Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_es.htm

  • Size

    61KB

  • MD5

    31772dae5e7e480072ed6d872134201e

  • SHA1

    4c19adebf12a2aa4be9773ee4226fcbc79b89e84

  • SHA256

    f088fe7faadb088d3f63ad8f6d6eea2d88abf4e7318e31e17dbe52d5e4f92707

  • SHA512

    5f19c826336d100b5d104002eb0b35dbaf24889225630a3e9c31aeab3d77d912adaec0470d1d0fbd2e60956a11eaccbff385bd7d28ef8acf7dbccc9434fe8e2b

  • SSDEEP

    768:hLYLmYEm9UhhJ6TJ5w7NKVwvTAybuosWqPOg+YS3+brRzf:hlYjikW7NKVwbootYXfS3Sx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_es.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2780

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    454ef7280fa47cad82aa5dc819d9c43d

    SHA1

    34ccb6df2ce1ad57941d3589bc27a1b325846db2

    SHA256

    b469d89a55e14b587e9aa1f796088082f27ea95658f15cd5b18d3c7853fe547d

    SHA512

    ba0f7c7d59a9735c8d9f789e071cfd46035d921a86f39bc484a9deb19ae2bb00a7a2ab6183f29ca0558b027e458a09cc936ca441012c9ce93967d83328e16881

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05bac68633f8f3e2a87566b51d29bcb7

    SHA1

    2e20c040756bb6e87db71ae802c817e8783ed73b

    SHA256

    1b02bd4e99cf355ff415d72be3fe694ec123f96752f6183e22a0da1adba91b37

    SHA512

    1ee44888f7137df6c54cdea0819ee82457971cdc6897c93fdf5145998db70ae77f6f9c1eb4bcb10dfbec06d0dbdf4bf8364221dc6642de8d273da5cd03f1d099

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fc1677010deded2de3b7cb27091446a

    SHA1

    16d909dcd4a817780ead6be100f1a350478cc8f4

    SHA256

    ed89b4e3723bdd4a7e2ab6dd1e50ddf8e7a5e2c93a068d3f27a5bb2318c40638

    SHA512

    f1003efb874b356026a9fcdfd4ccc3e49f7f7a04a5305efded6c87b099b2777e2839dbbab56f1ded2c72be558e60b581563f5f6972bec2f066726380c263ff33

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5d15c113349fbeb4814df644109c905

    SHA1

    b53407017002f40bf02537b576da4724e02d166c

    SHA256

    45286c692598f06767492f18f46eedfc95e1dc97adce7a2a103eb9852f0082b0

    SHA512

    65e5d58560e301352f118e71ebb2e5dd79779662584b3eb539e5d6e55f9d184abbb33512ae9c28bf4e71fc8860c898cb5915b4ef80ec89a75453341261c88466

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    419db71be244b6522b16520ef1f69077

    SHA1

    6d283e8ef89e1dd3207464eeebc0618410c3a1bc

    SHA256

    bdfa51bfc84014bed58a99f02d6830ce1b290ece49001886c570316d98a37cc9

    SHA512

    d6163f9a96c8c7989930ee9ae5c485c66bb77e65918ee5710a7785293de8eb390041677403bbf769a9b3376bede652a7e23aa0e8276caa51198e9794d840e587

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f851e2334aa6ae77b76fbb2331a461e

    SHA1

    d542cd4737afd84dc50d53b8af8c305464cbf663

    SHA256

    f67812e04c6fe8e30cae6244fa8eaf7022e00809e820251464406cf6c60f7cd4

    SHA512

    7b925eda3e019dc00c4b11b12e081a3585b6da83b759ac502fe3bddfe6b830c7fcd80296642d0ca3557964043c81d240a4d9d0276232e7bb21b1491970cc81e6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    107122e6f013be029048fa55a53a8948

    SHA1

    d6163d8e9a71d443a12471ce256e317dee7a667e

    SHA256

    0efd46b044f5b63ed02dc0541a618ba8389b20197f962cdcce89115a9bc14eb9

    SHA512

    ee1464342ff0d25c2515b583d1c35a14b4dc3c7a5eeb16da727329975ad34b405fe6e255f144b2c068a89f90ffbce4c8292c16d2919c95c2166096986ae3fcb4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c0e9eb72df4cd43a2f1502386bcb6ae

    SHA1

    c2a0a6960c282f0955cb624bb7f9a027fd93529f

    SHA256

    bab1e32db7f0255e635188a97f9e343a1fd855e154e695d0989c181ba5dcc93d

    SHA512

    879e6bff8c335ad3041f893ec588cbaf2185ba161f4c98145706798df28ff3293295b50ee55cd98af1d5e50713f52ca73eebd4563cca0e2988ba6d059a8de44d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab5FBF.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar5FF1.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit