Overview

overview

3

Static

static

1

5CC1246DE5...17.apk

android-9-x86

1

5CC1246DE5...17.apk

android-10-x64

1

5CC1246DE5...17.apk

android-11-x64

1

DXMMiniApp.js

windows7-x64

1

DXMMiniApp.js

windows10-2004-x64

1

c.web.geol...map.js

windows7-x64

1

c.web.geol...map.js

windows10-2004-x64

1

frag.sh

windows7-x64

3

frag.sh

windows10-2004-x64

3

googleMap.js

windows7-x64

1

googleMap.js

windows10-2004-x64

1

history_demo.html

windows7-x64

1

history_demo.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

vertex.sh

windows7-x64

3

vertex.sh

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2023, 13:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index.html

  • Size

    597B

  • MD5

    360873f17631efab5711a2485a069f97

  • SHA1

    ccc0f24dfbf2aa330525c2b4e125dac8f06472a2

  • SHA256

    c730dc431207488325f5d224b1a899898ba8fd4f3a34fa00695d168405d6114f

  • SHA512

    22078d2266ae4162a3114fd163d0a613d8d4de9f034b779d40039b7d79250dc8104c3b2a0deae82810621a9d0751ea5d3f65eaee1b8bd83c30aa85b51108e233

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2616 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    392a7215a5eabd2200444a033adbc304

    SHA1

    384a4d9b39160c9fa9be90705bbeff053c780cf3

    SHA256

    01f02c63cc05847254df5510f2a9de0f827f0a429e737b957603c28188238932

    SHA512

    98df8894d341acbb21062086e5e27ec48e7f995ca22873971597a74b51cbaa1597ee9930d4a754d7481d207c6cf176129c5791108f5fd482f7733ae7b1a119e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6559478aae0017cabb9c79893094d88c

    SHA1

    782d139118d85b60aecb5a66c0269247aab74119

    SHA256

    8715170da29c7c80da63ec7a5aff71d6c674dcdd70b48e62043227ddff3126d1

    SHA512

    ce79e447733946e7e40c8dfa4c6475c1daaafa5c9f39b824b54b38bf35acbe62820e0265330cce79fca5817f980ba49656e1d24fc55e0f1ba07ab48c3634fdc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba4af7ed85b666f3b0d0138c49268652

    SHA1

    050e4b2833b55793332ba2ab8bfdd8b0d9b3fd35

    SHA256

    2742938b143bdb434552852944aff610d0c569f25027eeef7e341ce7f85e1ebe

    SHA512

    31d4ad7bee864f8ef80e05cfdfceff9884d3db2370692dff284ad52586e68ce3158c3742af5e09129740e92779e9cf797e23c07a1a8064adc81783202b6d0c63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9d21e46f8e50485aa14a3cbe74e51ab

    SHA1

    1c579eb1d4e9bf2664b84ec55e319827fde0c011

    SHA256

    09ca79f4d51783bff14389280f1ce222328d765a67fa36c3cd3c6435b04f6136

    SHA512

    9f828d6f7f35ed449508769d6c7ce46880d691140e3fae87e3364ae9fce231570c4855f636927b78ee7e257f724275d505b3ffe235a76176820ac105c233161b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5306ec108b3dcbd0431ae69049cb231a

    SHA1

    3c7ddac0e1e2c4b6c480580b34cd152db2e047f3

    SHA256

    2fb8f3acbac208c8f6be8510db8b5990ad6d878b0ce390999abb1b8353d840b9

    SHA512

    9716dc921eef32f911e5ecf4ec9fe33ded34ee193f97a88fcf51f18204ee80744a7da9add26f586f100ed0ae1f35b9be039d576fb569dc6515b35bdd7bd77d0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5363ce77a367c7613f4d95c9e92271e2

    SHA1

    83532d22ad3399bd35753c15e654d684916cdd60

    SHA256

    d81e6711ad31eb227dbf4d7f77e71707d54e001cf060ebfc449888ecf0f08030

    SHA512

    60819984e5189b3ea6300c97a94a0740c1c9463ab6a998b5d8cd5b8526af6416fc5c3e30e501a2a59c0883f9efb6222e242ce30f3593a1c008f16d3cac0d3dff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0040bf16c027acf630eac4d2b9ba5eb

    SHA1

    e20185916f2924dfacf768db1f859bdff1a9e69d

    SHA256

    e0333b21ed5853e1532b9e23779679247454ad2db88a0ce46ebbc611d8e6b2d3

    SHA512

    63cfd6f5e477eab1bf87420b2530ba8266493ecd22ca32737a516c8f915ec155041b5f1021ec796ed03a5bbcc3a3928b899e1f1fbf8b98ad96467436916d6a98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a7c8840dc863db48822283336de6ca5

    SHA1

    708871343374e59605b1e183bf0d61a9ea16f6fe

    SHA256

    c9d2ba9af5f08f49fcb2aed8ed7a1c118b1734d0a54b049bb1171b56d69dbae3

    SHA512

    d3b2576d9a14c28f147472f7f447f44e2714411580bd527ed97c57fd49ddb2227d6639c2751f90fab699022e478e39e3153e8de81d259f33f9ee7f374a75e579

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    424ff2eb8c07a84e992ced54f92d37a9

    SHA1

    4f6123284ec3415cd971c6917febaa5bfdbf61d2

    SHA256

    20408a1faa471e1a67e5717fb15fafc9025c0257b43ab691c6962fe899122d43

    SHA512

    4f4132f80f5d4870c7b48a1d1a607db99200cab8e899d06f5e5549a700cb9b9e68a717591b349ca0eee4f7e5b665f04ec525be02e6a7f5e7ca2ae472b4ebab72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bd5d13899cd9f1e53537b44757ff60d

    SHA1

    b06303b62aaf2e7019b5d5ff3d808f118d331d9b

    SHA256

    900dd4eafee8db70a13607b5df9f2b9262a9e2f4caad4d57553d63a3e9b72a89

    SHA512

    e3267e1f4e33434239c982352d5b28c839e695007c9f27bf3be64a779e31a822286f6777a60a3c33f398ad99e65843e6f18ee96dc068c43aee4c58282a543af0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEWWZC8O\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9197.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar92B6.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\24J2F6PY.txt
    Filesize

    606B

    MD5

    0911a922707ac2a5380bedeab4200e42

    SHA1

    5bd5aaf8ac7480cbbd1a2e856b60fc60f8aa1991

    SHA256

    f0bf602468e0ac4fa4c405e3d8359be71b8132553f7ee237298f759b234abe61

    SHA512

    98506b802cc337b8f61b831781a0f8bede5aade622ca52285aa968efbbdd722e0c3abe2baace2af3525053d0e0c4f02db86a69a052691dfc87d73c391152c5bd

    Download Submit