Overview

overview

10

Static

static

7

d0bd0179f0...06.apk

android-9-x86

10

d0bd0179f0...06.apk

android-10-x64

10

d0bd0179f0...06.apk

android-11-x64

10

arkose_cap...2.html

windows7-x64

1

arkose_cap...2.html

windows10-2004-x64

1

extension_...r.html

windows7-x64

1

extension_...r.html

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mm.js

windows7-x64

1

mm.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_datenschutzerklaerung.htm

  • Size

    3KB

  • MD5

    41cb1edf3388232ed16c7827671b6437

  • SHA1

    0f48049463f07cbd9da8a8c32431e3cd398dec2f

  • SHA256

    d4e95c717f4af725ace14cdcf249171f842186b56c365c9897c5f273ad41af57

  • SHA512

    0c649466d7af3ea3c3985b94f44b5d689fab96226c7667fe798727faabe798edb92cbf8abcc67ec559377da7250c19fc15a116d09e3521c0445d2ee66585fd63

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_datenschutzerklaerung.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2260

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21491aabd6b060733b06302ef735df88

    SHA1

    4ce5310d1fb5cbac296752f69584da6b51ade938

    SHA256

    7ba1ffd37ee00265d7296b1e3344920e964f3f6de5034e9bcf6ae43814ef4834

    SHA512

    869be1daadc89989c1b294f3b0e434c9a54c47da62c9f9e0eb75c68fa229ce516d7bdd3425d0a45b5e2b8ea70e37186d5e9f62fb3460a64a1544b89e8f06cfa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ca245fda136e4cf1eb4e5b48a5ae0f7

    SHA1

    1cdbdca80f098e806d4bffbb8a5ec7805334f44c

    SHA256

    a786b8f9650628b069defc3e6884b2b43fdc3da2d19ba66df0db723416a2f7ec

    SHA512

    89bbf17630c8fdab5e0da352f7067ec85ebe3a1717b3766eec3f18d2419e80ab3d5641320e9ab26ec9e77a04838206ae1258160556e2afcbc7f8d64b1ca2d4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa396e76fe4d4ed352704afb81d19711

    SHA1

    4f1b4606d06e886cdda57dd0db8adc44a3d963c9

    SHA256

    66e2f2bdbc9af4fe10f3fc2236e73b4e5103a2c13f9c45e29fa19f55a0b793fc

    SHA512

    e9ba2ff7e798071bd16ef764cbeb7d983ed6897e98eee48caa020f636ff182f53b8210e809ffba45301c0b897e48fd76f4eaf0deba90545b64c0a8b71967e39c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7aafd3a45de62d82fff7e0a56e564e6f

    SHA1

    a1825deb8cbf5de429e66228312a4976352a378f

    SHA256

    a6cfdbec493bc29ecf4c62e12115e1c0e9959efd6848a10110867ab89dc10b08

    SHA512

    f6bc55e5a13921d4bafda0f0cc150115226b0f41a619c0fc747b92a693a6e964f488c8c01e045db28f8c28a32b2ff593ec737d8026f4e9e19a0c94e9820121a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01fdb1f357e9b046d3214cddf0609426

    SHA1

    550d7cbc4f535c1405223d53b39ef17b1a0674a9

    SHA256

    73d76c65f54d0f9651d075bff0497801009537c0659eadb15b71e72b1b02f4df

    SHA512

    53298f59f4ba2a91d8cb3326027a018a786fad18727c64b26c345a7f85982c7da49bc1a1941d1c4e131b363bc671ba8a898f33fac4bb52fac663aa4ec393f669

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f247a7b455fece0c500c6ddcb0c7ea8

    SHA1

    4d2cd7ddd2629635daed09fae59cc75b3e5a54c4

    SHA256

    2dc1f3c0b670c71469171a26f7289c86af9e76fc0854b320330df63093e5f979

    SHA512

    f9dd6b0277361dd4e3c093359f2c064e66c202beb095158ed2dee2613a83cefe10f58b67182eeaf4252e26f6d88a445c2d71439109802b7feefc8e5073857ed2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5805b437a6b3219d64f92f3d2a6edd98

    SHA1

    8f604af712751535ebd2e3f7f3049acadff9316d

    SHA256

    81a796e53e15e7bee207191ec549c40fb7bfe35153b23203474246273eb63499

    SHA512

    8909eb9f1722eceb1f4e33e8bdec82da90636a5d06484f92d7ce49a3275bfd2fb0c5cb216a1052c167221800697eab63702a273a9774403ddaa92e6ddf69e397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d37242fd4173dd03ea21caa20610c6d

    SHA1

    30de7ea2bd1f57330b71af4dd5bec20aa51701e9

    SHA256

    65a08a408a50b97ccd2089d26d72052cf3067e7f47e3e1c3abb0122cfcfebf42

    SHA512

    9cf428c3e4977c87877463b979d9824a57144d07b54345beea09fa6c779fae952510120f85e1b4b58a20b920d8bdc0724960bd8dc4b43a0e124a8052dcd57c33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e9ad5aa60a06c34bdf6fff9453888f4

    SHA1

    df90d3f83cf4f0fdd4c6b5440f3d4ef78c7724da

    SHA256

    6b8c0f78cae79f1ac7b6b7ec505c8b8aa802f64a9da0d421185bb43541827b24

    SHA512

    51741b6605d1bb27c2ce9dd7a824fee394d996f19149e5faafdc3fab756a9f3030181fccec3bc285c0979f60b8ee159dd432fc96d0e897144ce427b4c68e7b43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb9c39c171af9f70e7e3b3d240937ccf

    SHA1

    ef538d4e7a76b06908247fc389257d2432e7e842

    SHA256

    e46013c04b00d2d438d359c62320b28d94b1daff2633a1c2db8501b6af047888

    SHA512

    ba7bcc0c2bb032537ad95191b3b58a5036e24b8d75481e676243d3b8611934d3afa8ddb980c9a1d2239146bb30da22767a4a29ee399843e56c5e8e21dddc5fa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    698358a431824df5ea95260a4f9fd16d

    SHA1

    c119e260b619c79d1a4c7ddaf66bca7656a61fb5

    SHA256

    fe51f0ccfea2603500a70bfff35e4bfce161c15e25c0e2ed7b959d2a89d2a36b

    SHA512

    48b5dea775943f6a83796b863cbd35bdb927d4ca56555b01e521b9efb5d7633a3c27c6ef4a62d2b9eef7018083928e417dda09e3f1351ecb69d95a3673c1bee4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7999caaa56eb5c333830098887bf45b2

    SHA1

    6dfbb349cb301a0b7a249440a3bba9a2960c8108

    SHA256

    a8cee49fc17579a12919caa51526735b2849358c4df3490af42b29faf0295399

    SHA512

    d890708395311a29b0918c89e85271ea7b963afce41c4d70e7250176ddcf77dcada2312a54bd4e493e821a78f27654e7a8cd819395aadc5abc73c075119e39bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a862e278676bfe8f90f69b300dec82aa

    SHA1

    1a6c51a49f99aac7d3a876047c3e2453ce1d60c4

    SHA256

    7ba9c3523c0d4b8ac87f759dcf9a785d9f75ac8fafeb4362852a637f785e3392

    SHA512

    c63c01fd846ad47a7ee7bb2587950e130a25f6cb2d137f80fad56b6b1856be7b291467c937abc4d0642362c8e39ac7647dc895ecbee6f9fc6274b7afcadcba62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    478f3b9c622c4ec227f8293d0fa7efd9

    SHA1

    d7e29aba4f09d44e5a3b8e4d78269870ebdfaeaf

    SHA256

    a4341943968df4be74d6c0cda23e4853552cb645d5d4677ff0f10548f832cb61

    SHA512

    da4af31715aeea209b7cf4800a597773312dc5200e39dc5cbfa4ddbfaf79450ec355f3ef9e1fe58fc6cd92e2f2bd4019f58f00b033836360e22256b94d7cc551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d000a542af97fe5af4d455452f22064

    SHA1

    487d62b33bf80d0cb606c56894f45673dec9cb30

    SHA256

    5f66bb07678634f4a222fabee9d429701aa7324b2d5794a0a98cb5390033b036

    SHA512

    1c024594ead553388af2908842a24ad2694722b275d4ffa2dd1e583de8d2eeb1a8309d664a8b7486a6485489c7f68f26543a933311c71a882fe8a33c0914c77e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60ab6244011cbe0b8451683e70f88a18

    SHA1

    b9260a23ad9d2ca292ec5ef2fa588d95d7e31643

    SHA256

    5dfeef2f9495a6d939f8c4a9f041ecc66e823d1a8d8485cbf1afdb55b85ef1a8

    SHA512

    c57bfdf0adf08e3a7ab208a4db232036cae86afcc061e17e415e26ed40229c2e5991b4cb3529e81fa6589c9386e7923cb4851a08f760da7f0fb40546239a757f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    123a9738e41c784a9aacd74304ff5d60

    SHA1

    8e7de59c9806a8b76abcb3f2b248cb40ba56bde1

    SHA256

    ef5007ef65ee3c3ec94e337de3db0b1ce9a7bbd56bc75d9260bfac7be1f59a2f

    SHA512

    af61cac35632a581490a39ec165fc8284db8ef11b6ef088bcdc3bc6e2d330728691d95de938c131bacba1bc8e378a8e2d9fd5a20d82a7294011883691ec854d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc02ff93359caeb85f619f895d5a9de5

    SHA1

    b6e00738cab21cc21ebf482e8f4c4eb0b9cb439a

    SHA256

    85b4027a37056df2e946d3d23fbd0e7fa22d7b452f67112e52c11e6a26f8d4f8

    SHA512

    cbb34eddae9ed2ff8e00d166c6e184d44a52cc4c762c5a75d3ea12203a87d80e00e50a82eda8a2ea0db07eafc97278ed15bc6f3b2cfc263888b18492c92e2baf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    181a497b3c868cf7bee8c2f0afcae5d2

    SHA1

    01cd7a2fdb9d5a87b38827fe9f88bc98172da721

    SHA256

    344c934815bd7e8406be7bda04270bd34715a301d35f3b4a49332a1bff1589ca

    SHA512

    7e5645b758921fe54c83337600e6810c4786bf503d75c6e0e4c1bc5310c5616fc32e78370f0116e9aaaf395805ca2e777786e7a82dc3814ef94f3d8e584f3bfe

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA602.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA836.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA85A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit