Overview

overview

1

Static

static

1

4b986d3b08...61.apk

android-9-x86

1

4b986d3b08...61.apk

android-10-x64

1

4b986d3b08...61.apk

android-11-x64

1

PayPayLicense.html

windows7-x64

1

PayPayLicense.html

windows10-2004-x64

1

bundle-paypay.js

windows7-x64

1

bundle-paypay.js

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

tt_nd

ubuntu-18.04-amd64

Analysis

  • max time kernel
    139s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2023, 22:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    index.html

  • Size

    14KB

  • MD5

    c8ff1db45525332488e9fd400c15c7bc

  • SHA1

    32c4af672dc6b9ae51f2c8866531dd377800c193

  • SHA256

    9203b77dbcd7642ae1d967773efeffb277f428658d128e954c4e8c21aaf282b7

  • SHA512

    5ee8bf0b72022b53a40fcb4736f9dd7a0098098dc59ba91435da1c300f605c739d20a8b9859fed502fd77433dd87a0381f3d147b1b06ca38bd2a70a736ebe4d1

  • SSDEEP

    192:h33J6b+yEq47p8eDbsL0OLwIGS1xcgDX1VBCUNoIffW:KbKaUQhroIfu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2120

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          33a47b9ddee8615cce0372bc88105a23

          SHA1

          2e84e5ad97ae45ebf6748477372b80c4a4d4436b

          SHA256

          933cb5d2c5ce4e766082008372742057d4cddb3f9f9a2d29af09f4f3dc29555a

          SHA512

          bf9fee0cc7c226eac27eff5021095e5da558809f233553921ace3b21b917de1019fcd4f23fa83406ce50393697650cff087d0437ef4caaee9db47d2acde53fff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5938e34330215bd1b2617c800203093c

          SHA1

          147aeea9cf47894427e36d78d96c77f837b99a42

          SHA256

          56f8096dc09eddb58b5b827e18634125c0892c4853180d1fdb3a9c7b238d6977

          SHA512

          c7a51319350207cdad36c7b103e5e7ab10516e5d00aeaf22cb2ead185a0f29eabd252abfd6c05e94cd8cac5a77784f2be0c633460909ed3392ce9af28bf27a1d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aa499c177d0467493e7635269c442833

          SHA1

          0c185d4f3bfe7ec0adbdba656230dc30a58d8d50

          SHA256

          fc5f9f809a0deab0d66d5397ad3444c3dc697fb6ce7a10c803eed080828426e5

          SHA512

          cd760c4bdb26b16f07b214e4c521cea27cf71bfa6b3c53d6986306907f258a52236e36d9516a2866138d0449c869141a30a140d2b960acb93d63fffaa0224885

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f5977aa3a6b970ff27e188cfb6dac45b

          SHA1

          32a33517c650d07284346ab3f000b7928eb907ff

          SHA256

          77043afa0a8f063ba9e8e40b26650360d4d19d654be88a41c07114a55d052e1f

          SHA512

          9d5e8ee9e510d23222cd65e05f1eab0c69c81e90861377b6438f9bcafe30ab5dae76e6c5d5d8d3268faabf0a7826fa5c7de95283fce507c40040fc4853f53c30

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7fc68bfe9d437bb03fb86c99f4b7c141

          SHA1

          6c9e0f8f3f25b2486485d9609954ddb5e8212bb6

          SHA256

          e5e3aa89ad86eff77e028ce22c8141d9e945463156aa4f444ef50784e269767a

          SHA512

          94405d394bd59a24db2b9403c15a9cb12dca12d7bcc0bebc40b90f2ec6d34112281ab4addffd904ccded2496b09605976bfb45758f49b2dd7dd63589676735b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2810b0eaa256a2a022ce2035b0774577

          SHA1

          91920426d3f89ecfef45ebd972be5b34e4cd079b

          SHA256

          aa258bc26301de1bb583cfe1f11ca46ef1fe937ca520d834af6d59ff242894f9

          SHA512

          f5dcecbed88489de057d332f13de546424415ecddcb540955dd6cec426279847d9af3a5e55d0b0e4ae5e1143ddfea31624140f5009b6054a3e53305d4d97b31d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          291c8c81aa33379d174a79b13aa65ddf

          SHA1

          99cf48b6cc9750b4bbbe2992e43c65ee13fa71bc

          SHA256

          b79eb0497e8fb7d843eb7d2d699208e18eb03e3beabaf7d710f31e387d9eddb2

          SHA512

          194aa4d2e385b6b54b1f3668dc4801f99060bd78146449efc870a18a8d4e8f8a1af45a909aa0a8428759fd6fef2718e9ad36055925372a47dc2694e44f6b284b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c0c203d97917273de6cb212216088b49

          SHA1

          3c4d09ded776666f381ab20bb18c4cc8155c4d77

          SHA256

          ff39047c8e3e7b0de07d70a24c9c371791d3ebd4e04126474c16344d9afc5173

          SHA512

          c68b05f003ea45821c394ad6499eadf02af52ae1a5490e1620336cbf2b050ae94b1483bab4641af3f5cbd2fa15002921217a89f125a47d3b77fd6c3852a589d8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7c7b5380a259393a5554e6645480512e

          SHA1

          b0a99247db303196d7bdb2bdb92454f06de53de4

          SHA256

          af581fdf68cd5e5d4caea3e0b3169403c7978efa8d82a4a6eec91d0422b9e235

          SHA512

          2a8ca968f489e142220ca6715ff3cf80c9824ba138934b53bb4de905e7b59d1acfa043373c0de53eab8262f7dbca1f0e68b016731afe6c3e7188f0121fd916b0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9ae06366138454a4a6196a955c893274

          SHA1

          c8fc362c45a1bd65d4994f5d1959d604511417d8

          SHA256

          26cb906c3f7be03897b3937e8336115f6e95867b0a593062bc745d8bdd27b3f4

          SHA512

          c78dc2e44750824f9e30cc4b643e3e026c5adba44f7c19abcc87c46f51b3e98d0d41f0ada75a1ffce80981d8a9e34839f711a0070355a377d27b3eaee63d3613

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6950b3e87a031c60136dfa8982f012a7

          SHA1

          48c011ba62fd9fa7bee1a920cb1da70d8a81fec7

          SHA256

          3dea92cf63cf20180f40101ecd9b9438da68df2bfed42c393a61180a93d4e5d0

          SHA512

          229a019df20b106663e92f3dd1470b6aaed9f31ed11ad050c5542ff8bf36c17beca0d1b3edfb6bc6130d65be255c6a96f9785416f96a3aa2b014652981db99d5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0ea7987921afbdf48fca1678e2e2d189

          SHA1

          ce6c57859b0f01ada40e564342853c96bb361927

          SHA256

          79e29142b36ca50c2025e83f1762ae98418a65cd34113b8c26aeeea1b1aa2d79

          SHA512

          0ad8ebe33db1402dccc7eca0a48a6e03bb411e64d77b7b968786806546432051348e7e630e686454dc639f2a3c83ba8e6750a5d7a37a284bd4c41fb891a79d70

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          919fd57feae25789d42aca58186be497

          SHA1

          d8aa8a3e399e3a238e0e0db9085f60b92f583095

          SHA256

          6b30ec29de6df0376d0529dfdc84f06022f618ee1651ebbcf5a371f6ff3e7711

          SHA512

          97bb6ed574739efdac2469562ea4d9303962359d6773dbb32837a8de2706721696a62682622519e6b8c7d2eb084d40198dd266fd225d9625e3cf75c57c378040

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9EE0.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA10A.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit