Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

10

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    policy.html

  • Size

    34KB

  • MD5

    5006b2ca11128f570cb0d02c472f5c4a

  • SHA1

    4bc29748b81396285f6df954efb0d708f73025a7

  • SHA256

    efd83e19fe889b7af1ab18a31cd519e27eaf0abea42975a82f15afefb272f08b

  • SHA512

    c761233feb68832ba595a06b18a889a5a79c4f8305dad5c1616b0d88032e2569c95e0d415c9b8b7d4e2d519ef0eeae590d26ffca386cd748d1b015932093a3b6

  • SSDEEP

    384:rWnYCJu/yJMBAK/c9Yn3Y+9X01uLp3XPYsTmem6bs7OE3YZVNCmj1SYSr3QPRz:2YwKY0v9wsxfblEEnx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a044da15f01456708c4b47d800e5962d

    SHA1

    1e0e6b832e937d6802834be46a3ce5e4bd773c22

    SHA256

    42dd4bbc5a4f3ac770c6318282accc64ec20cacb3af364c9d34cc9a275c06ebb

    SHA512

    4bb1fde6ea3a24f76b4ac86790792a0455476d7183f6ed41382f5b2efff3de1039296811611d5e9b6a463be146a81907df250ed80adfa2b885b3fbeb02ffd6de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a81dd53df894b828ba11ce35e23b861

    SHA1

    dc03c17a29040416e18477da361c3db04a9a6b91

    SHA256

    c4bc17a0b7ec8e3e86cf1533a16712c98fa2e17110ad09421b481291ffaa1fb2

    SHA512

    119fa5c8855cc28ebc86f5a74a7f05271c006976dfd0648a73ff5e1eae99a160f523ff81ffcb120da9e2451f31d7a9af819f0786f4b48ecc09ebb02b4da4ce68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58421f85b84dc736e1ae38b9bbffd55e

    SHA1

    53a2c3473432f251a53e9d00b0ea77f40d376438

    SHA256

    b05b775069f9a4de6df17308a48316354d5d7a869cfcbc3e48127328f62c597a

    SHA512

    5785772a1c907988ee2f0ac5444221f3d06e7a07f29459f413dd2641272b250a138d7b0a3f05f81a7c0efb1ba799b0fc588da9a19266f8fcbe1956ea275f69aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    429ab6015867de5f87f029f71f04f759

    SHA1

    7ce1376fc4cdbe2716560ae3b095a0d0d0856718

    SHA256

    98edef72899df664177f5904afd6d108704dfa46238d823b0c53a772561cc593

    SHA512

    1fb52fa981e7ca3c301d6f914de1b8d06792d90c94d6be462ca8e93269e613d2c1ae112aa6fa50f6fc0f97e4b9372a8ceffeef61cace981a18d3101fc24d54d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db4e1545b1b2b80d3532f118be4f0092

    SHA1

    58077342d4efd9fc0d75c77967f3ef86c028a77f

    SHA256

    7c335d225e705cafe1f91a2a133f9e8e4a04ebaf0ed54edfe1f1b9d310864b41

    SHA512

    bed248e1276a7214eab2cd7a3c9567031a5bfbf3f36e219058c79006055e70cdc4308ceb6b004178a3237ca45f332ec27b7ad64974fd34a80341fe975d807844

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b522bc4f628788df1b9a404f8098802d

    SHA1

    201dcfebebed8d0bc2e0e6ce3a94d7e62db8cf00

    SHA256

    336c82945940c0cd570dd3f4bc7f7cb38d0f5b2a8ec9fa569a60faa5637a2008

    SHA512

    12a70df2fc4e18ba05fa3f15f7f79ab07ea8e0179e1b8ae196bd037d0877b6d9d1893a40829bea67c2a02ecd7f34f40de264aa6c7a0a258bc16debf9ae55ea1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    993e2d40331f82ae0af113500e7eee81

    SHA1

    9388b7e0cb08382478ae7b443571d92c945ece27

    SHA256

    a86a65c104a29eebd53c1883b30a7e6ebc28975fca624a66d4346708d477d3fe

    SHA512

    fab80eb398f45d43e897bff1ff1a9e3e032f92b1b720f74c2674b6780100c720922b302e317e5d7bcf591b113879502720e52754b28e597b4a82e4f6518a5d21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7762e0a0c3f277b2de2efab0f89be1f

    SHA1

    6009eb87ca9de7fb9564af191d0f992419b36a4d

    SHA256

    3f1e803b8ccafc741fab6b0db480271f3f0183962ed197f1afd114f656ddcf53

    SHA512

    8b7352d65c7b16c07e1ae6ddc6657a466856c5e3bac74b9e391d09604ea2d1eb46536f6b714c0b9fc7a9bdc1a100d63f02c1609f36800aab1dd1a44d3bdc7562

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bda0887d7bbbbc711423b35ae87b301

    SHA1

    519356058a4e9033c693c9c89ada21fe9ca5c15c

    SHA256

    7e2aa665a3b07327105573df34a74394236446b3e80795a155c79e2173333a88

    SHA512

    8843d01dca44185c3aa182b3fcc6629cd9108a8f01449fb00be9d771af7cd378741e81259bd8db8aa1ab88ee805fedef9777bfe83ad9271f3c0697cb93fb010b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82524dd6c3130f79c6144249ba61e60b

    SHA1

    71eea52c53a56feab2111e427fb52908a833b157

    SHA256

    e6dadc612469f04c1e2143b2f975258b2172a9053dff211a88eb85af1c8e7bf3

    SHA512

    faaefedf683bb78d5526e1056434093324bfaaea2a981af719ef822b4a4b856fdcfbe09e3b4cc3e911602b90128e68f7c9f3f2ced944369fb22197356be52c9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c498889f96cbf5daed798dcfdaaed98f

    SHA1

    4d256c1831dc41c8fa198eceb980401dbc5b7758

    SHA256

    fbcc4fcd8e426609de5a8dc372b8f5fdf9da724c2cf71456f0d41a84b32c0799

    SHA512

    c3d4a63aad815df8bcb645e09385cce92410c5c90b3e4addf20742bfce77c57aed19dbb594e5e24713335eb99ad9612990f391000fbcd6ee9a9a14340229647d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b8212eec2736a0237b9dd9d22365271

    SHA1

    56de80e39df39f99bbb971b5c5aabf832ebf2329

    SHA256

    4ea2898dcc607e7631106d17e674e81c80cefec3c4b53effb276cbb50136d000

    SHA512

    901ed2769b3873efb6641fc1a04ab00c5119bbc494ca28b043cbb7580058502eeaa4d369b3dd909201c82527ff5872eebacb5ae720f7e86b72d0f175e23d5447

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    745fec2f573224e61328e3b5caa7dfaf

    SHA1

    702d53dd553c83643a787e8dee73182aecf2882a

    SHA256

    a1db4c27710d79adfdc25405f2469e56dbd53da8961275d589472a8a6bf93d7e

    SHA512

    fe85972561c8c1efc18788a2d84566c9d1eedd0e884ee86c8a9cc7835d0b9e8982c2b24a91d3fd6e3bcff886bbce6d99b129b026f3ba5889c03f4a98c21f4b3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcd89d6418feb0091ba6e72e138fcb39

    SHA1

    7d4750f94892c52e6024c173de904d13dda0733e

    SHA256

    b33e4388eee6ae38fa7ceba9af6371048f2c8b61291451f0138f73fdeda72f07

    SHA512

    b862bd880d5d2a1cba4de4e1e31157690c856699590a8e6cad89842535f45e014e3b6efe18c3ac0e692bed899c6603b2b980fbcebcfbbb91edfbb65b295d693b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODRCOPYD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5E29.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5EBA.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\7VDTC2RQ.txt
    Filesize

    601B

    MD5

    486e83047fb8a6aaa43e433afd4c7db0

    SHA1

    42f06a6399a095d39e7ac118b01afb92d6ce2c26

    SHA256

    8e9353e8f7cf496183d8bce247476938d0321328d8dc90539b1fd67639503c24

    SHA512

    8bd56ab2831839b28099c1d189cf37f346e7b85f116ff797cc96d2ab233ac9ad3a957986a0e37fa6efb667af0d827f3b5d62dcd6b3fb7d612d9548e55dbc5cb8

    Download Submit