Overview

overview

10

Static

static

7

e15e150aec...20.apk

android-9-x86

10

e15e150aec...20.apk

android-10-x64

10

e15e150aec...20.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aeda13259397095bf89748a8a37e3046

    SHA1

    263c88bed7306de14306a336bc0524846520367b

    SHA256

    1d646dd52576718b4869237a4651baa5d0f90326cb3d9332d48e23b41537cc2b

    SHA512

    4d15cb78fbd441375e84ea84dc560c7f9fa0e1f2e2181bbbbaa46138dd2fdac92ee1696809ea1ff56ea876d0888d637b4d2e98d298731bdb025902cc482243bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e7602c90ce31d4984e5de707b9c17b56

    SHA1

    8aca2ea38375f4b611a491a5b9ea9bbe3507b5d3

    SHA256

    01b7cadadcbc36c1572b8f509f0ea4dd4a9f9f7713b8111b1b8935f3ede2eea0

    SHA512

    70b85a5b82292a6c013b4dc57a2836ed09d80e74207d54325a38307f24bb95cce8625d95ad7eaaaa6ddfaef4dfebf98dbf5cbc78b3532c11ad2d8b7a6844ae3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5403274ea6244c7772c591ce6a50c622

    SHA1

    4c891336d896acd36062fb7b63e3816fb0c6100e

    SHA256

    f376d800fd2d31f52836b23fbaaed4e5ea4ee01ad62540cfdbd0536f746fa231

    SHA512

    e4cfa7bb57cbb32ed3bf4f27780c24c23794e068d37a711c182f03c0692e0a349bc8b8c1a52ef6979226f1689f9c89b3c041784382643b5591cafa94837ce280

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b84e94b5b8c0f2a978ca404da5ebb380

    SHA1

    a5180c1eeae8f8e224c054f4c0f7ee3fc46c9959

    SHA256

    0ae6b41d723b0f8b72841f041da92cea32811a51e9becad21931e5c51b75f9c8

    SHA512

    c8744e7cc4270bec93237cb2323a59f7b12fc78f8f9bfb4ff26db16592cdd56ed3a58f92af21ee6e90da24376da0f1caa9b30c95a7b9ecbe8572a3700b294bc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6a050b926edba0964bb8eefa2b16aaa0

    SHA1

    b1a470c03023dea65f7ff9f4da56c145895e4a1b

    SHA256

    a36501e60e99e9ce8f03c826d22e0ce209efffe3d03e9e57a49cd0eff987dda4

    SHA512

    52095e7b6ca0e0e233c613e6ee0d7b1cf9f1f0ce99f29c37f80269d6e3d23801e97fdc3e6233b91ce00c206fdf6da052315d2488f8370578ff4bda24891237d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5d894c3b1c36e6fe143a33f7934e6fc2

    SHA1

    510a11a3e24c77c1618293ee9d93d08f173aee75

    SHA256

    c824f50ce832c11d06604742aa290e9a8ddc356c9d7b5ba190c1954bbe844a32

    SHA512

    df8982c347d23d7296322d9a10484972022206a901cfa7f321342a1c1ccf359f34aa82612055eeb9704970c85adbdc031ab7a2352a789c8ec4e467b8b877c196

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    da83fe4f9ebe06fc62f81d68e1e6bb1d

    SHA1

    e1b1ac8829a0272fe4c4694fe3c991617fd5788b

    SHA256

    7a0ed4f96326c508bc0533759bcbec626bb81c5277845704c4645a9742b8292e

    SHA512

    a9cc605dac3e068270760eee886f8e0b7519fbaa1dcecff6be09eb6d9616e20ebca8e290d4bf9be1c077e2048cda5019d2639b6d77843e115252450b1ccbeff7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5489c0a05f82661990fc13d886b76df8

    SHA1

    8fe2d9f14dd7808cfd1c618ac232e770d263b6fe

    SHA256

    ee848a9bfb49289a7b62c42bb0b6258e0854dbc94a6708b22575b27212a0b97a

    SHA512

    3d0fa969dd9a0db55fa8326eccaceb1a21e0e300057cedddbeb3e42451b5d4250903cc5c126d0f554162aa1df0944f932eb53ca08ae14a5c3bb4bd1ca295a812

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cb88c0281ee624a5ad1a4f29ebc07ce4

    SHA1

    1f3d3c6b4e60a9429ac9a7670684c2c37bceca84

    SHA256

    bb52fca196eb5186e98f6f99a5413843f7a342aabc0bc6ea0c77757ec54386bc

    SHA512

    be75bd0cfd963fd40c8bc9ce6ecb29fe2442061af0626d7e46bee6df07bc50c87a6434be4b6d37dc7ce143b71b5b5f390e4ada245f816098326d0a038a1debe6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cf673cbce2723457086afde8f92c6c92

    SHA1

    393aa469123e365e72e114bdca573503c0d74a98

    SHA256

    00b5a28a496baa9a0ff30db535b97b688bfbef2e59181067576ac1bb7d46395f

    SHA512

    86d62ff10477dd3e2e6d68a6d35956f744525d8d8926b6a4ff439da12cc99e6e412c11f3731512d23cb0e22adea4c78a898c89876bd36e7f1ba3de5af360b2e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b3dc444b36130f29e94a288bd8987343

    SHA1

    79329a9eef559b4540f019dae6dbbdf2db17d06f

    SHA256

    5433debf78557783f34beee0a8ebd4ed37c1f767d5081cb135b30d32a204d5ce

    SHA512

    d8c34bd16e4f28b0aff06ef3a56533a75f4e1769bf5593a980c056f221bde717ca382a32b3bc268dea9c87e2786283cd350522a6ec84948bf049ab8648eddf18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    62565d88a09d4d92779e23df7e83b819

    SHA1

    bbac8ad88482ef85b6869f7f9f9ac64116ae0d3a

    SHA256

    3119459381ba142f1c6d0b42f7258cc7f698a17b2e4603785d3c706ffecaf38e

    SHA512

    cb0bd3c880c7d133c381d283a2ea6433bf8a9d7d309d44244de8d1d555cfe4e0ae896e98eeba717e77afb7e422396dfd36f5bd01b87d8a0c1f81922e92885129

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a14c4441c04488ea4b5f043b3f0b4815

    SHA1

    6ebc281342f69bf69069297fac515e7a6d37486b

    SHA256

    866d0c58a0cd454ccd0f27b363fdfa91512d5e04a93f88e43fe2aeccf230cd25

    SHA512

    50f2e0ea371767a35930d8f3063c296f0f934f390378a58e0202292e51cbbfe2dedad1fe6681120ff8cca697c15d1945b2699ce68db39ed9237dd82d451fe695

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f3718a423610a0f449003cf59ae44d76

    SHA1

    41214abd0180de73cf1fb126226eda86be240447

    SHA256

    7dcb21f4d31dc94020f7dbed778f2c835296f2286c39ffb24efb62a79716865f

    SHA512

    a2fa0ca4dacadbfd583b7c22d8bb038a0c2e3dec0ceadb3665364bb711d660ebd0f3a4955968438c2d1164217fc52557a034edcc7f54b91fe6739d1b6904b083

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9E26.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA04F.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit