Overview

overview

7

Static

static

7

𝐯‌‌...at.apk

android-9-x86

𝐯‌‌...at.apk

android-10-x64

𝐯‌‌...at.apk

android-11-x64

𝐯‌‌/app.js

windows7-x64

1

𝐯‌‌/app.js

windows10-2004-x64

1

𝐯‌‌...min.js

windows7-x64

1

𝐯‌‌...min.js

windows10-2004-x64

1

𝐯‌‌...min.js

windows7-x64

1

𝐯‌‌...min.js

windows10-2004-x64

1

𝐯‌‌/kos.html

windows7-x64

1

𝐯‌‌/kos.html

windows10-2004-x64

1

𝐯‌‌...ger.js

windows7-x64

1

𝐯‌‌...ger.js

windows10-2004-x64

1

𝐯‌‌...ger.js

windows7-x64

1

𝐯‌‌...ger.js

windows10-2004-x64

1

payment/cs...eb.ps1

windows7-x64

1

payment/cs...eb.ps1

windows10-2004-x64

1

payment/cs...b.html

windows7-x64

1

payment/cs...b.html

windows10-2004-x64

1

payment/cs...d.html

windows7-x64

1

payment/cs...d.html

windows10-2004-x64

1

payment/cs...t.html

windows7-x64

1

payment/cs...t.html

windows10-2004-x64

1

payment/cs...m.html

windows7-x64

1

payment/cs...m.html

windows10-2004-x64

1

payment/cs...t.html

windows7-x64

1

payment/cs...t.html

windows10-2004-x64

1

payment/im...er.xml

windows7-x64

1

payment/im...er.xml

windows10-2004-x64

3

payment/im...go.xml

windows7-x64

1

payment/im...go.xml

windows10-2004-x64

3

payment/index.js

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    11-08-2023 01:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    payment/css/fonts/woff2/IRANSansWeb_UltraLight.html

  • Size

    29KB

  • MD5

    5010d0152420ca7bd3acb1a9d668a57e

  • SHA1

    b26fd95d7cf4f167223fef4040790db48e35d0ca

  • SHA256

    2058fda079f21b54c31022c6f88179cfb8fa290f95f1ffcc84233dfeb75e099f

  • SHA512

    4c53f258a9f4b2924ee39787f6d3becf1005b845a3e4b0d9d6dfc7fa929e1140de9ecd671c1f3c97a2ff452af44d09e056da41f089f7ae879aca6a1a77efca90

  • SSDEEP

    768:MsVzCeaniXSg0HRfBX6eqTkoU7L4aoewLStVRrF+xgfIJs14bfp/O9:MczCeanSSRRfBXR7L46wCj5gGIrjpm9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\payment\css\fonts\woff2\IRANSansWeb_UltraLight.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e1b51107a4efef58d19aa22fbf3b559

    SHA1

    2d47ae32bfe6ea2a64ad848b7eae9fd7f0968865

    SHA256

    5e6ed465ed71f21eb6fd54bcdc77ce96b4149ef2f6dd56414ee8c5473a348688

    SHA512

    9a4a1ea97eef839159b574dd5de077d6b73f6f3b556bcfa7c5a7d815c41aba38ca82f9a88c5afd89e96858ac5ccc88d9e164e9b5773e92e008d5b58bf43f0fee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    877e210d224909ce3d3a6b7bb904cd0a

    SHA1

    d2072cd7984a8074a042ab41e9ab7e760ac3766d

    SHA256

    25bb348ed49ef804b0bd1efd9c21a89bbde54d48da08c40f53d9c83f9b58fa1f

    SHA512

    af8269f3fb8b7a7ffd6d1cbed7249b57a8899c25144a1bf3fa9ea2be20f94d29d9c85fe540b2126bba254515c8f5e7077610a60ec490e8b417c71b907a72fe46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f024ed7daa5680608dad700bb8c2d0f8

    SHA1

    a7693ce8fb9b7e1b5835ba1a0b96c1fbbd93b80a

    SHA256

    c7b2f8d0e77904821c64dbf921832813aecbe89a1bc2f5b3ae88f7e40690b274

    SHA512

    49ecb8e7b8eb6aac5a1e5f94ed61b13a3ca62670e4e578069ce398fe8aeac8250f6f8fe1f28547c0fc6e218f1d7b1a265a50d2a7cacf9ec7e614e2538e5d31e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8de1b10ead8bfbef5b8c63fc0398420

    SHA1

    a0bcb6b49feb1311019f8e62eefb4528fc72ee85

    SHA256

    13fdd8c5376bd2e0197820f623b13cbb59dd7d81275444d619006bef72ecb3a6

    SHA512

    468205dd502f89c3fe758ad6d74482a62d59ffd7f284f12a5c88b817049c05e5bd3bc7fa03dc82df3244f617226bb2329b8e3cd701b9b91d3e09c010ded0ebba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    580bb7dd9afcb790e12851e4b68dbf02

    SHA1

    420a26057b05c808cad03661691e79d8f0bdb7e3

    SHA256

    785d8df2c6aa97bd7f31e9bdf400bad230ae44fa6654694bb6ba783d849c2a3e

    SHA512

    e859c25553ce20f131bdf1bd93aad46194f75a25f64265405496f6f1257ba3514d94c63642922f38460f720fb95209670c2b0964b3f8390d753530b0cea2a759

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4f7d776ed1ca2aa6a66781cd4ab09ba

    SHA1

    8f4608e55728a1bbe5c78126601c4fed981c4b84

    SHA256

    71c1edb52e5aafb29d4db80b47208dfa41529ebfa3c2d6cf5ef7756c407c5ea9

    SHA512

    dbcb7a7eaf35e007d4e097ad9817ce50db0324ace69d19a14d1493ffd155a6214cf267596dae603262a4b773f041064cecf2278da3114943678e7309d42b365a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f04899c3fa5cf0e709e818fec271aae5

    SHA1

    2c0a0b2b21f90553ded32d4f43026711f71b70a5

    SHA256

    af8398161f380d2f61814b691bd93ee6b52269c7fcf27339c2c2c2c32fb21e1b

    SHA512

    841182dbebe0649893a38a7cec52203da554df6c37f7e3175c7b793f3fae77601c9f63bcbd62f12d80bf8abd4a145b30afd7e7eb739a6b13d5ac1fe3d8737848

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7540254f3d77d571f9785cb67c1f8faf

    SHA1

    24a98c3dcdd3835240dc06cefcc8ca07d9443d8c

    SHA256

    48a8adf54beb92cd9dabd369ffddf2ddd6b721b870d3bd5173c75c0e7ab2b1ac

    SHA512

    4aeb5bd747f9066fad048465977e9abc2b4241804fb241aa01c3570c9da347614392b46fc4bbe57e5390b38e834b59ae842d3e80925e56f961d972d8b4663513

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    027121e150314ab9777bd08e7b9c2251

    SHA1

    30a9d05176557e55458ac0aff52586e127b854a2

    SHA256

    d9c631bd47b48dfc06ca52145390f3ee135bd44fd5b5555d77729fcc99e6ada4

    SHA512

    a42e2049324c946d9aea9b772f8fd21e24092381dc4e872eb35ef5507a163af6bfd996cd4d9d0bb82d5a33a3df4378008ec82c6438565e14c0e236bd085013ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    875048f05735d8cbe7e6b37fedc007a8

    SHA1

    e4697693fd25f2561d5397761bcfa522d4d63a4f

    SHA256

    dcbc8464b26291dcbbfae248189cd30eb37e2f7f3bf715e1a263084333b2510f

    SHA512

    f5084c9c2920df4e76cfd4b2f7cf4377b83f9ed16765aeb8066241abeeb0b2839d788ffb5d58661ec995af636925cc687be7253e57f34a298a9075c13663a450

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c6e63ea6d8beb1440b80d5c8f7eb169

    SHA1

    7e1df2aa0846f61ecc59ee49db19e7aa02fd145f

    SHA256

    d2b518ad809749bd8f17cf66353f15d9a1c7d7296a33b049117d9abc7bc763bd

    SHA512

    b6ebc4782c117ab1cb679cbe09687adbf2a9add713707c6e217194654860a0832ea842476b14a9f57ed1076a80d7ef6d1890cfa864d7314fea1144025636bf18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1aa9db8048d4d829298da1a8ab8c0bd

    SHA1

    736fd8aec5fe194a620e38175e02fea04dcc3c8e

    SHA256

    aef225c02f697e3b82e46e065ab122c20700b2495811d6217da28bf7bfb3e99d

    SHA512

    599bd7841b2593aaca88b32ec2472b19f062567c2853e29f4abe451ba28e688d8b0ce9adb8084b7dedd0b2b7725df2461d6e0c8674e32336eeaf0269bdc6515b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2ea143ec7e12a32c79beaf19f286b69

    SHA1

    3c7ff82e8871d303033207740d0cf9b7ed7690d4

    SHA256

    bfca80733c89b67f5834ea1f3caf6e37bc59f657b5366099a8ecb1c07593e7ff

    SHA512

    f2c4d9537801a9b5a3adb9c88706b1586a4a16423761f4f076d84d490dd57282077c7519747cbf55b9bb53125d358acdd88b809a6f69dbc896ef6dd236d18348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea50cd78d43a1b4c448bfa329de431ad

    SHA1

    24514ed7f9d141516889619965a7c3b1ac022120

    SHA256

    601a86e46d31dc14fe5f4eeec2a2c111fe17ce06a1f433a47d49d2e24316950c

    SHA512

    db38c12cdbd41aee6fb4e07c4aa03477fbac51af7b0dfa3ddfd8500851abc9f5897466a24f5a27e3e0f7b96104ca1412643623b6024230ada29f7ecafb01fe75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24bc79c939666a1c540619290b6761b1

    SHA1

    ba21927e73a50a28d4180c63b2679e18eda08f15

    SHA256

    9dcbd4b7c0c85c41e7e65d55cc591e8c9bce514f94f3f92f64b0f172d4194042

    SHA512

    60dfe07f0feded522ab24fc09ac599a80f977b582955e9c976f9e5a3b5690b0b5a8b5e408013bca8a0236a2fb451f6cf33738368f3f9fee1046f4e358d69ca11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d208b5e31b0cd13e77715b369f8aafdf

    SHA1

    6d11cc38a048bd18571c5348ecf9fca22b39b046

    SHA256

    a180851a297a2d1548f9552b3a34fcd8eff440810ee596bddc3afe96cee454ba

    SHA512

    24978316e1476b8f850774def339c7c4a3d3398dc22e1fb81ed07ed3c3fca2b147684860f3faf7fc2eb20538198dc563018f92c5cc25a5e12926adf58a03c994

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab49f4f7d44288cd3a7f74795b2708ba

    SHA1

    8010500910fa5fe34fc38b1a5fc75418b9ddcbc9

    SHA256

    e3578be36c5f479b3b4f0bbe0dba0797060861546ac052444ddc7eb6fafe81c4

    SHA512

    7950a489a3e02103960bbc2c54b860220e35229187afe12cd4ca6dd143d73413c6b6cefc856023eea230bff44a6af431b234f7af76f9150d37d80b4a0c55853c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b823b265bdfa617fb0d7ba908df26e55

    SHA1

    5539c2c322bd32ba9d0a9f5332e312dc86d57b85

    SHA256

    ec7fc3db0527078cb34fc7a83d8b5894ab09155366abacc1894afae5b194f425

    SHA512

    4a81a06353f3af8de7fa1fc28be739806bc1804f2a3fe3f96a024e46bda28c58008972706850bf19973ba875f9bb7d02defe03c1dfb68f962cfc5a986b4897a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2821fdfc933dee616087f58822421002

    SHA1

    249a6c9bddb1b209c8b3e9d28b2883b3758bd859

    SHA256

    94cca6aee9984ba05d6fd2736b08d62ef4c85e286260856bf3d73e9211272230

    SHA512

    23104118cc478e7ac193e6a8679283cb6de24ae34a2b71dc25cfe2070b28f290fca380f59a62d32566f0ab5551d0459ec9e80bf45051aca6a77be8af1f3f011d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8602c565172a17d94936b4917ff9e162

    SHA1

    c20a1a9c1bdf492a11a3782d1eb300342385a615

    SHA256

    bcc1e7a4ce3618560aa8f42558b838537dcb41f860c2b4baa0c0a51e7171923c

    SHA512

    043f8f61273f053dc6c824a8f8c4b84364da9bd0eacf769545d35354e4c76618ee204d5fc8bb3ebd8007d7ca833576a36a041b7f4c2960ee427e656d8468f26d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5403fa6eba7b862e88ce6785e0b6178

    SHA1

    93acea25019ad91732ab5f95608d0826a973ab2c

    SHA256

    cf31d5fdc3ba14d2d33e008ae5cc40a494e4b623b8cd8d6d7ac3232d8f121fbf

    SHA512

    3d218e25c1dde3e3b4c823e2e163e01b266eb60ef6d8971c9186a99ade99e112b0158b5c39f831a208464e688188500f86795ce7b626292e4e307c778f8969c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab985A.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar99A7.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit