Overview

overview

10

Static

static

7

c92acc3e0c...c7.apk

android-9-x86

10

c92acc3e0c...c7.apk

android-10-x64

10

c92acc3e0c...c7.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    08-08-2023 22:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b932b92dd8efdd83005e286275473be

    SHA1

    30f638325eb1b1abee18707f2b333e7a99946dcd

    SHA256

    6412378ad9e20d186a9d0462ec107d9a335b08dd66bd8ace9db7be235dc01ff0

    SHA512

    9db1f2336bae7963aa028716cdd0e8e99c3bc156b0d72e8a2804371c011cd8f025461d9ab5b12e6a208e1936904610a495f828d85a7f21d9265877b3939ae6b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfefaaa53fbad59543aa16498fbd0036

    SHA1

    e89a33cc70bc1e29a16c0a89292e515535c140c4

    SHA256

    4b3a915ac9ce292ee0d21e9c8cf537755d8f51245b8d4b8cd9bbdf3148bf5290

    SHA512

    9bf8fd7f55233792c8e6ce34d8293adae23b1430cf5610a6ca34a9eba6c5c2a93481827a525775d272a961e056e0d16738310c7e9707c3a349208d8af9ebbe28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc2f8166cbd1cce7f5f58f202ef5956b

    SHA1

    5293c462ce0b10180dc9946654d2176883bed7a9

    SHA256

    4b761fc711ed78678eb101b00f685cb071ed36cc332e2a47687026b5fc8f8333

    SHA512

    a26fb7c1cead27668448ede595b3f6b8d5b452bcca56da7515689f1991aa56723379e211a25fad06d98db439871208e22ced821c88d0be00df66168bb0f9e28e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19b2baff07877264337bf4c0bafa01e7

    SHA1

    8176f0bf310fb1eb0142882f9bafdb2aec295d31

    SHA256

    94fc554d5a48be5139b06f8af0c1623d9ccc1ffe9dcfdc06845530250fd77004

    SHA512

    3a5754d0f45f7f64f4a359d2358f9ae37c5f99fa6aca61e7cde08416e3a0608fcc9ed3fdd8ff512263fb6427376d78005edcf21b76796ead1f30f46d6b0263d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a4dca36616468f61b104f9f4f5011f6

    SHA1

    f81646fee5381353ae7c124589bb9dd391d40778

    SHA256

    c883ee0cd8033987662917bb113aaa5e66298500b10533a7c0303bb9d23079d4

    SHA512

    875500d1ac8d99e35c61b5dba25fe97ba687b1d7f1fd4ce061fb875618dc78356a47f91009604391e234f93712a80c682721bdb97fbdbf80b164d6671090e5a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    798c944b09d3f73f3aa686daa4dda1db

    SHA1

    55a819ea4d1ad41e8d8daedafac0baa063a6037b

    SHA256

    be162bb0e80c20af5f6d50d16ead8dcc2fa0e45d00bc05f66fa9f85bfdedbeb6

    SHA512

    e9d6d2807116c80b4b86e1dbefa524548016b6635acac89d38435ff7fdcea058447e9f6b638ed0560dd1408a65960401ad0cba8921724dfb8a0ebc12f9f2ad1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d1e546989aea7c0933127681bae98f1

    SHA1

    e9f3354ededc5d19d4a31b40681f9f9920011aab

    SHA256

    b74a6e16978faa0ddf0a16dfa45d5e06ddb7f166235cb746deb8b264fe5f70a8

    SHA512

    4ab7aafdc234ac6dff0846037183d57986af195b501bab8c02156c3fec012071e3023762fb400b14b5aee70b8f6ac1fc854e829ee42a4e14096b4575117cec6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84651676dbf56a77e6290e3a0d083783

    SHA1

    82aeaa5360a4e81ede27d4019524da96aa9314a8

    SHA256

    96b15751b9d5c695bd9995b9e9a537c468ed279ca1c4f8a65809b580c913db46

    SHA512

    c5f986a6c036910519fe551ccfadb02e2448090b57d443d687ac42137483f9efcc44cf0c3818e5f5b061e26c20101e3cef56903773abe3e98c2aab1dbb8c534f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63dd9dffdb03ef0d32709426e40f871f

    SHA1

    65abf27a4390bf18cf86f1a3515334b33ed6c0b3

    SHA256

    a0ba45caa02e38ee5c69fec421adec94b15c02b917e57c148b811635e5547a2a

    SHA512

    d096ec2a9b30ef8ccbd636f82d2f6c183218fe9a6fbe5528cfc3a99b49cbee8455967c8ef73ab663a7ee47b90250db4c13b62bb625368bd1d6e714b05c94c69a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    890792b9f07e781e058914f7a9c8c124

    SHA1

    72932b71a72a9143c3a2ccfaf651f5f25f675c62

    SHA256

    713d654998aa05e1fc23b7f88af9d93b26f7940b702c3b9d5160c9df21b8bc13

    SHA512

    f3d4663c5e21c06dfb1b3deb89c4927a01ce556c414e69d60f6d550e6ef55e5f75074a18850ff82bd9a9ff03c460b50117db73c1bc4fa70600958bbae1c45278

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1cdc9729f7e0848d155eb6bd4f96e38

    SHA1

    5ed77db9a4ba56bca62426dae39fe4217bcbd0f4

    SHA256

    0090a45cf1164cce1abc518b8c1622bc977b9e65c6b29b365b1df478aa5c2ca8

    SHA512

    8c5693a6cd67222e2851cca2b785c081ee7cf430014d0a94039544235e0d539364d8c7d100acd81fc79b251e85d4790b70f0b355b4455ed8f8561e5c565c31b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAA64.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAC8B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit