Overview

overview

10

Static

static

7

081794e3f6...b2.apk

android-9-x86

10

081794e3f6...b2.apk

android-10-x64

10

081794e3f6...b2.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    193s
  • max time network
    255s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    22-07-2023 15:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2828
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2828 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2c8943ffd0fc79ac5d967a64bd7bbbd

    SHA1

    cadc8ace0662fdd1ce40d785b522c9754b7a7112

    SHA256

    895942fa60c4451877b1a26b751e42db261980a7319c220bd9a37b160988d6e4

    SHA512

    2476179e125db76f3d3accbed2a3c273a57d1e4049ab029fbd3f94e0da1bb35914d9befa6cb558ac19ba1e1407ea968adcc8c5f53d2566ed69857e8f91738450

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3b6d179b8aa00743968a786f1e1231f

    SHA1

    8e9eff0cda7d1ddf3ea30e39106954ff609db29d

    SHA256

    b7715d96398503006545c204f047b5210d32738688303dbbd1491e7456157b12

    SHA512

    a0a5c5911de74119aca53fe357de815876495b549f3d98ec0573bb737db8085cdee1e253e4566a9e8041413455be311acb24b74ee28cc29b438c03aa8a6647d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07ad549ba5dad733ff03d14b67a0a288

    SHA1

    96c1511d1d21b502c16b6f4ca2f4f321aa82fab5

    SHA256

    74c4af8677eeffbfd48eca3721f6f254b5e9f832d3638be4a0e73b3af9759357

    SHA512

    d3ebd052d55af5f430e9f7ff6f8a4d5c99ff949848b51abc8ca25048aaf53ed671fd14630f838d1d23d2a6f1c777cd5ee90121bdf4aa9f577a8b9b7bf2c58047

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4fdeb462b4899ae3e55a989b56b2765

    SHA1

    6287da7a1c9e24326e0c82c2b0a9894bc85e2f7b

    SHA256

    58d1a19ba8f02d5484127fa2aa12bce7f94cca50a3e7c3871d6fffeb110bb689

    SHA512

    87700ce67ec6fda6ff38c95c13e15f89d8d9032dc3ee1616d94ba6c875b262ff99c43074ff962e47893e445226b2c5c92a09d844ce51b1af7b1c3be71a6874f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcb7a404dc05beeed6f4ecec89cc4f7d

    SHA1

    aeac86eba31c85d1882becc0ee9ccff7af8f5752

    SHA256

    78ea8b44650d44f6f985beed3d51e957164c443bdb61599967db3867f29561f2

    SHA512

    f67756399c818b1901d39c4ef10e051d7cd0ea4eaa32387b4d3ed9a6d5ee4b992302f799b0030decc81b51a5cb17cdfd1d042edecd4de9bbc0f41e708fa1d345

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3e9b8db5dd35763efea09b73cdd8654

    SHA1

    05b22c00c3b88d19f7eff2962a2c13be3279c225

    SHA256

    7aace54199b69f7d070015e71f77e5dc63bbebe094bbbe0f64325c0d93417d3f

    SHA512

    d8dc6a431ded0e9156b8b0ba20c31ac7401535d9af61036f331db3ec6dd0d4cc774cef61d879e9f49eef979bbbd71d06919e2e6af7994fe77292039ab2614c6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ec645f1d66bdf976c9ebb14c1b899f9

    SHA1

    a35fc4b8046177d2acd41546cbd8609320e942f3

    SHA256

    0463a2a8c7246d71e4519e404c9755569891c6b7915df2bc34f70c5e68338c4c

    SHA512

    3112691bb827cbafc9ea0d710575188aea689f006bcc89cd027a395ed4154845cd7aa6c3630f7a9bf705680f3d1c7512d5e08dc0115bcb2b361242e0e08f318e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a8cd1fa62472873983df301533a7fc2

    SHA1

    3dd0d79c3624ba29e040eb1042bfed1779c705f5

    SHA256

    00394160eb9ff2eda83bb65a549975ce1655540f102cab4b4a6764f61e3e1d4c

    SHA512

    51f24851ff81baee9d79f27bf1d56d9944332a55eea0790df27f99f4c85e7360abb6f22145fa2be32e7745da53c4f7e9bf7e6103daad9cd95aea882dccf7dac3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2aa73b0eaf62c156d017c7e25990300

    SHA1

    285e175dd692404feb1ad0423fc1dd854de937e3

    SHA256

    7feb705244844df5b1572f95db8dde9a9fbeabb1036c5b60ff8c33d5ddf90324

    SHA512

    3b8ed74694c37af14c874c8df9ee785c7187e18695f338fa8fd798cfca6efde4359035c0ed11a04ab808453b28c64a80b974c5f5efb350d1d1b4a5c078aa27cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VKWFGCX\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8671.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E03.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\PCQZ4NVP.txt
    Filesize

    606B

    MD5

    058c13081cd70c25ad4998dcf3ccdbbb

    SHA1

    b7909ef618fcab5c908504fcea24c03d0b6e8063

    SHA256

    04a6b04fc154fea98e8a69225d11d83d583360e49f866f71678f6b7704abe029

    SHA512

    f579466dfbae8b3ffc592e5368ffeeb239f1e0b10682e48724036fba92044f489ed05386b81dd3c1c79aacc547480d43865cc509ae0b811806d97d39f5a89a60

    Download Submit