Overview

overview

10

Static

static

7

e5b16c682b...a4.apk

android-9-x86

10

e5b16c682b...a4.apk

android-10-x64

10

e5b16c682b...a4.apk

android-11-x64

10

1bf84a89-2...c0e.js

windows7-x64

1

1bf84a89-2...c0e.js

windows10-2004-x64

1

ad.html

windows7-x64

1

ad.html

windows10-2004-x64

1

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

assign_lab...l.html

windows7-x64

1

assign_lab...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_pres...l.html

windows7-x64

1

blood_pres...l.html

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

diabetes_r...l.html

windows7-x64

1

diabetes_r...l.html

windows10-2004-x64

1

dpr_report.html

windows7-x64

1

dpr_report.html

windows10-2004-x64

1

dtb-m.js

windows7-x64

1

dtb-m.js

windows10-2004-x64

1

edit_insul...l.html

windows7-x64

1

edit_insul...l.html

windows10-2004-x64

1

edit_label...l.html

windows7-x64

1

edit_label...l.html

windows10-2004-x64

1

edit_medic...l.html

windows7-x64

1

edit_medic...l.html

windows10-2004-x64

1

edit_track...l.html

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edit_medication_local.html

  • Size

    1KB

  • MD5

    601fbf21cb68f72f9c04f46e8047c31f

  • SHA1

    0ee7e08f3c0c86056bcfb9417cf37a2a62ac922e

  • SHA256

    0bcfdeb14fb71a4bb5e13db233faa1792ac4b18f1c769634cf9791dda4f87db4

  • SHA512

    739922a1171f3ee40cc6cf8b0f8d293962fa376bc02bb3f713976b0815fcc8ec44a2b25e92ec60eaef35dfc50c16331672560c4fc606eaf37d5e664257b5f6da

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edit_medication_local.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1672 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf2c7f3dee4009ab0f373f86af05e467

    SHA1

    a483837856fcc875b9cb0906a7029aaaede5891d

    SHA256

    be50293c454d91f5e9a7ca7a98d7737d5f81128c43efdfd283a1a69c3dfc30db

    SHA512

    3b43f502cc2481e94b5066ce16455387d26136a01ecfad47aa257aaf8090f31822311fd27bd894dada079f00f689df60f8d89d5f1af9242ccf485fd4294fe550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f406da25046ccf6994d95d272f9f8c29

    SHA1

    c07a13399b854c4cac729668a8df4dd364fe2242

    SHA256

    09040c9903ef5b302c4090ab391937d0f072b28d09e7c7fd11fcbe4578e7ed43

    SHA512

    88b21e0ef7a62902921162651c3c9caef8fc13a249e23431b6a5d220afc6c6b6412c51aafacb08e78a845eb9a9b675db148e57cf4563fba47228246aa705a37d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    266a27676d6a01bca84932e33535883a

    SHA1

    aa5f8cbc3a8cfc57f9a137779d9e1ec0546464a1

    SHA256

    9933157444a8f5d5045c1c10abf34ee03db75b50416565612aed7d66adfe9f89

    SHA512

    c603ae4e38a6a3b48a249229f75344a2a7b206732f9a213414f16d65324baf63fe60c3c0d2425457ee4aba9c669370c6b3b70280a69233bab56e72cad00fdc17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d4290f520bd87ba79992f8974382974

    SHA1

    3307dbf67a0b467a6bb2e0eccf6d6aa1dadf9937

    SHA256

    30cfdca1d46e6ed0fe7308db4016d3dcf17944ca27fd473726e7a095c40cc0d8

    SHA512

    c9a810995cda843644dd67decee9331d17ef79fdece254c6607299f75827d2b6d66f2353d5142c7c4f888d2f90631f51983368d07d80d9b682a8c2bec1e683c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70faa62a6ad34e58d3885ba5a13bc60d

    SHA1

    a12d9a089df327189855af066a7ba66e6932fcbf

    SHA256

    7775de9f78b8300d9ea60b7983309bf2b3d2f7b0abfdce606020737fcdc1bc49

    SHA512

    c79e518ec04f7295680e436c1649d34a5d775ce54395215994283fe51ac79eba1bd2696c60fe56d958f040e00db84e6929456c695631bf54afd0c2387aca0b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff6cc9222d14b03627a97354e2e18ec5

    SHA1

    94b280ea5273f437604f0bc4912c5fca13d621dd

    SHA256

    716c97ab2c51ba8dbd872de4fc976627420ed6f3ba98ed692233b1c9386310eb

    SHA512

    e1370934698013c90cbec126498af919edd7b4c1deb45297d5d8a801e72106b2ee0d728701f2aab0538b993cb10120dcb6c07a007d00bf58cde0ea0dbceafa47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    678292780ccbac6f2ce993fecc372682

    SHA1

    27d1eb15e4f10cb5671d3e4c37024faf15554a50

    SHA256

    2fb16b287c5cdb1a57753f63515b81fd93725367b6cb5afb3e0496b413df37c1

    SHA512

    6f723bc61e865d67831122554950052338ffe58fdc6155551e7610c45fb5d76bcdc15ca9f3de11533056493747b66a0fbf12d803cb35d35835162829258a4816

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65bd915843594ee2f28320d1e5d403b8

    SHA1

    f98bcf40cd8c83369bf24471c403498979062a2b

    SHA256

    6cf41c0bf82ca6b77c817a065245cb7a0ff275d43e5b0825749ec2cc4f0ee7d9

    SHA512

    da84c9989e6f518d9d632a0e1a5c107f0e1422d0b1ae8cff99ccf5b0a5651ba5c5d88bde99b45863524aa69323eda225ef686e5bd67a07d736aeaef746b17a5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f507dc5507d5232aeff4b969755974c

    SHA1

    16c78bd03f4d5bac42cfb4f75d2e62441e43eb0d

    SHA256

    751087297c3f9f54c16dae7fcc9e00953b20cf2c5067cfe6b06781ed5079a9a9

    SHA512

    457d602c55263a20c1db35607d7e5c088be255930615b55673cf4f10ba24da0e53db5f78c4c45d73099dc331e8f9a9efbec223fb97ef972258dbc87e3f76f842

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCBBB.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7857.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBCD.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit