Overview

overview

10

Static

static

7

6a41f27d45...bf.apk

android-9-x86

10

6a41f27d45...bf.apk

android-10-x64

10

6a41f27d45...bf.apk

android-11-x64

10

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

3

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

3

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

3

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

3

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

3

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

3

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

3

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

3

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

3

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_es.htm

  • Size

    62KB

  • MD5

    06411e592d988047a3872a74bda464e3

  • SHA1

    d9d1123bfbbcc127b5838ea0d8fa92972d80b589

  • SHA256

    97d4b09d02418af47892328bd918a16184ce28de88594d37881aee2ccb3d0c79

  • SHA512

    3d86c5265c193689f56104a574da1eef796d9c645b45d5274971bc2b72af917309a09ad1d0645b4e8a5d0cb2ac894ef10da66ee8d879de10d4386324d6673e36

  • SSDEEP

    768:as290X/lZFG5705HqYR53KN6dxvwDXk+SSEfntE2ycpSQRar0/:amP4uBpKN6d1l+E/t3HSoa4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_es.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f526e692b4f03139c41e79ec767184a

    SHA1

    b2fcaeceb63714528b7b1ed4d4338ff4ac0676f4

    SHA256

    72652d4694e6c070da7e2ef866998060b6647b5e1b5d2b7851a6cadebd39a131

    SHA512

    5f06b91d1a48f5714d5eb94affaaccf0740c3354f994d5075cabc2ab4e642eafda947382b81833cf001ecec02119d8a2e7e6896957b0b2834c85e2eb848cb857

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8b41f0969c2d7f943e2beb1b69bc58c

    SHA1

    6dde4234207f3f0a43bf54aebf67d1e958d183a7

    SHA256

    4a2913da33c01122402cff01c3fdfadde6ba276c21ce47d9c2417a0ea1409370

    SHA512

    6e74f77fd250c4eb73a4bc65b29d002e0c3eb1c5143c95e35c0512fe492ae3e552689320b62a8a39efbd84bd1ad50d948e96d4ab104e8da042555118f0667c53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f8840af76048374cea3ec6f739ca207

    SHA1

    d7f92ac91dedd25697800f352214c49d325588b3

    SHA256

    9ac310408397a0909ffbf65ba45abee395c92b5ad05c196af9d4c76b1c4f7cb8

    SHA512

    a5a12e0f5590864029af26f58404e6d42ddd333571c577f8e026023a4f1f132717423f7b3a26ec1df2df3ef8ebf1846cd86779f58258c4316203409ba373a1ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    caca23097efbeda2162d2019bb7d4c8d

    SHA1

    be1427c7eaab4f0113384ce882c0245563c43dad

    SHA256

    9c09373bba92557ea1c4b0de8073130b2ebc7edf9fab474c22e8d904da9a940c

    SHA512

    aad3083e78aaf3e5807b8d92ab8e03622dec265957e2120ee70522748c1a8b03b391e1c083f5315d10329ee642f9ff5eb3389c065ccd136658eb2d6a4f083781

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfd6993a40e476b5d6ced35e09f632f4

    SHA1

    a28b258d2c7853fc1bbb7ffc37863d909561ca83

    SHA256

    146b669a144eaacdfe51f145fb87d73098b8c380f8f894a4e7468d2fc54dcac0

    SHA512

    8f10a52b7eccf7b83b76727486eff9478194b5665ddd4315d9ce7f904854471c15ddedbc88d48085761b31c03d50061655f10ac5e63890a8c93c3027a369eb53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be969af63486aa34c8c5423855d925a0

    SHA1

    5ecf1345430079bb2a6fc2fdecb809d94f7aa950

    SHA256

    eb3805e491a3335cd644507cfc791d435fea50f255515bade1cfafebcaa54c2b

    SHA512

    f3f982f71b14a6d69f3daf17cca3160352bd7b12ad94d3d7e7af5a2f8318f43855dd69c2cc6961477040e47854a46cc691eb7a1eae984cc419e760308f03a7c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d5a7217c826ba3cb18386f33fea8436

    SHA1

    f83f5b5f67cbb05fbaa1e6e025353d1d64327760

    SHA256

    8fc712d10fa1c41f1b8fb991cebc78a782c2883cbe6edff55897a85ceef656d3

    SHA512

    26dc36e811e57127f01f5bc2c88400bfe1bc9b45960b1a76bfd20c39d35fa3c6baa6bbbecca3254afc2d46be311edacfc35b987a34bdd7f940a1180e20d210a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fea6919dde8fca5897c1b7bd33f54c5d

    SHA1

    e1f044f4636701c474058a01fb4fa7a31e8641c2

    SHA256

    d461c03007614d0b6774bc5a1a5963bd6ee17f8b9eba7a8f47e4f21b1af80955

    SHA512

    532c488c6a1947a2e0cc82088298c65a13ed41d804b694e30b38dfa39c42b0fec5e073086a2dbd1dab32d9edecf67f3f7c6535d05ff48ed08784455659379d74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f410daf389e7c686a36ab0e617b3c35

    SHA1

    3a6d018bccbc24bcea4aa74b4f7f1805df81c2c9

    SHA256

    9d2823bd31b9707d9f5b8e4f08ab7cc38a5dd43769929747f4873ad8cd7037f3

    SHA512

    f2d037ed605a5a0869b71fbe6f5f0d14c80015c1326d7fc14ade7ea985bbe905db980a671aaabf63b2aaeac7be58d2d2350f4197aa38318d240f45062980c69e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    241d7818dc330209144370415a3a4164

    SHA1

    01ecb1883436b6b8504fc3d0d370fdfb2c75782d

    SHA256

    4e6f122500324971aa0aa82353e0f13398a25759e8f42887ffb9d71a77ddaf2f

    SHA512

    2848d795876a0718f471cc0f9543e826a46bda36b14d8086d5097eca5c066669c4041989a4e1024f61aff2f98e9fbc0172e1c8e47ce378184fa710e7390ba3ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA9F6.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarABB4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit