Overview

overview

10

Static

static

7

88a50ba6ab...aa.apk

android-9-x86

10

88a50ba6ab...aa.apk

android-10-x64

10

88a50ba6ab...aa.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help.htm

  • Size

    53KB

  • MD5

    883888def347f0db8dbdec1fe82be5c9

  • SHA1

    f54280a3690f373a05cf438ca12c3e482bc1ed8a

  • SHA256

    766c2b736da4683d0f7cd5927cab1441dc13bca47af33b0911d5aaaa70da6ab2

  • SHA512

    4538af3b0b7b2786461d37ca6e3b93290ff9d6a6b7820f7dd3bf3840414c06e0c271786a91e5164d8767ecc66645f9a09599af661ddc39384717dbb80d9cc546

  • SSDEEP

    768:FWAtJoDQSUPSEXVe5wSsRz1K4I8Cnsro7:b6kxPSGowS+E4I8Wsa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2228

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff9ea95abfeecb8700aec0c31127407f

    SHA1

    9eb8ec63a63b5b2f3d6aeea2501f422c320d9a7f

    SHA256

    b2d1c16a79089896a7f919049507c7000ca5eb78bc99ef81352eb8f0b369dac6

    SHA512

    547006613953c10024d331b1744b8fad51199d7e39b617cf1ba290c2b0ccfc0aa1d3d8a7ae2d903391b1b72488a93de956e41f606800129fede68a9e26e4bc25

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b491f8069a0fcccf66f03af2f11f893

    SHA1

    98cb51fb0deac942e9dc9976206afd6a191feef6

    SHA256

    87c32f33b45142a0cdc46b1965520fe5301f01b8c7c8dba0fa80956138eddaf3

    SHA512

    9fc1b96b17f1524f2cf299ad1e98ddbacde1b75830d1339de91b322924a3fcf358191f9b23a5e0e96449cfa013a0c815a4fb622736cd7455248d4888aa0db74e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1360936a0b56c3e2c869cab79453c03

    SHA1

    17e5b0b97b845f423510b78a8bb37589536884e2

    SHA256

    4c4f5c6fb71f32c7d7122353995f0beeab7739e5b14a31cceac68f59004b4e1d

    SHA512

    be4152199cd2cf4dbadab1233a149b416b17abd86e6cf37cc5f69bdd698b17180cc4f14cc72b2cce97ba9b783eeddc0bd9dc65f56e6ce78df3506af14ef0eccd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0a34aa90b95ba7a1939526a6412309a

    SHA1

    7514d368231fa3d8d4ad8b9d04e6248e1ac5f0ad

    SHA256

    e6b6bf4c34d6e8ba18aadb15b3871f29a01c0e57fff61be8a607d6737f73a796

    SHA512

    526aa6435cf7d02d2068c90763e1f544cc79b6f91cfe71170b63d30d47fbada3439c4dcaacc26a7aa1d58f67777281b8144d07af46cef336f44aa2f8ab003495

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d7ba124bb51b14789130d3e42919956

    SHA1

    17ecb18847fd84435447a3bd48ac97a2d54288b2

    SHA256

    06b30bfaf28dee9fedb2d8ba6df86c3d1057556191baeb8c7f7f0d3107c9ff4b

    SHA512

    18c78fee9b31440d938853a9a4fd15e768c5f3ee496bf217aaca042f3a57e7d3551707f9992c0468088819daa1d70cd622c797d3c08448286a30f56f457905a8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49c2bc58f9aa1fae563bd081e574f7e5

    SHA1

    e3391337d16c3c42004a92adad78fcd68a892b9f

    SHA256

    4d9e564428c73f34476cac675eb36d292042e20f509cfe9f3b95cb6ca085bdb6

    SHA512

    5eff95e5ea82966c0d728584cfb621825283f83285b54d6b9d5ee06f450c09f94846ecfa2bc9bae1528d8173c60e305697a531c492ad965d1dec9daed85d0487

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2893e2010e0f5c9ea758f1d20c4634f7

    SHA1

    610f728d7a663316f11057d9ec5895ffcdd47b57

    SHA256

    4e442e931b4808423e926b86babac7e5db0b8d599b65fcad92032f648d5c95da

    SHA512

    9554ea3eb6d371409a357407cc996958458ca66d90a0e11607270bcd78d6496adea09d5839c31b805763983aa5502118dfa7d0ee47f6af56a58205ab2a1f1681

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3ee211546d92e462c82fbfb758698b2

    SHA1

    cba050300403e89c84f32ee7ec033154d509e6ec

    SHA256

    77b2aba7780e02acfbe657dc04fb9a29e74bc18d765b288f0dfbe2adceb67705

    SHA512

    833a4c28a53e3337bfd2d631dad4848fadb25916b7c9a8dd26b9ca08ee765e2e35466dfcfc85c543cf83f8d9018caf8a9608ee6a52997a46edebd3bf87999f01

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2267210e6b459a1bf930ac1b60ba3e0

    SHA1

    f1c24e49867404c49d058fe026bfc8cea2f564f0

    SHA256

    9dd634740de7a96cff9b8497daafd278db4716cf84110c3c8b94d04191dbfe2e

    SHA512

    79eacaf71f1581555e19f03cf06eb4c5fd984ed6409020b78f5e097497da70c888f130722a41af233083744efa9937522416c6f8a5c86b1ef16d14d22f45d7e8

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab56D8.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar575A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit