Overview

overview

10

Static

static

7

5dd8a02a0d...ab.apk

android-9-x86

10

5dd8a02a0d...ab.apk

android-10-x64

10

5dd8a02a0d...ab.apk

android-11-x64

10

1bf84a89-2...c0e.js

windows7-x64

1

1bf84a89-2...c0e.js

windows10-2004-x64

1

ad.html

windows7-x64

1

ad.html

windows10-2004-x64

1

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

assign_lab...l.html

windows7-x64

1

assign_lab...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_pres...l.html

windows7-x64

1

blood_pres...l.html

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

diabetes_r...l.html

windows7-x64

1

diabetes_r...l.html

windows10-2004-x64

1

dpr_report.html

windows7-x64

1

dpr_report.html

windows10-2004-x64

1

dtb-m.js

windows7-x64

1

dtb-m.js

windows10-2004-x64

1

edit_insul...l.html

windows7-x64

1

edit_insul...l.html

windows10-2004-x64

1

edit_label...l.html

windows7-x64

1

edit_label...l.html

windows10-2004-x64

1

edit_medic...l.html

windows7-x64

1

edit_medic...l.html

windows10-2004-x64

1

edit_track...l.html

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    07-08-2023 20:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    blood_glucose_local.html

  • Size

    1KB

  • MD5

    bf57710afa315efd25ec6a7a691880ab

  • SHA1

    0143d6261505b4e19173d67cac2727e82b5bfe3e

  • SHA256

    6b7fdea002cd0b8ed8b38fcc500987c39c679a27a84aef2faf58c2e0772498ba

  • SHA512

    fc2808557caed6ada3a82529ca756fb94ee88931de032cd314f01fa675a450719f02c7ade9feb2a0af8a64a3b2dc537cd1cc33e226173424f081a441315706c4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\blood_glucose_local.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0942e72e3f65851b3120e1d45b19f384

    SHA1

    6d5091e22b3119efcdb8c12be5e270aa77016a47

    SHA256

    d0bd7eca9876ac92e4e4558e67e4174e28cf3eb69ba14e2ea5459aa67c8fd24a

    SHA512

    cc1c5db3f2785a58dcab454113a0a0926e1243845e6a48d614ae785eb912aecaac16c4fd3a983456a7c4056092a8fc31cfcc88f52e0778ab388b722684f8ad03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    818e168aee43d2e8b0d8709cf44d351e

    SHA1

    624ef124817575e2f76978ec62292479b8232c73

    SHA256

    1fa2576f46fab969398ece99e3804e329aef609e23d0791cf61b60ca115e1114

    SHA512

    3760ded782163d3a9d4677b6f9356ad85c9c1d87c940856f036b73d996c2909b7f38328dd64a1bbf75f22ffcb09df71b4e4ad53ba1a4ecaefdd7433a5de66f6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    632bedd715af78c92000d4349de5fb1f

    SHA1

    53cd817b5832bc299ede480abe72b463422d59f4

    SHA256

    ac95c838adad186b03e738779f57c89edec326a2c4aeabf9c85c41eac3073b4d

    SHA512

    728f35fe3aed13bf40dc5621a8c3905dded16674c6c6b9a27c1d41799e2b036da345e0db103b167a7d216e9a82af26a33781daf24cd6d78da9a0d9e14561599a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebecac8a41e1813ea4ed862da2619c26

    SHA1

    f2fb40e8a0b08799217ea03da96fa47f91e7efb5

    SHA256

    f79219fb3443d396bae595718361403572d7f0d9ec9fff776d177f3e039b3028

    SHA512

    a1bc0b5a0ad45d8ecb20ca3d369cada89f1c4674639c761abc8d5b0a79795690193de03948b72758746c35d2bfab8827fd33fc8baba8524a30ae0add33a7af92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65be6123d868d216fd567838677e296b

    SHA1

    4f6eab99d5006af4a880680aea56199648da9484

    SHA256

    9ed7317be3eb21e2e72200a3409cb4a2b6b42a33ac1dfa76b00d61f385a398bc

    SHA512

    aae2a21e1eec1912251859ef2e3f278c1df97cfa6a86ceb195b5d88d889a8ed6daff07654ec6cef85f4fa8b34c24743a5d64683cb95bee2647e53fc7994aea3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4435bca5f9371b66421cc28b8d5dad6

    SHA1

    1e7a86dcaceb1e507cd0f390600ea62298c9692c

    SHA256

    10fdc97b50dbafa34504a2a1350c8edb5b2d80cf5592eb70c65e2940f1440245

    SHA512

    5589a0b5a02259c3bf0be509da3db6a4b090d8ba76512ca0c4e22e8dbb3dffbbe2f249e029d98540fe57d6b0aff317c190be2abbbd766f117884baa712ca6d8a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE6E8.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE778.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit