Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

5

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    myps_policy.html

  • Size

    53KB

  • MD5

    9a447d84da71684c5c571999f23ea7a0

  • SHA1

    7d4496c5a38316c1d8c7abc93e1f0a5bcafde1fa

  • SHA256

    243bd76153a8c1a1dfc9132afce1a796770dab63b1ce4ee725f593dddeec4358

  • SHA512

    05f394e7681243630b3f1739306fd5beb6677a57eef5f36be847918f9eaa296eb50e3052afd4eb844f933345e9b972deb95f19b20aa46ce15039600edf1b6340

  • SSDEEP

    768:aUuR+6hRBH0+xPZV+YTSFlgK4yFMuMveCn/1N2aj7wlDtXGZ4nKdW3q0C5kubKzt:ruXPZVaMvz7wFkZe3qLc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\myps_policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2316 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40deeaca2b460237c3a5cd1f1a98eb4b

    SHA1

    07c12c6d351d9c5e10a694ec5d4b7374000f59a2

    SHA256

    a64960eef95ec4124d32aff98d7ff27cd60b9f1685c49726ab7a7b9295558231

    SHA512

    3a983cb0da46b1027aa2f7fb3492dd2750bebdc5060fa6a188fb29bd00f426a3374a528b720438711d32620856175bdd299c8317b272dd5cadada16bc18e725a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f34f36f7811c52650587842dbcf29a0c

    SHA1

    f0aa9062367abab52e3e7df21ad0e2de3e1bbaa1

    SHA256

    78b589152a4e0ddcfa53a039d4f426809a76cf49b81e2ee6331b451f5f983320

    SHA512

    4a86c7cea47dc2f8353f524e18e3971612e58015d27c3bb91b469712dc046af4e03c9ce0f4c86eea19c9b959997b426ae7ab102b172e67589a20877f889beeb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    674237333fdfe127e3533231cccbff7a

    SHA1

    632e159c9793097f32b422df1e2986b137d65308

    SHA256

    1e85a391f7c43f73594e677fe9dd2d114ddceaff3766566b948e9143d2a358b6

    SHA512

    37c4ac93f81f3b421006db2192d3846fd784e951b1f4ad04ac5cc3d208e686ecc71de9cc494204d9fe0b50d0c92757ee94247883549844c59c561bb4e01227b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02cfcf69ea62d65dbbf17124653269cd

    SHA1

    f99b07b44c0e5f1776b5644ffa7b7d5f47d4b841

    SHA256

    c959f3fd5b317cac20c15731eb0df69a4ca99e6c23218ed689338385d4b5c806

    SHA512

    bfa6008aca9616d90032a784250e7e5c3b5387c14d35974a43b5342a5d0c81dcb42fe4eec59c8e26afeccb9041b948521550638832861915afac3391fc1ea751

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b01eeae9d7c948308e39568ac93a557

    SHA1

    8715f87f4dcf94d7003dd2c53a14e9e77a732d17

    SHA256

    563b4a3297927bdaf059d15d09d980a9f32f9893c301f6b3cf84796ffb73ec09

    SHA512

    948b91bade37f3523a852fad25845808e5dc0c56660bb104729168364789fdbd696ff4c10e3dd3fbd7d8c0ec73f52c0aadc046beb49bae1e2e5260feae28bb00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    102ce589d64ea09694424e00e011ed1c

    SHA1

    5a25fe321ea4ea608c3ebba1fed68de8cc792e56

    SHA256

    cca459d0063ecc636b697a10cad9135338add5035b626427553c6208766703f6

    SHA512

    1cb822a80c330895f6d090e22982917aec52785e860b9339c5f4749bafb063dc8f46e5d5253ff1720acda61d1ba86e58fa9a8d064b016eda8a75b9965fdb92c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d56f8d9c4ae019f220c330a42d33b54b

    SHA1

    5cc9ed42f7c16d6ee5881128ec5c39b932d34373

    SHA256

    38c2c5a03ddd6db112c38ee13cd534296367484475646ca42e978145420ad19b

    SHA512

    7754b8efbe09174739374b37560da71b14126dd24c956e1681856ca0694f8ad3fb3b7bc5b15db3a9068ce2fdbfbccc52d89935ccba1f39f24296256c6c6cefba

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAB12.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAB73.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\G29511LY.txt
    Filesize

    606B

    MD5

    60cde695833544a9a451725540fb30b5

    SHA1

    6381d405eccf107d800c68d0371fde6bce296e7b

    SHA256

    6d9ba0b7f0a4c7c88ead605e23e6c092e7db0ef3828206012c0c348af6690a79

    SHA512

    531116e84977747e3d5aead1cb291d495b718a818c5c139e68e09d29c57a8764b2760c76571b5325f8d45f24f8da0a2c7709ef823aedf13122ef7340515886aa

    Download Submit