Overview

overview

10

Static

static

7

d0bd0179f0...06.apk

android-9-x86

10

d0bd0179f0...06.apk

android-10-x64

10

d0bd0179f0...06.apk

android-11-x64

10

arkose_cap...2.html

windows7-x64

1

arkose_cap...2.html

windows10-2004-x64

1

extension_...r.html

windows7-x64

1

extension_...r.html

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mm.js

windows7-x64

1

mm.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_privacy_policy.htm

  • Size

    3KB

  • MD5

    f5bd54f89d624a56a0368d1bf532c60b

  • SHA1

    6fdb247506d811132bc5b51ffc1d82afeb6e72b4

  • SHA256

    eb87dd5ca31a26b9d8a8bc650c324b49027d38242ffc71a89b04e0aae8b4cb4b

  • SHA512

    8dc96be4781bb08b1dcbc3205f59eac592285e98a349a330301ab32e81a25beebd9224880215c62e431d9926c7ed0433e886b61730ada1012ca2f907fcceb263

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_privacy_policy.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2552 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a87691cb013d27f542d4aab37ee6ecb

    SHA1

    ecec09bab405212d797ec434df92c72e6c3d5058

    SHA256

    7c5c253a3254d077ce59122f24c7c1d64caf7d52232a4f81695e0a790f653f22

    SHA512

    a1f3ca903749cc42e213bb76b25e259ff895098932417eb41e0b0d19e3f9905563e6dec9ff5f65bd05cc9400556985298d830941d110b28bbb2e5bbbef883212

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0504f4a506c0448dfdece8e2ad6011ae

    SHA1

    861d36bc0ff934e6b7b16bb5832bad8109ba571b

    SHA256

    f61c26cd0474d35ffe22a8d36df66f9a98178e8e755c0f8a799f159567608ada

    SHA512

    8a3628e68cccd560922f939edb3158f44e9439916d73d32a55795b4946bbc34263beb98e17ca0ea0eed7d0e7e827b0a972d88808f28b0e8e23c8b8a64533bd22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c7fb652f7c5d87189b1084069586403

    SHA1

    aa5ded4de20bc56455cfff3cf05a7e417642b6e3

    SHA256

    df5394e89bc03d1509c8c79e0bb43f45aa6c58457de8d2f2f56590c767ad4c22

    SHA512

    f3093911793e55a09dda6c3397442c9fc04512609a790b231f5bc2257c7332269d72350907e5350158dcdd467d985c0065169da13569e1f093da03730c007b9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9202768fdbfbc03feba78115815302a

    SHA1

    d93226bf4e425182de65bfb922f4a0371895dfa8

    SHA256

    e8350ea6bc15c1afb266d8cb281a87b5662be889aeb99f7a52d0432f88b2db2f

    SHA512

    b5cf070e3424c1579c388f6956d9acb05aa5d4e798955f7059ac67075c9cd1e1078c8200e2d3f816737e8f8e1960e7c4b181a2b87e16d0110b755703ad5b5009

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f02a21c12a1a7b87a7659ccf818eebe0

    SHA1

    125b1bf15a82532080de95171800c24bc4ca47c2

    SHA256

    7d3013dabcf4b3078415ae69d0b048fe628f97cdd36037d310dc1e40fe8594c6

    SHA512

    876742f2da5b5b6b655142e59256ab0a1efa79b45f59f94613a3925e1850cb000fd3b773767c73ea94d7a871e733a6333dc266078d0304f9fd2de252a53913d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73d7be4ab07d3c65efcdd532860f4a32

    SHA1

    cb7fb63e3fcd209cc6c9e03ba0d4521f48311c12

    SHA256

    c17c5ea29812a5a9ddac6e6cbdb92a7fa956cbbcff736bc3d2bb9fade0607c18

    SHA512

    ca4c9eb87b8d4d5c9a053b43ab6ed4a4be61ae7367ad69ea11d7053608bf0ab3ea52d254308c3e5be68f40a6b7e0b0d4613d97e9da1cbb319cce0b62e1ee4e4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef4e1b45126174dfbee26d49c4eeda8a

    SHA1

    8f999c77f44b8859ac39c985cab9e0e2ce08e00e

    SHA256

    7e0d7163ae8ee8902b0d07e240d9c41ccff1d19d607a7d16209bac2377a59ee6

    SHA512

    ac523e385c1ef5503e0c2d962036fa419729a4c2a1f80f4eec5957220e43ea47df1da90f95813ec693ab9360dfb86d074343f9d1287479e2ceb7434e9e47e714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a32862251199ed47f2b470dfad2f1996

    SHA1

    5c5a846f91e1ceaea4064f467280491146726294

    SHA256

    7117730c9c7a96b143ff6980b0e5b09540ec09249f832014edb72835cb96c4c0

    SHA512

    1439fe369f7ff54433ef9227110eef54aeca75a2a589d50f973af4b59aaa78f50b2ffcd6c834e415a1f59b3915cd93a15e3f9ee5e2fcb6c33ead151a0b1227f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d65c9e2b04c7b53a56a88991338f8fab

    SHA1

    92fcd8c9eec54f5ec703373fc4bc4fcb541f691a

    SHA256

    36a14ca89561b27ea8ac758255c839453a5b26cfa1277876014ed980cc93bb57

    SHA512

    a5836120e153e9058a14f45fea134e22d21120c14618a7326e69dd470a4f4ff976a3113078e830cf39fbea49b941d5aa41a1456fcce1620f3e6258883fcd1339

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5489643b490bb4b9876109c0f432af86

    SHA1

    f58d2ba7684f66e577fd11e783f52f2a478e5743

    SHA256

    c979adbaf66615c9fadebb2e906ff417617ba5e6eb0e6f5edea6b2b46e7537cd

    SHA512

    0f54c3bcaa2937bdaefb3fbe8719619765a362f78742963c8c2303c9532b82c0f6075f8b5fcab6850ae8d548b8853ba49deec00dd33ca0ed28ad0358eea7d0db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9BBB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit