Overview

overview

10

Static

static

7

78e6f36b84...JC.apk

android-9-x86

10

78e6f36b84...JC.apk

android-10-x64

10

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

floating-s...ed.xml

windows7-x64

1

floating-s...ed.xml

windows10-2004-x64

1

floating-s...te.xml

windows7-x64

1

floating-s...te.xml

windows10-2004-x64

1

free-text-...ed.xml

windows7-x64

1

free-text-...ed.xml

windows10-2004-x64

1

free-text-comment.xml

windows7-x64

1

free-text-comment.xml

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

maction.js

windows7-x64

1

maction.js

windows10-2004-x64

1

menclose.js

windows7-x64

1

menclose.js

windows10-2004-x64

1

mglyph.js

windows7-x64

1

mglyph.js

windows10-2004-x64

1

mmultiscripts.js

windows7-x64

1

mmultiscripts.js

windows10-2004-x64

1

ms.js

windows7-x64

1

ms.js

windows10-2004-x64

1

mtable.js

windows7-x64

1

mtable.js

windows10-2004-x64

1

multiline.js

windows7-x64

1

multiline.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • submitted
    17-09-2023 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    demo.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\demo.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a326ee579c93945963b682c6d8dc165d

    SHA1

    4f6d202f567d17d8efb35aa1f35270783219b02b

    SHA256

    735f741098917ce40da3dab9164bddc8937ae13376c5c328d3606aa1e4e73755

    SHA512

    11e27bbfa8ef507e19a7e03199a9491d21c135c2446d977a04383c12db7f4c4cbeba6e6b90a3afeac609a858442cd9be37d9335a7a87f54fa7ed88645a5e39e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb13f3ac7aa753166b1da0b2f79bbc61

    SHA1

    889447ee69247ba9c2b6aa97f06d5281bb80542b

    SHA256

    d847ead823eb52b1d01952267dd53f4b4530e542aa0fcbf4cc413c00dda2083c

    SHA512

    6bd6e1cdf3fa98063cd00ba1c75f460ada2856e8ddb115cca212d9429e8cb2835bd25c3dd3387d5a41117f0129f0bc5da2a43868f8c5a2037fef340f66b4cb67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e51db188ce9f1bd8776424610ceb0c9c

    SHA1

    4a13873dada85b958183e3f9f7439568c826f9e7

    SHA256

    8ce018a7fbcce7fbd3a1ade20927f7b624b2b3c3b71a8e419d7d6c4ea01dd497

    SHA512

    22d42e75f403508981a93e0472f40deef47d11bceda7b901943da362cbdf447bda5adb009ffeb9de9533c95c463a2e26ae0dee9292040c14e302449f729fcffd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7de935463394d345d10109d4e0412b9

    SHA1

    7be16bd26527a37574de636e9a6e28e8c9542a68

    SHA256

    b61d0740dbc7e9925852de1321196a914e9b198c40b27d1539f966269055cc60

    SHA512

    be97d9a816c834964bfef8b45daf768380729f01cd2b3c9b5e94265804b4dc3dd6fa6a3781457be9f6183cb8a0c8bc0c12e7ab33b7451e9e7110dd166113e3c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9b9a367cccaf4f80d272adf5bbf34b9

    SHA1

    c2731f0c045c61ec33733b09e5a5f3a6dcda49b1

    SHA256

    8a0d2961d744c8736623f94cb6864e361f5d87eea976da4cb9a7c97cd5bde646

    SHA512

    6f55ed4087da676b7c343d377cc91bbe16d08154d7c84f7a5cfdccd4e9479da297fc58ab1a4f72a022c999235385c23f015d19488a5e283447f291bf331a47bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3eea76e874c53304e1d955e6c79d5fab

    SHA1

    c4a3a8321c3f786f5cdcbdd8d8759ae68a1914b4

    SHA256

    41f7e26dafd0abf5a252a74717cf81c1f8854b9a2364d304bc3fc0798a6261ae

    SHA512

    3c8ea8839d33f36bb6df61f5abb003574107e7968ebf45a75e0ef0ca95815b8b8030281a8258a3d94c28608146147f1f1196d2f6f178399f01c3306b19c8d191

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc17e9745d9e268d235ab242a5b099dc

    SHA1

    b97b7f05c809a2dd8fe18d1b876b3154f8650412

    SHA256

    712ad5baa3ff09129e91137c5b19f4680a38be79a48af1a0b36ba227ea0f08f5

    SHA512

    b9787689ac9c8727ef3d3c2f9ba265bb24f0bbdce3ac3e5fe90a090be5d4f71cbb609e0633e80ad356d694773592ca686cffd4040ac836d47e9543394ead737c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eeebc7be311d6b28365a3de81c2f5f31

    SHA1

    9ad5903ac6225e4414b3290db4ddbdeb1d90e7cb

    SHA256

    b858d6fd5b1fc3211cdaaa9e5b4a0294b3b4f7fdc911b8b238a6089d44b33f61

    SHA512

    2c7ce944e4ce8c5ef1cf4446dff6b20231bf330e4b5a50283cd45d96768596a5e592fbffad9ed15860e5eedfe558620d6a6e01806cfedda57195dabea44aeb58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1eb2983f7e9db9b7c5926cc471865ff7

    SHA1

    c4426db7f8cb86fdbf3531d1491a028a8ee335a4

    SHA256

    8ba0b0455eae53746c12e21659c600d4b7a2a60244425e0a5184754f932136fb

    SHA512

    72ac38b7efe7f73d7f5e30f928ea032978cccf7862d32a5826f5d190c2e3a7c26d5a3a3497027bce60d1b9881e0d075e525bf66cce667c8d20ef3de3017b37a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a87132fdc2f12058f330b01a40b1834e

    SHA1

    3d509e3e41accf3be8b2a24c7373492e4a4f9d0c

    SHA256

    f7b22ef531b0905df8d6012df4bace858a8523f95533dd5dd65778902868c603

    SHA512

    72a8b69612928ba43331e5a2c3a33cbf2f9043eda067dadc079a6ce39e571b082477d18d0dc0b41e5560b47c48f33fdbbb28e4a2846d8c15068aced06b999108

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f2ba882d78d448475c321f5cd16b6e9

    SHA1

    f16c8947e07bf9502fd47ab747bceb47a623c332

    SHA256

    b19d7716b715770fa7ec35b3ae5ccc5dc4d843b6a984d5618a95e72744af4314

    SHA512

    47a16ff8953146f852536b213a42e7499c686bf8161fd941ab38233e9c8e01b776e187af084fbc07c0ea0b8bf63797d7cd76d036618bd851219fc6a23ae29f8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    092fd0fe41f19f2feed9cf2df6baceee

    SHA1

    dddcfc89b8dc9c9fb58475bb6e71b2af3210b2e3

    SHA256

    81f12b16553bb1503319cd5a82a83876df1b715c23fe9d929616c0bbc35531d2

    SHA512

    ccf71a34e993c732ea3b0a26c1510cfc8c19c055de73631dc552eab5bf49f1e917624f4c20f3d49d37c10d258bbaa28255d813889b040c79706cfa39945abbe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    346e5a2aa8619189ca74504877af163d

    SHA1

    0a7c6c3589d223421fdf97b98c72994b07d126a0

    SHA256

    0810ba06e6e3115961e9e0cf007147324b430dcf473dc0c43743a543b43d15cf

    SHA512

    0efe3a6bbf438bf97862ebea6b4313f7867e76c1e140039b3710a1fc934383aee25de59151f9a77443a1bae0d67265f2f448d69461b80a9c007354d66e8f40ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5b5d7bf0805c5afd460e80e5fa61345

    SHA1

    f78bd8fc1af1c1f8640bf18249d0ea088dec603a

    SHA256

    00b8a0bae1fdc3dc81d92a8dc629f1d2353488bc982cc54e60c46c6222a65797

    SHA512

    17801a34fdf658d91b216f868f1a7066c3cdda565223f9c1dbad1e72df5048850f296fa4ad71a1c0f5638be31f3ad486d7d58120f5c12f9c30b653d0b714a503

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c7b327f4d2167e23bf946b5d7c399f3

    SHA1

    7e3d2ae8a0c6e8050be101b24fd1a9b46f127f63

    SHA256

    3ba25402b40dcf211e8a5be29352fb7a02fb514bf9dba2e13856012210f775de

    SHA512

    8e2742b8bff02244f32e3307e2da0ba2372bfa13985f40221c0839072ae5e7e139cc35c152b62a9f35acb067caadaa9f8e0c7700bb40836ce5cf8fb5b6c3f7fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24b1ee4322395d99367be4316cd16164

    SHA1

    007583ff5eb394fbe4250160c777dd6c827f9558

    SHA256

    c4512ff51497f3f83264fc88bd0d96773d33a18cf9abe4298682202915d2cf30

    SHA512

    859c50eea235cea2530c604aacf93b0e3860f5531db177c5aedc59f58d35c78a1dbade961e58ef13664d2a5d64c35f083ee7f9fd3302e81afa2a276acfe7fa97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    292db9a8ec1ad5e1da311e3bbf72a442

    SHA1

    0c5530db41b6c86f35fd58de096fa5f4d5fbfe9a

    SHA256

    23efd647d64d99a486dbb0cc1f3e07f139d8e0dad42c0167e8f2de4a0695e305

    SHA512

    fe914ac68246522c9268f8e178814c974e7b8f1b8e5198ec251899b4be1ccf8391dbb1ba548c685734548894dba356e55a4218ced8d8afd7b714b2fefc9d0043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8028535dbe41afc95421488770ca590

    SHA1

    b518f0947334da4b42a59d6221b565164b91bd5a

    SHA256

    d1be96f691421efb7a96cc04105dd3be0b62459c59909d615b0a073512ffb737

    SHA512

    fd58a10d5fbea6aae70e7700bdfe46fd310b1ed3aa5107ebcf9e58cdd01b6f74a92d669598a22ed120ae4d513ca1b017fbc482388ed8ebf8b6031ab625c20aea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f448e4a0ec53028a9ca9996c335a4a87

    SHA1

    ce77d78fa95a4d716399f724c4dcfb813b7cf7a7

    SHA256

    cea98ed116e88e10d2d0878957f7ddc068e28a9917f4839fc7a6b6513d35dc62

    SHA512

    8601e5d020378e69c3da8337ac1c3a8941d30efe94d19200dde505aebcf2ce5522c78379d636b9accee4dcef8a7ee309d6f4f9ab1f0c9c5273c7e9ceb877190f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d03df113e6cde7346c542091a575855

    SHA1

    d736e7f64ca1eb0e1b1b13bb36d620ec91732c78

    SHA256

    9e88efb3c89a47f10327c916215af0457d1d912fb0fdc0808b525429adb272a9

    SHA512

    0c6f59cc20a8a1768dc80a3428f32b6503000a34da86a46dcbb3480e9d76cae600a67fb968f50476f8601cc461dbf533820027d9b9f72728de2135797daf68f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab57D3.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar57F6.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit