Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_datenschutzerklaerung.htm

  • Size

    3KB

  • MD5

    41cb1edf3388232ed16c7827671b6437

  • SHA1

    0f48049463f07cbd9da8a8c32431e3cd398dec2f

  • SHA256

    d4e95c717f4af725ace14cdcf249171f842186b56c365c9897c5f273ad41af57

  • SHA512

    0c649466d7af3ea3c3985b94f44b5d689fab96226c7667fe798727faabe798edb92cbf8abcc67ec559377da7250c19fc15a116d09e3521c0445d2ee66585fd63

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_datenschutzerklaerung.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1944
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1944 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2576

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3883f6b8c9e056075cbdccb1db7a2246

    SHA1

    674f4b112b86577bd280ac4fb2cf96ffed9e752c

    SHA256

    af7b3b84fec0f710c72a7c5682281d722f0bdff898b88f9edd809516b3760c4d

    SHA512

    619bb321d236e1706d2ed5aeb58058210b631f4e5db3bb0c49693b568caf71f231fd858b3544e80541aec6ab457a92350a3d7dcf619762ff9e4dd202b213c925

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6351ab44baf9dd10a602b19cbae90c86

    SHA1

    7701db06b9884922a08e24a43c7a684b58dd27bf

    SHA256

    ae743c39d6295837258cd4e4f16b788a627b8f3df5499b89c30e2881241a162e

    SHA512

    fd62eaecb1b85eef559edeee2b522a8110e595d1bc21abfa2d6fee6f12c70947c864fbba0bd8f240270da99a9f900b853b047891b20b9e913cbf4df40eb40da8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebc8f72c48036e39ffd03ba93c341026

    SHA1

    ea1d2036d28779b9bca0726ca955462e4433b835

    SHA256

    19366861ab755f1b7e38bb863d0bdff0757480ccf192eb4b6225409ebef976e9

    SHA512

    4f8fe908beef16f6bae45e66ebe6415dfff7a611189749f170ab7275e4d795e18b6cfa4c873fb60072945cca6625b777f0dd52494bf58bfb0ffc3287847e4e16

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a24ce22a9dca918e1e6e401e086ef5a3

    SHA1

    4c9d803be641b992d6cb7df0cde56fae616b7c23

    SHA256

    2dd1afe6de120cc428869831614fe53692f379f9deaa31b79a8a7c970b97d5b0

    SHA512

    0e89184059a9786a5b27b5bdc450e3a8c2c12571f7ebcd8056fbd4f69d99b3fc7b86d3bf00211be6d9d51e32c34bb8f7cb8a68073d44a190a0239499c455e110

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52b8d17090ebd0e53f5cfc7f4bb7e664

    SHA1

    650e606f692379e588b459edbeadabf0bf6b594f

    SHA256

    160ce642a42d273505adfd49f8b249952f659f080e191099f5e8931af47313b5

    SHA512

    d305a52d0b603d018245b17c6899969c6ae098cde4b8ac610d94bf0b95aefe793c0eeb22bd3ec83409c8618560d9b39f8b50945e9a048a23a64c09e3745caf3d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ef30f817abf88c9bc97ab99ee26cf62

    SHA1

    02d031f411c9674dc7d40949820bf80b5c98f972

    SHA256

    95ee0a977a3ae00e00c232d5f7c7ac6b11d352f70f476e4a684c70ed054665ef

    SHA512

    d9dcf6f32187c85f4b5d03938c2af24600183fc5ee22384cb52b17103fe02843f48f7b60445344afd82fdff4b9d7b0a08cb308c2ec4d259618357aaa4a27972f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a64364a612782460bd10822ed5e0bd00

    SHA1

    fee11de795275062090e69fb28559331fd5b1030

    SHA256

    bc384f776f5f2914f362f8661f46bded5173e83455bf1a7c78129f60d561b83f

    SHA512

    da34c6dcdccdf4d9c16ce46759e4630e75694d434698c047612862cf0c65004d83c04e66c901495a2fe57a30e4c51c725fe4435159f525f861c7a5295d70e594

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abfba9f4db6847452615c8f1ff4398f9

    SHA1

    f1648f43a7253fc2960637b33d0f19df5a659693

    SHA256

    097f0731f9ff328786869820eabe941d06c81142ad7c43afabd697c21dc04e95

    SHA512

    ff263afef4dd6ef3678064c8ca1498271e841dbbd6f64c665fdd86fe813959c9d8871a9e6ffa2c641d638efc731ea39590b5bedd188f8bd18c82f718de103a39

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73e94b09345195af73c53d227180121d

    SHA1

    8095f0a4d7fae3062dc9bdce5ca09cf36c811c0f

    SHA256

    2d4c8b370b2f88c863c2c0e7b3650a07ce1cd812cd9653eb417b04044a14fc37

    SHA512

    0bfe1418dfb9c7a0f8600e1105e0b4df0f5729bf8dea6c9e934ae22e9eeb519852264a1edae5312511b962145ec50c9e8fc76abdf531899d535303707125a05e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1eb5bfb1be12858a43ad693e243f39fb

    SHA1

    d08a0defd5cf6c2bc045c1eed5afba8bce3f7e35

    SHA256

    b2c67d4c9b847daf902ce3ce02e29520e4f321959b7e19b8df027b40a6930ba4

    SHA512

    42949432b7ad98b5e375953a64218cceeeddc0ee74ca12e715686d43cb31f89448916aca631c2222a59dd5af6fb1fc4657ca62b21b6a1db1dbb659e66fbe7eaf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8128ae9fc8de8925b9d053fdf95fe8a8

    SHA1

    1caba408f66388660b6b667856614d3b4a04de08

    SHA256

    f0a13c10a8d08d4dc30ae0a10bde2ef2ffa4a2e7273da1eaf0d5abe11f23df5d

    SHA512

    b2e1e206d4327b96dc4749a864738de9bff3c72e51640fa3c6be61a8ecfc319af1d2c693a4e595f3503bcf24717e92d66b328a61f22817e3e2134d33390c9b25

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7af4bd2d1a2444cbfbc4477e8b3308e

    SHA1

    d900fb0d609bf625d254a1e92a6274dc1ede1783

    SHA256

    af7fd2e1fb9437e8370e0689690e9080339044b00b87819f4865ba6e0dcfb05f

    SHA512

    ddd4dd899584379b1a2077cbb019966aaabb7f53be68d6bf9c7ee7cdd1b3b80e70658e34d763e75c95fa95880aa86f8c887845d22fdd40025f92198edca6733a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc42e61665cec1df6ed973e7392a48ac

    SHA1

    1c54c94d10070130feac73280fa33654528c41b2

    SHA256

    3c22ed00a66f7d9344868efe662bbc9754fb7750d84672c589396f03bc8c9835

    SHA512

    5338ed40e7e793e992839775532773d8df2ff6dabf4f807f38ba274858bcfc79ad4c539f8ab4de301bee7da5eff4771d73399634497a89e27ea7b4a5f68fe956

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f43346b9207534d3013f1ab98b8bfc65

    SHA1

    a50def7da5b5fcd89d9abd2aa16d96c409a9c6ab

    SHA256

    9230c543af1afb185a93c5a45bece9f56d90339e190942f281758b1d51a2ac7b

    SHA512

    53d8734cb91bc98c5a632e21ddd1e2ecf9c2f9c7d70d48fc723f0687c439556dc10027685d661fda0015d0e79698c04dc9e68715e43ad187e015a4d76d633c53

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    978b8f84cba6e417c1c056cd20609f1f

    SHA1

    98ed93a77fb71b58905013876fc50a6f1b615a3d

    SHA256

    dc44b79ff6244ab15ee4a4af6a34fa61c5d7a09eb3ab103fd31ee746e05cb74b

    SHA512

    41a51d64a5dde51946252e07592a5759694d51356945aee41066ceda69bb0ea55bcbdc6a84ef5ea8ecb98eb947a6dcc184d762832de7eff8ccd0ac3f35ca2239

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bc26244367abd167d2db822ceaab207

    SHA1

    7c07e7732a7fe9d68ae87a1d51c44a7cc7a2264c

    SHA256

    9aa3122405d4ec7565c787a42c3be3ee4cff2416eebfc31181406aa5509ca8b6

    SHA512

    082d476833d3cacd5128b3db11b5d029561bee035ec6395b1bb335221543b4bd537b4898a77af15eb7cd55afd17bec1a736cf2c441632b75e7fdca122568b0f9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabB954.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarBA02.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit