Overview

overview

10

Static

static

7

2363f39cf2...4a.apk

android-9-x86

10

2363f39cf2...4a.apk

android-10-x64

10

2363f39cf2...4a.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3d535fcaa38f144445ef7e16153e332

    SHA1

    a5f1c1bf10b77aa3751c1f0e070c8cbd1ef6c4f2

    SHA256

    e67d9e116e170d059d390a3f19c5266bcdcd60c2b5841015ccfa0c3fa2de623c

    SHA512

    0e1f5c06c37f22c51743b7a6a4fce4a49d5d3032e2fc994538e0eca51ea89f697371f5107eae7f63b29311d8b6767b42be07150981aeceebeacb1cd3e7c201d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e47d0e05b6dcab5f17d64fd8e6113e3

    SHA1

    dfa396db03dfb629ad688e84209fa49d4699f37e

    SHA256

    a6e806d5dbdf3e43a8a4b927b41b267bd41a3bf9f0ec317ca4e4dcd3f3fb4fc6

    SHA512

    817e12f4b294430b240f2c6e62176e721a11c107598f8bf5edad0c311678da0addba94f1ec493f84d2f0e29fc934e823ed689819f855f4026b4342c608e2f3d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0003fc870179d699d46f76b8e344633

    SHA1

    01973277df89f0c3d5fb11ebc159bdeef8215b8a

    SHA256

    d7c47f77bb203055eb6df4ca0d146aa02fd63bea0e6056d3272badf8c95ad95a

    SHA512

    0654c69a5abd6eb13f584b2d87cda84fdd227dc391a34160f69eea8d1af6a40a275b050e12d4000bfeeb4cd8d43817199f073e547459d7f1a55217f8e7feb108

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bab4ec8fdf19cde3e35b184824e2454b

    SHA1

    767381d3bbcca34bd545a491060361fb209494cc

    SHA256

    83fcb4246714eae9ff4a64eb58d2229abe8307be3950544b4e1d6f409ff46121

    SHA512

    28cbc8fe2fb1add57e6fcf32d650a26ce1f42f1b25bed3860563da84c8be3c84bb3556cde3e8c96141343121f6ea8f534d2a80abcf210072aea3864d47ce8a41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02a9ab1de43563f176d9b521417d4538

    SHA1

    d19e22913ac9342e7723ac535c079bf96525da24

    SHA256

    adf81083870e1b0ffbc66891de400ef28c27248e8eb9ac7204c9242827c6c7ef

    SHA512

    eacb86d6523398cbf21e91895eb0ed301a5630f8c639eedfa933a031b22977b22700a322f95f2b42530b3e8a27e2af1fd8526b8823412abecf7a690e9cb1b24a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8668d32517b4f243b910c0601cddc46f

    SHA1

    286ad809066932967f093068c464514d152e331c

    SHA256

    269beff68f49ebd6300913b0028f0342462104d54987096820ac176c017f6238

    SHA512

    6e7d4a306fb92ccc9fbda3aaf4e421003feb98c45b9cafe07d3d8910cae3b3189215c26d70e05642c526158a18b871ec7e8e8fea7222094840e05d33e58b84af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b89cd609d8e4b0314b8506e67f195d0

    SHA1

    93d6bdd956386661c8e279c420a03f4fddcd15c4

    SHA256

    26679515af4af5d3b6ce70df195bcd5d61ed86ef86020ec0fff5fa3ef81d8cfe

    SHA512

    941c1d9bd4954cc16f5203f10c6ae0b2760672cecb069bec6c401fde0ebadb0b4a8855c66d7439daee0b2ad8e564e54484d3248cbaf65fd4dc148ff24e29b0d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4af70478220246b00a043c88e06bb550

    SHA1

    e0c330062ad4af677c012b38b8c74d6ce064ac70

    SHA256

    f905956f0a45b7e80d3e924a7f33500578271606884c26a7418641f303fdc7bf

    SHA512

    df04cc2de4b71d534b4d701d6e4e3b4d1f6c2ae410eb133e9b35f7d383cc02b3d589878014ea2167ed7f5c203291c3c82c777540d14944dcaeca3fc97eaf2a5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    920026caf65ad8f40a0d8328c7a40418

    SHA1

    b1dcc7ffd91632416825a6c1cfa45820732d0dd5

    SHA256

    daf8c08a3b370b2257508fa8778f0b61e7e0d3201a793b562bbc9d0f25102b13

    SHA512

    7e14b5724fcea7c851fef19d6d29ff94470fab861311ce5a50dede3cfbd1c72e8c3c95ff0899bb896c39b51c42749dfb43d2a3880df9ff4e1f91b7706ec8072e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdea09a104429feac91128fa75775242

    SHA1

    52f532d410d6fdb8c71d4ba803f96114b0ac7c6d

    SHA256

    cb5e89572fc9ea62880414b4a95191e241503355aa2c5b001ae64e850239767f

    SHA512

    c003a158f47004df1255288ee46d7dec46c42569ad40958c11cb2efeb33aea7a7d9bd84217183cdd6fd520926a197838575c69eacb981b2d9388c17141041ece

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3512e1c9f4ee20c5c903ebf1517570b6

    SHA1

    ddaa854eae5ce29b6efe23c530fcd0bd9fc43c10

    SHA256

    490a04c284f2b533cd0edb35de52bc2dd32b607215d46c05a597fc6e36f8fadd

    SHA512

    caca2766ac03f3bed88389934f4b13118c9e185153b5c239f98f092739425b38fd45e0b88de41435c5b231f1ea95f9bace99a4996902a566c916dfe71c518536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0717747d4b5d96dfd48f0ea33b89402e

    SHA1

    ef332e2aeeebbcb79813ac496bf400682fb215d8

    SHA256

    2f436d24cb7a77e5c63ad966afb71f2f8c3d3aca1994c54d8cac90b93de2bb3a

    SHA512

    0b28fe65b15b36b05d787422335b129daa8669cfc1cc2a36aff0c08b756f34d2035eb1672c333bd124bfe0d01c56590d329399e5d0baf9e14a5c1dec4e5b2686

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e123d1fa0bf6ad9fc4548b156b86f4b0

    SHA1

    c31294068c0a77fbabfe41cf43ad3ec7682e62f1

    SHA256

    4e50101c6df9624a756d24d03fff2f6e8d7e280cdd463590defb72232ddcfa9e

    SHA512

    7361bd0f2cf6690005d80823c545ad77ae73be31fd6671414011882c1c42ca706e05006862ed770e0b2ceb791295b6558d0ce2289c6c1e93a41924a5300f90b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    442e0d35c2c0f725270827839bdad3a5

    SHA1

    58597f62a62b9f919a0758f9e06d0d52db3a3b21

    SHA256

    d24b676a52766dd3f57a558a763274e20500c41870a6bdbc397c69b868e83a92

    SHA512

    d6e44b69a166b197e98af7018c9f2e6556cf2d46f86ab72a2e51e89ad9e8b1e62d96a2b0d1442b683c2bda5c79025ed5e4b3710dd1d790b8d6fde37065f03fec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e434b1f8eb3bde7ee80cd1b0c90464ec

    SHA1

    3916a813e160601b3ac1048293d43b78038ac873

    SHA256

    8ff36666d8ca889489b559f4227b21dd0fdaef3db643a277b0756de23f8672ba

    SHA512

    6bd456fa6b31c3ed0b1011e877963a5d2596f5a553d8f3abb971c372f9a817d73483e4187accade661026caae82b45633e4a6a2bb3a298d60203595f6010a03a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9F10.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA04F.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit