Overview

overview

10

Static

static

7

AntivirusA...ap.apk

android-9-x86

10

AntivirusA...ap.apk

android-11-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    101s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    10-07-2023 13:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vpnservice.html

  • Size

    12KB

  • MD5

    387c369588d9f69ecf8a300afa3129ca

  • SHA1

    c01f17a03d11a3cac63fd71cdea5c0cc1191cc35

  • SHA256

    54de6b26b37f4a530a301cf21e3d29d20ed80247022d3ae37b74a66f0af45107

  • SHA512

    45a0e48c4f6212c7aaf4604d8a6ef0f67a712aeadf47f1c9e11e3a1011e8527c2cb1ce70dfcff65d0667df9e5559f53653022858dea069640b88d133d93730c5

  • SSDEEP

    192:8hHWlmerWHv8VwNXBx9UccBmcENHJk9uP8s9AdVvPRb:nEHvTNX/9QmBpKs6VvPRb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\vpnservice.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a226419bd18df0d2e62c393db57dedcf

    SHA1

    b1487a156f551eb14e0916e354e8b67a35315896

    SHA256

    7332887fa09f762dd3fcd73cb2dc23ec52a0e11909d7130f1bfee9d9d01553b4

    SHA512

    63afd9229ffcf292b3563d76313cedae1a587942b0fbc5726a2f89e760ea4b71e075400e74adbad6367fc0d8deb7cbd16c13a6c3653bdad0f0a153d7a40a3d75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a29c29262ded76ebd5a0deefd23ded3

    SHA1

    c96462f0e6da51c1326cf1805afba39155c18bd4

    SHA256

    a459c428e334a51693395a0a4f6d8b8efc629df73767b3ecdbb847b2890fe556

    SHA512

    4f72c2466e99de38831026a99f1fe403a04ce344ccbeeea595fd65ab6317afd010dc09287fdddb4eb42d2d368ebfbf1f79218f7136985f04b7645064b029ea83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d955f7a4479d67fcc07928e091d6ccd

    SHA1

    246424b05af2037836c79746a171abf5c9659778

    SHA256

    e38b1bf0e986b396c41ad44525df21d95af745bf8a00375dd54993a5315da91b

    SHA512

    554758f1656a6fd79c723df484393e510dd2683bd9a4016a0f45cd2ed5357579b5187250027d5558ba10d7ee481106e0f65decc2996641f12605f88814a02b51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0beefb5dbfff8fcc8867a75963fe4a06

    SHA1

    59af2360650cbf0f99915912db770b6d400e9b53

    SHA256

    7df05e93062258459d68d42edf1a607050c849f473c95ffeb8623364f03a3607

    SHA512

    42aeff017f09c60002eecbd6370de28fc14701840bf2dc6171eb54a7a85a0ce810b1ef4d79feddb61f52fa9c7129c6cb753509ffe35dbacce6428da744d4ec69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    659b78fa9cc490af64b5fe14b6fbb433

    SHA1

    c13bdcccbdf187e0d44da1f62d50b1ae4cb4380b

    SHA256

    e9998f17214e0fc57e3d9be9de1e2c668c52f408dc24259ccb52ae0462cb832b

    SHA512

    d95e5588cac2a07f86d8e5fc0f0a75b9031fc7837638e664cc181f7fcaeea2b58275777a6c395429fbc52358298f3e4a2a6fcd3df3e5d489b545f5b9623af44c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0dae81759c0b6fb9802f5a8b96ae0256

    SHA1

    4ddd3d11ce2d1694b0d941a88406ea1bf5cd4104

    SHA256

    ee71bebca0d692b09a8834c1c3e448348b53a243536aaef92568ae7d8f744182

    SHA512

    d3ccf20ed318eb80341f051ca64d463b7dec1072d9a567c74a4f809a0c2a068afb24d28c7c47e4e189ac16be78d08894ba3bbf665df6511011c0898b02623ccf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    174ac9470768a85b044e1a00b1cb68ef

    SHA1

    5afd7809e672e009425c465cfc8563e1e0c0dae2

    SHA256

    1f8f8319378cc0af153efa7628cfa67491dbba6912a840c7d6473987369120ef

    SHA512

    8869d5474a04b8cb5c2d373da0504d367b1ab6c0c0762d25ddadb5d4231f0e161544e7fa911764ed49786859baffd31cbf4c2dd911045aa389ee4655e5749cb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2466563e32494fbf441d7357ec2773a

    SHA1

    ba003464724a62a232f247cd49fae2ac5e06f90c

    SHA256

    c670fe6af1fc46d1b26d6b4b5b1b4a8712b53ecdf62a460c211e6dcc9ff0704b

    SHA512

    e113ebdc0dca5484fcfc4361787a57fd76b1e1aaa37ad86e8db02c736bcd9813b630ac78dc3ea0a99734e8623af7418b0c298de3331f3eaddc02f98b0524634e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6943d19921a21704e7fa70a927ae3a1c

    SHA1

    795af73af41d075c2891fa147203f0380266eac6

    SHA256

    ca2e2a0837f14718617bba3d42969305193630e48b1a3cf1170ad4a73770997b

    SHA512

    bf99f8dc2a146865fa25fc99e585862f9b1c0a9e7a96f855cc7c033ad06bd0d2124a8b473f5d884879f0bcf4048b530b4732f5a9cbc08348f567bf98f4cb1878

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c11f68912ac5c48fffd57737992ce5b7

    SHA1

    6ff390ed5197d04d33d71371d463e6bcedbbbbfb

    SHA256

    a90042f9a2180fe3d822c8d3ee517c29ab83840fbd0d9eca4d449eeb966ffa64

    SHA512

    1e58005d3daf8019fca866d06a6f37b606422e0a5577289d5988ce4ef2e667594ff6a7c652794bf08cf51486a2fbb232a5969dfdfd508b49d5c474b8295fea2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56e898805a82a21ab138980fff974a48

    SHA1

    c3e06f4ae7ea7c00e22fe2268183699b60071d84

    SHA256

    ea594952f709c565580deec8bedafa95aa0dae88636fa1f68a9eee4ceaaefdab

    SHA512

    8a23de0aa714dff9fdd5764e510cc3f6ed5a1a3a89850232a4620bb9e0a2c17dd7eb2fbb462642b0cafab8f00de3b8d2a1361b76a7920796585473628193e25f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2dbc69ed73a42862e7bd9e3f5fa87acd

    SHA1

    2548c03e06fac011caa19000b8a856de34d6227a

    SHA256

    9ff6f21d867d7caef052fb590cd7664720d543a7bc30234be26c8e7cee75a2a6

    SHA512

    677cc7da34a89384c9be93ba949194372cec1b9805923e170d870ddafe829a3ee64272bfcf12fdfe01bebdcd59d35257685ea84132c63b8348100d6b999cca6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bafaba2d9b7d03b8c72f9ee782b263ef

    SHA1

    f29a7980fb30d34c307eacff5bd916542c14bbb6

    SHA256

    7d3def3ee6a5aa07fa2ce4963592a782f57a5ec7802fd84c4e94478b251d375a

    SHA512

    6a6f9bbee91179424d5cea1cbe87e809cb1c3303be1daca4a54af474fb2556fc95a90afa8b3e62f8177b6db6e0a7750d5c1a2c86ad14d83bb2ea29ab7f388d27

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODRCOPYD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA5F3.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA73E.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\46JE6QCO.txt
    Filesize

    596B

    MD5

    6fccbce5cdb77b1cf45dd19c6a7cab5f

    SHA1

    94d43e4300904bf402de78eb6664c39a848c5dbf

    SHA256

    c1ad749cf9ce43545ee82dbbc7f306b0b7977d24c93112c828f99592d50a067e

    SHA512

    c51c538b2cbc5f88cc1fb8a5deaa0c76d30a3a8df047d55476613f3a5b202bdc3034a6e7a323b255d29effb82c0ccae02febcf3e3c4a928e75a0f6bf95d5b460

    Download Submit