Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_privacy_policy.htm

  • Size

    3KB

  • MD5

    f5bd54f89d624a56a0368d1bf532c60b

  • SHA1

    6fdb247506d811132bc5b51ffc1d82afeb6e72b4

  • SHA256

    eb87dd5ca31a26b9d8a8bc650c324b49027d38242ffc71a89b04e0aae8b4cb4b

  • SHA512

    8dc96be4781bb08b1dcbc3205f59eac592285e98a349a330301ab32e81a25beebd9224880215c62e431d9926c7ed0433e886b61730ada1012ca2f907fcceb263

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_privacy_policy.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2164 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2004

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6caae45c435b74d131dccfb0ed54c321

    SHA1

    f990e45e6d1ab21968f61b7fca201f878cd41faf

    SHA256

    6152275bd22d620ff58a41eb9c5ccbb3413c6a7c31df7c7ac5e8f413c81f18fc

    SHA512

    6053a565f971529220c96b90d4ffe217bdf433f3a494ecc996575c756e4704fe7dd607486a0de225e47de09fa88d24e560d61191dfd964900604c253daea2119

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e356e685f18289d882d907e13636f183

    SHA1

    f924955316831b41574162009815fcbf4fa87399

    SHA256

    78226c452d121ad0ba667bf9a4a1bd1bd668c50ee7419e8ebd1d733463ab5502

    SHA512

    bcc5a814ce83519ac9e678b23fd74e3e09fc075b4f387a37cf50773187d55ab56282ea87f526eb0323a9651aa9da0ad4e61657b3cfb7f4c143e57881a50ff954

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1235436eac1aacaf7809ca0491852e5

    SHA1

    0b68a1d773df1193cd3d8e2f7a58007c04c46198

    SHA256

    03f973a72b3c143fae280cde84b211158a949bc2fa1d7de0ea88384d66f0bd7a

    SHA512

    5faba7bc5fdc4b26277eee4f7ae9d4d1133f95635958bb700153407f518279ad433dc0ab8267626880eb061c31a33fb5348ad83d8773e4534f95b4a76c6d42b5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d923118b27be0d8554c79ab64f399e66

    SHA1

    ae8b4a3779672103bea46acfdae160ae41eb4735

    SHA256

    82acdaea05b91304e4ceb4fc76a85104c2c2d6c242d09c9b4f75cd46f70b5bdb

    SHA512

    b4d96c43bb0ada50f32c0180a799ab73f497f4681ba89c9518487e848a2f22a962c5a3667df4c71b4fecab13ca8517dce8e166e2b15141b77f9b70523b9bb08b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7f4f5e7a7798c7039e4dc32ccc57f46

    SHA1

    7dfe27a50b3d0c08e54c1d18bde08e69cb8c4916

    SHA256

    ab3f71306335b7d68b1136cae670b83960fd02755b2b98e6214361a44b86e585

    SHA512

    8084945d5e3eb949f8a995e358ae91603630e43850d7f1ba28eeab6ca39e6a3b859891049c5b67e1589ba91317c2efaae7cf806a8f8e90c36b9145074b97aeb6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5994d33eda924054b01da1fada974b05

    SHA1

    43f9b62516800026fc662ccd540e3339ef6b3516

    SHA256

    d8497446dbd8affff11bc8681aa04094c2a629b5f717ae561da65fed89d62c30

    SHA512

    21d67951b9c98a4bb0fd2643f7374a2573769dd6b6e464f2a140de017955f15db399c11641b663a283d206e48ecc5c039e4f01feb8f06efc7e493bd766695fb8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c82584dc55373aa564832c8fdf5bfd2

    SHA1

    eedd21a98f04b84ffd4e0dd41c615ec690ab7ac1

    SHA256

    88ba92bf703792c18305e40aabbbc88253c77bc7646d14ce6d43f78cc9dd5cc6

    SHA512

    debfeac4dcf11a4c347833b2dafe67dd68488d1ee149ba6ccb1c244c54c82edb43585c797bb5ad4cacf52177a205f1390b29838d484d1aaf21248a0229b88967

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    322610618045f5a01f5ff9e2918a5175

    SHA1

    1e518c4d8e988173597a474c0b8ec5023ac58c26

    SHA256

    aedd53262abe7a83feedc8dde1426a4e123602ff27609c190b1c5be0285e7c80

    SHA512

    ca803220a24269ce562acaed26068383b8128e2fad2a7f76f6e7a28a5209ebc71d6cad3e833c3ee1ddb7fc83499c874a088a561092fa5e2d7c4c6fcdb779c5cf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6020077218f08c28f868a00471ea1a74

    SHA1

    88cc0a4d8a40ba7f125b0a43ae151d1a0831cf47

    SHA256

    43e34f79737f1b95023d1f46145d83c5400579738fead3dc1f7d483cef0b713e

    SHA512

    b45c8ead460f11e29cb5c4f7ddfd4bcad75c60b57dad5ee39205657e88b24bba1f023c092cce66f86f941f052c89612dad38a22c7beed1fc29847c58a3c9ea28

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d84e927d47e69bcbf95c820f97848b68

    SHA1

    1bbe0d7a70187a6e3368cae39ac6c6bfc2fadd0c

    SHA256

    3438ebcd4fd765de8f0e35d1969469d8c9c28f79bfd70270e1c635b14b2f30a5

    SHA512

    b504081679df8456e90235512f2ee045570111d4e889d303888213382a5df31a24cbe4f4c9cf0b05fd2b71101b6c83ac155a7938c0a224c20586d71f4e8d525a

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab713D.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar717E.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit