Overview

overview

10

Static

static

7

e5b16c682b...a4.apk

android-9-x86

10

e5b16c682b...a4.apk

android-10-x64

10

e5b16c682b...a4.apk

android-11-x64

10

1bf84a89-2...c0e.js

windows7-x64

1

1bf84a89-2...c0e.js

windows10-2004-x64

1

ad.html

windows7-x64

1

ad.html

windows10-2004-x64

1

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

assign_lab...l.html

windows7-x64

1

assign_lab...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_pres...l.html

windows7-x64

1

blood_pres...l.html

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

diabetes_r...l.html

windows7-x64

1

diabetes_r...l.html

windows10-2004-x64

1

dpr_report.html

windows7-x64

1

dpr_report.html

windows10-2004-x64

1

dtb-m.js

windows7-x64

1

dtb-m.js

windows10-2004-x64

1

edit_insul...l.html

windows7-x64

1

edit_insul...l.html

windows10-2004-x64

1

edit_label...l.html

windows7-x64

1

edit_label...l.html

windows10-2004-x64

1

edit_medic...l.html

windows7-x64

1

edit_medic...l.html

windows10-2004-x64

1

edit_track...l.html

windows7-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edit_labels_local.html

  • Size

    1KB

  • MD5

    d3f96ad2d65e65ddccd0ebc7b31734fd

  • SHA1

    ade1b020eb11ab2ad5935c1ea6e311ecd27756a2

  • SHA256

    2697e2d2abec0dfb176a9f3d0664d8a2df1867e503cc8739ef01c467a6572bb6

  • SHA512

    11e085c5f202053d767a1bede4c32f711f8f77e67f86d3f63d560ebdb9232e2c1feb3ac4a0b525253e4d54a557a346850bb9c4335e2fabc76b8f58c5c9c809ba

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edit_labels_local.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c1d5abfe91ecf0ede2c125a00ed775a

    SHA1

    ec003d5dd5840c337c79211f6c75e62bd27067b9

    SHA256

    09633c4a4883fbd0fb591fc9a056123fee66ac9736679843665f6c245e2c5210

    SHA512

    d7cd802868b250fb04905b01785a0c63f2a2c7b12fa8355512646b4d3c217b5ac5429d72080b60226d3ec4e941eee0a394b6d82768686fd04792c02a57170e4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db5e94b8cce5f5975a72f1d328c0b40e

    SHA1

    b9e030d8c598d0829cd0e9fd0d0788572f96f40f

    SHA256

    29389b26114eeba168facbfe58d0cec0074218e2c46d6fbb34662256943ca70a

    SHA512

    3133f4cdff8c5db411f6b5ea76f95c1f52993da668bc6b9cc44ee7af7cb5a9874010d7b405ef6ee5486b29d78b01f0a78e0f6ded342514bce5a8a8e07e4c3a1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7280f830bd6280ea71fb2474987a038

    SHA1

    f23f46da1c316b1045168556a9be320a992ab6cc

    SHA256

    7bf1a3db0abab128f68111b54c224ef87e4ec0be1e3ee1f45b1a6b63adfd8182

    SHA512

    4ab4d393dfff5f23f4fc3219be51967110cf2198acdc452d86cc5e8ebb96f8731975c1b9cc383f15f5f0df73e342ae1a6dcbb3cfca826f7075e2d246b1cffe75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5f34b64d8eb492f72ed2da30681fbf3

    SHA1

    1bfbbaa63110166aa0475f167777b3201298a5b5

    SHA256

    e820b36027d973db9624e37caf5726555405f791e4d908cc98b5cd11abd6318a

    SHA512

    8a0ab893488e33dc714cb79830ebf39180888f4eb50b74c7baf3ed5dfdeda27724ebd7c4fe9e29a29cbefbce4fc2c5093c782f1e0dd83eb2c87d5102b008192b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74435ec7102b6d983293b136dc2bf0ce

    SHA1

    a8c940f95e6bbfa497c3c48dd3507bd8a84d59bc

    SHA256

    31a2654b1525d83f80e07de5ac2b2bc83eea922e320b452d01da1b40c7cbb1b7

    SHA512

    f98609408ecf904014f2357f2b3b52a0601dfc7a55dedc77f79df09298f44131b4b6eec7a90490e74335f954f860720e912e5dc35a221f6944ac04c51e6938e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7d0bb60479dab60d54f7f3e6f5959ef

    SHA1

    73babce45f0b388d7c18e5f7ea969e3513d5cf8d

    SHA256

    105aa97aadefa761648b149e961c3af4133b8c6c98ace624d7b6c8c168bc5ade

    SHA512

    277c3550ab5be94fbea32ba60a42bff751d74cbe7f14103ff5c3f6f91a4a4d1756930b0e6352889eb9378f9610dfad655df29ad47719f08c6ab2e251ee9879ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17e3866e5a0f86e10fe954ea98d99f80

    SHA1

    eb3c9c900bd84cf71824354dff0f6ceb87a30946

    SHA256

    51578170058c14b7594bb358678a97e866b8b9d7c2928df30a5b5e089629296b

    SHA512

    ede971bdbb6c6284a69571bfaf2528a28080e68a8aea021dae95ed196c3fa38b4fb2b630dae075b5c1c05b0de7c2c68f399ab3f916a7fc5598cab86b970c65d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18648efed3045fc1f6786b0e37c0640e

    SHA1

    e4d8aa1688072e3a8527ce302abd206a673b6065

    SHA256

    d1f03120c1eb97795e33c9dfe82ec20eabda73b571266b06c758f664968dbb0d

    SHA512

    7fd410adf2738d7c0498e71824e53b9b259055142e8c27763c0d4674406784797d09793f19fcc98944b7602dc6593bc3aa0aba04a9dae1e4b20ca90602f5f175

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    357edc02e3b7cbb5494e749153f2551a

    SHA1

    0490b2a8095d37ceb86465d0eaeb76f4556a5d31

    SHA256

    d49ca48f8a736ed408189a3da74d1dc84e8bfa083fcba4e77da597135e707ac8

    SHA512

    4e3468de1cd29ef5308fa6d432aed67661bfb1835293310d735ce737721c51b8792515ef1d2c014e7a567b941c5102e817a11b6f7298ecbf063fc2d392329e85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4118efe44ef96ac0b3335ed25e5ef556

    SHA1

    d8fa6687e2ee3e93a5fca2a76090880369782c92

    SHA256

    6b2d01066fcc203ba3d4412b8e1f8d64c3c5d5ced3b464376ee512c3751c9538

    SHA512

    77e37b24f25e621237a28239d77934f6a7527baacab8587e7eb324e35b5f6820fb3aed4c469eb14742e08892ba1886dbd66077adfe6df39123649eb404252098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c7c7fc63a46c321f33353de010333c8

    SHA1

    4a77f84f82b6bdf0486cd4e0077e7c521c9e91e9

    SHA256

    564555574c9e9e8136996d69574b97c8e1967e96cabf9852b898c8ef66c391ea

    SHA512

    da8ba9db5ca6d448aa7e1b03a5cbc03ff88beb61b0834d8977c85c7f654c94b232094dd47a72b7f2b2215bf62f83ab8017a924ba383fdd7769f84892f2f02655

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f7d29c191ee248a57b938cdafa7166e

    SHA1

    a25bad470506ea88a640e45b2357f67b3d2b8ec0

    SHA256

    189ecf0c62c1d90389130e19bb66e0d94c0d81e66ba2b34579c4626a3ceb4a33

    SHA512

    817f942c3a321b904b5d1c86bc207c059f0207f45a52dab684635d41e63895085f02b8688c4385c494e3af033b21d1675f9749605bbe99d7f859c475785c66f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    672e298aa23f64902bc541bf855edb8e

    SHA1

    610e738da5bd94f2bf13d9724b67340d4e94cd96

    SHA256

    a84e3d4478e87377d3ce169f38e2a01f28156af5b979267e000a770943337f8a

    SHA512

    5849bf9a1c243cbda9c43dccf1e01bcfa0df04411a5e4ee1c65d0fa500e9232bdbb035f598de45439d6ff995b3b8dd752525e7d115814f315b70ca3cd27b8418

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    450c1964aa3c819877cf6c9bc443e7a2

    SHA1

    a39146274a899e2702d78e2b6cc12238ef49b831

    SHA256

    a2e1ba78dd124395df0c500b9c3fe2937b348780bc9746768dc6330bfc2eb3d9

    SHA512

    678f78c91957c40ed47bc3c7c927806d4cd453ef87290d56747833ccedc2e4facf957416b592665b9f5aa9384403de226127d29f5e4ab8e510fae51944e059b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9628.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab96A9.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar96CD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit