Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_de.htm

  • Size

    59KB

  • MD5

    52e18bac42fb06e4116cdaee988e0661

  • SHA1

    9d0ef32f76cab08d380ec1359e414fbbd1d207ae

  • SHA256

    54d12be384ad0a78c68a416873338edf8ceb5601a20895ca6aef9360b0cd75e8

  • SHA512

    8a2b4e11b1a368075b8871bf90517890c79dfa88ac2bc9b355af305fe134b6ec4c6d02a50d334ee3b734628f4a0f7df142fe30b5acbfd33abc9904cd48c485cb

  • SSDEEP

    768:cklY6UHcqSlF+xUVPB6rKboSNzCWidlub1uaablOEhEs8e2gcaUrF20OzGJPCGdC:AH7SlFs2Pam9idlub4los8e3ZUrgVETC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_de.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb179402c9b213b7149c8b5ea843016f

    SHA1

    91ca80ed9ee7f388fc44f2e0e33decaf93e67625

    SHA256

    5ac88ae530da027fb79f9f2e9809de90dd35e1e0ba51e87c625f5cf84d2bb819

    SHA512

    71a48a6bc5e487270015a05d67fcbd8a762f62bfaaa5707f8fef69db4141781c6a077fde37aeae617b784645dd036b54f12014561c9844488fd5d6f61a72a440

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7c71c6145b86d3a1185be28140ea099

    SHA1

    1c532a5a7cb102accfa7ddf8a21ad8a4eb5bfb10

    SHA256

    395d795e4a63df61be1dabd577f442902b68588ffd053f30a67dbb2c6d928b9c

    SHA512

    37c848d0507f9ad10ef0254be756f1f36ad8aa2cbd5087f37204f74315d0885918544909e11fbc87ef241d6c4f418893afa6c4167941963bde3e3117fe4d7eb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1089c749d6cfa9a1d06e8624e531a40d

    SHA1

    a7310f0cd0eb9aca6e42fd2240adb4a2737adfec

    SHA256

    447775bbdeee362d0ea700e00ecdfb1c7174aec57ddca7e89faa9dba030776d0

    SHA512

    b2daa358ed56510aada12be93784a94ccaa2fad88d83106957f0986cc9d6951ecdfe433515113d3f312eb81263fb59ef6bf73c24e2b11c9066fd271d1be1a25c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f536d010183b1c432ea0c3e6e5d7a7dd

    SHA1

    5754a01b7ee474c1afe5454ebbbf450c87d18678

    SHA256

    acfc7485e37f83960522ff56e52ecbde03dd0b57da4e57fef669806d1c4bbf28

    SHA512

    d4c973292962b12066f0fefcf2a1cf12de15834d0a3d1e5e29c37b29d83587be7c286a9698bd77a53c82b012be2de76b82b6c881175de061bdb1a9efc0fd3c1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a2d0f09b7894061ce7eeba81d31330b

    SHA1

    98645fd6ff009713805638a52299eaf2733ccde8

    SHA256

    47312fbe79e9b3472872f54aa86149108b19009847ac51801623e41f4291176b

    SHA512

    846195e988a299c719d45182b4d0fd9dd14a27be311323007fd19456978c0d78a52bb98306ca907f75788c349f87c9accc58bc5dc2c71ab69bb56a41dce00c35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    229dd00e0633fa4071602c4f0b39aadd

    SHA1

    d84bea2a2fe62b3db8582a04e13e870c6aec3c5b

    SHA256

    f04158240ec93ba0c720acf9314c27d052f4731c00f102fa6eb4487848aa98f7

    SHA512

    841c73734e3db57a5851c4e5447e9b327222b7e7c0fae21d46881b3b9e7baadaf437e805e2eebdb8453738794753e6d2ba4546cfe2a263d7d61afe4766cb1c49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2cc630bb038eb388aad2d3f1122643d

    SHA1

    b85a030fb99691eac177745b35420a09bb69cbff

    SHA256

    98d28c654c5a2792a5d6406883d00a14b03dc4690395684b8aec15a43f5cdffc

    SHA512

    404fb7b7f9bef7114ba860d7a597e3a349095825ce9ace59bcfe98831aebaa4d31cfd016093fc1032d650cb426f8e01b43ab817fbfdaf922d209d2383376d50a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8f35d6b1768f5579ad9ac2f34e7c005

    SHA1

    d47191e371cb5a3e4bd402f1e419d014082191fd

    SHA256

    d83ab0efdf8407487df94a684c3c5a94dc7661a61196af6c9e53d6806bc49b11

    SHA512

    2123a386e23dec0f7d75acd0c6b82be4bfb4bae9734ab84dfe0cff290d564ccfb23fd278c63d7593a0b1fa6f27f84684996bef6ad262a8ae51714d4e34fd7b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfce23ad37534311ee4c5d552bbfe218

    SHA1

    b370f2c6781710e543d94a72d26af640101c4844

    SHA256

    ebabd91028902ecef1ae084c4bebb398bb8a4697fa155a84dc69d993a7649e32

    SHA512

    69dd3ef9b1b3077cef4e014cc229e45fd7ae7de88325db113743931f4bdbd802fe81d5e454b4ea49a7091f3548765e8917cafba5587e3ba969ce770c09ea8970

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5da110ab0fb4823fbbedc94b9819b8c8

    SHA1

    394a9f88ecc751baf9c5d0109591cc946c4a09f1

    SHA256

    75e9436b6310b05664b1f924de240544cc95f08ba8a4274115968abdac80f66e

    SHA512

    3792c33481f51a0956a79eefa247daa49bad890a5d700348b1e6075cd7d9c8e37d788fb6969347a2a653f712917f294c1a6da795a0a5add69439021300d72e3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f413f12db6dd86d304d169851017d68d

    SHA1

    4b7167751586658dc842195854941f924def3caf

    SHA256

    3d225fa11e85f8d1a141643b991b8a4f2d4a81a9c7396309c517743289f900da

    SHA512

    6033ce8d479daa20e8793f00dddbd3b59f2366945b6bcca75ac8666851b8e717c458a36cc27bde951a1121be7961b05b00109223df54607cd0814d4264313a1c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab783E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar78FD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit