Overview

overview

10

Static

static

7

64b9fcddb4...bf.apk

android-9-x86

10

64b9fcddb4...bf.apk

android-10-x64

10

64b9fcddb4...bf.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Resubmissions

02-04-2024 09:02

240402-kzss2acd51 10

26-08-2023 22:02

230826-1xr2qafd8x 10

Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2092 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5851b695743fb891707de7ab6dfc4e5

    SHA1

    e3021b930947818a39c69026d353ab08c011d2e5

    SHA256

    63c6e1340c5441b80a032239f0677d5152e9140669ca2b4612421062842ea183

    SHA512

    8673440f1e828dbbb42f96d074be6724029ae065096b41c4ce1de4e5c94baab2947e1f1a4327c61a0305f397564272302bc15c630482bbde5b8fc589e93a4a66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c8c5bb31cd26d300c69547008b3f2f8

    SHA1

    0aa8346a3719f57d9995b98800fd2c7b19792af4

    SHA256

    77c879a9eef16c592e8032450f82faf392725855e5b4646d2036bd1299403bc3

    SHA512

    210460ec3a56bfb69c0e97005f86c1f66db2f4c8542c92460a096e358a13eee2cb92af6d600aaa71ff8b45a6dcf1debaf50ba972b98e9431718a80a1c5068e0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0929bb43f284f03f3b0310ea7e44b50

    SHA1

    f7199b1d5a4f12a7ca2c91584f3d120ea3e5e1e1

    SHA256

    6ac487d02b05fe215640ae352fc99ee989d584029273b7c9471786a45996622c

    SHA512

    3177b2f1b544c7b051e4d601a9cbfe5c16126a0c1abad271771a2cc0dd000ad5f48641e51e3f1fad32db50b57db049934573e57300ee46189bac510c70edea50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f49b87fdc2640c66350cfad05aef11b5

    SHA1

    65d0e967a67fcb0b84bdf457d6abffebad1c9a4c

    SHA256

    c07328ac84caf66e51e114288fe64bf2599487d4e71fcc565d75d92f450a2b32

    SHA512

    b2821308cbcc5d6ca5f7846e10302b1c92106881607266509f8c7f315b78750e899545812a84fc7466e8b46f19fff4119fad0a21b8be20e512e005f357eca8a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a8ba59838be105c2d455fd744d9ecf8

    SHA1

    f9076885d21b729bd7a8ba650e1772792e08bc2c

    SHA256

    637a0e2eb7a8d90feba790f441725e97c68b825f32b6e3381eacf4746363c59d

    SHA512

    b98dc381c1f4c7d0a5b326eecd5fcade59732504e9cf5d4e98250d6b8d234e8a6332af71b6a42c737b9cff3d925c29712cd9be2e1ba709be2f871c7d3cc1d6d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3443ecaed38046398a940dc9961900f

    SHA1

    2fa773e59e30082d338c1cc9181a813e5f3cbbb5

    SHA256

    18dca0745b06ddeebcd9d8ef3ab044d886315feb859808b8f1e981511b3e0327

    SHA512

    b1a7261f2bba756e50acde00706cd76962fc9a11e18ecdec88f980fe1edc9358bced78f24481033493917087450982e6438f46a776f3fdcdda65d47c4cbeb137

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    045e3afdb49114a83f33310cab7be711

    SHA1

    b49f8ef44da613b6cdaa40275fed3e5a8df9b9ef

    SHA256

    be6ad762930d9960a8ff8d26c3819453ec44a22822b81a768cdc8707090f75c8

    SHA512

    d8c9b1b9b45245286e2be6ef12e2b8b9100515106a6fb95f1881bf383351853b48edf1b712de7c849adedb1dd3255d8f4bae95dd31f58a42e9182b6206c19e90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81665460107f5b92951b0295088ad0f0

    SHA1

    2a0c56a2ea4b734b804a9ada3d68285fe96873d4

    SHA256

    3d03f344f93e4a66b4d3e24885a63609c6a776097b8cc815b13c05cd10c9be37

    SHA512

    b7cb96e45fb2f35a1ed7746744b62ff2a7ccf58e52eb7f2aa3c09dc7353ca8d2f4c4b4b2965b87818d203d9d968df0d7e228329cc76d4c79cd92dcc2ee2c7109

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5760de8e9b9a5fd8eb989a944dd26284

    SHA1

    8d6477f0b123145d11ba18210af7a5f35edeb9c0

    SHA256

    e5f157007cef9a5a2ab8f2bf77c916f88cece9c6df8886e1cbd109a66d6f083a

    SHA512

    38af2408e6ee17f1b0f8f4599dfc7007b5d99f0573c9a6f018b9878ec0c4aef610be1f804b07c87d9b2f84660a0c77fe7f348c6a67010d4f9dd8cb06b601a102

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea45088ba18ea451da86a8970a57c09e

    SHA1

    f7a4ecb7c9747f75955c0d0433a217e08be15e9f

    SHA256

    ffdb1ce9cc4c181867d0c84b2da336b1eddb2db28c4cc9d245da18dccdd2a5f0

    SHA512

    c504ded40dec8d0b12f880481e1a1772175be80a2e1a9e1e75ff435ed5af9f1f8d9a5e033891d3832af16560c730e6bab2675d87876f72d7212dee45bcf403e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43c1afb4d07786bd6ac1cae6b1e79a35

    SHA1

    9ade344a849fbb909d88fb8092cbaf432b31b4e9

    SHA256

    1c00038e99d80f285d4f85c757648e0ac29b88018b2214c5ec1bcec910b4d11c

    SHA512

    9bf6b32a9f32502785ea514ee946a7dcf4bfed1d7d251ba35a74e91a33c6551ccf098b3264ced580778463e4216c2fb594a2fdf1a5f5850b35888435ecc99d58

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD156.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD2D3.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit