Overview

overview

10

Static

static

7

7b0469e1a8...JC.apk

android-9-x86

10

7b0469e1a8...JC.apk

android-10-x64

1

7b0469e1a8...JC.apk

android-11-x64

1

about.html

windows7-x64

1

about.html

windows10-2004-x64

1

gpl_v3.html

windows7-x64

1

gpl_v3.html

windows10-2004-x64

1

thirdparty.html

windows7-x64

1

thirdparty.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21-08-2023 19:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gpl_v3.html

  • Size

    36KB

  • MD5

    5e6a4e987f6830bbb0a4dfb00b5aeee4

  • SHA1

    ff092037fbdf312debad44d9ac13ffffeb980de3

  • SHA256

    7787fa0bedeb762598d6789c54d2f25b56b2378627ed2b2839b46c634f5a3e41

  • SHA512

    a5b8dd63a1197128a1afd2a7f50acd41f8a169d2ec1064487f3a8a392c005757c049669b8637abc85562d7b00b6f74868debef0fba6c37c7c5a5a646a4a381bc

  • SSDEEP

    768:WfRBRnIcAfDTckZDHhriIy3m0WCrseBLD7p:AR4cAJZDs209rV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\gpl_v3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2600 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    adff2631973070427d8e2d6a63ea7721

    SHA1

    8c0f2a85761afc220846d92bb15a0ca4c8f0a3f0

    SHA256

    00b3c05945941efaf5a4da9e2f4b08515202bd7eff43572db50bdf7542b6acdf

    SHA512

    c8d76e94b96dd27c6e099d8c06374db012db3a739c05a55f9192c036282dc511c2b6df318ec6caeb471ce1deaea0c3d1f2a91c48912059fce7f37f857c0f0795

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34a8a823c8f09b6e03b8e623ff883175

    SHA1

    2e01ffb89bc2b35e71813c7cc264d9c63daa3016

    SHA256

    0d2c1197e0543ed493e434f122d55b1f4aefe820f1c0c36ae1b74c848b50db06

    SHA512

    805637993fec9bf82c74cbe4a10a55dbc025068f653110fec87856618f4edba90f66ec897b9d939da3ae402520cc49fdd60247b3180c05747957b1daff947096

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f6f9af40a4ea9223143c910641c66cc

    SHA1

    cb60243e3e6b79f463951fe89bc78c81c21212c5

    SHA256

    d4ba448d5f3c3377ec4e4a98694954c440d2a63c29ad5b6514058306d4fd98e7

    SHA512

    1fe926e3306df01c28831ebac95beba8c764b87540d903f5aa2357b7323e7c4408c94e0599bc9c54ba048874dcc8acec9279b72895c7676a0aface71d2903daa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e931f4737bfb08687081e47f2084da5a

    SHA1

    a77d59a049c1cc506a0b96ebbad89af2b0711277

    SHA256

    ebb12ee492d2689f391ec442f1846dda9f6285f99cc8a7c754164661bcc1fed4

    SHA512

    1051640186004b8e4666c9597a91287c39e3f357853bcc1bb5c5a7f3b4b06c7b004724f12e07d91c65044a6f1251a6c5baac3ee12cc761c206ce5068ee5090ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d70833e07beb7e2ff0e143912da17545

    SHA1

    353b7aaf48d1d2d612ba270575ca544e71bab1d9

    SHA256

    c8eda6cff4c92aaf5b96bf13266755868164201223428f0eb1688d33d5278294

    SHA512

    cc66f77c5978d2a4b377f7630c4db4004dcde06be8f53ac0dacb4c075b34bd585c5f09e7a2eb73b04faf6845a0010eb497da865080c9f6a7acab54f687d8f8c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b42ad6f9ae2c653d8c925e452f527d2

    SHA1

    12dd05b351b523cf44cd77445cbec85deb189b47

    SHA256

    7ad65d4f9db9233973d71583923b507e32224d677b9f5a1d9cf26c0768f575c8

    SHA512

    eb494edcd612f0a7ae966a2e13cd5cbe1eb9b291b99398421880330566c0ac0538f484d6e323606fdeb7a36c0bd8bf90c4fd80c3309c6a7b1fdeb40c9f03e0fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f54eb51750c6d7d58d738f49f7f64ba2

    SHA1

    86840c5f7c949063a75acac320a76650ecc232f3

    SHA256

    c5ea2e75dc72677c63fa8e7195a8c9d1da16196ed09d38d13cd58be385d91059

    SHA512

    98fcbc880404bd86491bef2585e603880dd686440e87b8a130d8cab17954463f08b5ad7242fdb71a215cd83c39d30a48b351b10e658812dd1a5928b16b4023fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3be38016b178f69a229e5d4545517974

    SHA1

    d7536f9f3c956f52a7639c355475e7cb8086a001

    SHA256

    3b536b5256a7f16366dbecc7d8f4a7f30146fd33e5bcb8d07ca1cbd16cc35c07

    SHA512

    bb2916639019f895d363c75c1777540a61e9c2012d6f928581bf90c97969468eddfe7f0d3b680124162aae204df1947208ff8bbca10b9cfab1d425f9bf566b27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    357c1e5bae31269172677bbf6488f825

    SHA1

    c4cb0417d4465e48f9960dba0924089cef938b3e

    SHA256

    209ad67c3877a9ad05d8c67ead30038a3a0c0059ede424798bc1683ab6967b66

    SHA512

    ca0f69fb06c3093a420af5d8a4bf0c33f0e8215ab65fb2ddf94cae7d1a2520ec824306717a10bdbafad47bd90c5131e8e579833fd0f30a41bb8c5144511b7229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d462cf2deae30807d9757256affdf8c4

    SHA1

    729c145d2b25f08fdae86cad857c5978497a1a23

    SHA256

    e131feb60636680ff39b24009c8e2096c584f69f8f1693aae8336280b11aaa18

    SHA512

    5b44c115500794f914f33220bb28088eb7dabe47862e6850453defd7bf31f3c5111a0360586c7e013953de16e54a08a5862f0f52afdd23a62d53dd13d901a80d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd6c80e1ea79b3cc211e27909303e7b1

    SHA1

    0b5955b6867a695ca511efa4f55cd9d2474e7f3f

    SHA256

    1e98d190ccb86d85dcb4c5cb86c3b60cc6d4f6bd754a335b0c6e62e3affdca13

    SHA512

    26f64c1467a26dba385072eef9e52b3f5b19429b82be500c286fde0765c27cbaacf1ebe10434f69296695921c48637afa55e605ce698b62c650facf94664a931

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af4c2667628ecf8574d7ada06991062b

    SHA1

    81643c93d80b81648a1b5ce669bc4f7f667aa1fe

    SHA256

    4abfdbf8ac17dd2db28656cda23bc33a8d677080fa99f93c03388a1c5d8f2ec1

    SHA512

    825492e221300094a1dbb9e321dabf65887d517e8b3061ac4dd4be9b8b05987698e344022630d1085791f72f2629b48b462f9e566180d40c3f931b06f6caa672

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fb8d5f75d984c8a6da14593f28d022e

    SHA1

    4c7cd44811c642efd61223434d72d0646259b383

    SHA256

    30fff16249718e5d7460015187371cf75c3bd27b69259220f967f87c1a398a74

    SHA512

    f41d11b1ef8667773afe0eb64058b33f2efa875ead2fbb0400f57348210b401d7a3699bac51995177e5099c4d5dc338945806906e3b8e1b6d4e08a977f23295c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab96D6.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9756.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit