Overview

overview

10

Static

static

7

d3ad33fd9a...d7.apk

android-9-x86

10

d3ad33fd9a...d7.apk

android-10-x64

10

d3ad33fd9a...d7.apk

android-11-x64

10

ad.html

windows7-x64

1

ad.html

windows10-2004-x64

1

disney.js

windows7-x64

1

disney.js

windows10-2004-x64

1

googlephoto.js

windows7-x64

1

googlephoto.js

windows10-2004-x64

1

hbomax.js

windows7-x64

1

hbomax.js

windows10-2004-x64

1

netflix.js

windows7-x64

1

netflix.js

windows10-2004-x64

1

web.js

windows7-x64

1

web.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    07/08/2023, 20:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ad.html

  • Size

    15KB

  • MD5

    52c368fc009579446f8dc67daf8dca87

  • SHA1

    fc52b078a9a02847efbf85d10f41b961c85fa459

  • SHA256

    9b6cfb0e52c7f7dc99d5f5b7e2a6142fa3ad82d1333f42877eed3d29b0561579

  • SHA512

    c80bcefe98c2eab09d4a831e788cd50563c62333d4c8aa81046df2acc9888c5a87da45546c1ee7d40bc7a9d7148075e3029e09e4b086406f6143a589111d1cb8

  • SSDEEP

    192:xMejgzfCtmdyPfojYA5D5zniVkG4zhxm45IqTbTD5qRSwpcPt6FLYFieRO6shWUh:flqiO5RrD5qBpWt6FAieRahW6X

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ad.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2960

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          242d46c9c44e8ba765da85df72c8c9d2

          SHA1

          463257d98e9977c201dcc23e304001dee132183e

          SHA256

          3bc152ea2375f59ba8500b8a12afa9067d0debcdf0114180d3d241d9c0dc2a58

          SHA512

          1fd2ceb34098d0a3699aaa0d38f5e4738fbe272eca8b0865931ae23193fa633d2efc245d76fee942d0b1d03e7ac5170cd0276fd908f7ee2638a0bc991d4dbd72

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b757baf6f636aae78cbc04cb0f665772

          SHA1

          2c998e4a87962b2a24599f9bf200a3db54c77f26

          SHA256

          f4287d3d960d276cca7b84ab9c326bebf9aba81cc852a7d7583b1244e259da5d

          SHA512

          12c9e701d4cc6a66bddb7325cd7d56c606ff436e54051bdc4f869965cd758007706dee5075db691f794aca57ee67586b46d687a29a19ef0d270643566ea0a817

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b87b3cb7311d7eb0d5f02b27594527f1

          SHA1

          61e47f473e6cbe232b9152b713dc5180758b7280

          SHA256

          bfdfca340f249040f0e8dd3e1f8ef6a3998900865fe8bfcae64bc559e897e5f9

          SHA512

          2a5dbd61e21b028bc59b0a2861cdf761f9321c06f95b423982041db9355b7b15bc2e669baa603b95fd2ceca175b4cb8cfd4657dba9a6e8ecbd01ad972b2ee424

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          04b8d789177bf32437241c8f63f3e2fd

          SHA1

          c623ce48b2d083dfde821583e4ff41dd0d5948da

          SHA256

          4be0fd4dba95c8788d08430caacfeac2810dbd3275f221c5ba27d6c44e20afaf

          SHA512

          f43c2ebb41b5c99a57ffc250dcc410d8fee8223c13617b27b033213414d4ff860192f6b9401d88b4b19ccca66b0f772686a8adedd0bec1ecb8156df46b8f8bef

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dce74c9703f07b29b6ac229f54361db2

          SHA1

          9ab1b0e84f423f49295d9d87c0c9dad82797ef32

          SHA256

          32b528cd9f3c65cf7ed259228a4a76d8f03d70b7fedc417cc1bbc0e868c20a32

          SHA512

          3634788c12ccfc9170f7af48a1cf40baeabaead45cb96bdfd3b772e8d5479b0e1bd40aabb5f6eb344cb9eb88e077fb18b0a2235f7ed3706fe35325098d1b5ea0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          44f88aa14f3d28fb9c7861559a9e2790

          SHA1

          35fa527e09f10456b6bde122f9c63532ffd53f43

          SHA256

          fcc907b777e4d0f5acc33f4216b4bc4a955d5765c80f12c8c230d4448ffebf21

          SHA512

          25c76a567fb5b0c69811298f5ec22a6401ad71a3c9e8231e77c252e0d15a5ba42ab546cc107f52e441ed50f9880cb6a20fdc85feba50d07204f2eda7fb24cade

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b9266aa2980cdb63c8a29bbf0003f186

          SHA1

          8a3eb8ef214afe2dc3f7f4ba2b235de0606461d2

          SHA256

          1eff54fdd60a40b50b0aab7d0fb992e435640066589df5df31b65edecd6f968a

          SHA512

          92f5274ccf2d30d26326a84cbb3c178bf1845bdc78b4e3a1bdc7ea64f746df896950c6ab10b460ef4916606d1ecbc01f089e30be0435e97a80c0e96fc17f9e15

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a62603bcb95c5bf533c25f32819fb68a

          SHA1

          8e1e05454ec57342d28096aaa12c7388170477a9

          SHA256

          fd2c36277835640cb479f539c6800f5f642dddb59574c229d29ba0d6ecec1d58

          SHA512

          ee114b3ee9cb5c3550427a3d5da018efefc19e0bdf0d5495bfc13ff134e8e8b7e56fab4737a224d2b050692e6a526603438423268338e12420f2eddfbaf3821a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d0699ac20494b697b649bedd61324150

          SHA1

          1c829f22147b0b6e5b828f5a8ed79e28c201bacc

          SHA256

          8d9d3810f62f810b420fa9003c89661d7b0fcfc1df478e6c1d32841d7c7c73b3

          SHA512

          65833d9ca543bfc24005f88bedab08d813b4ab2e148d8c356fd4a8b5eb5ce0702f4d699a9f64f0c640f04c70bd16b556ed75570027267f07f8f7844ffea69006

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1763b2778cca804507b2ea087f24e62f

          SHA1

          e964fc091dd2d82b063c81a049c93b3fa4658d0f

          SHA256

          2005644209d72c725fe4ba40fcf3ae67183b565d12735c08f4a53cbf26cad6a1

          SHA512

          f8b4a6c52703989aad51af71c61dcaa2531fb64bd0227bc9aca0a75cba9e8075af252adf7d34650fda8537da497849b2fd425c2614fd56ddd5786dd90ba2e38e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab95DC.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar95FF.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit