Overview

overview

10

Static

static

7

b6b59a54d6...0e.apk

android-9-x86

10

b6b59a54d6...0e.apk

android-10-x64

10

b6b59a54d6...0e.apk

android-11-x64

10

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

3

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

3

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

1

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

3

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

3

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

3

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

3

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

3

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

3

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    07-08-2023 20:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help.htm

  • Size

    53KB

  • MD5

    883888def347f0db8dbdec1fe82be5c9

  • SHA1

    f54280a3690f373a05cf438ca12c3e482bc1ed8a

  • SHA256

    766c2b736da4683d0f7cd5927cab1441dc13bca47af33b0911d5aaaa70da6ab2

  • SHA512

    4538af3b0b7b2786461d37ca6e3b93290ff9d6a6b7820f7dd3bf3840414c06e0c271786a91e5164d8767ecc66645f9a09599af661ddc39384717dbb80d9cc546

  • SSDEEP

    768:FWAtJoDQSUPSEXVe5wSsRz1K4I8Cnsro7:b6kxPSGowS+E4I8Wsa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f72401726a2ec180c81732f54c2bbd71

    SHA1

    f256c63e2fdbcc7e04999ecd3cbd0f79884251a0

    SHA256

    bc1c663c52545a005b44f456b82474af919938bdcd64dc62583acd88ce5a9d00

    SHA512

    772627d3d21c637434ee5b7d7571db86798c8311fbb0b99c46b723a2069df19a2b5caa170835b31d53184283a1fcc3ffb64b944f365afe786c1e9e44dca0abb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db1ad7d1f7f2415c51d12a05950aeec2

    SHA1

    d8b7bb55c77c35a60714bb278061f248e207ea49

    SHA256

    d9628fd2d9cdb6951eca31554c757447dba9cb471b3b3a244080a6503710bbfe

    SHA512

    3616f4febdead83520595e87c76360229ff0df8b84ef7a172115a2f6cee0ffa94a197657f4e03eff5ecf66423dae4cb61114c4edbcc0d3929fc82ec34b4c5dbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b92dff919a015e7c3f57f3a8dfe00ba

    SHA1

    17efdee26a247c175612d41b709fb41c3e821e3e

    SHA256

    a44a7b13f2a08a09de7ebb2ea84278ba1ca1418615f63edf66867a953d2474da

    SHA512

    436f9c63e4f17b9909da79b9540d1702ca6670ad7806e54484686d83339c2289e1f1d47d6e0e53e9d7a4235057f1998906ef3776be933d22e79fd79ec727dfc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4dee5ace99fd9c407b91f44e89dee6da

    SHA1

    c04483bc5e01ce21dd92e23b7ee8f7eeaf6d2d4b

    SHA256

    995833b9b6b737bff45122e65bc9351043e8c5b22f27031744cdcc52d1853ac7

    SHA512

    915c736c25eeaa33cefaaeafeba9ce18134f375f4eb267e5a457508aeea1a21520460c6117081ea6bea9abf05bbeacc962d6e69629cfecedfb4118dae3e439c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5bae8d418fc2d18d9bd4fefab1078dc

    SHA1

    3ad7fa97831f72da72b480059514e8bd483e4368

    SHA256

    c6c3522b65b75c084df51ea449800e6239655e819810e0a67ed0fa00d1b5ff9d

    SHA512

    ba1a9b98bc938f36d9b74fce3d594d1193025786b0696b7c3d8edede5c74a1ebee4305cf8e92b0ece0ea5047f2d2e4390534e6310ec09d145bf3925d5712424c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db8c5bbf11e368ad339bc46c3cfae9d2

    SHA1

    ae16f3c9a53fd0386406855f220a1eea25b01404

    SHA256

    1fe84ee19d9e64332f688ac4937a7049475d02bcc7b9aaa6df797ed66dfad35e

    SHA512

    15303fa2d24cd70458c9beea3bc3b7737b56d7cd1d906b5fed4be4d2cdaf6d5f3bd546f11516c0bdb1f7ddb32965a00d2e52f71032c221490008c71ed63ec5e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    141b518b0d8c3fba02eb18c96aded10f

    SHA1

    e2866e58fb478d9b4d0f67347676bc806662776c

    SHA256

    99864a3a6d1bfa862b6151a828c436d106e5d7298d51bb8a589063d9ca65ec84

    SHA512

    7d715f981ea15f1d076993e0aa9e1a717c7e08e59c415cef1533429abb2d9ab81f60e17decc028a7dbfd0976287dd9bfbf2aaa7953ca2eccebd52c19b7fc367f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f509fffa3400ce951f11e8ab1e250fea

    SHA1

    8e9633147f810616b5dd4e229094c825fbcfe050

    SHA256

    729cf574d1db3090add75fdafbe4b3a9472caceee48a550c5ec87e922b3fa3b9

    SHA512

    89201b59680b17240fb24f803ba80d726aa4e83c2e2e117496cae0ca2a0a273f4ae584d203fad5604e67a79f188012bb42fd25f7d58a22aa78d73e9c1681a87b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7746966855e8adc64e9b24d21a7ea4f0

    SHA1

    634aba736fa94af67dfa04c923aa55daa9c0d10a

    SHA256

    301882c4ea01de3605e8cd880763c80f79c0b7211babc3f857818bb03af970bc

    SHA512

    0659ffa90b6fae4f2a4c24147b3f4c8db1763400441dfb905adeb2e597a5cbb6a605d3b1cc195f3674e3ed0f5592265777d748bec426e10682af89b03cc47565

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84c078b491daca98e2208ff098bf97f7

    SHA1

    713daafb409602bfaac467397c3a752609b35b8e

    SHA256

    d40e8f5b33cd60247789e894a7a9309fca1322b2b124d08a25a45dac61aa2896

    SHA512

    ed04640951ade731855d00fe526e4d07255bfe6247806afca6df62a93e55f6f51469c6cbc3cfccbea6184832ef019b461ca52eb2d0bbd56f80968bbc49fc6891

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7006c0dab8a1dcb225dffa043aac26de

    SHA1

    64f15d831484893c0b4a6f1428de7285559aa155

    SHA256

    f5fd0d899ff3fe34f0175d39c6c9539ba320624cfabcadee01efeb8e6c8dfa97

    SHA512

    71caf413c31c2a71fca9aa60c8a94d2820aaf0c58deabcb5e53d78640ced753255eca2326ddd72264d47ded0ae5723b0a11eb77582943540853feb836a4d0d35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab850B.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar858B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit