Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

10

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    disclosure.html

  • Size

    21KB

  • MD5

    57e2258020e513a0c7de0b0b6f1b25be

  • SHA1

    5fd0cd13ee183d294cda93b6b2f4195b8859f3ea

  • SHA256

    75d64bc17c8091c45514e8f4f5f14696953d907e67801711b9ca36edfc6ed84c

  • SHA512

    a435c0d5380ccb075edb1bc16d549c2e7f807bac521540fd4aa6159144e626585ad860b9f22723f63a4c9490d008060b3e2aea3a94a3eb09ffc504bb2aa06a47

  • SSDEEP

    384:OL93PT4oVo91UslHycUEYl3Kn1dYs7ZAlVtPRR:M4H15bUa8w+l3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\disclosure.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:628 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2292

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77a64962cca3682e1af12df9cd352c9a

    SHA1

    4b8c936d30a52051f47f7c13475c80046af6b9ad

    SHA256

    5fc7ba2f1967f92f1777ab0252d4045c9298a7bf16910bbc5dbc6c494c9c26d8

    SHA512

    c91efebd1e7840861925fb126b636bc7c82a39723beb9017eb4086218552f557ddcead732b28df9ab071d84bfd68b55af60e4beb8231699c5c821e306c032cda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    249080bd98de55a6a23217599bdb43e1

    SHA1

    189680948e275d07cf32faecb46f5ee89921a987

    SHA256

    f41a886889c09d39e064d9a7ca35ea4d4eb9ac6cfb45c93776f64417a4eb41c2

    SHA512

    d35df5088d40ed96f0868d6e198212d07a721436fe595e84fe2e3d66c336b37f3744e210b20e47cd50afb70d18cd2649b3a0dc08e0dc92e7cefb651f04709d54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8e06ebe4e614e32e8b5d04d84d65fb2

    SHA1

    7473f547c451b92f70de800fb979a26a9d3bed76

    SHA256

    323a6fc3d03016d9610518d80b86d61c81df517a8b1f2c83ed1e825b6504eb73

    SHA512

    de3d755aa5c58f8533ad32194735a83d0123019a7efdd19124b5d51373ca68fbbc229cf4447395bc81435f24179ad5f0ff66403a01a1a6811521f7018684deb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1343078359739cfd5ffd53d5fa32a33

    SHA1

    f77435ae983e2ea82899303be0335ac13585b986

    SHA256

    3b7ccfc2d9c84dd8314a2100fa79e6108fe6c49ff3956be3919558ec31c113ca

    SHA512

    3ce4cfbe8570c0cce30badbf3ccc20c42904ade447038b2f250a6e1b8cdb5d3f825128f0110275dbe0054f8a7844adde290f79fcf47d143ee53850ec0613639a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9b80fcc14858c06943446776775d2b5

    SHA1

    02e4a1f416bce6f5e44cba5a892e9ec7eff71818

    SHA256

    9c4c8dfaa0563254d71ddf3b2d71895ef1844730895f1336c416a2f9869bcf30

    SHA512

    b546d4ceb4966c97c94b1b9cc738dd49eb232cd8216f51821653a0fbfe858b0951bc47c2363ce08bbd5984e255aefbe345dfd5c457a561a72f141503a0b58148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b4add789eef1a81f9378ca8f57120bf

    SHA1

    2d9bd986d37f1cfdfe3b56be7794d1da0aaa13dc

    SHA256

    ec3276ae186965b69e48dbeee4a34f14f244acb9ca771bfc318fa8b6df3ce102

    SHA512

    69e0966addc6d93d72655a2a347e6d730719215f9e3256d62a53b38559faedc2d1a08ae257ba275d067a8c6c7ba321281b66d838284576e24dcdeb98d5fc2c2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ca82b3823223230945987b917b55119

    SHA1

    75110e8ce6ece25555d821100eacee98820552c0

    SHA256

    ed3fb49de99ddeae61837a2f72540ff93094b9521467416b3d6a9aad02680331

    SHA512

    42134c0fb772b28d9888da2b9dcba58db0b2348ed9a289a4bad95c860097fc7183d4ea90625d7801cfaedac8441d36afbc0cd328a98dba00951e8ec9c1c2afb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d23d613b4a990ee6d40c836e9180f5c8

    SHA1

    23829ced55f08c34ef8376217dde87fc57304e90

    SHA256

    f19ebfd41406d21237ea1373e063ece229ddc5373cc9773b28e91b8d17398936

    SHA512

    f1e97463f91cf7126fb88cbfdf625f7b1cc405625298a238db738b267d98f100471a3908c289ae2f3816f72b6ec13d6e2dfbe5e529cdfbe16a493248c45e591d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZEULFN0\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab59B7.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5A57.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\A3GT1S5Q.txt
    Filesize

    601B

    MD5

    1ed1ec90c0a14a69d488bf6c1f8bf19b

    SHA1

    1208fcf6be9a892d6af7c973aafaef31a33dfd23

    SHA256

    d824c0682eea2ae145a869551d22fcde2d307d922b91841b6c676f29ca90be11

    SHA512

    b06b5028c5078adf5b4255ca6729b5051cfa77b6b54914ccd966ba345d620ce4ad0b53483512034aa1aff3b84f7631c48702170833e04ec319d5dc9ef9d77e95

    Download Submit