Overview

overview

10

Static

static

7

AntivirusA...ap.apk

android-9-x86

10

AntivirusA...ap.apk

android-11-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    10-07-2023 13:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    disclosure.html

  • Size

    21KB

  • MD5

    57e2258020e513a0c7de0b0b6f1b25be

  • SHA1

    5fd0cd13ee183d294cda93b6b2f4195b8859f3ea

  • SHA256

    75d64bc17c8091c45514e8f4f5f14696953d907e67801711b9ca36edfc6ed84c

  • SHA512

    a435c0d5380ccb075edb1bc16d549c2e7f807bac521540fd4aa6159144e626585ad860b9f22723f63a4c9490d008060b3e2aea3a94a3eb09ffc504bb2aa06a47

  • SSDEEP

    384:OL93PT4oVo91UslHycUEYl3Kn1dYs7ZAlVtPRR:M4H15bUa8w+l3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\disclosure.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2568

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c66e64b673d73fb0c18140e9fbc225e6

    SHA1

    850b33089795003d76b45d83e145a78fde31a3b0

    SHA256

    81b577f3cc212abaacf7d0e2aa20f351e68d5cb840343d57c4d6d927eeb01732

    SHA512

    f44f76bf645a601fb36d66b015f44f830f649fe36787ef2c37356239d1dd774e391d8ef547825f57ffe2f13fc10dc9b85b206ceff7b3518cb6af7b9a729d4470

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38dc2adc1531c2889b37d5812e19faba

    SHA1

    168c872c4193113c7b4d835fdbaa215a7dfcd431

    SHA256

    c9cb40d62160728d376d3cf43dc8e52910a0b5a661e5c1acb26456c1113ad4b5

    SHA512

    147ced44eaea61234fb2e53f0ab6c09ba473600f2f2975d61033dfacbb3c9a209675a4d5006b4c3de7416e3816b83c4f15870e71ca5f3729e00661fe4cc9669e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10e0670ced1ab50bf1d4adaf14757621

    SHA1

    de5d0a8fd9d35f6b700dab56530364c2ca7d1fd2

    SHA256

    30ed4f06aa01cf6d2dec1fa896a47c2a0a5603b8193093ac568e190facbd5360

    SHA512

    eae3f92f6c8644c954caa08bd6c0f93a739780cf2824890bbf6c8ea6b003524659bc943f00146093bbdc90e70fa7fe54fc58b418f63d19e951f4f73fc7e02b78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9382b76d7533448b4e4306e82b67d779

    SHA1

    4124896a6bdfb9c4e2454841a73e679d2dec8e23

    SHA256

    ca72cfabbb2c0bb671e49253bfc78ee239ec5cba9ca36b66cc541e7ff5830466

    SHA512

    0726c6bbfe313008d8c7d1d66718d4a1d126e2e4e889e33636a5d124aaac06877e5605b1ea9bf9d1931502e2c7841e676c447ba3f917605d458c1ac8c83e4bcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2970f898450437f42d2094001476ac70

    SHA1

    59c95bab637561b5594b0179d907a019ca1b1eb6

    SHA256

    193d83ee1ec929a81807550dce72ba5864f6940eaf7dcd4223ae80e16c544bff

    SHA512

    dcf66dc7fa57b9eb65895280058956a9095a6ad9e29df98083a671e15d06c9466c50689490de634c1eea091988916994f7a63f58de70dae2b615aa228eabeced

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a3a25089bf6063a48a571c51f16976e

    SHA1

    6559ce7bb03484ac20c01d7dfad2ca57186a9781

    SHA256

    4f804cddd60c6c7198abcd6c4436fd55516e409101539ecb3982ba13f15630e0

    SHA512

    42098aea46b82e57c4e14d7ccc24b8807941a9a9f3f9ecd97b73e24f38299a7c4d8da67bc33ddef462beb6dbd5876f22a9109b4cdb734c8c82951e4a3043d1ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a576e79aaf1110f0965bfc6fb556c9e

    SHA1

    6767d4c127e5900431afe6b84b0569ccf72d8799

    SHA256

    5a6db64c7ae34bf51429f1627515d948631bf2fcd3dd04c8c3e3bf272cbe7f49

    SHA512

    cd05cb460ce4a2a079a57e82b3666d7dea1dc7803528988e0bd17232210338879bea7adc899598b352b05258a9746085190d0fee29550ccb08d40a1291062c0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be1620bcef161a5c81c6342ef55f0af1

    SHA1

    4ac47ce778f00b36c41f3d2f69bba25d2db973bb

    SHA256

    e6377e5cd840dd58601666b6dcf7a427aa83c9515af4d15a2ad8d0417a6c17fa

    SHA512

    c26a5c6eac1676c5de02e8982598a49495552ed28fbeed9371ff87372a231fdf8b6bcebcbf4901e9301aa849220e091f0f18260c576f33f295a0df9751e8cee0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc06b8a672aee8fef4e89a961892d984

    SHA1

    738f72db6965d1b5a37a15e8af79983d4b184072

    SHA256

    6ad370c25e2d49bf7c633965798f26956abc61cb8d27966c8a0a99a5ada120d3

    SHA512

    62cc382cfcb9d0eb4bdd83aa8d436f036a9b36beaee047dc874c32ad251bad30765e151c6254e46763bc62fae90edb74ae356403c4e495e53c3cd9444191c326

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d11f60e86fe07ce869401ffa3186c2b0

    SHA1

    d8b89ffa90c6e2cf80792723dd60621b974caf3a

    SHA256

    1aec3f0b84f2da2694ef577b512b34ad03ee2da457a2ae195990629a0de7ae11

    SHA512

    d8118243697feddbb81a67dcba41c5374d1f64983713d391587ef7117938845cc48d376ad36a654aa6dd5dbca8ad200dd4a25de9aa08ebb4c2baf0bbc7282452

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODRCOPYD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5F51.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5FD3.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\FAV7EITA.txt
    Filesize

    596B

    MD5

    22405f5eea490348c618fbc61f945366

    SHA1

    4afefa457fea9d0ad28a7e2f88d5ddecf5998626

    SHA256

    153a65cf1c9d64371da880173dbab2370157d6ad3fb93a62b701c9441b10d149

    SHA512

    b636c87f64f319e39205fca523471112d0dbfb6d3d8a2700768cddbb43400bd3bfd0b504474103e64d1aa615f8d6b29a3c2b031fb232c8d38cc6eca0c4287676

    Download Submit