Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license.htm

  • Size

    6KB

  • MD5

    407f13382c8d7a039a9eaef44f79642e

  • SHA1

    d16f70c6d1703efc33823ab385ceabd8447ac1bc

  • SHA256

    657c157f78e360d37e2485f6245b4f87789ece5a2b150a4f4fe9fead0c6facd3

  • SHA512

    213e32e5f04199153ad3702e8706b0399fdb8c683a47dfbde7dce8a91ef7786c7d43830eeaf5d03fade136a74ca0908eabd797be806d15c106a2e070579ada9c

  • SSDEEP

    96:27r6shoCs4pHbHF0cRKKxUREEQAk5cVB54x/XHFCWFJYJzzTF3G3zVHCU:DsmQHbHxRKKME6FWXHZLsXTF3G3BCU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2880 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f32a1d5502dee104905c268e5e9d2bbc

    SHA1

    ee32aff33fe7dbdec0bd735763688fcc9ee7b5ce

    SHA256

    6b7f1c27b4add057d562b9d0a6408d45437aa2cab0a16b981c7f8c3641cd7b6a

    SHA512

    7475714c8e6f3ee65d09c66ad1bf9783858570d8d3d62a2066ed9e8b1012d7f15a36a35a37a61dd35cde415f3e59b2b3dfb6f397226570f1ceb360c9d289dd06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    23c33366e9420d66fb60ab12dd9e02a5

    SHA1

    a5fc67f54009f92a75c7bd891632aab2a0824488

    SHA256

    8caa56c61efa16588f9ab03f4ee42b8ad06e03a640671d493466056d8f23e52e

    SHA512

    028bd88b98a643668c0b232d7a4f9b3ee4babc3388ce12170fb496fe40ba4e5be2d12ec027af080dc92cc644ef5b581018c9d150c4220a17e6e0241a23ef1d92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5c2d1b6404c7c55c03930c3023061701

    SHA1

    6407c8304ea109bfee7b0c2d6fbd912891de325f

    SHA256

    e309c78f02824f9c25216c3b3d1ee00e4536b1792354a6166b2cfc1af2fa7026

    SHA512

    ad7ac418e2448a962f20b3feeaf3fdf88c8ce6d87cea5dfc688b572736e767bc26c5bad3ec5abed844687453ea954befc2b5ce9465b32f78de2a36180ae9ba50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0bfb55c22633699ba26ef62fc9436241

    SHA1

    96a28e8c7735985d24828d69cb109a196e839a45

    SHA256

    03cc9c0901992ca1948d42a0619a7f90b54094a3092d98a39aa2d9c818e0126c

    SHA512

    eed6e1c7152cacfa379b311a1db5135bfe1b6dd7dce7ff4aab8d50f4091c6bf9744377b50d7b9c9fd50544e7d65694c716c350773cf41873d7ef51da38484006

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    de226fe0777809ad9021317ddbbd602c

    SHA1

    6a2629cb18664a6f1df23f5193e41ce27b21f350

    SHA256

    1a0161f5e1e9eb73371d1fc2b9bdc1c54097a9d3bab0db4dcac03460d192cab2

    SHA512

    bd1d23b50041f3afcaae42298fcbf0c3e88416665bab9e0ae67cb210502ec7e60b24634421b0f576eba6b8f3446fe76e8f9661bf435811e4452fcb7e1f7135c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8cc170c4097d6db9b76fc188030b50f4

    SHA1

    1ba699cb432221d443ee9a63db22fa16a746717c

    SHA256

    ea6ed2c555e8d21d5466eaade1cf84b9ce1183b5db1d72797f4f510565bece28

    SHA512

    177be62f26de76880ace929fb0105179b28c7fc13b8b9b423498191574399394ea729a5e878685e7df1d125e157fd6c60ffce7dfa70cfc20d62dcdf0ba50707c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ad154b1dc1c03670ff1f9590719afd9a

    SHA1

    0e3550c72f8e59e067d676f8068bb3cb4345997c

    SHA256

    d0488509bad2ad7a96e1e3a1d08d253eddfff36fb25731045ca443c3a3192def

    SHA512

    2917fbf74cea71ae02c0b27f4701709a080e17f01ae09be35bd5682e855c7725650670a1b88b256a2bf476bf779e2209e005cdc8a2d21d825d31b395790b689f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    049a51faa8dbedf91656c137e55a6d72

    SHA1

    40b160fb54946f1c0c5b5213eede723daf7191db

    SHA256

    b33b4939c10ceba624a15ef3f45b6740066558c684441163520a794ae17fa5f9

    SHA512

    1af75bab4fc80d187940b1778e6201a3ab96ac0d8eb67ecf6081dc56fb487cbc983e1c6b8330b875c2ab918ff86ccd617856d803689edd58b68c6bc5b72767d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    04bca904ed05ffe7984b931a25089511

    SHA1

    5f87ecdb8c152b9834764e17eabd3396119cfc77

    SHA256

    1fdbcb676521df584c090366798011f108fe4b77fd3b2b05d86c74c3a162a0a5

    SHA512

    882fac865e18e27f70fbdd45cf4fea44b95b40d916c55297478f15e1ce1a19c4bc5e96a3ab21dfcb4429d14ae67706c48001e4da445b861d30e0841455cd3568

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e4c3bb101e8d01173146f6cd64f013b3

    SHA1

    9587d1cc27ef428bd16b396f920bce3866c33fdd

    SHA256

    5c6dc3725c4ab0deaa3c67ce33e1212f8ce4c8054c928ad8238ef2c6099cb380

    SHA512

    479280e56d2343ffe654a6507698e2790aab7c692bc2b68ae70089e872d8b87a9e052dcb6c18267261776bd7fd5d5505838dc9fe9e5d15bb66958631fb9a67bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    620b63200970b8168a187418fe23ae66

    SHA1

    95e13b563660d0c1189fd0e26a6cdac7e282e826

    SHA256

    8c5e28b3b15e45c417b6f385cf14b000cb3cbecc4db0b5ce9e053063f295d97c

    SHA512

    47b1cf45e03e4b108ede96a991bd0006c9ed86b70486e7ef8347d37aff49cee1e223a61611dec190b7cc4a906a712e7d265e0d89330bde45cb68f6d803e3c016

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    945a6643f965f220eaaf17ea3f35ebac

    SHA1

    aae1ac305a1727616ebd4c1fec9eea4b095ce57b

    SHA256

    4e10a50a1fdd0bcc5f7a49c21432a43a608cf5c91104eee95b500956c543b1bb

    SHA512

    39b768196fb09915978a00fcbf98f006646114f6ac2b025e09ffa7e8f50edd16b2bcefbcbaef1f6f7e638c95e6123bb42441fafb42c27ae649e737138766bf07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b940e60cd238253ec223639127c06c66

    SHA1

    6fc5c92c590e3de6833d3b5eacff4b9276b6a503

    SHA256

    3c14861f8005ebdc49747724345ea88973a06b1e3fcce5aa59d78924c7fc34d3

    SHA512

    78b5e63d3c9830136d2c36a035e891c88d848ae19faa1f085c753eee33a590bbf90e569e47cca29aa1290f4d08382bf3b95f18cf7abc7c769c62d07a756f1caa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e4cb76e2980c941127699aea977e843f

    SHA1

    c165b0a16f4a2cecd694619f17bb2f33a9271295

    SHA256

    0ab4770e1750efcc2e9b03a32a99dbce2dfbbbe721a8d691b0c33fab1fd4eebd

    SHA512

    9da2faae7ddd8240db0038bd9a368586fdb4cc508841f78e064fe3e3a1f29d8c9da9d42ac9e25761e02bbe005414dafc5b792c666a49f527f3c04fc4cb44181c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bd2eae548a1057e112342517d0ff9448

    SHA1

    0dbf123013817e555d4122a2615daae7950c9414

    SHA256

    9958cf1e31f3a40cb6de261cd48d252f54ad99608501e837c059d2f125f82ef7

    SHA512

    8b4ef2c2e0f5f811612cc6d382838f8ce363e9141c2dc3d6a5a45be39ac1bd14e9437f7c1bc7c183a9c134b65339fc3f4512aae5b18609cd601583d5900caf86

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8660.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar86E2.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit