Overview

overview

10

Static

static

7

d0bd0179f0...06.apk

android-9-x86

10

d0bd0179f0...06.apk

android-10-x64

10

d0bd0179f0...06.apk

android-11-x64

10

arkose_cap...2.html

windows7-x64

1

arkose_cap...2.html

windows10-2004-x64

1

extension_...r.html

windows7-x64

1

extension_...r.html

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mm.js

windows7-x64

1

mm.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    playstore.htm

  • Size

    4KB

  • MD5

    b5761ec7f4412406c8f521379cbfe466

  • SHA1

    621c6720da697ab81116bfdd6bf81d1c8ad5e7a1

  • SHA256

    27b9dbf27f7d81fc3cb84c6b3b2430a14fcf78d82d351d38b92dd18537f0bc26

  • SHA512

    e4115829d744cfe44891eb753c4b2ef042d6d5397e5138899ddcfbf9f5a7ac84f2a47af3ca496e11505ca501b8ccadd51b276adafa42d709525b337049d7ed4d

  • SSDEEP

    48:mB79CNoW1ii1n8BfDaqDUMmckWmk1ZVEsMToZtME1NOar5McIp9AMF3Y:mB79C2WT16DaqAMv5ZxoMMUbMrHBFI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\playstore.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb9402ca0d9020a99ebefb9803109094

    SHA1

    c61227551e383a4d89b9fd1fbb1da572ceb1c690

    SHA256

    08890f87ac9757abd037213093e7435329cb6b24bb7643def5ca107a83560479

    SHA512

    f448e7a53a99e6be5c9e2361b6756b36008a6d79596d102652136ed41396319f7f1746af71dcee2eaee72242020c5f657ebfbcf9664337e2ec941a7abd884ae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97bfc27927e3f6a7d0a15cff4df0026d

    SHA1

    187fd726975a71e3b160c42ebc18f159a61a5b63

    SHA256

    c469d77fc509a73fa4b6d1128e1ac0da61e37cde81a4f5dd6a1784da3dec5684

    SHA512

    df3c59989f9c9ffcca58b1664ee22641cdc08685be33a5d4ad0079ed94ca4b222cff3ef998a20310724afc5aa9d1e131ccd3b7a58df02485ab735d9d36b5176c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f63477bd27ac69e6d9d1bfa29298520

    SHA1

    56fdb7a0d0b29bc84cb7c3cfd39e8e1700312316

    SHA256

    8cf0926745b4d7dda6ef08897f0e90b7a2b5494d1a9927f4124dc4b99553c2d4

    SHA512

    69997a7eea78454d768228b20e6e71a13a325ef519b63c19f8fef848e524786fb3f4e9f8f9feee23c8e2891ca87e51a39c14f3b7cd4246075aaffbfa30866feb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1986b78e9efb7cff5951c5229675ecf8

    SHA1

    ff2f0473e644a978871df3a6ba9f67938ec4a0cd

    SHA256

    ed09bd045e57e6539f7bc6d00da3e050c3ba98537320a6762a3749e77558f9a2

    SHA512

    f6a9fcbda1708c3a3eed63249b21232c82c06fa99fbb45daf31ae3b7fee409764dd8273b901e231468c52bf1f1d890a11547f4add8de665521de39d4026bdd99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    014a7d1f7f5f3987b771292a0dd5aabd

    SHA1

    215251d210c2613ba1fc46d315b555c0875eb4ec

    SHA256

    c08049fb2b88b490ef8b6905a2300f65cc6eb470fb843057da626815d3982afd

    SHA512

    dbf24a4855ce7f3fb7d7424f48f8b3c03a8a98d29d52c6f54530a2f0da528e5c505321db0614dba161e86d265339297ac0bde399ef2ac5fc3d751ae7d4f790a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b564bbac0382dbaf93bec9a13751c83d

    SHA1

    2ec9327cddda19ceffb734c0137517856f6dc406

    SHA256

    ca6911e303cab7df056f95e4cb02fe8e8caf506f970dca0ef23930b257164d6b

    SHA512

    6ceb93b71f08abaaef6d9ecbe328f77604be7986cd0fcbdc214a2c6b8eb437ddac9bed5b9784e95a1bb835bd4561785e5aced04145ebd977fb8d9d0b525b6ca5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af448836676d63860fad4e86e4f79363

    SHA1

    56e0f8fb811618821986ec2d4aff5130576188bd

    SHA256

    e9d0ec3c2854ae4ddfb3f7ab53142f9557e94179ab4717fe2d320b7add944999

    SHA512

    656d4fd28a378894483ce332bd649239df413dbacc8225fe09bca8e80bb6fe7e73f652266352b709100a2c9930a6bd216ca09b5d75fb41333ebbb215f72c0038

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b2c06b1de00f82fda92f35922b3d85b

    SHA1

    77cc8120b9579a3e686cc321607d37471b479834

    SHA256

    cde9ac179e2d5a23c22bd04efb84ee3b908cb5c0ce916bb03e64583804ba96c0

    SHA512

    e825e92b8ed40251f14168eb9ebdad96ba7735e3744485afbe51678cc9be90904fd3c2b11a9dd235ffdd0629e19a509fdf2fcac4e5f11f1607a8248f366e79a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61b346de8f6c991014c1c7e47207951f

    SHA1

    66649b097255853a6d4389ca332977bc78920a00

    SHA256

    7fb79f713b5e457bbca8e4d2b466c9b387641cc8caaf29c769703d8d8ff8a3c3

    SHA512

    fb4902045c08256f84266e40de9f298a45cd0c0122762ac87d0d26bd9ccbfa024d500f653cca8735f2d30b906f6836b02f0fb018b2e0bb51f826aabd5c97b82c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4a6b637034459e31054f6f8ab3c9da7

    SHA1

    fad3e9db792e3fda477794a3ba39f45f598dd871

    SHA256

    498386c280dea2d2d13affad9854a9c5f66aebb78b792cb834b6a9cdd2c63d0c

    SHA512

    6140a58eeb2c8b3133d602f7d1a738547fb850cdc59081ccf6cb2458a07c8bea233cb4825fa9c9b904d1163796e6c783fd3ab859327ab1bb3ac5d0c71d62f892

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d49cb55ef4a2e0a03474d7a29125fbd

    SHA1

    8e7ada7fd8ea9584dccb7de499b267c340763a36

    SHA256

    935db70f745b87cb30cc97bddc99b6dc1de26d002971d080e5c4265cb31b2ff9

    SHA512

    2916d6d865ecbbf7b2a14346cee2bcc8946c4f4410adbeaad282a1bd58eb075d6dea9ab1540c9ed40a557fdab47692389b64772f3198a821185d4d1e7fff37dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f99504f5be85f74d495e7e2239773e91

    SHA1

    fc06accbe75a22a994756d0852793b8b0b583084

    SHA256

    41c3cbffc94ae23a95e7015baf56c6d17c35e03d84d019432cf996b70331a406

    SHA512

    ce140aa39d88c5439685af6f65781f4944298f88640281f998c3691e44619feb97d8a4c7885626ba78443825f68d836e206486a83832407f7d3c6bbfa59c4eec

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAA27.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarABB4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit