Overview

overview

10

Static

static

7

581097edf1...eb.apk

android-9-x86

10

581097edf1...eb.apk

android-10-x64

10

581097edf1...eb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    22-07-2023 15:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8d02f7df7a1630eb2f869a780d6e08d

    SHA1

    21a38b48104b3dfa11837f7060836e4f74aa3ec5

    SHA256

    b008d3fb23377e86e3912e67c188dab3fbfe12e7e7ec6de0885a370fb9cc3d57

    SHA512

    676b136973f6f25115a322a1a5747cf8fcda08bb2d1ccae77e86a9129483b65981956110074dafc0bf8b61890c5328bc481d21d1f46351559cc35137e658221c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d84558d28583d378c721047e664fa470

    SHA1

    eb13a234949c5c811601062bb3d2d0ef2954c751

    SHA256

    a32ee74357582927af04aa0a21a9fb2f61ec35065a4b24958f86e569454a8376

    SHA512

    cb9175447247dbe3efaca46e6ef5d4415a2ccb3769a9bf7083027143f742ed22e7ffffafd9174cc3e9cf242867ccba915a13001fa151869b7b3694689e4a2997

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ded2bf6c70ff19eb756b6792bed7e66

    SHA1

    ee9a4847470e33a6eed1233383f1adc3e0008b2c

    SHA256

    40a8a530a70d85954a74255aa6fa097ddaed863f306b0aa4b8bac3b0036f712b

    SHA512

    f871acda959d7562d23a608ce7256aa45ca2ce73a543831518cd1170dfed87572e19bcacd2e2f3e243d023a0145ed66d265a82e0febb9b91d9b13314761d7506

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a33fb5ae117143f0afcc9f8f58318b39

    SHA1

    a6cb57116db91303c986c2e1b2af85e16746b8e1

    SHA256

    4cb6f363093d0438ca0f8e17999dc56f67147912c320ad86daa73142ca37990c

    SHA512

    810bc2d5053563d5006aef4b13f9b715348890bc0be10d6bd82b37913fa4b9ba72923fa658201c951c34477d9084917acc544a9357ac9531b3d7c622090d759c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9320bcea2efd5c9f207bb1a8f6b2e9aa

    SHA1

    2b321cd3a9bf91467c4d12faf9c20072bf35b2ff

    SHA256

    4efc5848b018d7a93951310b61707f1ece64360e568c2004a3818ea49f4a5c30

    SHA512

    9113b67aec1cf593d8b440529fa496fc25d04227e6d893a76260c626c4e20ab447794e7654150d9295b97d040231a7df694491562e041c3ed0be65514211e544

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45a3d2b0e2daa3e8d2860d00edfaa985

    SHA1

    e21174679c14b70591fbc3a40403bfbe080e2057

    SHA256

    bf26ae82b80bf54cbb80ea7397f3d6eb2827bd5b0ef647f666e5b0d605bec40e

    SHA512

    d720f497a410ac0d55e7284516e6686a3371358934a2d5d0cad732ceac227af0cca06337b9711aa0e6f167f38122635afbab5e2c941dfbee57efc35470e3c368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1392475643788ce34bcf1f0152c31cd1

    SHA1

    6bf614a3b388fe9be65232a028478d7dbe76a089

    SHA256

    1dd568dc78ffe18f806d30ceed2b5dacf9ff77231d720169535f9a79f35862d2

    SHA512

    ec40920a4d197b35a12e064c3cf3f87dad4f0e3a9703c04297ae60702f137b3876360df8e0ff6161b853eb55874568072854d08e332eee48b97edd3a4feab8a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30b9ffd5991ed15b20e5f8b8c849790f

    SHA1

    df0bf4a9dfa86afd2efbd77b8911a2abce40c8c4

    SHA256

    d9a2016652ec163b2f318681914cd8059727d6449d49351c5ee6d1961b010194

    SHA512

    5b23b018630b189584c36dc1e9fcb4968f08c69d4a7be464ce3388c05e13e77b2546d0cf06979939e05d90bc7fbb8eb5968ed401a89986c61a64c8d9a9e0a50b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4457fecc44a2ecc6a9749e8696b86080

    SHA1

    6b537a5da7da8b87f37ab03a23e555c2e91ad78e

    SHA256

    1be4e6df53d576fac791dcf44fe0a545a70b1529d493e11a6d43626ef484ba0a

    SHA512

    083bb9ad4c9b411d8c89cc386120bc2168a1cdf7447d1099fe4425d025bff42630b43ab9089cbe2df7e80ee3df2659a755cc56c998ffee17566a733ed980f2ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6AGJ71Z\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8CF7.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D59.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Z5S7O690.txt
    Filesize

    603B

    MD5

    ed3986e1c5960bbe3ee15e1fceb96196

    SHA1

    3200424d20d870701af5605d03445cb3188813c6

    SHA256

    9284ccc8713d75daa388ceef885686f79257fe2eaa7df0a16b685205999ac887

    SHA512

    3050e6c4e4ba190586e1bd64ee7c28d74abf336686464c937e082f32532cc3110a9db1894725595f0a242f708d91c400ad7157d3f21829bf5eeba230a889f6e5

    Download Submit