Overview

overview

10

Static

static

10

Instagram.apk

android-9-x86

1

Instagram.apk

android-10-x64

1

Instagram.apk

android-11-x64

1

dropbox.html

windows7-x64

1

dropbox.html

windows10-2004-x64

1

facebook_d...e.html

windows7-x64

1

facebook_d...e.html

windows10-2004-x64

1

facebook_d...c.html

windows7-x64

1

facebook_d...c.html

windows10-2004-x64

1

facebook_mobile.html

windows7-x64

1

facebook_mobile.html

windows10-2004-x64

1

facebook_m...y.html

windows7-x64

1

facebook_m...y.html

windows10-2004-x64

1

garena_free_fire.html

windows7-x64

1

garena_free_fire.html

windows10-2004-x64

1

github.html

windows7-x64

1

github.html

windows10-2004-x64

1

instagram.html

windows7-x64

1

instagram.html

windows10-2004-x64

1

jquery.js

windows7-x64

1

jquery.js

windows10-2004-x64

1

linkedin.html

windows7-x64

1

linkedin.html

windows10-2004-x64

1

messenger.html

windows7-x64

1

messenger.html

windows10-2004-x64

1

microsoft.html

windows7-x64

1

microsoft.html

windows10-2004-x64

1

netflix.html

windows7-x64

1

netflix.html

windows10-2004-x64

1

paypal.html

windows7-x64

1

paypal.html

windows10-2004-x64

1

protonmail.html

windows7-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    162s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2023 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    paypal.html

  • Size

    3KB

  • MD5

    6e2f15c66234a7e12e150123fbd69ab6

  • SHA1

    c45192d8b147e4c604bdae79ad3e4a8c4a4227af

  • SHA256

    4121306c2b9cd81ff08ee1078b0359a9dc8baca6522b9fd806d8f805d9ee564c

  • SHA512

    f47383d2e21b440091cb99dc1e3172e80dc171a51b92ecccd24004a7783444236d975e4eeecea27700b3bdf0eae6bc484f60ebb01c039878cc1e1ba545b7deba

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\paypal.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ae3baac828aeb45bb56401310cfa6f5

    SHA1

    712f71f335f1a6c5a698039baf85f2138456ebec

    SHA256

    2f90263b75b2e35472ce68016df89c6090cd9512a5114bf498ccccd19f190b74

    SHA512

    199b0d0422e4e7c3adbca700bf82c41064d428e85934b219a07192dea8674b0c0350d3633172def0f5513fd2f9bc3140782c19b96c5f5b37a44fa2a5c1108d76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2f2c004a22f92e3047e37a1aa8765eb

    SHA1

    e31083f14b77be92bf3c621ffbe394bc2b16f1e5

    SHA256

    280197de5f042f6ad72430362b39cbfecf9d1fa1cbf609c498b310e1e07621f8

    SHA512

    ef0e920c75b2165708fbc7ab58089ee0653b189fad7551963920b55ce8f7ea1f2e9c478dbeb93ed16b4cc8c9868b81d57597961813f79d6ef86f057a111b7e84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4e7f32fd410f646140d8bf276a9f973

    SHA1

    770617d699491260be41cfe929aa0b9dde08c061

    SHA256

    2d0cff9f4f42e792b4df0ec3d5803525e758d5afec3496759028427106494dd9

    SHA512

    5b4a0d6736e418dfdb3f724867e7e9f4b0957286aa4af4c024bae159c0fb9a95e721f715b653fab967b6563a3ca7a52a8ef1cdbf27aa701d0ffb7c1e45f7ee65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8558c6c20d88e326dae907d7285b8b3

    SHA1

    d175dfc45465a07de980a25a7ab180d326c1ada3

    SHA256

    0edaaeb9939ac433ffca7c611d975322f9afb3e1d2558dbb5a8187cc1a6d1196

    SHA512

    bd3692603f01243061c450273c8de15bc79e1fc86b6c49bea452cd14351169685a5c2625576eb4bd3df47dd6d24421eab990e4194837dcabe91f119d2713895a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54dee9ea3f5fd1e9312cdfeb33f094d1

    SHA1

    e63e2e3c2fcb5b05f02b1f60a7a9eee0396079fc

    SHA256

    79f767853c8e0e1ef3ba912f32c95b02b3fde59f0a30fb056f331e6eb325f14b

    SHA512

    c07acb13c7ce3719b0c857269747df63ab2512c4c37c187a3b05bb4209ba01d8072f01dc97b9a828f33d0dafeaf94a92bfb9a3865b461861fc7b3e064e53fda0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    476177cb0c92fa5f28824252a095c1b4

    SHA1

    92031e6bb2c0c63afde4ee5d06246fd5084c9c5a

    SHA256

    df7851bc491e5249b15c5d6980cd004169005fc6c2470270ec8d4c7c2587ce29

    SHA512

    8d4b8058fe19065ca07ed49132c8a14eca64c0f5a2723f1d1c2659e47a6c77735c3514c14475893d85006589dca10984e794a8548e4cf2306db36f97cf2c9fc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2107cf57496be3ad8cddcac5ce91711

    SHA1

    14d15cda9fde5dcd20bacb565033dd25b835872b

    SHA256

    ae981f2c11108ab8055afe38c50e2c9f3271c0d3e99805da755278128c41767f

    SHA512

    43e93dca7b13a92c9b60e3f0191c4ddb5759357811f048be178a4ab42709271135bf5b15e93d387e1a44b557b555ee89a0843edb36ea5cba308be37f06754ff9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4206c9cd6d5b58e82b07c04586651c79

    SHA1

    4e9f71675d8e1df84f45fbd81f976923b53ea924

    SHA256

    5c2098d40f9a736d130bafc79856840248d2dd910414568b641172a19f2fdb64

    SHA512

    dc63b5c124d2adb3162721f6c0778ad3109fc23193da5444822ed23cb04cf5e698ae763baf2df657445d50de0780c6cfbb508776df44c10155139c19fcdcdd63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    848d40097d4a526ee3400885daf7aefd

    SHA1

    e613075b86770e4c34606c5213ae6b9bae7b68a2

    SHA256

    470534b03935f0380c602439b0e92a70524b017c20ee00e4bc0e63db3c6d4c9c

    SHA512

    17dff4e94cf4293309852e35abef1630609cb5cfd3257437ae0a701e3c1865d4d122aeb61e3002a62e7d7e23879cd9a27e7ac5a9e4e6dc1ecc6200c0936591ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD089.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD0EC.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit