Overview

overview

10

Static

static

7

612122f55d...cd.apk

android-9-x86

10

612122f55d...cd.apk

android-10-x64

10

612122f55d...cd.apk

android-11-x64

10

1bf84a89-2...c0e.js

windows7-x64

1

1bf84a89-2...c0e.js

windows10-2004-x64

1

ad.html

windows7-x64

1

ad.html

windows10-2004-x64

1

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

assign_lab...l.html

windows7-x64

1

assign_lab...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_gluc...l.html

windows7-x64

1

blood_gluc...l.html

windows10-2004-x64

1

blood_pres...l.html

windows7-x64

1

blood_pres...l.html

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

diabetes_r...l.html

windows7-x64

1

diabetes_r...l.html

windows10-2004-x64

1

dpr_report.html

windows7-x64

1

dpr_report.html

windows10-2004-x64

1

dtb-m.js

windows7-x64

1

dtb-m.js

windows10-2004-x64

1

edit_insul...l.html

windows7-x64

1

edit_insul...l.html

windows10-2004-x64

1

edit_label...l.html

windows7-x64

1

edit_label...l.html

windows10-2004-x64

1

edit_medic...l.html

windows7-x64

1

edit_medic...l.html

windows10-2004-x64

1

edit_track...l.html

windows7-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2023, 22:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    edit_medication_local.html

  • Size

    1KB

  • MD5

    601fbf21cb68f72f9c04f46e8047c31f

  • SHA1

    0ee7e08f3c0c86056bcfb9417cf37a2a62ac922e

  • SHA256

    0bcfdeb14fb71a4bb5e13db233faa1792ac4b18f1c769634cf9791dda4f87db4

  • SHA512

    739922a1171f3ee40cc6cf8b0f8d293962fa376bc02bb3f713976b0815fcc8ec44a2b25e92ec60eaef35dfc50c16331672560c4fc606eaf37d5e664257b5f6da

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edit_medication_local.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ac492415c5a00eb57007cb23da64362

    SHA1

    34b468b8b6e8a5e5d427f0119164b4d025d04fbc

    SHA256

    a4220dbb34fbbcd5591f4d897d13a688916c5eb11456743acd6dddcc67120937

    SHA512

    2bafe1db0b7e75f826bf333d70402fcb68f6c89666aa0e6365d8d1d490d6f1faaaa4579f349d59894e914a42efc965092eca76295a2afcc5490fbbdb51f7de5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89cdabf530ef8180d27cc0646a9a9ce7

    SHA1

    1de285d66eb554706638e3903e2856b952586ed1

    SHA256

    557284a5a6e1195c62d22f7f2af54b91d5c0e770ff241471e8a375312c6bb242

    SHA512

    dd62a40e46e1ca94a965d5abde99c9360a90271c0d226ab0567a343bdc2e0bcd227894253d5157239edd096cd329e78f3ec736febb864d459397aa46d67efc3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45b0334dbe9ef6dc7063918f05ac2327

    SHA1

    d1d695248ff2a452622c80e15b20b739471b8b5d

    SHA256

    2fd4eec4d29282101eeafb833f2866b994886e413c932681061f1987d8649cf2

    SHA512

    9903908144eb9cebfec423c4003c22099ebcf29678178ea2ab129101f4d268501eee828d933336c6e260ca4748ecd48e1de60575ff44f3a299d442b56064d404

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba85bce09b275b90827646da2610c51c

    SHA1

    6abb599de99d66d572c4ee5f10270bae327112bf

    SHA256

    53805481b21cbb2a7fcd3a895e82c2e06c9ed9dd947ce9d8ff5c02f1b215c770

    SHA512

    ac3724d874b306c7c5b6463e13775fa4f323198cdedbe6be58f3d0977b348e3851039a34838e0581b2804c3f902832614a0ef8cbe7e84a8e4751aae6d2be078d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7f60145f27a583860f299668aaedbf4

    SHA1

    5031de4a40f2e7a398788feb60e975889040b07e

    SHA256

    c7a2f7f648c12cfb209526843d6e022e5446c94d1a79f464726a252afcd62f21

    SHA512

    8d1e3ea855e582e3383695d0a949798181d7f0d092f6f571c64cd793e582138dc27b1d7a591518d94e779a20d9ffd94ba3da35f2126f40925141afbf19efecbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d17024ffeb55309196fad21dde4cf5e

    SHA1

    11e0c9784a9803fd73292affe7015e2320b785b0

    SHA256

    a8173de97733dfd1bdd47fac4a431b3b3a447e5c65777a6d11d2577f43018110

    SHA512

    2275405b08108133a74dcbf6b3218847c2a5cfbfe141aa984d6862058d3d66866da5907f34acda9b8d7c0621a7528ad9475abab1d2a9ab60e1ad33b3b1c97bc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c118808ae7b90da936b41fa7ffaa2118

    SHA1

    a4c4d63db9885d64ab5eb00a1e147b2c07584627

    SHA256

    88e1ae5b0228c8c91c51991ef6a9a949fbf0862fa6ec5b1826f49ca67ca3e239

    SHA512

    e293d30e0511c8477449a34d9dedf96efb57b4e0afa62513a02a443fcca7bcd5ad500bcff537059d609b699c0e689f7d0e23be50a67b86516e136e07e91b21df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab97FD.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar98C1.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit