Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

ic_content...on.xml

windows7-x64

1

ic_content...on.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ld.xml

windows7-x64

1

ic_content...ld.xml

windows10-2004-x64

1

l17846d7a_a32.so

debian-9-armhf

1

l17846d7a_a64.so

ubuntu-18.04-amd64

l17846d7a_a64.so

debian-9-armhf

l17846d7a_a64.so

debian-9-mips

l17846d7a_a64.so

debian-9-mipsel

l17846d7a_x64.so

ubuntu-18.04-amd64

1

l17846d7a_x86.so

ubuntu-18.04-amd64

1

stella_e2e.xml

windows7-x64

1

stella_e2e.xml

windows10-2004-x64

1

stella_wa.xml

windows7-x64

1

stella_wa.xml

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    100s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2023, 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    YOWA.html

  • Size

    648B

  • MD5

    00afda385226fc12c0ff63f0fc065278

  • SHA1

    b40143e306c45e09b99f3431ffdb02c0d70932c5

  • SHA256

    e36c965275a591eb12b4eb64bf9d69e59b73526d86fb6bb1ffc2ddec12523d33

  • SHA512

    2ec7d3fa444986a48a7f8ab3707b7e45518bf6408709189a2c2a1fa420e8919612b1136deb2d1dacd7bedf1cf6e3746fff985935aeb92de50808566bb8f6c91b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\YOWA.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2952

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96057072bcd3dbad2636bae977a0e20e

    SHA1

    acc88c79a5661d94d3452713d3584baafe7c5d30

    SHA256

    58ee645aad7b1dcc868694f704a8af6d8ac87608641ebcc28a175fe3e38199e0

    SHA512

    49f5fbfc470957b342e7a8e80b917934a8b1ba405a4748b8a3589e6ed702824975a1d64e40db7351c4308594fe3ed7e756da66509a205fa12a45f221e62c660a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3101007dc57ef45da7e985c621900b4

    SHA1

    9127a032749d64460c91b854815947f21eb18f31

    SHA256

    5a75dbacad9883e672674b10e763fc6937eb92173a8c57345f1be69710361e3d

    SHA512

    0e602b27341636c16401f17288606f689cb5ccc243cef26390db797323f5e32070d6941c7a6a5d6e1410c2b35846e9453803fd1c1043cf23ff356a14733896e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    400192426adc3326d2adc08a9ac3049e

    SHA1

    8a046558dc7f39bf46161c8588dc7bee9f7c36a5

    SHA256

    07428df51240c609d52f70172c2f23081cd4321cf61664a1e4e3a2d2d2970447

    SHA512

    369371f340bd64fed4297bbb08497e2fdf3a81e7e614a9fc7309371d47eb8b1abe25f7f028e14e3dd32449941e3591bb969c479e102a8518cc283f688d50a4df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b925b530b61a0d9883ff9c8e1dc96935

    SHA1

    0ad90d59d9b67476b0982d621883ee0e5cf94b40

    SHA256

    5219b8da5bd90784d23557a1f2c683a3b97dae7c2b54d6c013c12677430d52b2

    SHA512

    ff081ccf366381a3ce4ca36d11c18449d5375a5aecf3786e3d0cb1ec8e4ae91cdebc7f7a5f0393cb238d70909cfbb2f9503c0aa359fa7c729838e4a371bb3168

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25aac1a4b2df98966d2853a33df7dbfe

    SHA1

    cec0b36eb6b86ed26bff6d96f506056bdb7ba060

    SHA256

    22c07662eeb6fafb3da732e4380702c6105b85ee2862b3d57fdcc4b2e0cb7594

    SHA512

    af5d22a6d1eceb22f3438c0f5b79a6a0a5f8b29f8c5a9493bbbb5f653bc0706d53b5dd50a61d0e0318d9983cd3489eb952ec30ca36837a1be9dfd00f0c413460

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c3487258a0af990ada1b27ef96a44f0

    SHA1

    a354085e16c053a29ef0617fbc21b1384725fd15

    SHA256

    bc503dec77b7c71de1c12f3383cf671ab07e78265bcadf253cfc9125e04ec462

    SHA512

    91e7373ee35b84613f405c3724a40a63c42336ae6296a4dac3b256fb69b769638406281f3bdca4658f40ddff0c2a14118f85419746898f71775cb4ce9b11c28d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd07ea859a985a780d9df564ce2b7770

    SHA1

    02a712be25feefc072446d18f6bf0e2d1bccdbfc

    SHA256

    aeb85e359ab048bbcf1d524a15ee28888d89560d00ec8ebe74246885bab51143

    SHA512

    cbec04e148b8f6b0fec6753b46f5288a49c0b68b1ab0a4f65324bde0d489b59e6a5e671885b42075f73a96482f271225c952cbe49e2597c1c6b88baf07b34eab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5279dea2dbb5e45056051e390b23eb30

    SHA1

    05c47b36c9ff0274d5fdcaaf0e08c74d0f3a2ab5

    SHA256

    28de802507660f946365115af2db34a7bba6857e8595f69e29b9bbdb6bcabfcb

    SHA512

    b61d51fb6f513e496161d0cb04cb1b6e42f4d9187dbb57c1fd0cc6092227517c29cd7d04e07af018616409ebc0bdc48029dc98a997055ca1b38b98422ba27acc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca44b5e9d33d9b3e646825f6d24cdb88

    SHA1

    438f78a9ce0e11d37f8def5dea8ee2301e226b5a

    SHA256

    bce367d36fa873ab9eab922aaf263166d4150ae34ae8c6116d66b87e1ff3b584

    SHA512

    6bfac0f33461c31cef8178a3bff6324f7434cba22c313496837632e8fdd1302a00c8e597bb19ce4ee8a43ef1cf093df44031b7ba4710f64cbeab02e703f2947c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    952c6334d7d71b42388224fa026065c8

    SHA1

    f07bed37b35a18f634aa8c23ed43c410d1429b5d

    SHA256

    cfc654c0ed390766eca5d27feecba67413744a3b9c5c50e6084f781f73ebfc60

    SHA512

    0c84bd9e046b8416c79b7254af664565c76e595b7d6ba69975f2bc5ebab6fd3cc2c9828de2a4bc75f66983377e8c56688bb313eb2d7c332b310b95862acf1e90

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9CBF.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9FB0.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\1ARAAVPK.txt
    Filesize

    606B

    MD5

    90c24c205228a14a5dddbb6aad34f6e9

    SHA1

    950e67b6a62e03b7b0a174ff673dd29d271139f9

    SHA256

    48b6c0ecaa760edd7d9a507bab623aa2203f771b6abfd4675121e85d569abea3

    SHA512

    ae238029caf8ede4e6c7e21fc6567b59f4b9724a38382b88e1879415b7bae1a57377851ce338a63e40341e0f519ca182fe3c8bd09b754371063dbf119a842520

    Download Submit