Overview

overview

10

Static

static

7

f16cb4b85f...a0.apk

android-9-x86

10

f16cb4b85f...a0.apk

android-10-x64

10

f16cb4b85f...a0.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2023 20:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1568

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ba4ce61a5c933ac42c692ca18246cba

    SHA1

    237404a8411690a44163fbc63ac3afeab8fc324d

    SHA256

    caf06fe01344b276da035dab9472c0c52fa0c7a4fab28f0aed8beec66def41f3

    SHA512

    b7b50f91942abf6fd2af6dcc05cda3eef3b30cacc3a5ce252a24ed32cd81a8a9c21fcdc498f9279502754ceba19860be442b717284cec0e6e0b77551f10f5e34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88ca0311e961f7f7b5a8da83748ba3bc

    SHA1

    061103efd67d72203eab41f82f244325d513288f

    SHA256

    7f5e725d37a508175346267f836201beab763f54f3fe97ce01e10e2a972e5c3b

    SHA512

    e7ae794fff5aa0e2303fdc4e34dbc6cba0425aea91c654a004ef1a2e9522c8b5381c558408cfaa1883aba3122935a4d89dd9652e66874e928f62638ed293af10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbacd95784661c14ed79780eae9973ef

    SHA1

    47aa5f3542132e1358e0b1a2ace09251b032cd04

    SHA256

    fb9abb424033e709a4864a2c6cf634fe8cbf180f6ee69930711da10a347d1d95

    SHA512

    602a3dd23ab380b31c89708d2ffb6ac679df2cf1ed91adb86bb69fd1293b360663faa6c6c192dcdc611d89c82507a0624a8f4b655c7de9b542229c7b2b44cf55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31cd226f4581d1501af6e22728ec0796

    SHA1

    34958e053b20b0d04dfcc465cf2105d389075375

    SHA256

    a474aaf4489c10574bc1724bdfcc83d2fb89256c2d03237af8a9e630eff1ef93

    SHA512

    64d7e644d072061861c595b96c877e7bac5c1b59d35e590e2afcefc34818007b0f801081746acc70ebe48dc75e455ab8202683d251722a210a2ae2fbcb7962c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bff280a7d42654e962694a60db7974b6

    SHA1

    ee467e06364652872be4e1b21e6727aad9ce60d3

    SHA256

    fa1b9f06f9d342a2cd887b543309927e52711dbb7c39218d6fbc825308b8fdc9

    SHA512

    bd043f4c281ddbe272ba999c6294f97fd597502df66b6de8682efc405c1a56dd28f89c5e916c6e31f7380892cd8af723abd654e7d8a0b7408d69dec992817ead

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b91393b63ed7a63cd242f2cedfc2d0e8

    SHA1

    1d7345469008a73e399ef82dd40f40be65fa46b6

    SHA256

    929b59464978f46a27acf69baa7408476e8747a3e136d4985183a8d80718f16b

    SHA512

    c9f80857f2d81fbcf6cff93881cffe9c0d1f5d7b095df21b4831908994d1458ccc48bc0f2c93b9d0e5ad989717ef37e6b4d116caecfb9bfd9990f681ac480512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d491c3161ed6ff334d6a3d4e82991fd7

    SHA1

    3a26966a933738a3975d5ede5ca1804355086551

    SHA256

    cbf2ddf8b58baa9ed4fbda4121b77f155044e39d880f131dc0a19c616a4e7a56

    SHA512

    d90c157f31c87095811b94e3a682643c9b54cf4d7958f56e296929d88812efcb866d7433fa4bd43ae6625f08a3b4241f086d373321112bc483f67f93fb79ed1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    228ccc0cec5adbcd222ecdd5528fe165

    SHA1

    f141cca629858739e60f53dd1a2b688fcf86eef7

    SHA256

    df568130c1dc23fecd9f2d3846b5de9daf4f68e802b546020173391f86b45485

    SHA512

    299641f4b712aece21cb3c0493264ae3e547242262060621633485ef0751c0b8e2b2b7d5c57671ead308c5f8462028adeae39839e961d6289d5578fa4ff611cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b99ee855ff9c976e57ed26e0f0bd854

    SHA1

    dd66d7f9b3a2cc1a02a3294a6cbaeeb9b5bf71b4

    SHA256

    ce8b7cda48448561ab91c434223306166823a2703cc672c59df8532d59ca3988

    SHA512

    ac002d5c39d33e71b9beca3976f726d10fda47e2aea218464406b290c93d492af15d523018c441cbeb560181741c9095bd1a1c557384bbc05c54f7cfe25c7975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    714e7b72bbd5b292578843d4e0808640

    SHA1

    892282272545c2e34e71d633e0741a15539e0403

    SHA256

    d308c2da2281c4d1310ad2ea9a82f4ba3ac297be865125e7c23372dc2e8e3030

    SHA512

    291e9bb55711223270cab65d834d9e4957d801d7014f04a6c68f4cd53d30002f311f664c3583a363c5eb23095aee805d525c900224c4318ef41c291af75d0295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d28158c41598639f447d97e85d347771

    SHA1

    cdaf4bf254a7e20ca13fac921361699f11097538

    SHA256

    1b3cf34e2dee470edbf2c6c4dc688a3217f6d95c9e25c7fd6ffa0c40bda3903c

    SHA512

    2bcec81e50a20fdd37f98c040613f23b29d4ce04724a23471a33444dd66c228ddb8a803632c87735d5027afb1ee98ed8a991e92cfe3459aa6bf7453afb0e3311

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bed0cfa5f61101c57efc1f31429858fe

    SHA1

    d71a35eeaf9bf61a5d0c89755f98c3ed464f7321

    SHA256

    f3c6d9615726fdd10eb5f57bfb4fe86d64a2fb230ed61a5625d462f4b3a6693b

    SHA512

    756de85a9f21e17605fdb54dcca45a06feb602cc093b409c4801d2e39ebadb38a139caaee000f66d1d2ffbfad1eca08295f664305ddcb3289b0d2cebe187d104

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b561c1974101858885d540e42cde0f57

    SHA1

    9e787b12351cda43844f619032031594c3130496

    SHA256

    ffcf4d4a9bc8145fcee55a5aacf2522338b53924355dc74c5493e009444b8a69

    SHA512

    955c6aebbb64a292adf6ceab5763f8dfa2d6cb6660ea401ab3be69896583f7b9dcb47762fbd6a49f69b0a3ae8203910e103f85af7110aa2d45acc907c20043f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecece3d7a6030897448ddf3eba7a329f

    SHA1

    de3bd92d8ebdf1adc12005852d2501ce8296b32e

    SHA256

    6d78401a036cda65498fb19cd31c6ee7f39e18ddcfedae37b0e1105244eb81bc

    SHA512

    ebf3a270f6a0fc27e1233e49ff4f88904a485e7d29db1c3de82382913e0c67577d730653e76beb23e28ec613afa979e73d9157a0a61ae48e0d45a7a521268a65

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGCFYHZ3\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEF7F.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF05E.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VFJD3J7S.txt
    Filesize

    601B

    MD5

    c8ea8309660d994c4619ba0d6013404d

    SHA1

    3c01f3f5716b6b5b777ee4d3599c19bae939cf89

    SHA256

    cdd6e9e9192dc9824ea49c25855a69ee7005868de093a6f372db2af3afd23f27

    SHA512

    e80e24109dd8a3f470fdd2b9465c2972f796c4fe6a6d3cc67bbc30abbe8fdc7a5f18ef383a7553323988b4b0d0435a12e7faa97a15a612bf7ddc365330145aae

    Download Submit