Overview

overview

10

Static

static

7

6a41f27d45...bf.apk

android-9-x86

10

6a41f27d45...bf.apk

android-10-x64

10

6a41f27d45...bf.apk

android-11-x64

10

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

3

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

3

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

3

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

3

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

3

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

3

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

3

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

3

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

3

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_de.htm

  • Size

    60KB

  • MD5

    be9c03c0d46795b87dea0f7555274b4c

  • SHA1

    51ed992061218f7cfebdd1a73412db4bf733634b

  • SHA256

    407eaf294879c0423363f5220aceaa31078306035324254d4eb667f0331b4cb6

  • SHA512

    f809287a14f9a5eec9de0b48af9c4629aa9fe4ef27b951fc82de721d0050750db63adf132cad69e7d9d6dab4f52907f506b9f1bb402da7ddf0394b9eb23d3604

  • SSDEEP

    1536:28JNMFKvYrpZc3webMrWbesDyKjhCDwE4g:2WNEKweUsDywCT/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_de.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2580
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2580 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    0d3f223b73b1e0bc7427b6d5c4022210

    SHA1

    0c5a7e1c4b8e63e92ba811018febd5d42a3fd54f

    SHA256

    237c89f04a2cb64c367527ef7db17d24c1db2a2576a82c7e1a0129cf7e0b98cd

    SHA512

    f9147bda78bd85792d79a1beeeb10e8c5b7b5ca7e719ff793a5860f0e439488ec0dd94e41cb8f78981b4f83625b10b5a0d44b08fa90936cae96fc230030d1265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    963b6df754e61c4d2c423c1ed6d4fee0

    SHA1

    2ae3aaaee20a0d4db293720e98012ceb82d13605

    SHA256

    f6926fe1c4c8904fb827d5856ac252eb19efe1bc7d0e4bbfd05b8b0737117ff4

    SHA512

    e894529057f515c467f663ddb07f95cede068776d9464c1bc837042bde9b1ff726f2074226456a8d9171b93cccd7600ee83410aff2dcdab71b2b89a57205c2a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91d7b0e205102a737e7c66cfabaa439d

    SHA1

    06f45d7fea05d4f5535b526b926e44f6ba42641d

    SHA256

    a1ad288e9cb78f5f8746435c4dbc526c3f1fd5c79c44409b20b3d7070fce385f

    SHA512

    7e86fb44a6d2fcde709e24cba801f17252291376a9c17c7d46798aec20fa410898979fb4099b716d53c3228def5fa6e644a9732bfd2bf4efb3d693343a25ca30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    250948d17496476cfd687fc3395c0aa3

    SHA1

    0399262da75a86efdd31f3cda3835bcfc77895b9

    SHA256

    65f6209bbdfb419e65f1eb0e7065341237041c3f28142558a4006719390d2198

    SHA512

    f7b2818ebcb9616c6ec6ea7f028dbed9df9a18ce9b3ff8533aceb1c5e16bbc522be0d574fa7030b37fd9db800ed381ec9db0fa5fff72f6862f215d1338a1a6db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1295224ec0b7c80791930ee1ad235830

    SHA1

    861bc7d70a3a3a526ae9b0cac0116c2dc7720814

    SHA256

    a7a5bad41b8b6987cbb75941f18d24330e732181b5baf49e1902584dc9670e21

    SHA512

    0b5aaddea5f759f8f7856775fb96b1583d961425270cd7b9439a75deceaccee82083a520a54e267860f5bb99aa171ab815ff1f40d00de3257f7ac65c5f1648b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf96cc10ee92e33f8716d230e7087709

    SHA1

    dea2a20ce8a133c8da27405d6d42c613c13d9426

    SHA256

    7677dc22ff738968b92e6f7530f88ec6df2e832b239f314f564112945fa7e956

    SHA512

    b950ad23824d99f782e07d532d1e4e8953be6ba034c73f0fa7952b8b58934a95d1a6dd41e4a2ea35b9013471a3d3f38aa4ae5d8b686312791e832cd7fac82906

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2322364f375537f3506b62bc85010d54

    SHA1

    0a3daf85443e9d4bbc5218b06bd39954f5706bb5

    SHA256

    d43e83b6bded7a2a4af32152d822688f2c7a99f343aa11f3beabed265bea9d8b

    SHA512

    18512b2aa8040cbcd40a75dbd2108e882381c7a7b1baf2dcd87b1f57133ebe339f58d2b0d06baaee918104c9ef0de492312b08e199bc435952a6e26a890a07d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27852cfc8256e56bb48a3cebf99b3803

    SHA1

    d34de43f2daf1ec73f89098aaac542de7f0b84cb

    SHA256

    76f70c63db188108b1834c7e759c3e86ea4975e88fb1d483edfe52ebd0c0568d

    SHA512

    3c02768881695ac229f4477a03d93cb4dd04241e2019f4d2fbcd1f2f75034a5a4480dcc09deab6207c223913f5d4c05d675691d13ba1cc347c983d2b75e823c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c9fc79225c340fa96e4c6a4ce8a73f9

    SHA1

    3f4c76efce0fabd400a7afc6a94d43959c89b29f

    SHA256

    aab9eb25ed485d0ae2ae75783fd748680481d2d12dbc83c60430a46cb596ad3a

    SHA512

    bf7527b864ea5ad9698f2c088fbe12fb8ec347953bc0065f77a005abb30d3551c8cecb9773cb41e589f66987846cd4517d4358687411985314117a6f41149b0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16fc473e6b50a5f7c7bc06a60788a369

    SHA1

    a1cb831c1c837cd3a2c605db7b7f1e4f1a830a51

    SHA256

    cb34df27d07f6a1f12dee79de7c48d92b9a770e080d379aae3525d33930eac2c

    SHA512

    2ba32f713bfd2d53cbbaf861981dfd00a71bc5a5afd7e53a5c2e757f56a39392281cb03be205e0c5ab598cbf8c4a149d9ed14a1d69a79c535e710614de7b6774

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    760d3a1292a4c5c1660b90d6cfb19367

    SHA1

    d8b0426873be1602292ae53a1c002343454cf663

    SHA256

    a689a5902349aac61d8c23cd38cc7a0e3e0256b64b540a20da6135f5c90d111d

    SHA512

    af5febba64bfc95f972326db871aec759053b23c1e7ffb060cc96409660297e4999e1f6338f5f6c02c8ad4a0cd87c41e15fa75772fd62c9be7cccf4feb939b82

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9268.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit