Overview

overview

10

Static

static

7

AntivirusA...ap.apk

android-9-x86

10

AntivirusA...ap.apk

android-11-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    10-07-2023 13:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    myps_policy.html

  • Size

    53KB

  • MD5

    9a447d84da71684c5c571999f23ea7a0

  • SHA1

    7d4496c5a38316c1d8c7abc93e1f0a5bcafde1fa

  • SHA256

    243bd76153a8c1a1dfc9132afce1a796770dab63b1ce4ee725f593dddeec4358

  • SHA512

    05f394e7681243630b3f1739306fd5beb6677a57eef5f36be847918f9eaa296eb50e3052afd4eb844f933345e9b972deb95f19b20aa46ce15039600edf1b6340

  • SSDEEP

    768:aUuR+6hRBH0+xPZV+YTSFlgK4yFMuMveCn/1N2aj7wlDtXGZ4nKdW3q0C5kubKzt:ruXPZVaMvz7wFkZe3qLc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\myps_policy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a983062dffd1a2a822096295730b8d70

    SHA1

    31856f43300f9d1d3418321c0fd2b90e43f1d11d

    SHA256

    8bda4f1d30aaa79f48e4951bd53a9f5adde34a8ec75207097f46af549a6b0954

    SHA512

    6f483389cc75b1a3e4e52f38db141fb56e9dfcf2a8362c4045728a544393fb7ff2633eb2b08e6db6d6fc2aa57bcebf9852af2efa41e79c9969d8ce878df48efa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2c824092aaf0a99869843a5e36bc0ac

    SHA1

    43a477aa3f7b8faf7dbaf02845f10520eafe45fc

    SHA256

    6ee434d29035baae7fd11fd475a4a6c4f1e389ac240c713a8f0d6fc574a99d52

    SHA512

    49a02f2f38ac000e73a6bd5483f3a565cab234c541e6a152533541e6376c6d5c810b0534102311237e5e7d97006687d3622866e330ede75f05813aa6e5645821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ee7d786d01578481c03cce04cbedf94

    SHA1

    0fed7633f5facfff56d91d289ed85567dc51ccf1

    SHA256

    9da322290bac06618fef3c2241b46cc0afaa9aecae0f8fd4acde586c361f1dc0

    SHA512

    3a7eba393f57b514c3d6df5eda2cb60d14d5b7e09ed65bd939bdb147ac275a4ac649b72421ec1173fe28e0119f2afdf48109c5233b6f95cd62703a2fe7d24d70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cae868af31795a88ff7ae8cb74b0870b

    SHA1

    02365d408e0ed8a06f6d94638a75d5867c39dfc3

    SHA256

    03d72121d08e57cf263d70817ed39ba76236f42274f510ee05b6716aa8138e5e

    SHA512

    3a52acdab8df23cf0a27fcc5bcb35cd5707ecd001937a3f8caec5199aa4497ff1cdf708973c9a87dbfb9dc3ee2102a73821146ee7e005a25f45ae31e643cf802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df4e886473e2e2c7d39bb9efe2a138b9

    SHA1

    afcbfc5cc32115d4d8a32b60d4f0455ac8fd77fe

    SHA256

    b8c31137515f44eafa5712de5fa93b812de20eed3a0800606f395fb28c23e82f

    SHA512

    4d10d508e41aacdf40472f74531ff39ba917682780365a6cf2c100ff261a5f114ad1f42baeb99dc47dcc03b9e92bc949ffb4b909d38043ca03d2cbe50808fb60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b0e83d8f9e88f09ecd8b83373e33026

    SHA1

    c72301b8cc8f626894e05ecdfdc5708b26cd9522

    SHA256

    74a86af72df8f5aec96b5d731a1881fe94c62457a7c7f38935e634a0e0d17f9c

    SHA512

    5df37ff4ac5e3e3d4126f9f777332a633b5e6bb2c578a91692ec53179420fbc5b77167ff7524b73d63524210699eaead13cf5ae31654a6d9143d6e21f6939c6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91b52da48bb6dcfb9e35ea1f581af11a

    SHA1

    056992d9eb959af6ff7859e479ea145d7d3da7b1

    SHA256

    30c0410378f73c1d0a16d6b2b7e624006871b1ee9cca27dd7f87af6147344064

    SHA512

    e67a156355e19ad36623a7b09ee97a4bc5b6c6c7d93f383bd476a1e35c6711c2e83907a6287cd7c9964ed1b61686366bd54c8c5f77a21409e8fd9f4cbe146921

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92d32f4d8338b5c0c1f2718169da2450

    SHA1

    a515553da1cf2caf083e896c042b0409c21cbf7b

    SHA256

    1e5e25f502bee764672a33aaf60300b0fd73b990183571f4a74a8011e5e58524

    SHA512

    4c10b33a80df617bce3300544ed769da92e4377872e854ae6d8c9beef1d4d90c5b6ccb817178754fe1212ef5495fd16a60aab48b4380a743152e5cd50623d694

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f022280ff9321d7a0d90246976e4977a

    SHA1

    8d81fbd3cf893dda8ff46851ae81776d887a702c

    SHA256

    ae26c4fd93efde5dc2dbdba087e4b984c44be1c1c0ba87114aa986d64cbc09b5

    SHA512

    028c38a6566af0a0d1f2106f296f3414da23a1810b8f8ba331ce58def8e10d2eac32316d882dca3c5f7bfa6565c2929d7aac08ea4816a782d6a1dff3b9fb015e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHFV4GXP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8049.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8138.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\7F3UZ18S.txt
    Filesize

    601B

    MD5

    adcd27b1d678c0dc864a1105a957cf8d

    SHA1

    32562ebddca0236bcc3a0fba50ec56dcc74548dd

    SHA256

    4e02756eca967e074038d35f343dad8677a1f31dfe8eb0940285ef0c15ec2cba

    SHA512

    f84478570eb41682e9051b91ee848b9b50dbd206064a1e4c110ffae20fc46855a379cfe6e4355d50ca3be2c4d35875a31986b4a09ef98bcae2aee7924bf8e34b

    Download Submit