Overview

overview

10

Static

static

7

06dbf0e0bf...fe.apk

android-9-x86

10

06dbf0e0bf...fe.apk

android-10-x64

10

06dbf0e0bf...fe.apk

android-11-x64

10

CardViewController.js

windows7-x64

1

CardViewController.js

windows10-2004-x64

1

CloudCardV...ler.js

windows7-x64

1

CloudCardV...ler.js

windows10-2004-x64

1

ImagesController.js

windows7-x64

1

ImagesController.js

windows10-2004-x64

1

ImgViewController.js

windows7-x64

1

ImgViewController.js

windows10-2004-x64

1

Template.js

windows7-x64

1

Template.js

windows10-2004-x64

1

ViewController.js

windows7-x64

1

ViewController.js

windows10-2004-x64

1

android_utils.js

windows7-x64

1

android_utils.js

windows10-2004-x64

1

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

attachment...ory.js

windows7-x64

1

attachment...ory.js

windows10-2004-x64

1

attachment...ler.js

windows7-x64

1

attachment...ler.js

windows10-2004-x64

1

autoSaveController.js

windows7-x64

1

autoSaveController.js

windows10-2004-x64

1

ccBccFromS...ler.js

windows7-x64

1

ccBccFromS...ler.js

windows10-2004-x64

1

composeCon...ler.js

windows7-x64

1

composeCon...ler.js

windows10-2004-x64

1

composer.html

windows7-x64

1

composer.html

windows10-2004-x64

1

composer.js

windows7-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05-07-2023 13:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    composer.html

  • Size

    13KB

  • MD5

    1023ad498f59e13bfeca0c7fbebeea52

  • SHA1

    6260356b214f66218f9ca43ecad84cd0c27995c2

  • SHA256

    d0517bb25ed43dc2056ad3d913f103c42d3fa4fa246415b5c1fdae777f021c2e

  • SHA512

    8c8e3b96d0c5399e0152e57ed9589cd794aae6b32e4df11aad41ce3051d5105623a9e6fe3a38aa2c0127ec3d30b65cbc0e889b01885423dc2bbbc28945649462

  • SSDEEP

    96:ajjiRgkTwNIvxoeRI6LTfWYry9uLF3ztrqwM51IB8jFuSIr0ybDp:c+RgS1vry9uZtrq37IB8jFuSybN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\composer.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:548
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:548 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2184

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f198afcfcfed63c4bd7046c75a2ac5fc

    SHA1

    b41eb9ac5dff61439bf84f62992834a4f96210ce

    SHA256

    fda97825f0d912045d3dbbae22caadeb54c6adeb5e9fe33da10d6c3c66fd429b

    SHA512

    68108e7e5f0481e886353e210cee6c79c343159407a1d00748c41a59c5774cba96456fc15004ebe894cdcedc57bb2c09e731472231e5dc118e63cd39815e5d50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    42e6cae8ca41135d8abbd2c59731ce4a

    SHA1

    e1f8816d8b0f724a5809996f6eb5ac32eba2c341

    SHA256

    9b78c6030623a5021de4fc648bd1d0093da7f0c0024a9fb4da5c85b8ad0a99a7

    SHA512

    8a5a4cfba3c68d0aa6af26fe2ae28f6e9943c9d37a340a914c11d0b93ab200f32adbc313adddea9ff5bc7e318b6e5f2f231fbbdbc28ee1ded0f419d7c1bdae7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c80a5845ec36dc2cc34cf0373d26e582

    SHA1

    ddf3f0382c1ccecde6ee538ad62b3bdcbf3340c6

    SHA256

    bd4f2393ac1d688dfb8192bcce597cfa35e80e30c9e8ce3940ee2941f219a6f5

    SHA512

    c4534bb146a8d2684af6e3bf3d8c892d46fe57a8b775818380fdd8c8365b07c412b342a4a8f898c4bcf03dfe9feefb7b8480b0bc470ce9b5f5a67cdd9c7248fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7430bd1106f89a2031d0f477bbeefef5

    SHA1

    ec4e1a47406ccba06ec41917acaf10918e85996a

    SHA256

    10cc90c0149fdaffdaa69ceb33dcfb2316183cbd48f4eed9f877a6308570e2b5

    SHA512

    b6576a2601d45c10de61626a82b0a5ca82dc0043786ab4ec18d8971c6f6378e3183a8c26cb827ceec0aa3eb9d9597481d6ca856b9885cf43e21fea58f9cae7f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96a516c2cbf1a4aecd668818183e1b02

    SHA1

    46eddfd41aa039efd22b9f73fb4bc5da5e3c0dd4

    SHA256

    8849195e175061b901c52d1c9a94ca658cf7636261702033b33fde8a9636e26c

    SHA512

    6ea2dfb37b6dbfdd96e51693e59a14d3e19eec31563ad4f34c531b5a8b94765a53dc820883ec80925c16f262644e3e4fed8146db26a28fd2da8792bfc9393ac2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9fb76e7606d530092c33322360ec425

    SHA1

    3f26d6d446e9aa509f51a57aace3926ae6257eea

    SHA256

    3ea0ac5e1b898ebc8f56c03bbb5d812e5986e9addda4ed45ba3f1976571a511b

    SHA512

    55d4040c3c00fd5e612d2013d2c23e832e7b2b478b734b2d198c8d608c6c445b110d26882a75639fe274441e28e47b7a30ffa9ee9779ebc4268a56810da9c957

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    898e020d14a631a715a02cb8a27b6497

    SHA1

    ca50dda2b6ee5617dabe5cc1acd2c0aca84c673d

    SHA256

    7ea157ece608e14250c415f1c4ef9f19d05085a8884e3c4a592d551d5393888c

    SHA512

    013e31dffe3814c5a50ded5f987a3a83e4ad5f9fea63d4d2123e3927324bd710c5263a041a2960bfa4f43d35befab2338b83cf536a79738c6dd56864430a674a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c82d4e0a991057f43fb398f1b3aff8c

    SHA1

    f57e58eb2cd43671fda166833c21a409e4dc0d1f

    SHA256

    63fc3b1a0a49869b5c70a4a831334a567b7dd31e5965c523c5894a6a294a7d80

    SHA512

    a19c9e00d4008c7495187f5a5cfb43a9897b23ab8351eae7e29ca7201085c1d60bfbc4d48755292f7c634bc3ae3235987b49b71d91246d3d187531627e7fbbae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91d460bb5e6210bde734e8048d79259a

    SHA1

    8a7b19dea262161e2c475e23cbdec7135fe9bf5a

    SHA256

    57c85b8f2712b882a84c5e5f4e9f964a4945b93b5a5701464c6b677eb03f4c14

    SHA512

    7a770cc69a2b718370689718dc3a6f18200acf01bf53f27fb4cf350fc1d51a57775c03124bf6ced03c144200df14aa05a796fb77ab7105c00c1349b5e4127a71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be51208a95042f8376935398f22f1f69

    SHA1

    092c7744df8f036b2d9da9852fee629321524456

    SHA256

    7d1e34b70d243588abacfa5011de28d5566d087325c97e52e1a841ad0286e500

    SHA512

    3ab445ea952875f8fd3bca9aa17e705f7345ce5b55d1052f68aa4171b4d0e60dd021485a30d3b1fe6a53c7912d8bede798f701c47cfda7ed66c420b1bd7acd48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    102012a71f0ea68ac31fff31bdb24482

    SHA1

    1682b46ff0ec03430158a32dc7af2fc56507c7bb

    SHA256

    7726e7aa1cefbf3f66ff0081dc5397aa364264102e7d398079ee8b395038d232

    SHA512

    b7cf55601b8a4c12630cf49153812b94fa6ebd740ea8ca054321d8c32a7a0fb2e7748464267947a154eb48c6683300ec2d66bb55a540466fdd730440faaafaab

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODRCOPYD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3DDE.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4042.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZTSQXCIJ.txt
    Filesize

    606B

    MD5

    1ecfc136b7baeeac07c6e379752a092c

    SHA1

    1318268cc85b0f020beaa5f6eb83b141524e44b8

    SHA256

    16a43a41f4d95f2b8f4dc96908c238761ea822a2df233ce89ee1dd62f95827e2

    SHA512

    08c32bb40ee6d6b575d92d46a010cd5f964202c6c5a330c7ab4d9104a6105a321a0a1412b2533787ae6e91f4cc76194992dd54e93ab1adc0effa718050291064

    Download Submit