1

    84f29402856875000268244e7b7c686dad3ab1e3

    SHA256

    eda9bf9c7b1d16a07f582b310805a68ce710076050bcca6ea3875f8e3c368c2c

    SHA512

    84442e7d9cb7c0eadff526a435c326a49b07deb1479a067ccdacf7e40a091795bc1aabbd9fc9eb07f1213fc2a2a4c9f8200405b4281a7a169a74048eda22cb0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c3f8bf8bb0c23e2484ff10a6f678a4f

    SHA1

    2cc07b52de4a63275a67d251bfe46844ebe82547

    SHA256

    bc9d4b66d8b52ca4889437f9b3f52035e9b00b07846a0c444eea910dad71229c

    SHA512

    a80ccaecb11913cc2ddc09fab220a7275c811c0b7d2771ad07dcaf1c7aaaa604b24f962b726d6ddb576b796a033fcf0c13c6e095e023eb94d93ea141338a974c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4860ef40130cc37c9c8e8672074060a2

    SHA1

    e5d79233e7b43b856e4f28c8aeb370fb3abf909a

    SHA256

    2becd5c76e5b2af875ddc64b245014ba2d6a9dcdc4fae529a3de7404f367151e

    SHA512

    5d9314b411efdb63f8d7a3ae5d44d2a2a57bc38dc39b8752072eff255077a2afad3104186e52a970d6b46e3fec75a91c50590abd9abe6795b18323b4714dcc13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af0863834b0007d28550b279d1fe0cb5

    SHA1

    714a2f04457fb3a859e6ab632dfcb89cc1ccad7f

    SHA256

    a57951079d65bd021338e7f543bb544cfc121d01fa27fa2079b107a622b6ab86

    SHA512

    1fa2a6aa98018691a598fc9bf9e384b24c7e1bd043bddf91a72b952920ca2088302892c0a864c04ea9f71b44849877a70252a6d00aa6e03320cf2d2b005537dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8df504469f80ff1606de71539ea4d6c

    SHA1

    8923518d982b966a89bb6bb1005918b3c80f492d

    SHA256

    a4ebd5f42ca97ea25a2063c8ff30c1dcaf7dfaf681845ad4ee0eed2c4df244bc

    SHA512

    7869fafb017f8c1045e5220ab9a9d0449d7928a53bc8ef70ae965e175432fcbcc1e349c9b1ee68694e72bc0fb1319d97afdb0df3bc58c1114d2c4d9996fa1920

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c53d8a0cdb51dcbfa7b9e5d42e51bc2b

    SHA1

    ae28d3b57d5318ad06d81152e16209c1319dde3b

    SHA256

    3b17ba1ba2301d55828cb1dec417a3598be6375c32b715956860b2c4c21822da

    SHA512

    2d36cec0cb0468913787544e2e4ffe034a3981efe4e94d2698d6dcdc7f6feb46164941dabcd22f83d6933a14c503b4a5522d3937890efd30c1978aaf5d57b961

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab93DA.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar942C.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\MF4I559A.txt
    Filesize

    606B

    MD5

    f045a2b1a2599954b061bc7afa3120e2

    SHA1

    fc258a4781531c5f15741209372093f426e7fc31

    SHA256

    14f3c183f5639a175ec11447dbb6bfacac3410b53ff1e207449b84bf6479aac0

    SHA512

    729d9429609ee550ecce42bceb258a0cc7adaa8df389aae9738c269839b29502471dc31e86c7f24fbb844382bf4709bd2fd021786287d3c2b85aabf0bb0595e0

    Download Submit