Overview

overview

10

Static

static

7

581097edf1...eb.apk

android-9-x86

10

581097edf1...eb.apk

android-10-x64

10

581097edf1...eb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    20-07-2023 21:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00781c58e2425029cd05368a1e53653d

    SHA1

    17f64c2a00a4fd296a69c24cf53c9880cf8cdba8

    SHA256

    6b20b024102e94e0772a50056080e393411beacb0112c8a77aef9ba8a27a1bfd

    SHA512

    905867be2e756c95a1b5ec9e4b179d616be9c6921c3ebefc688106c400c313c6aa9d0924e11976b12f62fb8996782754ef58462fdca9a36612bdef2b7df8d56c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b22e7ead73e939bc50414c8f57985aed

    SHA1

    60200118dd2a35afb60abb26af0b688890174073

    SHA256

    9ff63ad3aff8a7df1b8e7f3cb4bd5f7106362dc5322d681137a306b47110302a

    SHA512

    f4d55da91dffe3bbc0967d0967d712b5384c5dff82f2c64a12a6edddff2e752c316c79defc87c96ada674c90aa2090aa85cb22d4c344a1d1c9c968561e339c84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    408c99860a3e7b292ab88687640e58e1

    SHA1

    c9a6309814aa8d5768493d09070b4ea1b51186a2

    SHA256

    9b4bc8d6ce729865054c0814a40a857896fa0c27da710477a467d13701d7257a

    SHA512

    8008005bed8426652dd1be714c5f7af60be1b4cb14bf60b3192c690ab5fc786eb447671f4e0167e081594971abbd9018559fe6cdf4a860b80b8157ce47ac6df9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9c6a1eaa354578f53946f1f4aeb1ef3

    SHA1

    049a86db49d4df265002bc60a4a28b7fc9711c3d

    SHA256

    4571b8b100884ec2d091c86f5e6f365fdaf5abc4d777e1b0ae0c9cba748d0d49

    SHA512

    647cf7fdad4196023af14180a469e71892217ca2e1c46ec8abe1f17582d3bf8cc9648a2321fb41bf3db14c3eb8dca8331a18f3d0563ec20f53ad77c58f496b11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44c63870d93eb843dba294aa9b07d70c

    SHA1

    4c01741f55e15039d0e808eeb0159ad9b6f8375e

    SHA256

    d38e804d23c4db039a03266c15e78b575ca2e512c731f4484f9ec6b029dea8a3

    SHA512

    7e4805643c02b59f52b92359b022ded28d1e617a6f7b1dfcd2a98b46736d565d3c4554c3d3a7f47510098d0c84eb93cf53d55a95e2a62ecd077fe508ce4020a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0873972387b1f11b8dc1529a6f014f82

    SHA1

    7d42b31014cac0b362344d26f8a00df6d3be9622

    SHA256

    04946eee29c7ae62108e49968fdedab4154f5629104437192f790de91dc56749

    SHA512

    0baecf12ce8f5ee1c502e381984439567e46b29851c30d5f1da53091f72018420864c4865ebb6094cd544b354b5560f27ff3b27db12ea16529a269fdcf5ac72c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48374bc6eedfabda0fe4607a23d24089

    SHA1

    2f474e8d33bdbdac065e5824dab49194b830ba4b

    SHA256

    8d9c7694105fb7d769caeb1bf8331c6331721eb001debfe894932c4e59ab122a

    SHA512

    47c0643bc9fa3e48921bead144437e1e92b2300364e9f226085d432ad36b8c30b2c7fc244299d68aa51a316a6cac152bc0a7c7dcf97894cf250a1bb9db42db75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    04f32e7712bbc3853bc1fa003dbf5a4f

    SHA1

    3a765345c386e7bd4cc9eaedccfbd9b8602aa4f6

    SHA256

    3c0f02ab708a84903d732e0f6f8b419a2948e07a3fd618c7e14d2c4d99724442

    SHA512

    bd19ca94e2cbccfb38976006e6f018288d0e8cca6cb831b9886720a36f97592abaac6e62f7ce290638de9ec54bbfc6ce03149bbf7f7e25e63b9d7f368f4a916c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B9M1KBX1\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab986B.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar990B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H4O74APJ.txt
    Filesize

    606B

    MD5

    d039c1e18ecaf399aa609b94aa9e41b3

    SHA1

    4fb3f77591eaec91f4dfb8d89420b945a72bbda4

    SHA256

    dd8fbb4bf418a65ab3811506bb7c40cec3cb83f57ad563803c16200b1567f143

    SHA512

    3e128b88d4ae3bc26b51538d6b204f5de9397fa5aa52b52683c071f3433d3393077c6fbcf0462c0efbb4d60686f415c8b2070813dc26a466edd5f2d73fee5dc1

    Download Submit