Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    157s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    privacy_cn.htm

  • Size

    42KB

  • MD5

    49b9a40f599b1089ad0b0394c47c1102

  • SHA1

    d0b0fdb5f6596afedf37032eee87290683b911d3

  • SHA256

    735ba8ee4875ef6529757139876824ac572d255b17db2c75a9887053fd0d9b16

  • SHA512

    43a9be239f71d82efdd06855b9532c9a25a3cd9af3c41fbe407a6b10542bdfd1a3da76b154f0e5d6487a5b66a2521a3f88598982b190660301aef99cd03d5bb9

  • SSDEEP

    768:XEqzEM+RdDBF/f51efzdYSFXKtrhs6WIssFXVqCrX8J/2ue5AFuanVzA+tZxMAXp:2jupQFX9As23Egvxj8TWK0HWZ4Mu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\privacy_cn.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:540 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1164

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1c94b0eb0f33cd621b3c612b18e6bf3

    SHA1

    008c4db229502b33d09fc585a578287110b011ba

    SHA256

    7e061b40fc44103defee65911d69ebfe8a1301e13670990ea2b56f4d393469f4

    SHA512

    14d467085da46d34ab1733e4ac7fcdeae52d7a5a2f7e7202fc8bb1f082839e54fb13cd54f63002cdcef04de11f0b434fd2a07b3007843489cf4cfaaeb8110bc6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88be02e10c44c8779afba9bc0088fc4c

    SHA1

    bbfaf2fe2bfe8459eabed421594177b6026aa371

    SHA256

    f8713653f0cbfdf7232fa1e39b6d1c665e6c69882024ad15185a5fc2b6b69a9d

    SHA512

    19c8de2c1cca796e6353558078b371a868a9f91623cc110c76b17fbe911c18e9d18832d3680bd14027ecd53b0488aa8fa2b9431b0d2b64be4f2de8e6e392f48b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43a71913dd0074f1c6e507c976830285

    SHA1

    b76d204f4cffce2f939bd7a48483e87ebfa7ee42

    SHA256

    51fab3d3c7d19badc20fa03535dc3e37d26c8d7640af1f51596a9611c43d40b5

    SHA512

    38dc009ab9c305211d18144fd448c1345184fe64092219174f1dcb28f9c2b16ec885a9e3823a5d50ba2f56e75c29b54c38c517940b8895c715748efbed0ede1b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cec06579c0749baebf614cf1985c135b

    SHA1

    47b0c3001eed6e6d9c6f770c54eee4df1ee17414

    SHA256

    5abe541da9e61b71fef731734f86fb5707759e5317cc77867d73ad026634a27c

    SHA512

    f8ce20c31257d9bb76cf165d2df1afe2a979dfdd7dac10c3e1a0969abf80a21c0eba328d6c838d5eea2c3c27112bacf9d0611635fe6f4ba5635ac7453cc9cf41

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0eab0c8e738564fb51adceb379b2ed7

    SHA1

    4839e4ac7cfda4cc37bb7d528441b2ace2275e19

    SHA256

    d1974582b644a7f71774640df6cbdc55474e0a84e80c4bd36b37a366fbd0c2df

    SHA512

    a55d99d179dd314cb9fb5faa9196a3d3e34d75df67892366da6a5a6c5157ce148ba296dab336795ad89375c534f1db6db38143a8dd23e504b119746b45031c53

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8af852cdee7801476968723ae485e56

    SHA1

    51bb9878c6e028599f29c0a97977211825581f24

    SHA256

    1095f4a9ec1a1424163a89f949620c4703b637f2dbba719291d9687c85653b96

    SHA512

    9713e55fa3d0aaa189da3d3c48a780f5013fe5d1185053e6768fb31763ac3429b609d15fe3f954c903a0839b9af15dc929a83197962fc09d9d0fac4b1085ed14

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    629cd9924f1129f00b505eb75790d05b

    SHA1

    7c2a596416c563595a788de12ecd370b615e8e6e

    SHA256

    3ec8a33ccfff5d8d16bbfafeb30ec12acccf8aa15b33793039d4ba280a6f1acc

    SHA512

    d6f7544f479d70b4ceb16affc9850dcb6886cd1567ee900fbbb9f3bfea3ba65eeea44ef820a0e41f6606a0c051ccc4a2fcde093bc626f90cb3764c43bccab7b7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    682128bbeda498be61d0c622b79cd82b

    SHA1

    e1709049795f5dab009d60f73fa85e341b0faf41

    SHA256

    ab01b60d3c0eeff70891892f37d35e79791648d830c73b2b7073f15f40d2b4ac

    SHA512

    d6b1ed6aa24cfde753b27ccd5376258b86536c83394fcca558131921cdf4cd24c1f633839bd09e567b4ae783c7410a9236e9001f551d1a5dea2b840540aa98ca

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8a15154f105fa7093525074613ecebe

    SHA1

    04bf12ff6f2c391088b1ff389cb83bfd3d8b674b

    SHA256

    4fc9a0172671df72a45c4ce818be327e24cde59d56fd0d17fb52a90c2da13b0b

    SHA512

    9ed3f3ec2c971426ab300795ac7bd1db770947b96ed571a77cb1931ce448e3db39c8d9b31428666a6999aadfbd4756c0c893a569e10095c807f1c740ededc5c2

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab59A7.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar5AF2.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit