Overview

overview

10

Static

static

7

476efe162f...0c.apk

android-9-x86

10

476efe162f...0c.apk

android-10-x64

10

476efe162f...0c.apk

android-11-x64

10

license-ru.html

windows7-x64

1

license-ru.html

windows10-2004-x64

1

license.html

windows7-x64

1

license.html

windows10-2004-x64

1

UserDict.pyc

windows7-x64

3

UserDict.pyc

windows10-2004-x64

3

_abcoll.pyc

windows7-x64

3

_abcoll.pyc

windows10-2004-x64

3

_sysconfigdata.pyc

windows7-x64

3

_sysconfigdata.pyc

windows10-2004-x64

3

_weakrefset.pyc

windows7-x64

3

_weakrefset.pyc

windows10-2004-x64

3

abc.pyc

windows7-x64

3

abc.pyc

windows10-2004-x64

3

copy_reg.pyc

windows7-x64

3

copy_reg.pyc

windows10-2004-x64

3

genericpath.pyc

windows7-x64

3

genericpath.pyc

windows10-2004-x64

3

linecache.pyc

windows7-x64

3

linecache.pyc

windows10-2004-x64

3

os.pyc

windows7-x64

3

os.pyc

windows10-2004-x64

3

posixpath.pyc

windows7-x64

3

posixpath.pyc

windows10-2004-x64

3

re.pyc

windows7-x64

3

re.pyc

windows10-2004-x64

3

site.pyc

windows7-x64

3

site.pyc

windows10-2004-x64

3

sre_compile.pyc

windows7-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    08-08-2023 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license-ru.html

  • Size

    34KB

  • MD5

    ac6e15df193c7135c916f85fd48afecd

  • SHA1

    bc11e538662c15a478b3cbf8cbf0873b8f19ec9e

  • SHA256

    a1b20292621b8ba67ddfb61802bd12bade68f6b930ac6ad61e89c047a1f91c22

  • SHA512

    bcd3d439b0b25ba3de815f00ff92bf3545578d90d53adacc2b272b60ee8bf3d65e460d87fbdc56eec32344d8be567b1f7384fb9c8b0934b24cec39ce05b7c8e1

  • SSDEEP

    384:8JF/uQenaw/h+pMNbK+v5AKVjZI89GThAKJPrLqCu2WVgqxk/d1NDlCPjOB4WUen:4e9hDbE4nGThAUTDmI4WUE8Z+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license-ru.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2404 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd28ebfff190ae21eaed31bc11f330ea

    SHA1

    6cf40d6c57a6123c23c4fa5b71fd3c5786964d07

    SHA256

    cf1ac77af519413c4e8f14e4d0d8263b4f163d48836aa2f5bc6e1efe9f6b5277

    SHA512

    1ff4f3be70a74b5bc88a19faf7e2dfa87c6434d23e5f4655806106c66b6059e3ac9417045c7d4b271daca7cedf5775d966c5e2bf04a803a166c69532d82ce769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97f8756793e833244c2ebf0e0de3de38

    SHA1

    d6e0ff6409864e7ec47b3304361dfc5572843470

    SHA256

    0c5d3e892bd8b33df8bae90bf409b163c76f9051681ef831bc92b39b36b508c6

    SHA512

    f2502d1c5d4f2df998e7776bbc6bb06f5099525f06043124775d392b2a6b229b7387a1ed3c269917def6e52e386ffbcc022bbb0438171184377967c8a90eb5b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d90e0141164ed44d69b1f61ecabf6ee9

    SHA1

    a1bf6d4a7639d07166cd280fe5a912856ae25434

    SHA256

    522f4a17b0507fb5abc15a69b25862a6e0708ded4ffa398a100d69e4e7846f7a

    SHA512

    5e6777c4e251465cfb9f9c5496ff28e1a704c2b84af618558c316af31812a5db523962bacf03d01c7f9b0fedbb0fd70bd7d59c16c4b4c117e209d04c4da04958

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    812be49bb380f3152b186783f61afd53

    SHA1

    719c6588439b73659822c2ebb8ccc3360dbbecfd

    SHA256

    fe9c36bb7af845576a5342c05ca34cd910e33bb3b4c4be1dbc3a14dca97b6d6c

    SHA512

    862df6ff8bdf27191edfa24edb91638ed9bc0e9a5319deca982d6ea18577c1759468b80d1308891f10d9b64c36226e76787e2e6b38ef24c6ccb631df0087def4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26cf98b849db1f4943b93e7e5622a13b

    SHA1

    f0292f36a77e51286ec47d251d294618c03e36c0

    SHA256

    bcd0869ed6241f01a77b2abc4212b65699bebf63797a2512d8a61803933cd120

    SHA512

    5c9dafa30a955d765b924c1fa73c732ce205c961fbc7d8d6879c99926e860b604dd2c12c74887ffa783b213ac71dc1fd7ec3117ec574bf3ecb822c5b2abf92db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f79442fe23bce1468f65030821214e3e

    SHA1

    6a602cf00c7d62edbe2ee5c630176f238f9b1aff

    SHA256

    20d2175aea75d3c7eefedd3376693aeb3742d0ae735fe29e83e121bf85cf9218

    SHA512

    06dbaa05b3518db0fee9fe24c033824f02d0793f590f18666fc82527f14a5b7334d8a32b9851f1f4b7e7c5be19fc85de4e6848ee63a62b57319d649b3e6b58b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ec930a86b18d6c7e6ac98eee39402a3

    SHA1

    883357b08a2bf835c36c4ea955892f161457123f

    SHA256

    028f32f869f2dc18ee667e4f0fe1d85d861bbc0a0948fe932f4cd4f500a78156

    SHA512

    e6e6b6e54d0aa3eab618fc3d44e09fd50fe5ad8e65e487d512d50dee9f739c5a631c60de1346a9e3dd72fa733f47974c977ad4d0b5a1f55d332f45e450589c38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d184890881dcd407bbf5fabddd4922c

    SHA1

    1638df4597fe6c346137410fbe007084045836cd

    SHA256

    3a6e4521b7acb342d96bd841c82b14e6f96e3a49818494a92a838027cf9bc787

    SHA512

    98ac9337c1e22f62226babc759bc91260ea61dcf9d37747d53349898e9457be418b37d0009e77441b62da4d97179af0b417dd09d9709d5b15365869e1d5066c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7540d71f9d5ac6210cf1ff741c49fc8

    SHA1

    57936c880c475ba9d331f59e659fc1b48779eadf

    SHA256

    cff90da075537214222662b3a1ab1627a3d5e1b40d58ecab99550eb27b8f05c7

    SHA512

    cf1f167196842abb5b863b14e18afc93a36f1710a75b48b1cf0b390ac87baf9bc848a6f8d84c6ccaa701b4bc025c26b2e54c4d472481ea92cf2b1dedf35b3644

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    464551513c8efc2029b2706326bb2812

    SHA1

    d0e8efc6a88e304b7515d773bc9faadc8695d774

    SHA256

    148947eb8ca889ba1f3020a4f29c9f3d1f895b501e9ceccc856512d2894a365b

    SHA512

    b3f4d21c5acf81f490a9c79396aecade3edd184befb80639cf39ac7715dbc102ae6d9c3474fd283f32fb9e29f7b9e68f2ecf337d39be9aa67216d3e8ebd10c4b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9FCB.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9FDE.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit