Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_cs.htm

  • Size

    54KB

  • MD5

    22d33848ee6cae8aa8c1e90bdcd65226

  • SHA1

    982e9769391e13507289928289f11aa6e5b6c91b

  • SHA256

    b8a728e6bd697922bc23732cd444d25697d418ec6fd7a8cc322029cd71670148

  • SHA512

    25f1415f0b3e9c34fcd7f896b784d340622f74a7ff308c62da8961c1b7fa82f7ff038b54fed3d9a048a67039058d1c9f604f3be56f495288e417eacc034f7822

  • SSDEEP

    768:/3AjqEZHfLqlREwa3CL+9pcYX/wXBSBHz114I8h9KQc3G6mq/zAIjRK0:/4qC/KEwan7/wXBSlD4I8h9KQc3GX0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec59c71ebd99f7b92488b36b058c3611

    SHA1

    1da2892e9e09188a00b056a4290c84e475f7dae0

    SHA256

    275f65d816ee4228f68454a1bf294f1ea4a779177e841fcd59bf3272949581ce

    SHA512

    a9cae36a23dc192bd0eb761339dec3832f2e5c24f89707f3281f028ed94b8db56df72c7e411d6a0dcc305cbc268c292e5a56203fbf037cbd7f516ac3fa4e4d32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a796696d6b32e7694e81404d65f84dd0

    SHA1

    ddae74a0e27cbf245e9e07a23e3d2e848534051d

    SHA256

    7aa23bbcabd8e3f24726fcddc3cb081bb2a4c9f31ef88f8b945387c2ec958ec8

    SHA512

    fb94d24ada31a9f1ed37cab2850274d5ab0f6eb02cbbddd58b21753b2c822d5254073e9bfcde4f3163aaa927f2347237795db7e28f04537f31fa5f88fa16145f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d02db0ee66a4e18a58e55ec99b788f94

    SHA1

    7dc12c5616c3c8b947ec6f5e20afffcef6734646

    SHA256

    99a527275713a595ff2ecf9cf3d1ced27c667e9850151b98be57f9e39f1b63fd

    SHA512

    0f296cb04240cfa8db112ee07067227975e71518415373bbba67ab6d3f24ff4728c0ef1574c3f65e32cb69bc2583523cbccdbca926986cb22d068682962033fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e6eefad00fe169a051a0e32c00109c6

    SHA1

    e977ded15b8fec426706ecf1f3c37610ab88bf01

    SHA256

    ad6444797576b1f71a4c17f1c694ad8df5d1903c160fa39bc0e2e30523e56895

    SHA512

    30e6606c53d03a4a24a946606a604be820b2d0f8927c616a12063aa4a76dc4451b93bfd6014d07b725afaaa529401188310f90004661b027d62f809454703305

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5dd46cb757e90b53cd669b19a1b449a9

    SHA1

    ac6cb28bafa115c046a8655b190d52958ae54f83

    SHA256

    54c5b6a616893137d7db79425b5ffbab97cd999bee3d46384c715d846f38fa44

    SHA512

    233d769ea9aa8445ed5089e852c4bd916ff0a65143c1853536096161a57424897b2908c7e91848b1c54867b8cdedd52c9628d39c748cd61afb0412f0e0bbd087

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c5034fb0f7d92a0221f9652f31d7745

    SHA1

    5cfd0eb7e5800d46d6a26d1e48d90530a18932a0

    SHA256

    0ad210ab6ca72d84868ca398ee26819c006440535f34287f221872da8f351f34

    SHA512

    8b3ad38bdde05f99dc24dee6a2d78ef04104f414eb0c231e929566843cb14e580928a9509fe6c816c032b1db03a9e6afdd6edac4cef1d2c541e793f1bdbbc532

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccb9c9f99d5e648cd7cd6f47e4c5c70b

    SHA1

    bfdda66156056db17bb114fa696fcc5ebae450e7

    SHA256

    d78da9194f5e28f8f39472fde17e54af125e8382323a86beb168e43eb151d469

    SHA512

    afa14e18c255505978748b5a0c020a6287f0f18f85651d15f91abc05240732238ca7bf451fd0a0f006bc3974a3f43c185d76495e884d4e8f7b88dde21b4632a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eef950d83695e57f6d3098688a76b806

    SHA1

    3615d681a00e82e9d1a2eb192310c1d151f958ac

    SHA256

    4e11af1ef9fe8702007da44f6244fd167161f4b41d086063b36c3f23f4023bfa

    SHA512

    a16507ea47ede5605f6cdbac610386d01a52da566bf7aaaeb8fa16f36bf42b581dad6fe873e7d383f8edb6eef98b91c81724b806e0ed1a71ee2374a1913315a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1a92b3bea360006f75bc1d9c572bc12

    SHA1

    8b87ee302465538c3683d046d455a3aa2a6257ee

    SHA256

    12709ce416380c871e3a2f1804cb07cb5aa34cdbf558dc59f4beb90c996cbb00

    SHA512

    3363995fe4a0091e229d0c2cad7afa81a85d769eab05d64aee8c092fadcfb4624268a77a2dda8216163a6fb001d82ac6fb90739e550ec68ccb525c6e4a3c1b26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68d93541ee63c09b5d495389273d6eef

    SHA1

    2c9f3d86d9ccc47b8dc3a2b7e3ae6eef7643f96d

    SHA256

    d910fcac09e977081ebd8ba726c0d2f05a41236270eea96fad6cf00a33bd3bd6

    SHA512

    86538e210f29f5b12a543f1cf52263c84197bf959ef2c1cf5a842af07bcf80d409731711a672f247df96305e29115fa2c21c6224cb22bb4415b58477c6bbe2ea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5277.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5299.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit