Overview

overview

10

Static

static

7

6a41f27d45...bf.apk

android-9-x86

10

6a41f27d45...bf.apk

android-10-x64

10

6a41f27d45...bf.apk

android-11-x64

10

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

3

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

3

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

3

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

3

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

3

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

3

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

3

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

3

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

3

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_cs.htm

  • Size

    60KB

  • MD5

    0f640786196d6011e01155333821964f

  • SHA1

    066c679b1de3b92ff8ea552d1f80adf6891047b8

  • SHA256

    bf803405fedfdddb8633f549f97f4a5a53f4d1a0aae0726a4e4c2a380a611fc0

  • SHA512

    7f5545021dac362c111d315d4e3b049674d6fc3c8a198330eb35fd562ba6c4c888d4ac16341b10c3b3caa47187759b48ba2cdc12dbda2e1b5f702f3bf2c48a17

  • SSDEEP

    768:Jqj9py4zLWgQgkai1q2esuB+SgvHQ3tSOPz114I8nV213trFi+0IgTagDgrg71gd:+pySnFkaAvHUtS+D4I8V21CTTEM76V3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb27af7c86d7f9f0626af6bd98659f1b

    SHA1

    965f885ad660c150ab6ea6dac08dc797252a5bf1

    SHA256

    302ac3eb498f7dc7f361089fab4e1fead10cc141a306ca57b93a5c3ec848e5b7

    SHA512

    5a4fdbc5761799d9430faf1b73e5d6ef867ab086e802be4a675b0e38694d9a967a6e40729b0c5050e0f77ec60e9fbc846725bc95c8befc5bb41cc3a78b90fbeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2a06f8c1a31cd1e81edec54552897e9

    SHA1

    d336c3afaad9db86ed4e57d9aed3c70acd9f0d06

    SHA256

    d9f3c18d295a7871f956549f16e737b8fbb864f93416324aeb4edff409ce3bd7

    SHA512

    858b127f7474a612ca6589872e55964553eb5f7f7efc86d853d5c728e637a07f832fc38f7d6697af40771ef43799c81efc7885271cb08aa2164ba901e2e405b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06a2952c02552f205d926072e0241616

    SHA1

    a0a0258273f84abf0a1710965b34eb110f0c8158

    SHA256

    2617c9b6dcd9fbe6dd998db5e6d119e699f36c669e5c7096f3d315d75a8a4a17

    SHA512

    95319a5b95bc0cc0f69996f51407d622083770df958845bbdfe3b30a1e2a2b9f5bd6a5f5f6f0de432df061d55c69a646809c025f078d7cfc6f7b730dfe4d27f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b9e43827e967534e71bd9e4ef4bddf3

    SHA1

    890bfc4860510ceab97a4290aeb42e7a569106c2

    SHA256

    57720536811b82ccfad78c338081cad102504b2cabbee4d2dc64c231b06ef1e2

    SHA512

    fd4388eb3ac665c849b1c8a803c78d5db88f59c8aae824afa911cf996786b08aea539edecaed223eb545e00d642edcf722482076b44fb70f1f3c3d0ccf3aa6cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    504aa46be9a64ae4a3032ee3cde74d48

    SHA1

    9d14eb1d511d6c186875e44a84dc4ec35e0e14cc

    SHA256

    7ff98328ad81eb2aaf8b880a411471bd91eb1a733fe7fb4ebefbf63a2f543ba2

    SHA512

    66d6a258da835ca15a77921896fa6e1acee82eef67ce8276af75dc8c51f6447d3c8eeff0ec3f79732ab9e63516be578f1fc3da33c88971906073a0feabd53f44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    654f434263eef193b4102f2818c8014d

    SHA1

    f98f99552f45485bdf42b9c89d7dca0468fe8754

    SHA256

    36cba12e8cab408031a7c1437c4ca0ad1fb6be76c4b50c678b5f92aaf2c5ea7a

    SHA512

    cca45a3c6ff23f251cf97258dd2b297c747b7fd3c84f706c91ce30279d9f163de6aa8eefac1048d1ad33d1a93ca8bc4140e2e2b065ece2f8a269c0f4fc882533

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    960c911f920ab3d7bd73da550e389dba

    SHA1

    67d037a615ee5c51fff2e903887ea46cbb08a639

    SHA256

    96d75fe5eb3d83ecfc86d70530bc913adc1fb90d31fab2407fae93ec95b6bd55

    SHA512

    b25e399e8295e95b13a1b319f7a6e0050b34b4a78b8cf3f031c9f55d0a24c3dd475a7073233a0153a9e1e7fce4875705995fec102bff1c3585fefe48ee59a794

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8429e948e9c53a72fc3c4e63b16010f

    SHA1

    6d7402fa3dae61df378f07f7c324d70e87de1ccc

    SHA256

    eb8f485b2fd321bbfc9b33eb030573aa0d73ca2b9340c3cef0b2cf2a81cb0c70

    SHA512

    25021ccb899d2180b8046657f6e3bab2efb3aec7926b09fad88709a2c37725e7f030f504095542ac7c89da260832019c0ae5243d2b4db3df321912bd56107e5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a24cf1c7cca920b3e6ba4a034c0ab0d9

    SHA1

    310226371b2690749644a98521c641146884767c

    SHA256

    2a6856fce2ab249aae568f2b25a3cb42a92b6fc722c6233d87445322b5f268aa

    SHA512

    72af375d0d6faa1d8fe1c71db001e00a9953b53b86f59b7c2dda4e8ac315adadd84fda55d95af4b4b1521601eccf61ede6300f070926d81b9497b18272ee3d24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b08598bfca504f256759ef965e14f03

    SHA1

    524848c3efb22857d319c1f90a82af3b76382ab3

    SHA256

    91b8f3b503398576907343185b0eff65ce84393cdcfff4aaa98b2697b4aa38bf

    SHA512

    8b4ef0ba611e9ba84fad86ccebd9a855b2937c7446e875795f0a41aed22909268149ce6fe3f8c3a21ed02331f48194894125c798e6a4d36406ad3cdac03ca4d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7d6f35283a1af165339428f5941e9a5

    SHA1

    caa79d78efbdbf5be7303fa1b90fc4dfce004951

    SHA256

    8cffbb79a66835715b09415c7b2046afe022665d030aef8023f198c3aa48be6d

    SHA512

    17a154ab394f639288d72ae194341cc1618701b708b726e78adb33f1abf9caec1a2b51536c4f7b2ce35ee9e48409f1321cf4c52fc8ff387322588e19a61fcc28

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9649.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9B31.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit