Overview

overview

10

Static

static

7

b59d430797...fc.apk

android-9-x86

10

b59d430797...fc.apk

android-10-x64

10

b59d430797...fc.apk

android-11-x64

10

arrowdown.xml

windows7-x64

1

arrowdown.xml

windows10-2004-x64

1

bootstrap.min.js

windows7-x64

1

bootstrap.min.js

windows10-2004-x64

1

epl1.html

windows7-x64

1

epl1.html

windows10-2004-x64

1

gpl_3.html

windows7-x64

1

gpl_3.html

windows10-2004-x64

1

howto.html

windows7-x64

1

howto.html

windows10-2004-x64

1

jquery-2.1.1.min.js

windows7-x64

1

jquery-2.1.1.min.js

windows10-2004-x64

1

keyboard.js

windows7-x64

1

keyboard.js

windows10-2004-x64

1

mit.html

windows7-x64

1

mit.html

windows10-2004-x64

1

mpl2.html

windows7-x64

1

mpl2.html

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

mraid3.js

windows7-x64

1

mraid3.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

privacypolicy.html

windows7-x64

1

privacypolicy.html

windows10-2004-x64

1

ui.js

windows7-x64

1

ui.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15-09-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gpl_3.html

  • Size

    33KB

  • MD5

    5851f1dcf33b54befced1f620808e985

  • SHA1

    315b4e8585e7b3dd295cd6ae14acaa7317e949f0

  • SHA256

    ec7755520ab49908e26961200839cb5716f483bdcbb6678a23b425196ffb499b

  • SHA512

    ffbdc7389cfba218e3e752282e953b2f9088be4e138e27f73b1a48ce0fc6331c30bfb88f392b7519c15ea27fb34d6383401f91edfee24d6a1e27ecd2e606bf86

  • SSDEEP

    384:Hbslv0tYdMy1Ic73GAvV+XbTQ25IT3MkZDHXSkPO/aWCGBBm0LLfCgJCJnePxa9Q:HbsBRnIcJCQTckZDHXria9Mm0PC5eA3S

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\gpl_3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1892

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7ce51c33eafec9f93a913a678c077658

    SHA1

    2449b670486caabe7af171239e86e48d6a9a764d

    SHA256

    8fa221db845988d62f42de550fdb88d9a9a624e1d975aa3ca2938260a1ca5eb6

    SHA512

    a546c8a9491dd00ea65daa3f03b1089004f52fae6e05f7af98fc20e497c7a3e14ec3a8e786dc6f4d8daaa0ece20eec50ae8efaa3ef08de9f011c89f1b2f7d38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dd2aa8d44aa2a056713f52a27bd905f3

    SHA1

    65203f7afa3608c26cd81aaa71f6faa21df7feb3

    SHA256

    0b4cddd88f3c939adcdcbc20e828540afb47566fc2cfa23341a7577bd8530dfd

    SHA512

    e493a829b457a3839a8af5068026d109b74eb8955603141739f12157a477bc318df580e323ec0931a0b71649d26988261077af959c6ab5974dca053bda55db03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    519ba3980907b399537980d797400d93

    SHA1

    076f5571abfdd26fb789026fb330a57e81a8e49f

    SHA256

    390dceab510cd7a7ed7949a0f5bcabd1be0737bac57186e73176a3a96e3047b2

    SHA512

    b1326a31279da13ca561ffcad34adae8f817a73c29790430b81aa01b93380ea1a30c9d11aa63fab98085edd18776896394a0f4559a66ea052802db80c803832b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    44a257b2f7e75d71d71bafd4bbf75351

    SHA1

    4b79ff9e21b6ef8bab7171c60b2569454830d554

    SHA256

    7f58a20822ce4de122b013c84df7f3096eda3a683c2cba48b18a486d727d2c3d

    SHA512

    9a03174d8da85c50b7f92039140e7bdff67563e6b29dd6aa998b1ff15dc186a711aa8c0f8aba853c31d2e00400f7c4764da554e820545c9aa209ca06d4e4f3dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6eaa0878d31aaf6f60265c79e0be92a0

    SHA1

    908df83cf866ab5b1ce287edd1403c9c7dcd09dc

    SHA256

    40033bc59669e2e7be497b8e7a900e2ee3754eb8b7ad874aa46bdc5c9d6d9175

    SHA512

    ac04413ed220c420a1ba5ba4b0eafa5a20c569527afbe874401622837391d986397bc1b4f0306896557c0d8776d1e0e54c91e9ab82f3f543ab6de7a527163244

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    37230dacb231b95c3920e12588645f9d

    SHA1

    7bb16e384c6a2b0f6aae69af6ae33247ded53192

    SHA256

    0169f209a628af3c9d23f9007970f78c3a02bd5662022f183ebef04841bff656

    SHA512

    c0d2d8ab4a9e69588917f0110c2221db7fc8a6f21d829e78683b3c4156967ce94c2e983ff6bf1d3bdb34debb29d84a5d5d6c9b0e432cdd8a6c59dff434e8ee29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9c14c58b4b1bf16286530e24d3796adf

    SHA1

    df4510fbb858cc153e35994bd4a7256d7740b087

    SHA256

    cb72a70cd93903f5f52ab2655e74736509f687c4b36c9725a5c357a822270ef6

    SHA512

    1babde1750dff0f64ced64f9f34d5b4dd74733a79284a142e80889f377a697ebfb6f42883c48581efc7f49b9bcb401c898be8c4fe0a1679b26f2141797ab229c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    271bb3006ea3ff5f646c6cd4e2097dd8

    SHA1

    f53ed85983e2f720dc483806c7b3563c26732f90

    SHA256

    7f4f131f421ee28c0e1595a29a2fda9501269ec02e4220307930bc251ddb8656

    SHA512

    e2dcc146c5cb868698413ae510010c4340979361bb790fee2804789524d4829d2a5b13aa111e282f3b2996f1c0f53642891b2469290a2d4b83816e4325453f35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a68a708b9b6f37448daa586d7ac28d0c

    SHA1

    e3a4277be945cefe8e772c1d275dc0d2eb887685

    SHA256

    1bc5f27191a159d307749f286aeb8e7c649ae26de87c74fe0962aa3a3a377d3b

    SHA512

    88f6f4914a85df90bd873e5c6d02b90f5a7171e8e24d1e9616b6494c3371ba03a709e30554327c3a7f7a512f9cbe5d74fb881969b25da1912df8005ad97e0b85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a225a4230966541de4b71b200d37e0ba

    SHA1

    823a1917566c4aa03313a17f6c4364d915491476

    SHA256

    d1305a29b4308507c2546619563b8c109f3c47e481a169e4ea7412611de73ba3

    SHA512

    2842dc9d18ffba8ef2301f014ea05a7510f9a2917bdc40b597598f41394c8ad3705e6bca310065b6b95ea5c760da5c623c990834a363e80847629802bad8ac23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    05117063bf01da8e4495fa3e53a711e3

    SHA1

    d9a1d61a72ba48ba3c481e9bcc56c816f962e03c

    SHA256

    155251a25073cc59638904aafd019fb28bac8539beb381a9cdec55f496e8496b

    SHA512

    c2a0d0cabe6b6be02a8272f3c6ebe19920287cff40589ef32d5d49b6d05427069eee50941abaea650bfcdc6de26422df602dd13bc5181119650e8e6600cf7aef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a904961d9106043a8d2256bdf51f344d

    SHA1

    f0a384d70bd190cf8f2c3547fc735e5127414023

    SHA256

    30dee47d2698773612733f8c808b75811224cba8bdf9f9a8b9dcf5f16a3f7a46

    SHA512

    5a1a6b77a1ec06310e851c6f669106c0240ae9020cee9fce3674c931b2afc1cadcf9a057eefab47764fef485ce3fa444eb6b9e074dc0e625c4d40cc1b600a205

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7beb71e616ad90d129249574f4544bcf

    SHA1

    8bb47e5395e2b6f3024783f93788c8cb900b2821

    SHA256

    17d2a2d12a59239e609299d6b5d49159c16d22a50df14b48950631aeed849f95

    SHA512

    49d4e73ed0f94db29b5e7a3e919e4b65c3f1245f040c72e3daf97e8f2436c0dcbec570af15890498253a9ca3fdba502f8f3e8a99276aa759074052403e17e936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a5e9a763a027786f441dbaf370f9a090

    SHA1

    494b277436c73a736fe1cd399d1065c448e5cc36

    SHA256

    6aabc33b35ac1e495cfcdac60d4171c3b6c63d5f8b64aad693a4369244ec2243

    SHA512

    f0ead622e2ba21e5696310de1aba4cd9e098c89be406a077b0297378572319ec7e2c273f950d01945dd8dd804df0895b25a3a3b408ad9df7d2089b3464343684

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    94702103dc460c72130d6c2fda5ac981

    SHA1

    996c4d87e53a5bbb5ad305f2a102a7db57253d30

    SHA256

    b70d5bf15071a678858dcd9d70d116d13c0c054cb207eace4745b7175b58ba3f

    SHA512

    93c0d2bf7842f1fed53f28e1c26736a3e779d03f2f9871f4e5a0dca9da0232f6714fbd187c30286ee1b8d41106cdf52ebca8f29c1f28a6d36269af025e61c538

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    85e72ba82cd45a8c55ec89e5b9047d3f

    SHA1

    206ee6cab744c38f9da2766ee9718b0d0770385f

    SHA256

    fb44bc3c2bf3f6211fcd73cdb91a767a24a281db469e1b71a6c5e5797af9a2ae

    SHA512

    e5500f44109c959f41a8e184ef4a9e31cbae1bb3022d72b3b5bed227bc77f0215cc243f19c58a924405161471edf5bb22489c6151fd2f9a7ceb1489144476391

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f501795e09cc07361750347cf1ac9c9a

    SHA1

    1f78bd0e2de67e0ceb7b310b25a6c5036d60b30a

    SHA256

    553099306853f1afd22c1725e343898f1489a1a18bb18755723fa7b2a1e110f2

    SHA512

    2fa5fcc21c25a3643a1234613427e3e4fd310886bfbc1778ae30b0b35276a7374bdf7d447600ff81d2fd3a5e712aa28bc7181b0f40441586d5649357ad6bacc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d486353618da58216487673b137866f9

    SHA1

    5d648566ce108327989c4ab965054f44954e4cfa

    SHA256

    1a5004326a4422175d1e3ace3e1464cc78566c29ff212ad913abebf205a2e9f9

    SHA512

    2eccbd462043ad28d191575fe27fa90a53e7861697b8085d5f2b8ddf04e80b43276e96a200ba7b5dbbfa86ac7cb395c3652b23bcd8dc5c6260595809b500152b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2938cf53b8d8bbcc5de9a3ece9c2b192

    SHA1

    17579ae47c843782446031d36032e5863bdf0429

    SHA256

    78bab1088f5a581b19098c30a1fb192711b9c1861756d8d83be7cb8859d3597e

    SHA512

    5371a6d5948c24ef5f9c64adf5916d39426322fac57eb7d4284b47fc49915af4cf7cfa92b85497c5f502624e2091a88ac4415089bad7be4776d5e38509b8d1bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    32e6b75721262d1bfad4ce3e3c71c711

    SHA1

    42b4d546d3561da868986886bed353e9b3c78217

    SHA256

    0e4e314610a21c2e66065ba70b8d569bd0b48b935ac6467c4145ce90e07baaf2

    SHA512

    1ca5620d571fb6fb2301cc86b2fb9e8f275ea8648e752cbee2e2040d54dbec353358ecb64440f4909aef2565e19bacd5004699a0968475c9d10cfa9b3295ffaa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9399.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar940C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit