Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_ru.htm

  • Size

    58KB

  • MD5

    0b8a2f9f0fefa77f9b5e53371195d732

  • SHA1

    53cdd30958d2863ba976fa4e9e7ceabdd85ffb60

  • SHA256

    88212e9f4c88a33b0147f5aa5dd3f8fa434707b1b925e3d45fb03366e909ec5a

  • SHA512

    5b3f90561d9b819dcfa05ef463c2453786b7d4adddc9ea5d84b2b2ebc07106fd6aa3b906e04b386cda7103e22e10d5430e258983d2aaf8880c4230ef06894309

  • SSDEEP

    768:PRtY5bm3l9Q/DVcYRTI3n81skx61fJBwghQg:p+5C3l8Pu3n81sFBAg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_ru.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7856cc3d884177efaf7acbdbe1449dbf

    SHA1

    da4cda15921f3a8fe2f835ca69d56f0f5eee6f6d

    SHA256

    a679b564e23b9ad9128d0eba12b55702897aff39cd4acba0348bfd965e3da46e

    SHA512

    ddaeacefa9b7aea9be02c1faba6d19aa8aaf58e4e3925ab58dbcb964d74cbd1451e77c0255de6034222b5f28282f0b7860e2c3cc2e547214f9e5b047e14f85af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c73ba8ef3070a568ed1b444c167ddcf

    SHA1

    d3799a608caef56ae4dcc0c73de9e768539221df

    SHA256

    90cf941a1667e0b72885784531d6f436c457957a517557dddc10130ffd543d94

    SHA512

    1c8befb815f96c96603bb315f9f841dcfefe492aa755229932997d5e243ae4e629addc3bc1ce24e6fa2ce37731b79ad087bc4d8f21dede53ba2fe77dc2c6ee3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92cc2566adc792eb26ba3fde4fde5922

    SHA1

    89e0a41cc996ff618b74e845b9f9729539f54149

    SHA256

    b0edb524258deb1328b1e5ee765bd317e2f2eb7a7fc3dc4dd94110de5e8f7999

    SHA512

    3fe8ed08265d3355e06726fa3a1c73e750b0e4863b373c460260f4af81c3eb21e040aa91642251e96305cb73ce964a8b3cf02e74374b8f823b6d13d6831f8c4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75d2daa3403410e3a039c2618d7cc46d

    SHA1

    5c4dc5e2900dc939340cd29d2aafd4631d6c293f

    SHA256

    291aa94d5b7c86dd426c1f108718b51ea61c16daec9babed83954a1134dd7e0e

    SHA512

    107b0351fd2cafb172bd58bfdde4b9d07f822d8d58807b1271d28325d5478a7dcb0ca7806346b7010334bf452ee79aab2755ecb93fd8131dd2334284402e70c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cee14a89af7ab01a35a3ff63ea85743

    SHA1

    36640f1b2ac34403eb27ca82cbd9f402602dbdd5

    SHA256

    ca6aaef5ea6aebb94500fd0160559e36233c8ecf0bb3cc8eb28bdc4f173e9697

    SHA512

    c7c6e4d9e0caf16d83f38722d3035091e15710b27877cec8d151d3b57a95b8fa9338d9e5e681d275ec6a628b5c42911d5b4fd910ff3b21c699bef211b0378d2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c4680d7016d908fe79cb6da3fb148c8

    SHA1

    cc4209f6c54c774dddecd0d278fd255656ba0af6

    SHA256

    4b0f0054ac320154e720c8d2349730ba553605da4748316ac408e58c9361ef2a

    SHA512

    17d64c19f6903eb8b0c79ce96d1ae3c3fa9c0c1a9726eb279fe13c59856a9d80842416d839427b26a19ff9ac1bdd8e23c1390455a2b14a8eb074b36cf30980cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed871d80dd6f5f86e90d04fd65ce183e

    SHA1

    1e30eebe1aab51e6b1fd1109c24cbfb919a8ec55

    SHA256

    a202ea01bbf3cc9ca75df508dcf70cd43d6c26ec82584cce5fa2dcf176a19b7a

    SHA512

    6ee204f27dfc0ea5345eed35649a56572536f65578e5ae33c60c3fa69f83fac3a75483ab66b7272c2f0d37a35379622c240ae2b67f7b216b4d919902d825a04a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    101124031b4b7e881cd573b9ca6f882f

    SHA1

    5295e2f11de6d3030b0ca228f9805794c9f61b06

    SHA256

    f97e4b2fd61bfefe65e45bc367ca9bea4450d898ec1afa6501256217a5d8dc64

    SHA512

    b05bc6b961e370317a674ef6c3273be7fc7377a23b4bb3b3d3c9cc6fae86d4258b2e7b2962a40a59bee3e300e48958093d0a0d4eb72e4f48a40b4306b195745a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95c310c0e462ec70accf364bd9815203

    SHA1

    069f1e6413acf6613d02b4fba0c3da938894bd56

    SHA256

    b57a8f8273764fc5ebeb522673f7a0c661d99492fffbca7182aef0bda1dc5961

    SHA512

    70a351cc54c8427b3ac4b5ef0dda122099271acb2e5eb67e784410724fc5cffc64e939431fccffdd309da25d0c564c63a256aac3b15e6503bd1453b8c99150bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1877d054ef0e55a2d311620398338c1d

    SHA1

    034e0aa1d79100aca2ccc7f50a8d5a3fae76936d

    SHA256

    999187ed2d30adcecb6261cb0c845dd3195573c2f455debf925afcc908c7849d

    SHA512

    39a7c4e215a3e7857215c37120811703ff5d1fd75b8942af9ad5bba561f3a9d17510e61347627e21cb445ea17400ad56960f6847a0990c90d0c6599d8dae6507

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    976cab2c5ab0605e3d8f659b08b1f515

    SHA1

    f8866cc5bec09fe55c7dfab8ea8a59af52c7b782

    SHA256

    de597a7684face108f2004383fa0beb818b0232944bb54bf95b22c9885ce7483

    SHA512

    825d5acdd1023f0220558a6eef4f1c0b68ba7a36685407a04bdcf915dfdd5a9b3afa2759798c3e83da4793c9efe74f5435c07ed0377f2d08bba46d4dec7156fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49a64907817b1a424d5b67dd66c7330d

    SHA1

    9d66a52a2ab151981fa5b8b6f698813eb8072466

    SHA256

    42f4a6b1a276f7f2edbcf7b9165fcb11e6edf90a7512fc4f0c7d72c68698825f

    SHA512

    7afba34fc1b57599ad2c30a15c5293e4de73824e849d85bdb671665395fd301b3d7472d7ea5feb45c5ff2c9c12ecad8bc17baefea4003dd049741ba4548d0c9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a29a46bde8310c9d869145ca66894421

    SHA1

    6a83cd7a071ea1f133fdc21abc3deb0489757ed0

    SHA256

    ec83f6c6c6deee68169cfaabd5fcfedf5ad559c8f56d4130474ce59d2a8600e6

    SHA512

    fbc24578f3d771bc832aa53b4b294bb0d927124fddfda4e4997046f0e00464cb60d00834d6c4c8df6f384b5e21850b29fb12f7166129e62a4402dd0cf36b763b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a70e7374dc3a0afb08bbd2acb6a5d029

    SHA1

    003a68b4bbd4bc3020962c9f8b6be3c6821db2d1

    SHA256

    b90ae1284ffe9c515dd2138c628c381c58897b29f93debd60e5efa91280284ac

    SHA512

    197c2ba6437ea3e6468fc1adb7fb81b9afc6c3b2cb57ae668165c9fc2c0517795b26843892289a24c9f7b697dc72674b720a838281466d91b000edb31e433822

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75a2fbcfbe47ab76b8d729f000ca97dd

    SHA1

    eed532b093e5aa3c4793675c9b84755b365914ac

    SHA256

    b87c63cee5a78e28ca69a8c0c15a148f18f4d974355cb5d1aaa300a0a5aefc0c

    SHA512

    caa2722bb06490137798d32d9728964196c35d06895206997539b242a4b3e5a4cbdd3f7ad302e93c0c4f58f7e8cf48add31aa3983a0bfc34161caf5a8e639354

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    117c0a82228cba5e67bcfa30657eb183

    SHA1

    2aa3c474013c2bf5751595085580ab7bc1f57ed8

    SHA256

    930393cd1c5de1085172384fa4daecf9a94d33f738bdd7daf6c054fbd0b80d9b

    SHA512

    e200d9a7202142876b4cf8f4445dcdec37504c3ace9a883c96109cbb3c1341227665976b732b1a436cdb63e5b639da09246c64dcd006ae34228d44f67b2e157c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20a979e4cb26a54fde47887d60100c9b

    SHA1

    63b37e23344da5d5f225f426387364650d693978

    SHA256

    435cad84418cebcae711d7254f68132b4fa80442acc8e8b5967e1f1902cebd06

    SHA512

    fb24750d8551cc4846a62ee7e9ef50fda3eb04a6812fdbe76169ace291d72415661d41e8a62c0575e3ac9b359eec5ceb82adb9793bd3acaae17dd444a8e23801

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b5cd86eecc62f8c50aef41680cbc7a3

    SHA1

    474420ca51680dd2615b4970bc114175065e265c

    SHA256

    45931bea5ba2b72575072d5d195ea0f8563dfe9bcd59d9c42e8b92706f43ccf9

    SHA512

    15b356f71eb4aad880783a7f5e75a68cfe6d17b2233248bb2015c4aeebf52158d08a1bbddd6a687db93385becd307ea5c0c69e49fc800e2e07b712fa47800595

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab537F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar540F.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit