Overview

overview

10

Static

static

7

d7decbee41...6c.apk

android-9-x86

10

d7decbee41...6c.apk

android-10-x64

10

d7decbee41...6c.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c5377c0babf34d7b444c17af1658ac8

    SHA1

    33b836db39e41ed088c2d6a5c030369a3c4fb32f

    SHA256

    183bb23cb0ba6f953bc073351de74b2b065207ab65902932a808a72c6391d9c2

    SHA512

    a6af1c79d6d318dfdbdbe9bba4957ebe2a3a2798eb962ede0493336030204cf94ff5a1bcff3c2cd1e343903de51551c25cbd01dd9015d37d6ad57772042ccf9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    405b9d33a44887827851b4aeb63971dd

    SHA1

    3d28f02134db3e7b47e5a9c736dea9f22092a74c

    SHA256

    721da0a3a4ecb109a502ab7f79da03c7f9e6b101f8f6df24343476cdfcc0cab6

    SHA512

    e070c96abe6b90887644dd7f01fcdcb7d0a0c358f151deb3abb95c812395552ffed927c206c5d612cc0925d4bb4cc46f98fe4959add94fae6c25635e4c14ae71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6002a9d98e63e055a85e31b1628d9ec6

    SHA1

    17083d6ead4a8f53b5172f9641fc4ec5cf9c35fb

    SHA256

    42e4e49d790fb90a8b9fd28e432be882de9189c311a61181d4a9f0f0d48ef759

    SHA512

    a5f4d614641554764a6125d78e39c226cb4db58b29d0522b6f5d433653c3380a3af8f52da48cc354cc5503b51608aa3c1bae2e0874f6eb8a8e9ed20e8a450775

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d469ee58cfaa1ee340b20beda40e08e5

    SHA1

    dc3f93130ddb3fe38bad5ce3eea1ca5e675c7570

    SHA256

    46030518fba4f9aff7349d61e14c6da88b594f69263318157da4ccf4b9de97ec

    SHA512

    230b2b2167d0e4c33120ce4a5b0039892f394eeac07eeaca74a7e5104b56e5c2ce5300f0b8673facd797e19c256529f43e50d4f26dbf8b8522594365d1274367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5af1353483a19c3b6d4b78d74ca867f

    SHA1

    cc955a5b85f4ec43878fabdab0f9087e3600faab

    SHA256

    d5ae19c08e6e2cb3334b94c715cd6982d641430e1415dcc11d29aaacddbbd0e5

    SHA512

    2516059f759df4140d4bae290e597b50e67e4863712fac073f306241f3366f4be82c88e39925501bac0f116f959fb88af8193513ac4a693f79f05c7fbb40dcbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    910b25cad7fe55e1ca7018b7d559dda1

    SHA1

    ff10f8a2d98ed725e0f910c848b42348c725179a

    SHA256

    963a50f6795ac20a431a1e133cb756c9223896775f39f13d85938cdc7a2a817e

    SHA512

    0ed987e078c8cd8885298ef264741b433e602f4943708a0ba98a448b6a5f57ba10e48f50a47c9d51894da88d4c5ec0dd0715900a2d99c7fec7228a693d9bb1cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be3d1a925528badde84d048b1cd74e9a

    SHA1

    ede65260900134642cfa06f0193cc392497b21d3

    SHA256

    c9d7619babf4b28caf70aceb73175540f9b2798c90e4b32fd686e3bdea11bab6

    SHA512

    ef0c56c7ea6309e188adb45fbcea668511feb88ad486b21e11ed91d9bfcd78744b925f171fc413ec7692512cb40b05add3496cbd82d702f8f72d1d68eb22470a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2994a8fda10bac4eeb84138832181eb9

    SHA1

    ffdf634b2a170a075c4b42ef7be70b6dca65c522

    SHA256

    e0635723f44701db0f8e519f1f23a822225cb146163e93d7a5d2b332ce3863f2

    SHA512

    b2d2adc1265c24f3da157fb47da6d91e2c6866d4b36c64394c2c8208ccb91996bbef1737dc7ce01500fd1d3c4822a88cdbb89e698bf7cf6a00c883c6a71414e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41ef9af1cfc44b473b36fae2731b8ac0

    SHA1

    3083090939f6c487c8ebb9ac8cb2be4c9979394e

    SHA256

    cfe13cc52afc132bf7a3337d3c2fbb071cdc5a2c70945786b0bd47b4c0d56467

    SHA512

    c6e25aba607516c0c8195487d73866ce114fd45c71a3ed3c32a3303db72c465c3061fbc99370f6b8a8fc5f881bbb7b8128b9169990b8c6db43a972e7eaa6a4e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e144c2d319e19286301a3ee1d91ff18d

    SHA1

    d0fe52f3b11012b7780726c5a7642714cb7221f9

    SHA256

    9b1a9141db9cd817e9c54e31677d48cb65309f4dfcbb4baf3cb064288878e7fa

    SHA512

    4ff9fb6069bac76193dddbcaf8ea6129779d3a68dd69e71cede389ab0a6034bc770fe0880b31583822ddc03bcfb085de30c70c551cd63756a3c1f4d132154af4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcaaafd02b654de068e456575632a29e

    SHA1

    3c99e8c64594b037b5852e6650b0fe8c587bd2c4

    SHA256

    aec9891a98007edf91c40ffac2e3499c7e12e499009c5674daf3f9f6b78012dd

    SHA512

    d6fab3223ec4331cfc55c7ed61c68b9aa988f9f06c60cfc535c6a2234777850d840eba3291e089029ec0b90859de47c1afc43bc548c8ead8f7338f0d8bb88e9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ede722fc597a23b3b703414021639531

    SHA1

    7b6d5f76225179605318e71fee1681cca45ae13d

    SHA256

    9b51913e504476c65d9b57f646de8d07cfdba3e8338c286d3f60943fb093c0b3

    SHA512

    d73eca6ae4962ecbbcf95ec3aa565c27c46ea43507a4afc2196ecfd2a70af3a8120fae4422e4dbecf88b8bcc841f4fa866b5401397cb4be05073c37fd895bc30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b297a7075377ca5b1382490c6a83481

    SHA1

    253f077b57157caadaee644d1682eb324d6980d1

    SHA256

    a50255b469aeb3cebe300b11f1ee607e3c64034706cd33c5ae21cdbe131a8b84

    SHA512

    2ad8941bd3564047954953d4e76070b45bb305b0e0a4c964d16f1237b176f6a8f0db9c56ad14e1474211700967b76787a4819059a5b97f0fbe4565610ed9b50d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d39b4ffa0393d2eaccefe4c3bb449407

    SHA1

    1967a3953c53ec9538960c40bb276dfc08cdd4d6

    SHA256

    2452afa311da7f0e48d815cfef0d17dca453b601715a1246e9f4261cf772a0b7

    SHA512

    41f37bb10114778810b872a28a6eb79ab1e573b60bdfb26adf2153277f5cc89d75b1aac5e33a51a340b7422f2f1e4d9a1c8c610afc850ad64d8ed9b788862aab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c71b6a2af540348a29e776547cf67922

    SHA1

    d8b5687e37c974b552722f4231c6d3d058969891

    SHA256

    2e4ba1ded99eeb7e72be42d858875e246352a40c0997a463bde31af02d78f562

    SHA512

    5f8566d475a9fdaff0cb17ee8f0897ab90a081dc2125b8fe2877ca4a92d9670302e29e1c79abd8973f94a1eaf203ab3bdc9496248baafed58fb1957e092b49a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    951431929cd287507d5a86c29b413a9c

    SHA1

    f8e8421c7229ecf6fbe971a3c5ba761c2adff433

    SHA256

    6489e14478fab9ee4bbc36a5f3f3553691eb48c0b6ba898338d8e23469f6cef5

    SHA512

    73ee1650a0af807272eb871453f9e3fed7b8a0d2dbca9fb9d33cc4595694998e314f411eb8ed20900ca5e8d066e15874b8ea970cb42aeaa553ed1c89e9d2689b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75c45b6fd6468926a0fd1ea0e5380706

    SHA1

    a5b0dcf50b17bc0b3556f09e2accccbd96639a9f

    SHA256

    1214264d87d2afc36dabcaf96cd4acbb2a9a14fb0226241ea6992c850e2ffca7

    SHA512

    5743a1d0543ff7933aee8087333b3060175fa19f0bd851c28561dd623e1d33b274a53eb4b95ecc8a1de585b5fc1e95b1f853ba3325412deb2d701e59d220603a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9051289d9d2dcabd07a7460d8ea68283

    SHA1

    e9397a38ccdf22609a53dc220a8eb8afc60e1d3f

    SHA256

    6e51da661963a644c1a75d1be156da7a9b1c846e70ce31e2250c58bb8fde5ebf

    SHA512

    1bb15895e6b5983c4d67fdcd1f98206522f90bc1356b45f4305d7693c0c0a937d7513ad0a1bfaa3921eefff7de1ca9eee4deba2be7659b0a05d3b682a09ae711

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6f150a4504b5d571cf605d72a17db65

    SHA1

    5a862996c1d31f4799372cd173507c922296699f

    SHA256

    0b241871a251478e9741edbfc59a0c253fa1228493a82dfffefc33436f2d6848

    SHA512

    018bda6040486c48877020cbc3409310da7ef323095a68d8a5adf24a63ea13327fc1462c1118a74c64a0f30607588bb17260bf961e252f3ec8999a995aa5bb6c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab89DB.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D0D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit