Overview

overview

7

Static

static

7

GB_b19741fxj.apk

android-9-x86

1

YOWA.html

windows7-x64

1

YOWA.html

windows10-2004-x64

1

changelog-ar.html

windows7-x64

1

changelog-ar.html

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

clockDarkTheme.xml

windows7-x64

1

clockDarkTheme.xml

windows10-2004-x64

1

clockLightTheme.xml

windows7-x64

1

clockLightTheme.xml

windows10-2004-x64

1

credits.html

windows7-x64

1

credits.html

windows10-2004-x64

1

e2443.png

windows7-x64

3

e2443.png

windows10-2004-x64

3

e2445.png

windows7-x64

3

e2445.png

windows10-2004-x64

3

e2446.png

windows7-x64

3

e2446.png

windows10-2004-x64

3

e2447.png

windows7-x64

3

e2447.png

windows10-2004-x64

3

e2448.png

windows7-x64

3

e2448.png

windows10-2004-x64

5

e2449.png

windows7-x64

3

e2449.png

windows10-2004-x64

3

e2450.png

windows7-x64

3

e2450.png

windows10-2004-x64

3

e2451.png

windows7-x64

3

e2451.png

windows10-2004-x64

3

e2452.png

windows7-x64

3

e2452.png

windows10-2004-x64

3

e2453.png

windows7-x64

3

Resubmissions

06/07/2023, 18:35

230706-w8fqlsdg43 7

06/07/2023, 18:32

230706-w6mfdadg35 7

06/07/2023, 18:27

230706-w34kgsdg32 7

05/07/2023, 09:21

230705-lbqjfabd66 7

05/07/2023, 08:59

230705-kxxdfach7v 7

05/07/2023, 08:41

230705-klwmrscg9y 7

05/07/2023, 07:15

230705-h3aqhscf6z 7

05/07/2023, 07:13

230705-h2e9lsba95 7

05/07/2023, 06:50

230705-hl6fvscf2t 7

Analysis

  • max time kernel
    100s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2023, 18:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    changelog.html

  • Size

    74KB

  • MD5

    de665303b7be08ecf0864e311e94a494

  • SHA1

    24a439da462073f0bad6cb46fbb563d1853c6eb8

  • SHA256

    96b893c1582a878bc721d0a19229e7bc99aaaae107002c651d57fd5bf5bdf9b7

  • SHA512

    102893fd6dc7dc340cfd453619b281f5b6db285847d76058ca6ca2db829d9080e46c965eaeb0ff5db63adf1501a2fc8bc8490af31b6eb16afe7495cec22b456a

  • SSDEEP

    1536:6eTlYbDk68dvzfMBBx+N24Dt2XGyjdwa8cID20+ADN6z+yH0ZyQmbvfZ/4OAS9vr:nTEDk68dreB0N24DsXGSwaZIDH+ADN6P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\changelog.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64ad746d300970db14ac91fc1bade1fd

    SHA1

    67f67d3b7f8ece988706077030ffacd2082e9971

    SHA256

    9ace8856adb72ad6a97de59d0df76f7fab4e4a71336f2bc369e007f623276b44

    SHA512

    a286b99e2146a1110fbf73a7a5f6d1935a2ffaa6304007a5df3eacc413930d797f5ed42a69836b5ea79aa21bb1b51fa06d91d2b36abe90041a143aaade6ef66c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03657606ae4eb51dccee295bce444019

    SHA1

    f540cf69b6e0129a15a31f6ef4ba65dcdc92cd24

    SHA256

    2ec1d0b9fd6d2d59d12d30356eb195c5fcd2b11220dc58438642a00132a229f2

    SHA512

    7d59023d337f2ab09fc501086c05df1c2e25c5b4652d95f584c4c98adb9d806863ab464e61beefdbb4d4b309d4c39c2de537809963b2fa38e75b5b12f4a32bc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e408c258e8014f22921b52cd5f3db0a

    SHA1

    45bae0335dde6859b450e0c4c3d78b9afed4f9e9

    SHA256

    47774c5f3cc484858b9db8674ad36fb4c8b43b071a7980520942fed4195b9ec4

    SHA512

    1ce72011856856ead10017cdcea8245cb6b5b5ad0b84c2143f089746e4b67374c2b6a492740a2fc52cf5ebf56995162d79f85b47b57b9b5bc7f90ff3e749695e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2f6eb0e3bfb40d7cf84736fe8b2b32b

    SHA1

    379f0516ed7fb3c8e77c483158b711407ca66901

    SHA256

    671f64ce8f859ad19f42cebdcc646c7d514452ce85316effc033158359f1707f

    SHA512

    1c6d6fb933218d258e9b42b6aece3376e607f474cacf7c53fdb33f476d1800b3557de4f5220ce8c17d4077ed820648686404366f5295ee3d3e31132876471c68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63614de039d1b4970ea4271d1abc0fcf

    SHA1

    c019e666d4ed5c900f7a2517f20241454f6bd695

    SHA256

    1f0af736a43ca544979e0103fbe1e488df86cb3014f0c0aa6c33c162818fba1b

    SHA512

    bec437383069d68eca22a1de8bbcdda8e2b55576491f8efc1fc60a62c39da31f5a4e085c631011ffa9e9e4eb7425bcb3589b973dedc8fe04ecac0edeaeaeb215

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    886ebe625f6f8851946f5fa360e4c9a0

    SHA1

    ce3c24272edcddeeb4e3f716f5a12a7244c3bc1b

    SHA256

    ec312ad96febcbc49bed63b0749eb582b483ab376ac2d6d19c76b50c56fbccb4

    SHA512

    ec0a8f2d23d6d79d903e36c8e224d7dd0924f3b4419b4d35dcca1ecb4bd6a84ed5ea368b8fc2f733467ca410fa5363e1e852dc61977203c83706a16384b44ba1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    009171dceff2fe9fa66f5152738b459a

    SHA1

    e669a02f8271e00d8e653f5f0d31d7b208fd3a1c

    SHA256

    5ad93388e22901b6e3882dd08d33beb91c7d97f6e16425683cded0ff29f0cab1

    SHA512

    e0de07804e1b4089295883f7efc624fcca55c5f662ec9e865bbe0f4b003ff30465d023bcb9f40b2aab16754beaea562a6cb52d43e395d2c4ce1f088ff9e2d551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5068617e1d667e70612edfa045ce4b36

    SHA1

    fc31dd0792bab475442a617c729b6be13cc49342

    SHA256

    fd4ea103a4c25ade659ce36ef2a9d105de93ab1fee35294632d0566cbdeb478f

    SHA512

    98801c144ba9726df839cd5158f3b66d2a16577e274a14e3c3457acd8a366a3bb487a6f63af17b4b12dec71a7e6e11e4774f50a06e1c69c6c3b6329ed05923d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d9d8cb0a607206da7422a5ee92cc869

    SHA1

    2c6f009f030951af10d078e845589d40eb70cf6a

    SHA256

    57bcf9f8bfb6900a67029f3f92d7192b3cc82fd4261ff066f1de45d7e0b04e97

    SHA512

    f6aab4d0af65ce698da6210a1ecfa0149522c8f3a88f630ac14418f0fc34144978783c98d2fb9342e470dcf2b7eb0a559a8b66470516860e36182e1e3b0a1704

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d80b6ba562e5f9290e6123054699f6bf

    SHA1

    32cda4b58248209b445e0951ac98b2d10625aafb

    SHA256

    41f719b3d5a67b0b9d1a2c5e4994c10119ee6a83ab069f12f4640912c5e27865

    SHA512

    4d2a7ba19381faec6896cd45ff28f73dccc6da6c58c24b97b855deb9df3a063068ce31b9e920106a3b6ce0c4b2567a39a7e0831ca002326aad86e138f3ac61aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBE24.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC0F6.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\97Q4YSWY.txt
    Filesize

    606B

    MD5

    93042acb3f021c1aa3f7ba2437531e7d

    SHA1

    13df38f829ad5ec525995e53555239f6a66eced3

    SHA256

    4e1ba339386583603e415c03d6d48065fab7cd6fe04b1fe49e62daab6f7718ea

    SHA512

    76f99a1715f7b75c1ad26b97e7b8049bac58df5a8c447c6c064a87052cf64392c797e604d20f2485a94c9cc67aa5c7a6299d6c4f1d673f069d3dc4bfd9f5b18c

    Download Submit