Overview

overview

10

Static

static

7

252fd41752...9f.apk

android-9-x86

10

252fd41752...9f.apk

android-10-x64

10

252fd41752...9f.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    11-07-2023 00:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1144
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1144 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1828

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7dd78854126db19eac0da4a497fa049

    SHA1

    c58c2e69fdaba4fe4cb712ed4515153b1b543a43

    SHA256

    3e7d04aa41e8e08fd1e182779f7748a7f2fe601c2ad65e97ef27991b61f72e57

    SHA512

    62f41292f8deac9a3f919cc60eacfaa742aa38891744a27ce6c87a222fe04a4bba1a5cbb9e33471994b5baf0378bf00b5e9fd397adf987cf7e10205666288146

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    212ee52ebb1ef620b738e3bc80d7f676

    SHA1

    8628f558212fb3de8fc06de0a94cd82e855ac98f

    SHA256

    8408a5bb05be9d34a723c942585ab293fe40261a7067f7ab4c21fd270d73ba96

    SHA512

    1e1aff6591df3ad3cdd1784722b33c97d62d41c5cd60f2bd7e21c74ebcb1a40b8a14adf8ef32143cdadd24eca784e33d7ee76e00fbe7f7c796df0391e17feb26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    212ee52ebb1ef620b738e3bc80d7f676

    SHA1

    8628f558212fb3de8fc06de0a94cd82e855ac98f

    SHA256

    8408a5bb05be9d34a723c942585ab293fe40261a7067f7ab4c21fd270d73ba96

    SHA512

    1e1aff6591df3ad3cdd1784722b33c97d62d41c5cd60f2bd7e21c74ebcb1a40b8a14adf8ef32143cdadd24eca784e33d7ee76e00fbe7f7c796df0391e17feb26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a818d4e57abb8c627254dc03c9f68b7

    SHA1

    4023703229bfc9dccbfa7a5721ae4ca33b1d7548

    SHA256

    68b9068ba6d1ada88b48260dbb6a856b87c271aed5f15ed34ca15564bda3c82e

    SHA512

    251c3f933d26dfd8b7aae9fd3132261adef29518ab149a506ddfdcbecce3c1d8350e6cb066971c68a5e9651fa32fa8cf7f111c09aedc48d764d2a33b8d9b5728

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    204f871dac8c0a64201ca7a32b8b1261

    SHA1

    32159db9548518e98caf29cd8cce639db189139e

    SHA256

    5729b12f4fab7f96d4f6061cf261a3cbff4cd708ec7358e8bffc1ed03fc363d2

    SHA512

    4d4d26e5511b5032275e840334637af65b33980d9b8058ba24345452875b54b49f583f214ba8ab8628605c977284aa345630f350ade8b7bede22e13905e605fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf8ffcff0f7c1f3dc06e7ef33287a599

    SHA1

    8239b09bf6fbe5afd2a1c58d6e04760e408f4308

    SHA256

    a475bb3d47d9b4dcd03ac0c192468f2ee2c375f0251f9def2963b08a7568c672

    SHA512

    408fb052d57f61ad7f3516a4ce0ef379f255fab7b9b55c015451ce1ecf12f8313924f1ab007c6e5731c0d6d4ae003fe08b21f77a6adb94be2065a9ba23970c1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    147a673c0dd272b37aa2e97645d9b866

    SHA1

    2af90bd0a75c285abc27d23075b47bbcfffb2655

    SHA256

    b6adf5664ef9b16c9cf1c7086c7ed69dc94e75b290b5d9c04c3e9af2686deac8

    SHA512

    981db6dfc615287c4f94032d725ed0482e8c4e655418431d36a4ef389e1a8c8788c28156e3052390bf74b54369a30ff183c7d88177240930c6d13922f7a851c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca6d97933f5d1e25a83e33ded04cedd2

    SHA1

    d8607c83cf8c99c72d6dd96145e005426561a34b

    SHA256

    418da5322468d0726e7218d1b74f076eb5148d14d4b231fab62c7d0fae69700b

    SHA512

    fa8190380c1982360f5e7bbdda3ffc3dc80334a5b29127515bfb61836fdd6a82d8a274c336ab25eba25890f12dbe20ac77e7f861f6e14bcc23514306ffdbc8d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab7d95685c5bf503b0e9fd36b8e47386

    SHA1

    2ff6fd3faea9895877f5b5cb1e83b1f9db1f4a86

    SHA256

    643c5ff47b3400ca6782fa0975d23bd91440eeea172bff2813a3ee80498c76d3

    SHA512

    5da5281388c13d95a9a8223ac031a349bff78bbf8896eee2ec502398dc623571c97ee0d9deafb682ccb905b767a8119d21096fea0301b9d0166f63a038264499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eeec4cd1d0d9dedac189c0aa3c2a921f

    SHA1

    a1fa9d5cf08c2d057dd5b2b473256d33cc39bf25

    SHA256

    54fb8c9d8797177c4721ce491af3fa618429a38cf06f06ba310ec86c13ee1947

    SHA512

    dd51f6829a389d4e07af76804c92b15f046edd66de39f4a8153098a3a0fecae9c50e85b1c0c5ff94e75c6bed32113da205fdee4c2074d72c53cb1679ad609f03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6767257e4cbd0ad33b093ac91d9a6fe

    SHA1

    7300f14f5c09b80122668b465d05b3d756121dda

    SHA256

    c8558f797491e9556d1fea91d2ade832ba46f3062a7b3dd051fa07bb7da71471

    SHA512

    3acaf40905a0b66458a7d2ab9c8de648f00608ff29e8c8ac11f00f9d94d3606714aab4c292cf608982b4a668e9412c33d140df2032651b0c84261f3834e1b379

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba6a21a0e4ac3c339ebf96a32c29a1d4

    SHA1

    afb03dd592a02caaca25faec73e70c0df37cfae2

    SHA256

    01214fb1a04822704191baae45ef8a6e94348e75304b7658e7c7790e0cda3c68

    SHA512

    b8bf803f991bf1526728ae5e892bcf3e792482a662b97e2d9da7b9cee1dcaf2e4583f0e616be7237ecf3f9352f9f8a7d2fdd497a84faa1f47db9c4c1e1a5d00d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M70DY8PN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5545.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5623.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\B945HP9Y.txt
    Filesize

    601B

    MD5

    42ec56764ab2f20e74cdd348ca0264a5

    SHA1

    a53164f4c24c001872d7af1fe93226ff5886d139

    SHA256

    9ea82f6f2ffa3341107e3113d2fe1ce653e829649bf23719f6c0d5fc7045ff1f

    SHA512

    a47f5ce6d89402b194e86d84b36b8f522af8125f79e277ce7b6081a46f751899d42752c2fa230f3539673365b1cd7d58612ae7c0c635efdcecb6c1e3cd271b16

    Download Submit