Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

10

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    disclosure.html

  • Size

    21KB

  • MD5

    57e2258020e513a0c7de0b0b6f1b25be

  • SHA1

    5fd0cd13ee183d294cda93b6b2f4195b8859f3ea

  • SHA256

    75d64bc17c8091c45514e8f4f5f14696953d907e67801711b9ca36edfc6ed84c

  • SHA512

    a435c0d5380ccb075edb1bc16d549c2e7f807bac521540fd4aa6159144e626585ad860b9f22723f63a4c9490d008060b3e2aea3a94a3eb09ffc504bb2aa06a47

  • SSDEEP

    384:OL93PT4oVo91UslHycUEYl3Kn1dYs7ZAlVtPRR:M4H15bUa8w+l3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\disclosure.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2408

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3682acecb7fdbe36e27712d6211057ab

    SHA1

    185528fac2d58f100c24232b003f9670bebe1653

    SHA256

    38b9b6cbd761e8422f5571ad109e812d67a4eb83e05833f27467434902b1376a

    SHA512

    ff94b0b76454007bc8ebcf60dcdc990e4039b4911d8e34742cff14e202d9d83bf93085f647458a60776fecc588d83c1bd80e876f5ab17013020a5de4a3b9a4f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a361b094e5ffe43194bb9ce5f0f36d3

    SHA1

    98b5254a08ab46adb370e1f287396ccf1c9a171f

    SHA256

    2969e5cbf4e2f43a1469340714d5565244d21419ad2e17845acfd7b8969e8ed9

    SHA512

    2acb0c723687df2baf2e2a45bac7b51facaaf457e5443ab12d58c7e2ad6d8f2715c81373fb8d928f393dc72f68f161cf8129e519b1c086d5da244c86e87b3b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae97ca8f07eb8dc48c51caea0a59505e

    SHA1

    e8a817be2a63dbf2120a496adbdee9fd229d1caa

    SHA256

    fbab81254cf71e46c721a96c6a75eadce314cee7cde0716747f45cd8adef9b27

    SHA512

    d1ef4a53eea3d5171d26ba19221eba1a869d54e16b51d0e6a59f3dd5b27b6d627d75205147ad0ae329be411d4f34e916a67a2a975de2dd6372347f4f05f7a769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68a22ae97c75b435e930e8f8467d3cb7

    SHA1

    22ee2899749b95236c02613a290a8c6666df8bb6

    SHA256

    2aa45acc71acd5657d5ce633448cdd3e7dda4982052857831bc11da8aea39cec

    SHA512

    c0b3104d55473a40445c0a641fc1bacc03397e52e75d61b7c3a3a51b8477b9c66a57a6052c6d3cd53d94df67bc5e9b7fafb607df2ac8f0215b6f733882e630ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dca2c8de735a97198f9bcc679ca7e34

    SHA1

    ed6c20c1bfd580c7d319ab0e23a33d03c1dc334f

    SHA256

    557a7b16ca541da31d69638d21a2691717e59c488ea84ae53744f968d527210f

    SHA512

    e643d4d81b41e60b3e5bc59671ac1ce125352403f4d3a337f926357e74d32f6c09d28c3f67ebdbeae6a904ba02e41e81c2986fa6c95d4869e889c9768d28ccc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    596b1cba8c67350c185eee2c22157a64

    SHA1

    417a755ca24098dafdd0bd7cc7432efd35b37873

    SHA256

    e61b0f2d643e1bfb583541a273610cefd2717b8aef8356086db32fdbb28e38af

    SHA512

    72aa010d722834fd14b757546fe33450ea1cc6b26de77fe15b59b48a1e18b2c773eaad4bed5ad28f50b459a510a59db67e32758408500e8cd46a8dfc7905e90a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b88345493dd05ef5fdcdfb1587511e56

    SHA1

    426a650b7a4a5b6ed99f7081e6935e891f1d90d2

    SHA256

    8e07d1d98bc1111dc5407732defcd400223ce03213b71ec6a5fd750a396d9874

    SHA512

    2d54c51dcfc0ed11edb6a9561680252428df292ad6e7cdf38247ebc6c2cb614b2d72cbabe16432e18fd7789af29474d03808a0211d08e5238737130e2ffc3ccf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4b2745ad79a9109b3ec0bf59a717ece

    SHA1

    d9770fdede2827af7558d40f5d604e6c13396cb5

    SHA256

    c9737241c5b0e8cde7f803e42be8563f6161f5914860baca644de843418878ef

    SHA512

    c0d59eacb7d05e5295e46a82534be958767e3a5b785621224f81e6b85bf727fed05c8f84e9bdab3a9e418feae08a9199e541359a165edca5167a33c6f7220af9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f803aba0202d1b3165c59cfd8179a39f

    SHA1

    5e4629bbbe3b14f2d211303e0693ee4411c8353a

    SHA256

    09f3a2589216a3c6cccb17be5bd01ba56d6076e239129126981b78f5481d647d

    SHA512

    8cff20cccda596637e7a0fab9c32888acca154bee90354f26044584bafd3764e962ab29c85ebb75dd53b8fe8500cfd905d370f55aca430ba983e39dc386c76e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CM3TD3CI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5A92.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5B8F.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\XX7HR5RR.txt
    Filesize

    603B

    MD5

    6e8553c1b080c97f25dd47f96d151d72

    SHA1

    2496ff5c32672496a9dcaed7f9a5d05e357fe700

    SHA256

    87e957f144bbae046e8e0eb54f07bb6e3b9c170fa247a8c7fa7ad12d7c7410ff

    SHA512

    6bfe16a40e54da9ffd6950f3b8e33fbc589d248a52b4d687612be6c159d2bd752616618b6d9aa04140f4310e0b6780a1b25358ddb206d511c5f2eb1020b4abc8

    Download Submit