Overview

overview

10

Static

static

7

6f740ba69a...ae.apk

android-9-x86

10

6f740ba69a...ae.apk

android-10-x64

10

6f740ba69a...ae.apk

android-11-x64

10

license-ru.html

windows7-x64

1

license-ru.html

windows10-2004-x64

1

license.html

windows7-x64

1

license.html

windows10-2004-x64

1

UserDict.pyc

windows7-x64

3

UserDict.pyc

windows10-2004-x64

5

_abcoll.pyc

windows7-x64

3

_abcoll.pyc

windows10-2004-x64

3

_sysconfigdata.pyc

windows7-x64

3

_sysconfigdata.pyc

windows10-2004-x64

3

_weakrefset.pyc

windows7-x64

3

_weakrefset.pyc

windows10-2004-x64

3

abc.pyc

windows7-x64

3

abc.pyc

windows10-2004-x64

3

copy_reg.pyc

windows7-x64

3

copy_reg.pyc

windows10-2004-x64

3

genericpath.pyc

windows7-x64

3

genericpath.pyc

windows10-2004-x64

3

linecache.pyc

windows7-x64

3

linecache.pyc

windows10-2004-x64

3

os.pyc

windows7-x64

3

os.pyc

windows10-2004-x64

3

posixpath.pyc

windows7-x64

3

posixpath.pyc

windows10-2004-x64

3

re.pyc

windows7-x64

3

re.pyc

windows10-2004-x64

3

site.pyc

windows7-x64

3

site.pyc

windows10-2004-x64

3

sre_compile.pyc

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    06-09-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license-ru.html

  • Size

    34KB

  • MD5

    ac6e15df193c7135c916f85fd48afecd

  • SHA1

    bc11e538662c15a478b3cbf8cbf0873b8f19ec9e

  • SHA256

    a1b20292621b8ba67ddfb61802bd12bade68f6b930ac6ad61e89c047a1f91c22

  • SHA512

    bcd3d439b0b25ba3de815f00ff92bf3545578d90d53adacc2b272b60ee8bf3d65e460d87fbdc56eec32344d8be567b1f7384fb9c8b0934b24cec39ce05b7c8e1

  • SSDEEP

    384:8JF/uQenaw/h+pMNbK+v5AKVjZI89GThAKJPrLqCu2WVgqxk/d1NDlCPjOB4WUen:4e9hDbE4nGThAUTDmI4WUE8Z+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license-ru.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46e2ad698b8f29264536914daa3b80cf

    SHA1

    05e87e6d9e211f7636b3b3884159dded134ecadc

    SHA256

    c279dc2dd72f3e389e9ef72b55b1869fca69ad031ea4ee720e45df9617444e77

    SHA512

    807e7915a3341c7f1221aaafc79ba3a88a96e299893492f7179ceefd49c01cf993610c55cea9224fae674aa0028300e1ff0ee11d079c0e0731e71073cfa92b0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9e542318a00421a520cb8b3bd89d3c0

    SHA1

    f4e803a7361489af97de80d2ae25f224bcc3e84d

    SHA256

    324932309116b0041f068b594f04774bfe0807e113656c88ba0f7364160774e5

    SHA512

    79657c82ee802a2f99c58e293ca15e9d65d53c2d00ea737b8bba79440fca959ab8541c3e0c0bed3551390258df103511753632d7d360a179806a1cbfea2f6ed6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4a1b1cb757a7ef7f902ba87381e94b3

    SHA1

    76e4b7534e4a83fc0bd5e8b59017519ebe235a44

    SHA256

    9dcf0043fc746844a9c40b557eef315e93f64015f450efdb06a0c87fdb9c753a

    SHA512

    7afdb8b89184512a91a0471341d4d9447bbe28c1823eba87039ab3d2d797989a5f99a9e60e475c58e6409055f03b939106524514343bc903473c887637c095aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8aa083ba2322e96513a2dde237ae14f1

    SHA1

    5abbe591aff8dc0dec761645128201921623e663

    SHA256

    36259478ff31893bdefcc8a47850aeedb1156f23ef21e4b29f5fd85f2e75756b

    SHA512

    81f173e6be0778ffc56df4c47431595097722209cf93e62c27b84652b7272a47df7032eade0b60542b7d6ac846d00cadf1346383f03cac2fea30ed53d631a908

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34a4eb394618178131569f153d235a53

    SHA1

    13ce3dfb2d9fb98b013a0b3d8c435e5017038e24

    SHA256

    8577c2ed26c8570b3692aa0ff6d1bbfce3dee98efbe83dad297985acf8c99f56

    SHA512

    7b9881ce9e93a7344dab713c2de4ea6fca2f614813c2d414d29a2700dff6751ff43bf8344dd278f1d6bbc3c5521aa6fa2e5dfd4760f1cf01df6c9e25df296c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8d718d5bb34bdb90402a86ec16dd355

    SHA1

    6856dbc7158db891fd62b392876d4f294c4266c4

    SHA256

    2906d1f74d0b3d8eb24471998cc26774d96333a67ea9789f9be2c67ae05fb34e

    SHA512

    468e8909e9e7ddeb07d8562f9dad0100dca0fc6e1785b916fc72ea8ad08764d752c8498bf7952df1d55d99b101e8633c7e7162c337de65b202fcfb41626c0e7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8006ab026000f2dfe4eeceb2733a5bc

    SHA1

    fc29ce8164e5cab0a837145569365f831e305f76

    SHA256

    5fa1b400a5f1bff2a07d71e56becbeae44ea25066acbd63a14d65c4f198674e0

    SHA512

    e88d32d58f7826f5fc410f2874430f0686f80223f07356ce4009f4ab8c2054d62e0927d9871191cc505ee8e0f069544eec06e4587c076aa966700d442fc803aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    389e9df02719e00a88dfbca16b8dce58

    SHA1

    975152335ffcf346c0b8eebd000177cb3816713e

    SHA256

    58c20c1a7f489303b4a7644f35f1276b58742c468c47a73bec6bb401576ee2b4

    SHA512

    dc932edbc4330bf8b8353a52652b4fa4238b6135befa0ce32797285f9130c5ede71bfee778f3053b05568f685a9e2ee031ac080a07edbee7b15d89a52c1dceb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bd1117ca6834589585aa66a220c9cc2

    SHA1

    60441f8a78890bd1ee83ef7e580fa3e8eae9fd70

    SHA256

    48e0c3068415a444117fbc48485e218f19f1bdff5aaa7e7fbcee1fbf73b36a7f

    SHA512

    84b976f071fe8fd64e84bc0d832b2517e93e8b11da897351d655d03ca2a7041e18c1a8d17a3ce19ad06148081d2d039d7bb154be64d228a1ee5eb0794bdf1770

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6442.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar656D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit