Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

ic_content...on.xml

windows7-x64

1

ic_content...on.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ck.xml

windows7-x64

1

ic_content...ck.xml

windows10-2004-x64

1

ic_content...ld.xml

windows7-x64

1

ic_content...ld.xml

windows10-2004-x64

1

l17846d7a_a32.so

debian-9-armhf

1

l17846d7a_a64.so

ubuntu-18.04-amd64

l17846d7a_a64.so

debian-9-armhf

l17846d7a_a64.so

debian-9-mips

l17846d7a_a64.so

debian-9-mipsel

l17846d7a_x64.so

ubuntu-18.04-amd64

1

l17846d7a_x86.so

ubuntu-18.04-amd64

1

stella_e2e.xml

windows7-x64

1

stella_e2e.xml

windows10-2004-x64

1

stella_wa.xml

windows7-x64

1

stella_wa.xml

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    101s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2023, 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    changelog.html

  • Size

    74KB

  • MD5

    de665303b7be08ecf0864e311e94a494

  • SHA1

    24a439da462073f0bad6cb46fbb563d1853c6eb8

  • SHA256

    96b893c1582a878bc721d0a19229e7bc99aaaae107002c651d57fd5bf5bdf9b7

  • SHA512

    102893fd6dc7dc340cfd453619b281f5b6db285847d76058ca6ca2db829d9080e46c965eaeb0ff5db63adf1501a2fc8bc8490af31b6eb16afe7495cec22b456a

  • SSDEEP

    1536:6eTlYbDk68dvzfMBBx+N24Dt2XGyjdwa8cID20+ADN6z+yH0ZyQmbvfZ/4OAS9vr:nTEDk68dreB0N24DsXGSwaZIDH+ADN6P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\changelog.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    746e4c9754505b388bf08ac7dc9d63c5

    SHA1

    262bcae52588593a5d0d0425ea52561567be8db4

    SHA256

    231e950364b7fd1927ae27026a4ec2099d1afd700efabac0bd6c5731607c14c9

    SHA512

    32060e285b8648c166e551a164cc98f2e81ea21003c05d8431c6e480569891d8df9612740df230d307acc764ac7c86283967843c9ac06a5660a7519a78e3f942

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c008fde627e08e073cb02e01b4ce99ef

    SHA1

    077ac23530f62e6bc853f3797b61dee3ba3ff172

    SHA256

    5ab5afa11e5a8a13d7fd47dc5266f8dcdb5b7566845c08ef798d01d8f29c00d2

    SHA512

    19515987889bb5089fbe550f7b801db1ea946bfa84877da71908587df63639250bc13c51c68a7428e971a2d6679290e9a17f46c8c44c976e19e565d61771cc41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81ee8f343ddecc7b632096885f258d20

    SHA1

    6b5ecd7f19a465d466e09735f11d657ec2893d03

    SHA256

    cf1c604c2ab46f33298db0cbe628ff65c0c15eaad84935e4f51043f34a1b2c24

    SHA512

    d6697ed5f44df7cad62dbeb2ceae87f7ac1e0bb65e48a1316174800ecd13982d6488282389cc09c4b53f9271c8aeebb5537de235adc357573c12b7551603276c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83c7703a0a0ab7f8af67e9aee7768b3e

    SHA1

    4a34028d1ad282b46058a7df033be49bd7876bb9

    SHA256

    37441b0728cbbae1e4f3fe107ad605b076c6a063e7faab2dc73e768c535cb451

    SHA512

    31e00d4fedc284ccd7c1f5d485f181ee3e188e5f6ef3f6a2baba895b4b465fc46500fe1cd9bdd615a3bc84dadba8562fe6594ed5d11a8943c10d50fa7297507a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    557e4365cda4e3e1b588ad10759c9021

    SHA1

    9c26dbb19101ebf352c5de20056c8a61df987ccf

    SHA256

    37e521937049886b0b044fa32bed03368548b3b07c8749aad3de64b856da8ca2

    SHA512

    ed39603cfb55b7267f7c4a4feaaf33dd4b0aa03696aca30a5cf4c051a9e43e9be9f58c75767090b567409ff2ddd7f4a8a3ad7ae50a1476bb2c5d76d6ae147718

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9521752576f7cd31dcaefcc6b138c2a

    SHA1

    a1e48f1692eac4aecd5c1826baec08dacc25d53a

    SHA256

    901ae54b3e89b19d53dc635e863f646795814cfb0789300d1799e9ec26a6c320

    SHA512

    4446d228846b1fbdb583ab377dfb238e7ee9a53c6ddb49b8249b617e69f180ea2a22a5b338cc388075d4b91ade57fc3b14e21f8a943a46da4c5ebf68ee09acd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cea18184d3085e6a584da74e9fdd290

    SHA1

    b05d9e06a90211f7b279a70d27c2eaa68a7e555d

    SHA256

    23f29cc415ebc2c188c6a48f042dd8cddd94b7a1a4775028be7f40531626857e

    SHA512

    1a5539a7c660bd3212f486d45a19b815d1c6d4ab868df9cc33a1862eba1f6f58dd5da18f122a3d6ce5e09905854ebc987b1aa89af13b1322b497ad6c50a210c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d18697fd4ae3c373d12f4ed9e29c03b0

    SHA1

    b37ab8c5bbdaca1933d7bf88ab302ca5a777ca75

    SHA256

    90473ea1a27a9e3df2f438340115950b9ada736955e8851eb0a8a0fd2df4c809

    SHA512

    332d879b16d4dcaf66e7811d8d9ac232d6c045dff8a369e3f9698f50786127056d1c4c46ae812469dc30b4ead0715251332190a14310320e0727eae0618f65fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CM3TD3CI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab739C.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar741E.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\J2WQ8HI4.txt
    Filesize

    608B

    MD5

    1441360fb943d544909fb149070165ac

    SHA1

    d4e322e43a649203f6612aa3a06dde652f7cfb2d

    SHA256

    f6a9a5e35a79e8f7cf651533b94ca11e77f738c39dec81d9e2707e1fd53b45ad

    SHA512

    6a18a0af2f2dc5848d1e56d5798de2b5e6b06bd15d0f4664584f09eb570b5bcf3093b98ec0b6b9e88f267762db1f17aea826e6ef157018280a7ec830d103b7a6

    Download Submit