Overview

overview

10

Static

static

10

Instagram.apk

android-9-x86

1

Instagram.apk

android-10-x64

1

Instagram.apk

android-11-x64

1

dropbox.html

windows7-x64

1

dropbox.html

windows10-2004-x64

1

facebook_d...e.html

windows7-x64

1

facebook_d...e.html

windows10-2004-x64

1

facebook_d...c.html

windows7-x64

1

facebook_d...c.html

windows10-2004-x64

1

facebook_mobile.html

windows7-x64

1

facebook_mobile.html

windows10-2004-x64

1

facebook_m...y.html

windows7-x64

1

facebook_m...y.html

windows10-2004-x64

1

garena_free_fire.html

windows7-x64

1

garena_free_fire.html

windows10-2004-x64

1

github.html

windows7-x64

1

github.html

windows10-2004-x64

1

instagram.html

windows7-x64

1

instagram.html

windows10-2004-x64

1

jquery.js

windows7-x64

1

jquery.js

windows10-2004-x64

1

linkedin.html

windows7-x64

1

linkedin.html

windows10-2004-x64

1

messenger.html

windows7-x64

1

messenger.html

windows10-2004-x64

1

microsoft.html

windows7-x64

1

microsoft.html

windows10-2004-x64

1

netflix.html

windows7-x64

1

netflix.html

windows10-2004-x64

1

paypal.html

windows7-x64

1

paypal.html

windows10-2004-x64

1

protonmail.html

windows7-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2023 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    protonmail.html

  • Size

    12KB

  • MD5

    6dd0fbacecfee2c056d52d33d1890bf3

  • SHA1

    fd5507643a10c109c4c7b2903f3b75b391005380

  • SHA256

    ca7a166518d45869c30e929c970a01913b6ea881b7b74c9a979b36c780e546de

  • SHA512

    8c4ed897693eb64f88fab8cfbe8d04369b8495903a700c4d745d52a10afb2f4c3d5af806aabda93f20a42aa914eb073baab7ba8fef944e39a5480fb20d9e4da4

  • SSDEEP

    192:oFa2FL7Nl27/nNHwW7nviC0/nrfOxQZ0Km8x+4Mzf7VrjO:oFag7NA7zN0LOxQZ0Km8x+v8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\protonmail.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db4b4e6162dee691a0faefe4a56e0d8f

    SHA1

    4a41fb59aaa567dfd7e289f5109b2fea9b6a63df

    SHA256

    7e420753fff2ced0d1165d4ed62531334d2f439046d73099e2234dc6c4d351d0

    SHA512

    e75ec8bed0869a8a02ba637256a984c3b2cb77da4d336eacd81d601802e3539b3905c011b5e5b1740319741bd0c3f316400bf1ce21fc9c08990931db7ee0c086

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb8d6592f8693bf0d0e46e95741a73db

    SHA1

    5f4e596eeee0b913ed47c84da71cf12e4e53f8de

    SHA256

    dba233dc1299dd31005c8754723d5d4f7327e7448e118123d219932c1e11dd18

    SHA512

    67282a28535edb7390066df8f6435a4e8d47d833efe3631fc6fc2e17689cc084e577a193c4a4633065f1e0cff457cc440d48784a938b73da8ddc2e5a8e8bc476

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17846ab46cd924a99443bea54e3598c2

    SHA1

    b5b8b0e922e9e4b0dc01dab81b73cd9ff1241577

    SHA256

    2ff3dbafd54913e408e33038fb21be809e9af2c690d00b61d6b4544d611fe27e

    SHA512

    61f12cf6d038b8c080627795d7a66f30bb5b63d1b38b47ba0d16c3d8e04a7efb10c7dd33c87ee0ba99e7712bd3dd9eb6215ca252db38a518237365cc8174828b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7aed656af676254638f050c21497020f

    SHA1

    6b6a3c1087d83c0f1d3efd72ddf15c5064b0ba77

    SHA256

    b286409c01584026c6be1cd3e5e4fabcefc083dd05a744857d3d289ef9d10389

    SHA512

    4fca874861cc37ad429bc0578dc9e3edb302b8581b09eefa36c03a83d87ba64bbb6e04caae8831e7242003bc858350de2b15a5dd6f355537e814668b9f06f883

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7df1458ae0455963cf2bbd0a0c732ee

    SHA1

    381a0ac6a64c38d2a81af307e2aea054cb605279

    SHA256

    b762fc6a5d3fc56966cff3b41819fa8f8c00fcecd14c842898506fa28d04cb21

    SHA512

    614a990b2b9985052430a4e1ec5670007881e5af83b0bc4fe26ee2afab8aefc281ce61a2a23605ec889085c3d990a016ba75db03ab6bbf172a442de3a37fb2ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ea65a08a90d99b037a2b175ccafe3cd

    SHA1

    32100d2a2f8d6e14a441da3509f075e09b7f7f51

    SHA256

    c8d0a5d9808953980eb707c609cc112edc26115af4996f751b592763739d3e27

    SHA512

    4f83681675f541fad6961a48f869d5600d2ad8ef938da2206ac0b2003f199fbb01685bb7b4a9c7d0ab088d4631a5a0778ec4ab47efbb58f6b9e5b9fb8d78d11e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5b820482300b1630c0926f07e2f4544

    SHA1

    b8ead0b84936aeffd6a5cf126a3f9a8f53ca9a52

    SHA256

    7ae9d1ff5e7a444b9ce93424c08b21a8008ae8ca6d3ad5f3664b0d056596a3a1

    SHA512

    aa629799bbbb74d3382590b816b751c56a55e59a5e55a965c21fc69bdd98fafccc925ad474333831bc45611e4219a319f933dcc58d46e91f1d6bf59c52f7bb99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f607dc29c58edd2f15c114380d07e4d

    SHA1

    bafa0d54937ec2d0ca50ed4d95bf7fd4fc91f9da

    SHA256

    029d2b0b8a062a1500b1c6c6f5a1962563965cf8b146a2b41036088153973443

    SHA512

    f97c151d7943ff7359fc71cc7b351399a32d0c352947e1fed1d62243add68e649b547afdc77a01b0ff62df011c983a9a1dd5f8b01ceb9b5ea19f1f0ffed29ba1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d97f193022910bc7c38832064d7d5e14

    SHA1

    77c17d2a14c8bef081a402c77777dad9a57ba9e8

    SHA256

    bfe3041757ba509fa41e243ed356e253b0b7670768b6a199c0a6be07f88c2dde

    SHA512

    80097275944ee7a2409664361b99174e973548de07e395c24bfe2d8473f8a0b205b4a4a65d597b7545cce9f81fdbe8f9ac2c8cfef5397415e97d4b8a09c4222d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    030205256f9ea4b02d55eeac49ed6df6

    SHA1

    6117a18e22a86fc2bd4b3810f231d7bf79517041

    SHA256

    e6ca4a8ced8c446f615e3244b121ed243e47cc9dfeabf8bf87bc96bf3fde679a

    SHA512

    9faadffb867f02a8610f45ca8107d934f5ccb69762fcaa0960bd6756cff5b5e2ae3e32640f14d9909dc4b7110da362a8a8d1f7d68668f07c7c38435974df2667

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7716.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7739.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit