Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

ic_content...on.xml

windows7-x64

1

ic_content...on.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ld.xml

windows7-x64

1

ic_content...ld.xml

windows10-2004-x64

1

l17846d7a_a32.so

debian-9-armhf

1

l17846d7a_a64.so

ubuntu-18.04-amd64

l17846d7a_a64.so

debian-9-armhf

l17846d7a_a64.so

debian-9-mips

l17846d7a_a64.so

debian-9-mipsel

l17846d7a_x64.so

ubuntu-18.04-amd64

1

l17846d7a_x86.so

ubuntu-18.04-amd64

1

stella_e2e.xml

windows7-x64

1

stella_e2e.xml

windows10-2004-x64

1

stella_wa.xml

windows7-x64

1

stella_wa.xml

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 08:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    YOWA.html

  • Size

    648B

  • MD5

    00afda385226fc12c0ff63f0fc065278

  • SHA1

    b40143e306c45e09b99f3431ffdb02c0d70932c5

  • SHA256

    e36c965275a591eb12b4eb64bf9d69e59b73526d86fb6bb1ffc2ddec12523d33

  • SHA512

    2ec7d3fa444986a48a7f8ab3707b7e45518bf6408709189a2c2a1fa420e8919612b1136deb2d1dacd7bedf1cf6e3746fff985935aeb92de50808566bb8f6c91b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\YOWA.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1396 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de7f24c3fe4a089dc8e9d4baaedd9cba

    SHA1

    147e772c7193862d22776ac33effaca296948264

    SHA256

    ec2ef090102520ab0af8a15bb206d7271049b5dbe13cfa8f66b8c0728c9bd2bf

    SHA512

    028153e92e241a811f1d6cea0bb1cb0f02d4595f7f803392f5f91af5cf45c71884877f76acf76e58e7a9e5e13a9efe4dc4174d67b081707ef131e8ff43844fae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2893063e304aae6341c227ebd050bc7

    SHA1

    fb09a2f97fa2671defcc6634db2e0eb1c4c17c42

    SHA256

    c541707ec05d9e5a39bf5de1c0a207685e121c1da11738a74af1cfbe5604f684

    SHA512

    4f4f5546b9e015a8c720902afa75ad02c9a7e24463530a6429da18b93abf33e0404d3cdfe9d33b059bc7a66de82b068da51afe7bde6df68b96b85709375919d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0aa00647550cc822eb7d58bf312eb8c2

    SHA1

    55305d23feeea2a1e87a4cc6b481aa36f6467bae

    SHA256

    e10a421d7c28f9fa3697d969d692cf4f150fa03ff87f6db819921b53eff204b2

    SHA512

    41dd875c2fa1afd97cba7d77b73a35da53bd57a6215b943a3235db0263c257887c15aaa819d6bc4e13b027d32138bd861f62bae1cf7fc28a0b387450bd8de968

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5511998f64ea3ef5be1fc523738320b3

    SHA1

    eaacdbc77d424408062d3c2f3ebf5bd9ed9978fb

    SHA256

    6c5eb4907272627f94724859b26d27369981507323e301b15f680bf0d2295666

    SHA512

    d12d60cc4043ebfeeca67c9e5d34df85c096f9dc7f2f5e76d7986d0f08535675eb00faade39b9cdab24b23669b69764ee6e1042082cea7cdeb99f98ba7d7102b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    79fb71f59c6de0c5e4bf43399e087e79

    SHA1

    b564b4418d0e582a61d002e3246683db249db1e2

    SHA256

    17775c6395b59379b16f92f771814581917442a91f994279b6a831d5a52230b3

    SHA512

    6271b591cafed5fef6eb394aecbaebd0e9711485e0c21bc47cf291c044ebb4c74521a084d7503671e59a35a062781eb1adb420b1eb68de4339ab28ccdf7b5f7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    514bba537aa42ff3e27834f03d001c01

    SHA1

    efc19c702c55e754d124fbd96d43932bfac76e07

    SHA256

    972b6725a73bbdcdff6acf55e085a256d3c61d5295e18e058057319fa5c5e20c

    SHA512

    0c2bdebcc082b733fb0e9de6706dff8ce3585bfb7e1500902cc41b149bc81b7787dbd54a30ed2d4292c23dfd052389094119c4ee1e72495eda9cacd7ebdec6db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6947b965956f1f9df839eea5e5ee6cf9

    SHA1

    f026107d102d24ccc668a4af97bfdb8941f5f74b

    SHA256

    b94a55a0f6663c5ab7db64624417890eaf538cf5f3c5da4cae477e4958779273

    SHA512

    124cc1652ee2f655af7a449489d372b4f033791921291a64b3be80885185785b7a5547ee7facf1217e27092b4e0bdeb641c1d409b7ac4dd67f3eb61a7dbde353

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d610e958a7263ff5be29c790b5faec4

    SHA1

    6503829e56dd3132cfa819c76d32024819e0875c

    SHA256

    518aa2688506c2e754f3eb48cac7fc5830c93023e5676a0ec184c4bc31533ab9

    SHA512

    784565b6dadcf55e21a17bec8dcdf0aef05f72307b12eddad1071053fdeb0051e7a8beeeeae13978464dd9db987c687fd64bdb0ba3fe6070802fdc717ce20cef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ba4bdffceb6f00abb3c840c3b95f4c4

    SHA1

    ee5835c68b1c50dc1019ab8b4294d44ab052be1b

    SHA256

    08b82c54c3519b6f47ee9000e8f6582fc5e3c4ba13cd68d1a3ce1ba8daf0e412

    SHA512

    6a444fae0a2584151c1aec21ccabb782b7b5efc20a01aa00622dd21bb974d8c4d2aaf4228daf2ddd0f1411e4fd7aa95122f3138131ce8b90e0aa557ae9140def

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9C53.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9CB4.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BSXXO903.txt
    Filesize

    606B

    MD5

    2ea821f813391180aa7d8fdf2bb72078

    SHA1

    4f3e1f18c1ec6fce8026cdcfb4db15264017ae18

    SHA256

    25e637279d692b0edeea190f41caf3a102f0952185aff0e638a19adc3f592d95

    SHA512

    c5a7cfddfd2b1e738e229eb48d7dadd30bcc08299a620382c0712e33c0c8dbdf29913e7f78c6771e5ec58ebaddf1ca67efce6ab4b6e6da64812e99607092bf6e

    Download Submit