Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

5

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    policy.html

  • Size

    34KB

  • MD5

    5006b2ca11128f570cb0d02c472f5c4a

  • SHA1

    4bc29748b81396285f6df954efb0d708f73025a7

  • SHA256

    efd83e19fe889b7af1ab18a31cd519e27eaf0abea42975a82f15afefb272f08b

  • SHA512

    c761233feb68832ba595a06b18a889a5a79c4f8305dad5c1616b0d88032e2569c95e0d415c9b8b7d4e2d519ef0eeae590d26ffca386cd748d1b015932093a3b6

  • SSDEEP

    384:rWnYCJu/yJMBAK/c9Yn3Y+9X01uLp3XPYsTmem6bs7OE3YZVNCmj1SYSr3QPRz:2YwKY0v9wsxfblEEnx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f54279b8afc1f4a18890605b95863a87

    SHA1

    55792c379a9b948dc7417320e4331b7365a072e0

    SHA256

    9652174d821504c82c2734276d16fde573429e2fb4faae88da2a7ccf87208e60

    SHA512

    cc32b06488ed0af8cfea935a58081c3b3cab31b0d9569118af8739b6f2ba82c22591ba992668d48055fee6eba7ee2547caae87c9929995a913a6104f8885cf29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    185ba4abd50c15d2eab883b3e2a0fd20

    SHA1

    0a9aa4ec5fb3d115461e965590f912dea5c7cf13

    SHA256

    0ead60ce05d8762fa5dc359e2f6580ad873215fa26909072dc96277ba97968f1

    SHA512

    5e65bb39df6c60d46e34cc1745b139ddbc0019dfdc70ec105727725a4c74d05d5b037841b3dd0f5257aca4bf65b7b0e7932f33300e1a4f01726fd10eb4866aab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b09c34c7911569e4f7a059f86f29a7e3

    SHA1

    dc030fcee92114dc5280fd9c6fd74b15b01b7524

    SHA256

    5fbec16ecfe9a420296d511424fd4f366959da043d1275d55ff9c7adb9c24823

    SHA512

    060565c0970b13f46c979b46a333810e4cffcff0898a7d980189c3df133a2ed4afa0951d2df4f695a97ccff3019c9b2e45c5e4f2fd38c759a206afd7a67ea48a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d95a16cd6d2dc36ab010f0218693cf6a

    SHA1

    7fe925943d7134cd275f60e5d08f1fd3529ad499

    SHA256

    76f466501b86bd395dc1b96adf13dd5e2f293c78792addab016593e10cfe2b1d

    SHA512

    7daabe13d0b872f87ecc7e5371efa9559d3f92829d96d86b29859ef198c925b9ad41521ed1e7c3d4923e80356a963b263f54fd653ec1b508d4190a0dbac0081c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d71dbfd561084b268f515c722f80212

    SHA1

    1ffd384f9f05c2ba94edeabdc9b315730e518c7f

    SHA256

    82a6c0d52fcb4516a795251ff7a6dae5f76b905e3fc0fdc4c9c032d7c2993039

    SHA512

    fc83ec8d8e392ed2b2b642d6741a854796d705ffbf8ea2dfcd8e31e83db47c3e2eb582a9d9ba98bef3e0ef1d33f37e8fdbd09578c7615e8af6d7d0c9da399b2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74c6482c13acfa9bee4d3fe1bf4f1719

    SHA1

    3fa3220b4b612dd49107e4a1cee2e36036965538

    SHA256

    b83108b925ec4b7ddd7c3ccdf492e3db27e73875e89115b0e51b76262126d55b

    SHA512

    baeb56553c11e30344a40cafa5fa5103047ddf4395e7569fa830d6df279a2be7f4de742f1cd86c17136bda1d5b989ba7b70f36926390fd88692ddf1f73203ded

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1eb009c915629de1cd4d3d8d4a8493a5

    SHA1

    649168f4324530928b2944790c5f4fa446d8de6e

    SHA256

    cfce4e381248272a137d18fc78e5b157a821aedf60f9f9b11aa3c96e96470ebb

    SHA512

    efed1ff1c22203ad954834100c0040b78f700edf77b9313de14eb750a9f7fbb6c12bd75b49e323446f413aaa4f8cc1d205613b2b424553f6a5161bd2f19fe4a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a270da20f0c6e3d5c7271af5175deba

    SHA1

    90a6e1a4fba0cee0cf56591e572baffbce09d0f7

    SHA256

    c7a031a4c7a2afaacc19d2704da039bed56ac40ee4f446a1ffdf2e68e1058158

    SHA512

    d4f7ffcc659384000f3e73292be684461f194e44469f24f6b55872c70215140100395393456dc1e9e569eff0f686cfa903db58d99dd2d49c64e2646a15fa33fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S593MPCP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab42A0.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar432F.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZRKBBD0G.txt
    Filesize

    608B

    MD5

    93d1fdc683e46b16f5e3fb5e1ca462fb

    SHA1

    e1cc9224c13189bf0d8ade6ba6e87d15840164e1

    SHA256

    1981ff74ee9ee1fe285bd630737fe77b6bd2d49a16782362410942d9a9b41158

    SHA512

    f14f88b4fbb7281d7dd5a5355f05984d5ffc31e9c0f9ffc3ebc4f6d0bc06940eda1d256b46a1579e7db6948bcb8a5f08531616e2218ad6a82fb3e0aae7d4e277

    Download Submit