Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

ic_content...on.xml

windows7-x64

1

ic_content...on.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ld.xml

windows7-x64

1

ic_content...ld.xml

windows10-2004-x64

1

l17846d7a_a32.so

debian-9-armhf

1

l17846d7a_a64.so

ubuntu-18.04-amd64

l17846d7a_a64.so

debian-9-armhf

l17846d7a_a64.so

debian-9-mips

l17846d7a_a64.so

debian-9-mipsel

l17846d7a_x64.so

ubuntu-18.04-amd64

1

l17846d7a_x86.so

ubuntu-18.04-amd64

1

stella_e2e.xml

windows7-x64

1

stella_e2e.xml

windows10-2004-x64

1

stella_wa.xml

windows7-x64

1

stella_wa.xml

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    100s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 08:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    changelog.html

  • Size

    74KB

  • MD5

    de665303b7be08ecf0864e311e94a494

  • SHA1

    24a439da462073f0bad6cb46fbb563d1853c6eb8

  • SHA256

    96b893c1582a878bc721d0a19229e7bc99aaaae107002c651d57fd5bf5bdf9b7

  • SHA512

    102893fd6dc7dc340cfd453619b281f5b6db285847d76058ca6ca2db829d9080e46c965eaeb0ff5db63adf1501a2fc8bc8490af31b6eb16afe7495cec22b456a

  • SSDEEP

    1536:6eTlYbDk68dvzfMBBx+N24Dt2XGyjdwa8cID20+ADN6z+yH0ZyQmbvfZ/4OAS9vr:nTEDk68dreB0N24DsXGSwaZIDH+ADN6P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\changelog.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d641ccd6948e87d5519e8d81b2592706

    SHA1

    3815c2468861368656dfbb323f7cbd04e8c9a03e

    SHA256

    97ede1eafe9ff9eeee4897590b2516e1ef1cf0010b51064bc74d14c3671582ad

    SHA512

    f18b61df3255301281f72ad7d2b1896fab3379448c2268a67528c8da3fcfc0bd4326864c7f3f9e6641fd2c23cf9656edd4b3fb75fe669939b529084b5c071bd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b5eded90603ce99147b9456c9c4deff

    SHA1

    cd6740bd1a4bba580b5911c396a59fe1fc799621

    SHA256

    645f5c04d37b795e006167c589b4578b0ec700a0a180fce25d1b7616e3526179

    SHA512

    6232b69e98d800bca0d8cff60a7509b57e72c0ac93df269b79f57d276be025ba1fe3a0137dfb8f74d65a21e6b25cb7d22eb086a81db052f4d787b11cd4333511

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c28cef820c487d3e570988bbab99610

    SHA1

    389137ed230f56fb444d307885ed6f830bf5e343

    SHA256

    fa2a7e702a212f07ff136e02e54b4ef4e54601ecec293bce5c40a729cc895495

    SHA512

    8f8704cbe8b4d25efded715b1e177f42223a37dc10d8bef6d55abf1c6b9ed033e50c0a5d2e018695fb7d6b057f5c7a10379a372cb7be11d310d8f54b369aaf8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20804ee1d5c67fc88dc6a96ad657ae6d

    SHA1

    1291c29f6580709955b580534ff68234d40c1a69

    SHA256

    6bf302fada45b97d2a2da1630850ff726483c432da98e960fce657dd401b970c

    SHA512

    485df83b14ab8379195fc56fc7a2410ccc808d719e38db27a61c78fca9785cbd646b1c83bee44a40bffc8e9f6eb1285a3531e8141e2ab9d8cdfd6902f4ccded1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1d308c4ed7e134f4de60d300341696d

    SHA1

    f8d06ed05dcef20600719a5c2fdd289923156c7d

    SHA256

    c5da886a4427440c7cb21452664f8be8032bb2c11cd1d7ed59565fa077c9b0ab

    SHA512

    10e3a1f5bab9a2df05c832287134cf439eb1e7a9aec0e6b4e0f0965a8b26beb15ac778260505137a8715fbad4a95eea8b4bc66912016b512894b0f7c46912568

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    708ed4596f793baa3bf164a6729e47b4

    SHA1

    3c983158d2128d8f41f68b10c1313ed28a06a33a

    SHA256

    e972b77faf10fed337f1c40bb48375d1fab0ae1818d3602878684d0e39db1f84

    SHA512

    c67bc0287d65a259fb1bd7de2e21c67e961b3437a4c4aa27a2cf12db970ddbb655313e690ad26d50ec13a43f8f2ba37e41f6fa9b8c24e9dce44110e2e2929f28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea593d40ed9296f5af17851a5f8d9ada

    SHA1

    cdb9538967a13a69262431ae5a04b4cdad748077

    SHA256

    375a205a56b75e2bc07d9a80620e019ce5d57182a232e3f016812c28a68c6f3a

    SHA512

    16d54eeaf1e97a5ac0de4aaf4d8811d592bf7886cb3cbe3a064e87414a7d6cf9a0f19bf33c19961c9c278f9fbd61db491334c2be118c3909d3108e4fe7ac9283

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d06e45cbc6fc90ac87abf206039619f

    SHA1

    f47e1499fec82b688ea0e627f2766bf75eb0056e

    SHA256

    34a1d9107d599f5137b6d296d0bf7e76859e222accd6ee686e025f8d547393ea

    SHA512

    4aa29b1c0839b77f3795192f3f36100a408c1118b0f2ecdff16779c0b22a9af4a4e0879df0c5d0f67ebc35b4ae04a63c32fb2a3e9ec9bcbe4106fc3bc8c05d36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb30a3062b9cb7d72c31a6d724ecf1c7

    SHA1

    a5805e2393c8cdc1de3eff46fc9759f4381ac8c9

    SHA256

    b1b2dd7a94c0eb2fa09530c57482c8f31fa3da9e94f614382d02091072abadc8

    SHA512

    7f1b42d735e7157e85f41ef92eb3b6282f16b454ba13ed4cc736e78528bb1101a3ff9e0c544cc34dd4fbc57cb3a1f044801b84d8c0ce349382f80d788d1262a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3015895b4398967107120da56e3bb74

    SHA1

    966a132dc57c4c64a95845d1b47e602b352c9ccf

    SHA256

    4c6901bcb0f95902654d0cd87832b41d75ec987238bf388701eb12be124723ce

    SHA512

    6da3a5ae73314da38ca0bd36c299f96cc37e1f85ce672774d9f8ff0c8b195e5847226c1ec1ddaf30061e13d22f757d430cba2ee4096b9eceb86a226383f42890

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab5593426d352c47a6d0c4715fa65892

    SHA1

    daa9bf77efbef7f1296dad4c2044107392623443

    SHA256

    2a3f8de0702575b678eb9faf390ed2b759dff7039f156613b0b5710a7bc80b15

    SHA512

    cbf34e0b59baa0bbb74d79a763b8b86ec4d4b327564553a749028090989653639065170c439318d8fe0bdde5739df3b432142c0067621669e3041cc334048874

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73cf32175d4852ba5cb4e474e20155de

    SHA1

    19779e00dbdf5694a8c3e16c48df97fa181e4407

    SHA256

    a61255bef92698f17ad9bbdb7c4d8e8c72d7f858be50f7fba3084024db232e86

    SHA512

    ea8815278fbe75ac7b8523ffe4f790c7662d6aa02edc4aec27fdfd9b9042c17ce69c943444c0e233dff3efb0ca2a1c24bcfac12658234664543d93244152a556

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e371323ce9c200109d1f4848e7be922

    SHA1

    a3874bc611645083899ae7560f725edfacb8978f

    SHA256

    f1ca393430fb2fb7a1e8a8b2b6660930a31b109320d61b00610f56c0941f980a

    SHA512

    2296ca9239b374db64bc63bcca4a3623fae450623cd0fddc263e86591b28cbc6adec08a791cbf3014a9a46cdcc68f3a15300136cf993a05d5080d2a6737f4346

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\en-US.1
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab805A.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8147.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZWDEBMT1.txt
    Filesize

    606B

    MD5

    fdd87a4a6c617d603cf62d0d5b0ee925

    SHA1

    c2bc65551b6dc1dd355da877042714b0868dcccb

    SHA256

    64c6f2230f565d90954c5348a4263543d0162aba10ca0928f86a4d25cb1971e4

    SHA512

    2c1846a5c39caccb51f791190255381c933efd2e81e9d5a29d016828fd9ef20981a9ed2340326f1d9cb9a4c523841b6cc112df1e2c1318da76e99dabda539449

    Download Submit