Overview

overview

10

Static

static

10

Instagram.apk

android-9-x86

1

Instagram.apk

android-10-x64

1

Instagram.apk

android-11-x64

1

dropbox.html

windows7-x64

1

dropbox.html

windows10-2004-x64

1

facebook_d...e.html

windows7-x64

1

facebook_d...e.html

windows10-2004-x64

1

facebook_d...c.html

windows7-x64

1

facebook_d...c.html

windows10-2004-x64

1

facebook_mobile.html

windows7-x64

1

facebook_mobile.html

windows10-2004-x64

1

facebook_m...y.html

windows7-x64

1

facebook_m...y.html

windows10-2004-x64

1

garena_free_fire.html

windows7-x64

1

garena_free_fire.html

windows10-2004-x64

1

github.html

windows7-x64

1

github.html

windows10-2004-x64

1

instagram.html

windows7-x64

1

instagram.html

windows10-2004-x64

1

jquery.js

windows7-x64

1

jquery.js

windows10-2004-x64

1

linkedin.html

windows7-x64

1

linkedin.html

windows10-2004-x64

1

messenger.html

windows7-x64

1

messenger.html

windows10-2004-x64

1

microsoft.html

windows7-x64

1

microsoft.html

windows10-2004-x64

1

netflix.html

windows7-x64

1

netflix.html

windows10-2004-x64

1

paypal.html

windows7-x64

1

paypal.html

windows10-2004-x64

1

protonmail.html

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2023 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    facebook_mobile_fake_security.html

  • Size

    10KB

  • MD5

    6083f60fc451ea0354b00e1058ac15df

  • SHA1

    9e3063172228e6219f1482c9ccda57d02d0bdf4d

  • SHA256

    5da1d3ddde573bfbec81e0279e86a77df70a76ba10389d31fbba2d470372158e

  • SHA512

    61d111b70338e4a3b8b26c86842843cf264e8e4d008978596867f61c485604015443bcec03ecd862b17a4d8ea9ab0917af3a03ffe8f943ed54183eb0c005eb38

  • SSDEEP

    192:6MzREOR0Hlj5/Cwyzygk7efrjGl7F92L+sxQ:6QREOqlN77jl7F9Mq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\facebook_mobile_fake_security.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0674605a1a48c2bfa76c55db76d3e712

    SHA1

    895026f9aba83e662d75400cae82d2d00ed53c5b

    SHA256

    b77daa80d9097eb41df9376ec44aa33331ecfce09eb5264bcb2a9fa3bc3cc664

    SHA512

    4d8311540389be471badf8a5801efded306c0a2ef7d4e0c240bc956e69748b0ba7095fd2a3b8b9e995e422671c23196459b1ff62f4cdc10211c47bbf10852d66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb827cfc8f9672e2bf60105f02e7bc77

    SHA1

    7d97ef132f9457c58ab9b1253013f2515259b841

    SHA256

    8746d00f41d90021d96bb094efb748f7b9e4a20a75c3f0ee19319310109a6a30

    SHA512

    f4f33e4f65538b9950b6de708944361a7c8048815b3caafcd436f527e7b18daeaecee7dfe0956a1398f1304edcd37bbd44b9e4bfc18c790bf496555ab832199c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94890921864c91e8784a347d3cd03e95

    SHA1

    b0f730dd0a89ef56f14b4a55d6380e674b9afb1c

    SHA256

    810d96c8aafc7f7184537a339fa7cc05f34b70dabe28ae61a474695dd2a445e0

    SHA512

    543571ac945fc02c738a4eff24d43f1c3ccd33eaa33aa71fc8944da685d64aadeed752ab2933b1af7cc3172afe40dc5b1730d13a294719e04a70277013bd9b94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e040f8f350d42fd731ff92bae17f2ef3

    SHA1

    d318dbcf027b3e9416de3a710e5ce4a3bc6766d2

    SHA256

    fc5975b3a3ed7b48297a81591aa758364f31dc49f90495f35dc5d9a68a18f279

    SHA512

    38e4397f4c244be5dbdef0be8ec133405520315c8445ac2cf740635ea5e0753a96e33b2b203fcd312bc296f1da2f30955855909617246623221756169e94f0db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ed7abe55ec93840547abe448c0c394d

    SHA1

    c0b74455105fc36ab2fdadd91d40b1a4b0ece8f3

    SHA256

    cf17cbaf4abd4423b0d55ad1785c7f04dc286893aec93b95cba5a5752a6eefda

    SHA512

    97930ff93a4ffbdd712afafeeeccad5c1c965dc8b6f7afb4bdb232be91f8fe89905127f831ad9d9561b83d890fb102290e075a6340d1d4c25360c2083e118b05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d0e92f1ccafc8f0544dd54da2fa906b

    SHA1

    9e6050088ab32bceb971d9fe7fe1fcf9459b65ec

    SHA256

    167181fffe2dedb2822e0b03013a0b196a13806cd07a345de9aac738328cc1bd

    SHA512

    dffe4b79f19cfa5b9d6540bfce3ef66b4051cbf680899336dfbc0250d30c041690d36a9bfba8314a45d65f17d70852463ad82c1b1bf0609784e518e2c0a7ef06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecdce2470c95d1a632e94c0e995045e9

    SHA1

    d6afe93e7c21a0525fffff0ae93b4da9b56a5497

    SHA256

    afdf132386f571513ed34a0587a70499e4ac3918fac8ecfb146d76b3be5934d0

    SHA512

    147c4b0b4b111bf6757ee6d9dd6eb76160d292e5325021a1579e4e75f1ffe81e4bb571e1808eb1f1c723ed2fd2bf2a1ec1f2492d6a645ee76a8cb8aad3bf7f86

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab59F3.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5A94.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit