Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

10

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    102s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    myps_policy.html

  • Size

    53KB

  • MD5

    9a447d84da71684c5c571999f23ea7a0

  • SHA1

    7d4496c5a38316c1d8c7abc93e1f0a5bcafde1fa

  • SHA256

    243bd76153a8c1a1dfc9132afce1a796770dab63b1ce4ee725f593dddeec4358

  • SHA512

    05f394e7681243630b3f1739306fd5beb6677a57eef5f36be847918f9eaa296eb50e3052afd4eb844f933345e9b972deb95f19b20aa46ce15039600edf1b6340

  • SSDEEP

    768:aUuR+6hRBH0+xPZV+YTSFlgK4yFMuMveCn/1N2aj7wlDtXGZ4nKdW3q0C5kubKzt:ruXPZVaMvz7wFkZe3qLc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\myps_policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2336

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95b459fc76a32ab6a85162fead254adc

    SHA1

    77a833110c976310c44581533410256b2de4c46c

    SHA256

    3a887264533410409dd5bd8d887dc7d44efb8351cb2ca09c6c3277a31e0894f2

    SHA512

    5a28443ba32a1e579f3615140dc9c8682836abdb187f84f910d44f106d3db69ccf0631b97ec4c308066d4a60219f7fe052e9fcfc8ae75e1791f7d8ce1e86b50e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9e8bd539c4fe72452c5740794ade887

    SHA1

    e7a17f05534a6164b2c009fa0996643dcaea4771

    SHA256

    3e1e1e4594b5534cb05fa18c3ecd8dfcfeab3d5f828e0a6f4f9a8409dae3f106

    SHA512

    90e1b6e286bc67b318dffd5a850838f8513eb6fa9ee6222d86013563ace50250f42f642120acecce65518ab6e00887322c8b5fd47bb7ff679be4676fdea6613e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ca161561a951d429e2f689566f875a3

    SHA1

    5742a63dea0bef4f359204f7db924fdbf397c368

    SHA256

    cc7e5cfa87030cc84d22059877740526be89e7896442bc77e4bcd9d6a4fc8eb1

    SHA512

    b0e7aea334bbd50e3ca370fff921893c9b47c9308d775670b859ac0056536ca1bfe1ca92f73afc8250bf5177f1f5b0fb407f9b7549bda9fc941b575b8270f573

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81cf9a1638252385cf2713f6ebd17bb1

    SHA1

    e259d279bd50dcfdebd10779c0b5d636e2404063

    SHA256

    c83b5f78795281004f277002acba79ba0a3ec57a6ca1545f891bff0fe06b238c

    SHA512

    37847f344db013569bb00a5513ac753e3cc20b93076a0b6ebb6dca3cb3c60d213f718be067f1b4a719254412ba1418b27367842b17366082647b543eb5c33a29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97cb5e9167c93c79fa650978b5d35705

    SHA1

    1d610b14af0e02a1e85e1342bc8affdb8ab7a0e3

    SHA256

    d4782d360bace03ca3b4fb08b770db04af900307f60fbe385049184673d1d46f

    SHA512

    cf5f08be37cf46ae18a919f5912e9d43852b8fa675bef1b90fc03d9b7cde3ce44f65f832d345a712f87cb6c2bfb338ae1a222d7bb3c71009f53d5ea9d021ef06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    234eabfb69bfe0f90c0f694acbc39c59

    SHA1

    479d773e6eb8b1c59747dcdaa3b2b3d6a6df7273

    SHA256

    6c9941646d5948d8e225813131318958e1deaba4f7a70a1c48bec99116655e96

    SHA512

    2bd90446a1363d444b4a8f31296c779f86e96f5ee828cae03d015b6cbbaed0c091f581f18ff7dedd2bda97b1f5feffa2df6d30e59b78c70881b888de69733c14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11501cbfcdd7d0a65c0027f4af251c3a

    SHA1

    bd6f4ece7d0d626ddd30e0ea54be2f392022d74b

    SHA256

    8471b0537e17c9ec3ba902261d3f51d5fb3a0f435780894aa6ae8d5a4a77984f

    SHA512

    e0cad6f8c1fd4a929e947fa3636c12cfe9dcd5edb9b3192a3fb9e01f33eb39bd9a2e63bf8db09bc23f32e6d9da39bb23981ded13b67309fe6f39d6f4e45df3ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    258d118c7dd91b8d2841ad7d214007f2

    SHA1

    0d3d2269e0d10284fb52d97d077d474a9a5aacee

    SHA256

    1d4fef2bb3ea9b120423dc55ab1b6b5b1439790d852740eb8b2da2c361260018

    SHA512

    91fe87076eccf0eec710317d3e6842fb6e9296be859cfcf2f8c49af8c38e758bf18e79e3632422029b91c5f244046f306ce6397088309703b976d6632fc86b15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b0b087da3b61eab05eb2c558d264ab1

    SHA1

    66c60c4a8245fa7ed5841c71fe89ec3bf57d0b54

    SHA256

    cea0bcc0e7b835d4647f5c16cdcac6d4bf375977ef1e1ebf472693ee286ab9f3

    SHA512

    e2230e3f6c41cd296648ebb19b693f041f236dd50fa47002b50ba92cd468b8654eed98d75c074eea98063b9c0df119819cefd8acb26f34600cea0488d132b4de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c81a14ed458c1bb53c134cd0bd1f3518

    SHA1

    42c48e1578a9dbb9feeed67ea8ac46273be727c8

    SHA256

    1092f44d87a5ec11e6ea69e0057bf3a91fc8ffe0b4b14b89e91a05ff039d52e8

    SHA512

    2b0ab432d92619ad36d5d61ad6e20c8f87cf397a167286436e4500825a3c437533c00eaf6e7f23675e582fad6c7ab6a7cca7f5d0ec32bc45cae894a1ec48a4c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8154383ae2cdcf4ca776274fc3ee4548

    SHA1

    94ff3c0505dc8c2c9ab3bc88777fc8711b7d046d

    SHA256

    036cc21188c9326f1940bda3236df6c2150fa745e3963c360f20def70d25c3ed

    SHA512

    d117d21ef1efb36887b09d109dcbbcc4a53723ecb58c79ef443ce7c778c2a9d01d65ef2b74cf4612d03a2109c75201feb583ee5c63a97285c84e1f62f8635a71

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M70DY8PN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB6C5.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB707.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\14WXWHEH.txt
    Filesize

    601B

    MD5

    8db277c280083c8acd6481d80260ba58

    SHA1

    eacb37b63e1fb69283f2e61e5ba976cf41fc925f

    SHA256

    9138f467657166767dac1e1856daf9fad0b08d364ad31ead4c64e5b8a7fcaa28

    SHA512

    a3964597f447210ff6652ef58d48faa2f05ad50bc2e1207ee671ba07d73a65d3ec2c3d8ae3fcbf35da8871b1e61ece8cf4e204be6a1381472a4f66a8cb7911bf

    Download Submit