Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-10-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

5

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    policy.html

  • Size

    34KB

  • MD5

    5006b2ca11128f570cb0d02c472f5c4a

  • SHA1

    4bc29748b81396285f6df954efb0d708f73025a7

  • SHA256

    efd83e19fe889b7af1ab18a31cd519e27eaf0abea42975a82f15afefb272f08b

  • SHA512

    c761233feb68832ba595a06b18a889a5a79c4f8305dad5c1616b0d88032e2569c95e0d415c9b8b7d4e2d519ef0eeae590d26ffca386cd748d1b015932093a3b6

  • SSDEEP

    384:rWnYCJu/yJMBAK/c9Yn3Y+9X01uLp3XPYsTmem6bs7OE3YZVNCmj1SYSr3QPRz:2YwKY0v9wsxfblEEnx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec04345ae0fd19dc7764ca9e7d077053

    SHA1

    c368d4cad2298cc5489f3cc3b30966e21cb47fa1

    SHA256

    6cf97c578f650e9f3cfcd1e1c9108b9a143da4e99505e5aaea988fa95eee402a

    SHA512

    3386f049380060f6f7345fccc2f3b1b558d797dcfadaf3b22bb82aef8c412b1056599a3f1b00ac122d3d83f16725bf4fb1d48ba4d585891f4d14781c0eb01c42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9361b93531a940cddf582c8c297a8d91

    SHA1

    ce9fa0f6195c2543f6b35f4e983b1c4eed85813f

    SHA256

    58af814595597a3c31065537376830bda197c08797f2be05a944542785ca0c00

    SHA512

    e517792275eb4dc177ffc79a9eb1a839d49bdad167770f4562e4dfd925a66f220766bad39fda3664350151daab54f06d09e7982911a0c185359f1af674e48942

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    357fe04be68f0d4f2ef6db13ad1cd0e6

    SHA1

    6aa7ff5c48c1dd4f85b1dc374ff8118ae75f3a21

    SHA256

    89872feedabd7e437b683c554b92b23f12abb9177716c6448f0c15c6b07abba3

    SHA512

    c3e4b0e17cb6cff3d196d964798db9684a1afc412dcecc0532ac2abf6bf1b965ca12403cc48446e01a351e53d00ab23d3626e834ac76df839a424fac7b1c874f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c1d7aef7f09a1dfd21cd12a073da8ea

    SHA1

    41f3143bc464e7091a033d793d8617e55296bb45

    SHA256

    78e18309524960f735e27c3a20975085e9e384284f6fd3dccc6689770be66e3a

    SHA512

    e8086c4e18ae708221f23664a127e7f6ab69aee3fe1512b274ccf6c6290c89a654ddca2f0eae3c1848eb7399e0ecc921708d56ae9f231091926fc5f554099b4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c4b4e3f3b0b0ef6f5f1254cb114430a

    SHA1

    ca64591f70837ed1966ec37a7f5bd9e52d9bf13c

    SHA256

    0cf92089b0b565cfed0ced1b6ac53fb67383a370cb66abecfa0296a49b7eca53

    SHA512

    6a50ca576978b3f60c6de5f10a7c846a8a6e0d362958a011b4038991f7a09a9e5bed2dd9eafa6b88e9caef60bec53025e21c2cd6e75f4077aae8b99ba2787ae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12206109abc21f884cc038343c731af4

    SHA1

    853dbb448efe083214db9f59dc4cf73d82159eac

    SHA256

    d6ad73e052c58af7805a37b9606392fdbcdf184f8a8ef4d011ca8ea836200cd0

    SHA512

    6b9e747b100aae6a5861c38900bb9207d4e748ff3b11a42e172a73eaccb6303334f5cd3e0eb1212535b438177aeb575c8045d9c72172d366b6bc4ba8e927582d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    596cda574a2111ff14aacb684ce57784

    SHA1

    30b42fb4670d2ec05a4bccd593cd6b5ef0025f98

    SHA256

    5f2b7c992f9784fcc12fb48f5539e6178222a9f159fa7413cc024282f8e971ba

    SHA512

    00d990fc6bc1f61169b48d136d071cafe8e9c27d38488985f5ad16ffcd5fbc203532dc94510556fe206f2c0d8403cd07956ff503f1f340bd54f4adf60dd0967d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a422916e769dcaf2d6e8e850a736055

    SHA1

    4d9bf2fe689ff9e38b4fad57c0467ed45d6725f5

    SHA256

    4dac11c2f73f03093951b6a8653344890e9143aa10aa3c7f71e7a1e367f35b9f

    SHA512

    957c0255e046d8e885340b817f564a6dc65780a8059189c6cfed02f306ebe58d35db34c5e26fda763e546f5140a83401879eb62995c4254935454eab84f45f91

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\en-US.1
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6828.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar68B9.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\CA97V74Z.txt
    Filesize

    601B

    MD5

    4a169b080220fbbc7c50b909801dafc0

    SHA1

    49d933b3dda0acf616210d3581ce8e91894df205

    SHA256

    ce254f3da859bb2fc2e8ff8921451ba6290495caaaa282f8946a41d0cbb64dcc

    SHA512

    1ce772397aabccbcec529ad1a352f12fbcbedb4d85a6dc3f60550cf3aac164d1100198280ea20405daeac094e1253f618379409c771635099126ec8878e069bd

    Download Submit