Overview

overview

10

Static

static

7

b93caedc9c...97.apk

android-9-x86

10

b93caedc9c...97.apk

android-10-x64

10

b93caedc9c...97.apk

android-11-x64

10

HM_JsBridge.js

windows7-x64

1

HM_JsBridge.js

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    consentform.html

  • Size

    27KB

  • MD5

    7a2ed1a6df8839dd8936a86d9edccabe

  • SHA1

    7bc1af528444afca678905059cb1ba9fade65352

  • SHA256

    d02fbd55c1b5da3fa1f77c52f5633421395a3bf228457521512b37cdacd65f9c

  • SHA512

    ea0c3e512b37e340f4c0a49196344f1dd5aef38c469ba124605518e913be601a5b6a92a50f00e962bc90041bb80e51480254c7902032d894b7d24be5aec47097

  • SSDEEP

    768:wEh4FOT6bJdK0D7fkvaqF1b6cY4c5rC28c54NTc5Jt:th44GbJdKoncY4c5Wc5wc57

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\consentform.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c94d0d8925d405c84fcb08153b817f8

    SHA1

    2a1529845b966868197daf529b2b1a4105dceb33

    SHA256

    2c3cd9b4af960f1edd92ae0b3decb5f273ba0ceeb8d53e4017e3f38d619a0bd4

    SHA512

    57e19fcb4da5f1b96e7ea72fe8d71b725bc1a892e443a686ff5b53bb50d89d0655ed2dcc3396e087ac36b9aa972200960b29ee9c06f4ad845577d84146612306

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b508a4efb2bc6aad02574ccab01bb8e9

    SHA1

    dd9142f620234def588cff08d0976b00adf9af29

    SHA256

    0e1b841338f34bd3f67b78d5536d0cbec7903d783a29821ad9ebc24790d63517

    SHA512

    7dc10a6f8bc9bafa7de0eb5f3369a8074f616f1239997dfddaf510bc27747e5da81942b643cb627d6a53b275c75a7c252725180e22b077d2f198925974ac1d3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cf3c8956900467c8d00f974d0bdf95b

    SHA1

    7b5c90454613f92e18c42953aebf39ec8fc735d7

    SHA256

    7753de13fa9682a2626189ace072e644b088bbed32a49decf9736d62641cb4f7

    SHA512

    6299aa0bf6ac23fd98e2bf6691112193270ebbffc83d93fbade547c1a3be0c7d4c3457f6088891150144e539097f549802a24ef9af222d5159fe349348f0427b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c495d3e45136e5ff1760886b281d344

    SHA1

    fca2400b73933e9f660ba0367a548e4e0e034d09

    SHA256

    a9b8dcf71c7d5129c7abd1a6a782ac176d56207d92e3b0c4405dd7fd3968f396

    SHA512

    42efb580e4b3f18c8e2bc84e5b14084b29b18bc84d986719b626079cfdc54260cc7d084579cbbf3ddf6e5c55fbd89c476e91a2f74a26f4b41036fb5ac6bed826

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2383a8fef08b0437541f0cd6fe9b87ff

    SHA1

    843fdc64260af4fd8b151d5c503ec4f3c26c6adc

    SHA256

    a35416093c5bf1d7788a733e7562092e4006cfa43a60d9216cfba3973b4e53af

    SHA512

    8663d8d6918d94a197adb8fec34ed9305f9f2161d38e83dbfdb8b783bbc95b179d442a8da21948a2c05a6294a700f071f6038197165921fb5fa45dd5630096f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49be7ce4042c11b06e4a8bb73da3d46b

    SHA1

    581739c95151f23dc7504543d725b4923e2a469b

    SHA256

    796c206cec532fac5028a8b734348996929f096204c5a30e8072be429e4ed39f

    SHA512

    cdaa14e40d2144b5a381139b7562bccd98f2c82cf08271fe2fe33f6e7e3915770e04f2507c833a7a980eaa0fa0455f9e240df5df1baf60690d1c6c4319b5b5a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fee5b1769df07d4b62b3afb7d643182

    SHA1

    01bf76a6eed50f3926aa5744ad326dbc6080ac06

    SHA256

    a9f915a4891f16c82d8dfd7341496ba95b185c00e978f6b8742682aca3514ec3

    SHA512

    e0e8aa90909a8fae478600d5706303568424613d74e5901e14933c70a850f587563bf13790598256732b9feb7554046b0712f0394ecc9edf96336f5603cd370b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c09d87b232ec860d7283ac9af10600a5

    SHA1

    69dbd3aef9e5f403abac01f90130677332aaad26

    SHA256

    b4acc9a5c87e623f6cfda005862d220b5d8fce2a507d0e8fa4e10bfd6f458c75

    SHA512

    bf4f9df5471020cc85f68c74b446d32eb47ce25a879a451a84509fae4bb9172d5eb1b00e64b9a2e73c761eabdfe24195b4d5ebecd29f5dbe9fc974283c621302

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87174e00c1c5b1b9cb2e485734e3e50e

    SHA1

    b2a283dab6a60fc678176da2eb7735e63c11f9ee

    SHA256

    2b10472dd0d6903976f4125d2a55769756ed4fb3b13745dcaaeb26b5a81b5aec

    SHA512

    e2400e569b3a0e355682e6e95a1f72a957a32130d1fcff7fcb453db92d0fddda9fa6a36ea2c9de19c3efcbb1df723ee020fc1e61c2a49b3e90b573365e2606ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07eed6e72d15b573b22e4b344bcf4992

    SHA1

    8042ce56eb041588352b8534ffbe73ab6af7b410

    SHA256

    f2777fc5ccaeb78c0719ee0a5e3a7b05da740df9e7292bb7386369ead7df4df4

    SHA512

    a45c73fb10d74cb083e61ad58a0ee89eeb9a3e8833f8473aa8deeb89e8f0cdddc620c89129444da64e8d6f076df45addf1451b508cc337d0b30c8ad8d66cd201

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a9e5e26e19011fa563063d77278e42e

    SHA1

    5b299def41c8df90447a43d98461e65cd332c6be

    SHA256

    ecac4001c816f766bf1e45edd936e3c2daadb85249fd2ac11564d3257c508768

    SHA512

    ae6f082984d88906d81479c255f65c918f5b372b77acdc61f523c11d91d062fb2a0d3fd78ca693adebf240fabeb53c16a683ace003c7c73301959d93e9216064

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccdb4f0d7b03b01341c7afb2dd3af39c

    SHA1

    eea6602f117629763b941fca3b26c04f2cb4f4ae

    SHA256

    4d1ac4f63d9306647d007a98bd53c077fb526b83313a61a3c1cb1e94df5e16e7

    SHA512

    990def743c2b0a689dc3126d933bd092b8c3d613b140a2cb081903c32646be44b309cf75b1c91a7593e541d848b82273ed8102319d5eb67b408bc4a10f7aaaa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8a75aaa92682f40b16777f607b99e18

    SHA1

    b8ad41860abb39404986bf376b3451604bdc555f

    SHA256

    2a3f55343a347465f170ac113c93c8dc2dabcd89a4ebb5aeccbc72d4547f27c0

    SHA512

    b1c37145754c9b711c91223eef2afdb12cabb7d41729e713fa5aef4395484d083746b79e02657fea5bf8ae44eb2015a18aeb2355d75c5af180f8823e1d292028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fbb73ff225affed8ed6989add3155c72

    SHA1

    f2ffe64070744bc5742d9b6c718ae025fe36e994

    SHA256

    101003f8c0d64008458e9cfb7131d449036eb3b86d8efd871a2074a46e296c78

    SHA512

    812e1ef1f9f63a6583a32f5c96f2e4ceda6a6b2774881e8ebc3f79f1534863511df876aa4f003ee32b0c678760360897d2b29954adc8abeec251bc10f9c60929

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08580e03ac6b82d59bbabef593186388

    SHA1

    c5b8efb8f69bb62e7447a688653f0804bac657e4

    SHA256

    0fa72a7170c97d0fe4c771b49924931f83a12356d301bd946ab88d14b34303b0

    SHA512

    f7824868b38e670f7017e75f0274746ffcb40093ed509d51e836d9df39563d6886221791c4c9e810be2dcc02187dc8a651b8b826effcfabe09dbb5dfc338ec88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64b60d4f9e3a221d94262d2d1c94057b

    SHA1

    a041b44b75285ca309544385c0ed2ae0224fe29e

    SHA256

    a0a8f1ad134137d4b21300cdda5144b98226bf75b65be526b52bfcf5112c2490

    SHA512

    817863c3ec256730fdd9da08e9119fb7087a091ca098ffced09a2cd613e5b46ff2750c2e1b714b2ac9801574f8915f9fc50b2e0593ef703b94c5071b45edbb0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2e1683104bbf04d9c8ec79cef8e39cd

    SHA1

    26b772572e0cbc9331743f008ef0eecd2385d95e

    SHA256

    541711f4844c86eb67efb089c61ad97a10853e050771990357f1a9d53c9d99f0

    SHA512

    e5f4bd276d25721485ae7fd5e7fdb1315cd33849153d0f532c478635541a70c4b115caa6cce211e81a7715a9ad6fe26ea3a79bc5c740770dcea830f39ca3b960

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5429.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar542C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit