Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

5

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    disclosure.html

  • Size

    21KB

  • MD5

    57e2258020e513a0c7de0b0b6f1b25be

  • SHA1

    5fd0cd13ee183d294cda93b6b2f4195b8859f3ea

  • SHA256

    75d64bc17c8091c45514e8f4f5f14696953d907e67801711b9ca36edfc6ed84c

  • SHA512

    a435c0d5380ccb075edb1bc16d549c2e7f807bac521540fd4aa6159144e626585ad860b9f22723f63a4c9490d008060b3e2aea3a94a3eb09ffc504bb2aa06a47

  • SSDEEP

    384:OL93PT4oVo91UslHycUEYl3Kn1dYs7ZAlVtPRR:M4H15bUa8w+l3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\disclosure.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1276

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c80a78649cdd553632b46a3abab5954

    SHA1

    ab16e691675fa0b3e9c7fad62bc9bdd48d0412f8

    SHA256

    6d61cb4e109dbcdf02b50652a113fb3eff8828036ea9cb9686c42d31cb052d92

    SHA512

    19c2b5bf3691bbbb88cd3ba64eaecb2cd4b92dbd03b6111a1592cee6ccd2ea8c9cee6f57115179b50ca56a9eb8671c95c40393cfb12825cf3ffd9db34563e1f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10e0aac62402fbb051ecb1b71ec09ba8

    SHA1

    feb489bc3a9ecc6ccc46eb199577b5952bed4ccf

    SHA256

    dc04deda60ac08200a3a95aa34bdfb16731d2c6c6a07cd534680ed4c076a1b01

    SHA512

    9c90983bb219f6e68e654e6754241bd98e0b533a8a56d033d1787d2b818399cc8a21512a806cdaab072a28e9c70200d52c73aa45a36d285da2d7aa45cc626af2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3de57a0ef344e6d40b8219ac08ec1980

    SHA1

    4b15ef6b47b34acb34c52089fb1a1fe15decade7

    SHA256

    36361df6b6dc4371d6c7a637023b6c10a31dc3e3ce89e03cdc9a5db382c31da7

    SHA512

    18dd8655d6dd4642afb57f9e294f5a8338fbf7f0c624810d9e733ed8e1f4d6cd019c390a7fa9b0865d636a9caeac31374b322750528f344a0aa30a3ce615a59d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfc78877c1e62f4f00e2e47042254f34

    SHA1

    7f17f16600d00c5b15d730deca1d5ce295de5b9a

    SHA256

    141eb7a9193295d8baa8d54e912d2da105b289e0878e9276020af4eda16f1d04

    SHA512

    14a0bdd528ef84fa53b96f7fe5a5673a2bdfa337a0e680c7cfb9f5f29b6bb999435d36c84c907ef8529e1f23ddac5b89e88f2ad497483815ebd9172608aae3d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d00db5c485f92da77d1064a8ace60e8a

    SHA1

    7a870a15e8e227e06a899ab8a6cfe0ce51a6687b

    SHA256

    febcd9487338935ffded876426f9e4434c92cf5b49c1b83a1a8aa11e9c9fbc17

    SHA512

    f9c3f915204dd7729c49beec8606747151e7c75af0437def4c129aadf79c59fb4b6bd5bebeb7f1e58db88d2d7019de3a1ed1acbfd4eeff891bd8cc35771b75b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61c677a8fae893f4341dd94dd45e5e21

    SHA1

    a249375a69ab6b2c44d3f620a18b8ff87ee7a53a

    SHA256

    9d59c982eab2399e595b053f10d73c61d8edefb897889f5d858d3a8d3e3f7f9c

    SHA512

    3e7abd19336cedbe093aa99676c401d21a6b15f47d941004200edf2c9e3e58037f3efcf02c215c9327747277feed9d4c1e282f6e0529112761872a6c4fcfaf5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    472aa751b364f9a57d69923bdf0c3c5b

    SHA1

    94de2dc557a54428266c652a44fb8f7cf1125e09

    SHA256

    ef595213df1ed54d1d2d949518b53a554f69cfa5eda9226a2e78c5a16acf2a13

    SHA512

    5fdd46881d7cabaf28ff245dd518f01f74a6bf74d3bd45d592cdd3046c5cdec8d4bf135c1dcbb7b7bb67f9b0ac03149ba66fc7ea026194b7a17f2d39fa23e525

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a415a24b66ecd0addbecebc0170ff70

    SHA1

    db36f30552ef7457a37b573520300fdf34fc4847

    SHA256

    1918b64b684e3bf573d1121c6b857191f61c012a9d515d2fe2089f8bb7435e26

    SHA512

    b078a6f7451d9ad03ab0fad777a1ffbcabc80777801dca941a8f6bd8653b9398386f5af0c3b77c45c6fc1ead82188cdccbb9152e18c98a9ee8bbe0f3f4608cc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    238c939e5138ff5e006c7ab300dacdcf

    SHA1

    e26b5656c4bb83125e8f5b9da8e61025923c1f55

    SHA256

    eee34c581927fc4aa9d4e21eba28331da2f2e64be284adf0ae8db9530538b901

    SHA512

    d812268a9414f5e43706c27d317bf40bff0c8aaf4c2a4bbc9a9a57f67e8fea1bc0543fc34c24f3925ebf80bc2405bcebcc016a62209db878ffded537c2a8d89a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fcdd057704936e5116cecc929e40b4b

    SHA1

    65c19c326c07429af6e3fc96866d3cf2b3697ebf

    SHA256

    1af43bbf1a04241252c16779f9b436539ac9aa3dfe0a271919e837c68da2d33a

    SHA512

    305a8ddcaa0419a757ecbf7bf5274cf43645df81c21fb52ff29d6ac226de4d3d4c4cf17702eeae08f9f1a3862b7dfdd941393cc16b0f0ef0359b34387a60f8f8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6EFB.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F5D.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ICX92K01.txt
    Filesize

    606B

    MD5

    2d28dec268d94cc85dec8ea0394efdad

    SHA1

    55dd21e40843d16d048ee705cf9c1d25e0e8704b

    SHA256

    bed0939e83d6c050223081c553c0fdf2e3d8149bde337f41fe0598828eef66d0

    SHA512

    1d9f35d67f8ef30c2530aa8e2aeabebac7431ec8b418a74623fb0394f3227e7c637e730fa21039d9bc676f992987551e239c5b71ff888619e46c83b4479f98d3

    Download Submit