Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_cs.htm

  • Size

    54KB

  • MD5

    22d33848ee6cae8aa8c1e90bdcd65226

  • SHA1

    982e9769391e13507289928289f11aa6e5b6c91b

  • SHA256

    b8a728e6bd697922bc23732cd444d25697d418ec6fd7a8cc322029cd71670148

  • SHA512

    25f1415f0b3e9c34fcd7f896b784d340622f74a7ff308c62da8961c1b7fa82f7ff038b54fed3d9a048a67039058d1c9f604f3be56f495288e417eacc034f7822

  • SSDEEP

    768:/3AjqEZHfLqlREwa3CL+9pcYX/wXBSBHz114I8h9KQc3G6mq/zAIjRK0:/4qC/KEwan7/wXBSlD4I8h9KQc3GX0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:340 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2468

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1529c2b3da5b22731a095a6dc28a2775

    SHA1

    c576b13b3c5f6818764c31ec061bcaee166825ce

    SHA256

    6a86c9e8a7809e6e156f263eb8ff2be3a42f9ffb4fe035779e0345dd1d366f40

    SHA512

    ebb28cb434960901dd92b16ecfef140afdeaa4ad79c98d3c1bade6f3c3e36f40419a862a83e819239ff07d586d7457ac7df3188ea9752298a461891b1ae08718

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2b31c87228416972ec5835f798eae6f

    SHA1

    5bd4c821689327226f3dcc9ee4e325163899833e

    SHA256

    edf55c5000e806e439d3783086be8ada9cc7a4aa52e8675a0606cefa57fae119

    SHA512

    73b2c78e4da36b5b3de1a45271aa18f5d16041fa70ea3fad334b332b8ed7cd70c27fc2877409f733a03452d1008dcc67f07168657b5a58cfba22225303c63434

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    246f46587587b11b42903f4c4d37392b

    SHA1

    c9ddcb3db61ffddc46d1b270565a5a8107967c3d

    SHA256

    6e131d8af5f3cc376d8f0da866eee35c9b52ed170fbee1355597d37383b44d16

    SHA512

    6590546dcab4ba39885fa28bf3dd819c62bb6cdfb7c893faba244612115370bca1e3ac756faa3ca8aa4cab2dbea8fbf4829068dc6a25939f74d1095e328c561d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9600747048ae3907939c7e748f7d4dc5

    SHA1

    1c1753b8d85882090a1f7e47c2220b5ec02a03cd

    SHA256

    7a680857beb46741f2392f4b33fc582d9b51244c30ae1d8dc06149b79a204f48

    SHA512

    a777422cbdf98e0dd11bf130b47887f4c68d8df786e30c8d040c9b6d17ffb212389eb985df3966340a74c582bb8e7ed56b12a2d9bcd805ed0033c2381fac5b1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cffeb86f862782120674f86dccd4cf7

    SHA1

    904f89758ad4c7d3c1a46bd90f20ea68a3425a19

    SHA256

    3a9a0c82085e567ee8d3eea9ba535b4962da9ec9fab7f3450e2b00e6fcd52d82

    SHA512

    de8532b5f302f0613427a39ccc0d1ff209f2dff531c0596ac54f2758c1d0ac25ca48a9c4a4d8c067e32a0b13ba04f0aa5b840590edd1ecdb8f77c960e8a80a4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b0052b1c94b96d94a5b7e51b9599c15

    SHA1

    eb460d351ccf73997a14dd38662dd83b30e2d42d

    SHA256

    f238ef557c8386ede82e4150d7015017ee5a730efc31ea183831caafc0e455f9

    SHA512

    f6057c72a72ac1019f69485b9913543a3c77f513d6cc6dd0510d16576d02bb5ab518b377e364ecc8443c41684c6f1fbcbeee8098cd5fb76cc744f83d4b70f139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bd269fcf9ae7785b03b078943d89bfc

    SHA1

    1bdb5cef8e49964d83ec5055f41efa6d9018d79d

    SHA256

    a86a3ea22f2602018178e5d8eb1eb99d35fd1d9341e1f0da57d280dceb2c721c

    SHA512

    bee40803002bc968a9adf23069ab14b2a5812853d1845821cee45ed554015087ab04198efd52e61183816ec390d1fec54c673b08624e11184759512ff6fe320f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eed7ecb4896399a52ee044370ca9c096

    SHA1

    a1c3cd516aed0b075a1865f7d4fe016110a3ee80

    SHA256

    6cb2ec17cdc58531a9d724ace61a6988478276afe652829502fd7995a78db75c

    SHA512

    277dbb7da9d6fff2014e40b10a0f3ac1d575888ec6fbff7d25ca21f97d35d4399ad71410ccd9ad7fc06f39eafd68c61b31c496a2788676cf4a86d4bb3e98e280

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be9cce3b93549dd3456249425755c01e

    SHA1

    85cd754227e7679c01e2cd49008b767922ba5bbf

    SHA256

    4a3e41da8fca5526c97d5b2197840037128f802c8d155c7f9999aa95e8007b2c

    SHA512

    44295802cb29c51999a31a0c4266f672ec19bb84b8e9bea385a510e53d35ef66b7a057fa4472589465cae8dd991b349005f2b76ff4744ce2c12c5439757c1dbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8250941b7d92932e3618f3b9a8a939b5

    SHA1

    0489970930653fc76eae54414b8267e2f9c3b009

    SHA256

    3b54cbacff98f92d8898696d469d5123c60a55fc71cfce1d81268f4b88dcfc5e

    SHA512

    e226f865b2008126ebb8aea85ec73eaf66175811750aaf3d0b513f8064d21e6f3543cd093fb6e534e19fff7d64299fe5c50c14f9a8ef66ab530fac9c4f6ec278

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6ac48d77e534c8227c2a3eb0b69af87

    SHA1

    0ee6ffdc75b85875fcd88752d0e79b36409754ca

    SHA256

    e6aeb0c8c5da9de8938e28630d5365e5534e0a1bb1225961a488cb937adbb56a

    SHA512

    f511aa93c638a82fa8147084d19aee069c06a4be1b0df878099e9396bf4187248f4d77d8734f5759de90b791a6dd709d4edde21a28e173a7fb0e9c01ca7938af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    133ad595229f8a078812860a58a5b13f

    SHA1

    d88f6e139acd91ad96ba6a1118b8ba851b66b17b

    SHA256

    f9d3bd0d80ec581b4f41998a8609f414302ba41d6ddb247a8e10575f62150cf1

    SHA512

    d3156c0940ca385ea2c1c3b4b91f00a9297059bc9ebba69fb53bf6642ed50b647590346edb38f3b2554d37677460fee24144f4ebd1f5c0230768c9428d1f411c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6220.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar62DE.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit