Overview

overview

10

Static

static

7

629fa8669a...cd.apk

android-9-x86

10

629fa8669a...cd.apk

android-10-x64

10

629fa8669a...cd.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    16-07-2023 01:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1400
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1400 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2544

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fd2903a7985389ae9e6c44cb2e016a1

    SHA1

    398ac043971878dfbb82a5be1d8f4549d7ab93d1

    SHA256

    f1c4deccb6e1a3ca2f83551fc20a75f4042a7ac73f6bcb2b7f7bd7eec8528242

    SHA512

    20e500e07e84a7ff01298144a94c8add996978d0dbd43c2326376e6381166d42b8da65a764d0a2ff2a8cb644bf1e145542b6763312c99827cf4b5acc9299f458

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc46c02b517e132a57f738450cf456d2

    SHA1

    37e1cfcf18367df46c0f36eb864772db6dffb559

    SHA256

    c1846ea629ee6b15f7baa126cba897e892fa8faf3881b7a4ab693447c3dfdcd7

    SHA512

    6e7333d3087a0b9aa58aa4107ca78490116ec80aedd3ed1758a19dc4abe2b5f8a43104c03d4b052f06efd43ac059c11e24fd22e0501453ec5986d99c5ed36472

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c0a28c9beed64a761d5291528069d8e

    SHA1

    76f5648dc3fbf7e980d90e91824f9ce06a49c733

    SHA256

    c2c07662ecc1b779208316e45beb46b915420aa5f64c966245b368d289ba0e00

    SHA512

    4004c84c6993e40b391724b4bc273596dadcae1df0fa083d1662fb8953d1a8509985111197ae6347a734c147a64d466f287727626e2c6ede30f36db69f7c8a7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6928d3aa8308ba691fffbbc81e84e9b3

    SHA1

    a3a3998f97e629861d5ad0505354528b3c3fc8e9

    SHA256

    436f12cc609f58c1846242b791295a6325f09339fd0ec3e86dd93683e59361c9

    SHA512

    427af97b4562b4f1b7dbbfa568d6f75a01902da8b59bec51b3541dd7492f48b0a418634fdbc67358a895f0b81b2b5eaac9bd906ef74c79b97da69792c61f4d4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d403ad8607b58c600f0faffd952e43fe

    SHA1

    2d1a7c616e017e52ea4e266a460205f19c741c7d

    SHA256

    d130ac20f6b8a3ad3120c438031001ebba0b5edbf06a5f5c504cc1651c94476b

    SHA512

    e80edc651a1509b519571905fd616ad949bee3a93a40f8b0334423361944a174672a192a11142a006cf12bdab1d58346ded3d70580d7681c88c8e61457949ea7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e9cbe37e47a34d7013b11e99e97dd85

    SHA1

    1e5bd21579b41b043c0f2804a6e7e6df3ba3e681

    SHA256

    ed57df54fd5770678b9e359797f433ccf6fdaebd1942d17fb66e82d3f74ca4a7

    SHA512

    0bd6d539f4ce4178444b414163ff443b4967c45541694ac9e9f325d59931b69bb2a14c8e2c40a7c14085b2118acdfb0d856806d2aafb04eba1dd998dd688a654

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1d7ba3eddc5bd090ef6763ffe13b47d

    SHA1

    ffed7fa0b07617a31e627ecc2fad691032b54dd8

    SHA256

    833c1cb50d37f5383890d34a5776e55eab9993023cd616ae83724ee4b92b4320

    SHA512

    253a48ca8fd69d40fc632bec35fff2040678c016f3e6fb058194aaa9a3a06123010e342189fa5cb633bb26c805015b2e24a772374ea6bae9be6c871e3fc57719

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3cc3234a525f02fd616125ae118007a

    SHA1

    44e4e7ecb922b1c62a47dde62b9315ae74a37bae

    SHA256

    120f47f985cfaee9355124e246b0cfc7cd6826193d64a4df47b71dd0e1b45d34

    SHA512

    1b1f209ac5b442ad6b87d53eacc9d59be6f9b65541022f80c25b206373c8350aa74622d3025f5b712c6c7bf758f037e499afcb7615874b8acac47580e8270b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    050ea52fe9c9c305a8aebcb1dd15617a

    SHA1

    2e7f25da3df827936d8033579ff08eaf083dec88

    SHA256

    793f3f573ee50e07f7914dc4000ff538632fd73b0e3dfab70af09ac3a5d3a9d4

    SHA512

    8b5156cef14465cb64b249a96cf5d9e56c23b74ed876b2cad24dfaf5eedc2d248d0953f9212f17b183d805f3a79c83d4f1e676120a899e853f9a4c6bc095b8a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6AGJ71Z\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab955F.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar966C.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UECQX5Z9.txt
    Filesize

    607B

    MD5

    f93ee0f2100ccee335267740638cd1d9

    SHA1

    0f8a435b0d88b90877f23110e1373c35cc0a9a58

    SHA256

    89de8e589952dffdaf269cd11beed27fe467fb153be2900bf22c36a3637bfb64

    SHA512

    75204045e5ab6613243aa9990db7668952a35cd705d4b03736cca8fb7e17a94d0825f626f2bea1136b2c358aeaed7ba78de05b3c174f1c088740aa5bf09276b5

    Download Submit