Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

10

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    policy.html

  • Size

    34KB

  • MD5

    5006b2ca11128f570cb0d02c472f5c4a

  • SHA1

    4bc29748b81396285f6df954efb0d708f73025a7

  • SHA256

    efd83e19fe889b7af1ab18a31cd519e27eaf0abea42975a82f15afefb272f08b

  • SHA512

    c761233feb68832ba595a06b18a889a5a79c4f8305dad5c1616b0d88032e2569c95e0d415c9b8b7d4e2d519ef0eeae590d26ffca386cd748d1b015932093a3b6

  • SSDEEP

    384:rWnYCJu/yJMBAK/c9Yn3Y+9X01uLp3XPYsTmem6bs7OE3YZVNCmj1SYSr3QPRz:2YwKY0v9wsxfblEEnx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:592

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5803acae401caaeaa82077b7b9c24d73

    SHA1

    94d6f6d61510ef5dba643814627ec596e8fe9c2b

    SHA256

    ac40b71f16b3850fefaf03dd0663f46c75b85e0630a496daadf911818417714f

    SHA512

    4f00eb54ca34f5facc69806e73325541cfb54605e01a28c62bf6e9808716b39426e528cbfa8d6c39a5cf7f799c43f8b22e83f2a54c632ef148d4fcc064fe6879

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    269b50bd6df263a6840652d3cdd2c30f

    SHA1

    48cb8ff503193679a2d69d0744b83c0b4cb355e4

    SHA256

    16f0f1e0052ad631679f6a5864a1dc7af0edd1f52e4157c21bcc1408b16d3a20

    SHA512

    b8316e4b8544a962ec8562f0a926e3ff2290be6e3e94b9afd5fd9e9197f94c0da93ee58b3385abeed2f1c1e39095e7298e83ce6a43744ee65a975451e68a1416

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0824e675bdcd301904ae218962276b30

    SHA1

    1bdcec2af9cfeacd591ba655caf37e9fd94c76d6

    SHA256

    5c0eb1dae626c3af3f9c306158f5dc8ab584eb9cee29889bfb13d113102af52d

    SHA512

    39fa370c99c860122d0feb3036be344e9aa0615102d201034903630a578dda5b74b1956cc4d6aac2acaf393b3deb1b45c83b265dcafe77ac5581d2b705edecb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cb3ce2adc3ee21b45ea5ed39a9d7fc8

    SHA1

    7051b60f3c6d8f7f26a4740807cf1071334288ca

    SHA256

    3d4beb5ead91d4ce25cf8099b518106fc3b63293022bf7f19b48e246aa401526

    SHA512

    76befea1c7e670b3590ee8e7101d954a8c03aafb158c20a15c63964959209193f15dd8c53910f38cfd20010c414a04a4751144979cd47c786b99213e182f6640

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1306baa08a991b4b4cf6a8182726cc70

    SHA1

    f5086b88741108d0e7210b10709783e0719b0b3c

    SHA256

    0b0136b79c6a8085dfa785c18966a8b5d40c48076615bbd999a19af80ae31fab

    SHA512

    b05e6c9c03b2bf0018ef7cf9ca730179b54239b1a64d30f73dcdb5b944149ed1ae3f22a7196ba93112f0bb7c6170ee5b9e3117ffac9bae64777f0a46505f5e7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    633d4c2ee3732ecf3212e377a58718ab

    SHA1

    76527d179570e2b70155d91b179463243917ea6e

    SHA256

    c98448b031b8a91df2eff68a87501070871e12bf1004473e2313e08be9fcc5f0

    SHA512

    acb216a011495caa4fbe77994646a83fdd77ad72c8d614575b648776b3359ee478d01778e6bea72b5c8e947ef6823154d144ad240d3d5472752ed82892d35292

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4be4b781641c2751f655b3524eecda68

    SHA1

    1be0b62218532debbfe4d56239575eea53f0bb2b

    SHA256

    cd3a36aa1206a94f14204d138f717d0deeb5077500dc0d1a329f69b6a70c74e2

    SHA512

    12637b81cb0c27e55234c18d98ec939a76de265176c375f672f598205cc21816ef98cb17b49e1ade7472d11b73e42a98860c959a5a1fb10912804a6c730f507e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a44d5bd7e0eb4a1cd7c1735505aa2bfb

    SHA1

    a360869025d0f101df0b4339b2a6819ed4593b29

    SHA256

    ae3e8eae334ac448c3b76006c73e3b2a3dcc30c43585fdfd61251faf62b1725f

    SHA512

    f882b36a94aa026e5d1707205e0cacb9043d9f64ad1aa887d80a4ef884a4ac96d3108ed1c1a45bdba6ee8a59233d683319106d425f8b47e08b217a686ea12024

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f99baa3ccec6fcca3617264bebc12569

    SHA1

    bbb4b191590a8d665a532f8187256836acd30f03

    SHA256

    1e0894cf38e787e22ee6c44db12c1bd3b0e6ce5b9f321e0e3d554d78045fefb3

    SHA512

    9818aecbe9b1be69a3f2a3419e8bec46b2cce3490ff23436d4b91ff2e490b68573ebdffc33f1784df82ac1f6cebfcc91692972a65575cdec7fca64ffa28ea163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f99baa3ccec6fcca3617264bebc12569

    SHA1

    bbb4b191590a8d665a532f8187256836acd30f03

    SHA256

    1e0894cf38e787e22ee6c44db12c1bd3b0e6ce5b9f321e0e3d554d78045fefb3

    SHA512

    9818aecbe9b1be69a3f2a3419e8bec46b2cce3490ff23436d4b91ff2e490b68573ebdffc33f1784df82ac1f6cebfcc91692972a65575cdec7fca64ffa28ea163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b544d1490ee2ff55e4ff3a4edbb06c10

    SHA1

    a03c1f2c8ecedabb976e00beedc7ff00cb9593cb

    SHA256

    3c5922bf138cc65ff91d4054c53e513a3c5e7d65f5c9e7a1978d81300bb5c9c6

    SHA512

    751ddb104871d527b32e49babacefbeeb2ab1981acf2bc91b78b60f92f577d1eaf1ff31554f7953a855269d3c4a1320b6ec33ed0c03e8e1ed28f656212b78f0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M70DY8PN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab52B5.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar53A3.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\NO3M2KIA.txt
    Filesize

    601B

    MD5

    454fad5d4e83f4b30bc1c998f3f7fda5

    SHA1

    b7413630078d3c2aa1a2dbb4b5d3381ed2e93428

    SHA256

    7d9b08a70cedbdf4719fe2cbddf6ec8655f00a7b7b09032b1f1c85ac7e4f3fd7

    SHA512

    1c52ba5f3a55cd7096ba4206c8d0985550e388f7b130c7707a6b3befa30d718bea94f0fc884d33d193779aa4bec7ca09204b7d0cf40c1555a1d7a62e6a70de41

    Download Submit