Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_de.htm

  • Size

    59KB

  • MD5

    52e18bac42fb06e4116cdaee988e0661

  • SHA1

    9d0ef32f76cab08d380ec1359e414fbbd1d207ae

  • SHA256

    54d12be384ad0a78c68a416873338edf8ceb5601a20895ca6aef9360b0cd75e8

  • SHA512

    8a2b4e11b1a368075b8871bf90517890c79dfa88ac2bc9b355af305fe134b6ec4c6d02a50d334ee3b734628f4a0f7df142fe30b5acbfd33abc9904cd48c485cb

  • SSDEEP

    768:cklY6UHcqSlF+xUVPB6rKboSNzCWidlub1uaablOEhEs8e2gcaUrF20OzGJPCGdC:AH7SlFs2Pam9idlub4los8e3ZUrgVETC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_de.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    029d75b0f4caeaa1c636e1db6ed3143a

    SHA1

    5bf29875c7dcbf3d032ec26f860ca0f8050a8e99

    SHA256

    60a28f09a0792063ea0120ceba73924d97c89069e617d346733fe86a528c8591

    SHA512

    3fff3bf72e1986e2aa1a1e6a7b762ed0e121f9cb35442fc837cc798b7c309c986f3843162d4d30eccc907e1a74d470a244fa3f1ce1c56fc703aee7bc00a64ef5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5efafc04b54e748c66713d182315296

    SHA1

    981cc29def607d8fb8ae70da738a233ecf33485f

    SHA256

    bad40e36fae23142466278b5217dff9377e457f9807172d70e6b8c07e7bd92c6

    SHA512

    391dae3f8012432dd55dec5e20415847ab8eeb02c50b37fa9b45928e622261781ca657e0411bec5ce3d4240087bcf343a05f424ca9dff9ebe6a4a104ceeb5e31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b9196437a41f27bf3cc9283ca3ac1ed

    SHA1

    cd220c241800fc3f74eb8bef09530618fcc168c4

    SHA256

    175866dae184c0ae96a2f5200c365646cac9352443cd41c0a00d2498e0304e3e

    SHA512

    1172c8fb644d07fff2f3f0a0d17fa81225ce870d3a7a19eedbd06c54fcb6ff318fe7e2718be52675e9cc1bc32dd8ae878358374a10200013456dcb1d9f42eede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c5d1036df137c2edce68159a4142ba1

    SHA1

    fb821cfc11fe8b55bbd7b5b9da0a84ce870dfa0e

    SHA256

    cee7596d4e92b9af70092d94f1e551500b8a04e03bdab20bcf1a41a0ee613c6d

    SHA512

    1db3fa37caad50d8e3ef3dc45306cbd0cb2423ea914691a184894ad100bf37f610e1d987c8750e8471e42a823abc0e969655656768d3723e8f8438bf471b3ba5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14aefc56f227c74ff7d7452818df03f0

    SHA1

    4a194e02c9705cf5e0a7addf05c2bb9bc6ac78d6

    SHA256

    3a97c1007e5eafd1abd4564b08798a3a2aee2a85b0da7ce50f92198c7fb47069

    SHA512

    697f00133cbd0a8fa5ae8a7935233a19c394f6bbbf913c438347a7cf68293fc98e8a49c66eaca96a06de90d2c5bc529057c3ad34d2d7c9789091229eb3c3fc4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe9ee52244b5ab704e19b9808fdf19d9

    SHA1

    0584a6d23536f8a879c61bcfc1edb01644ee307f

    SHA256

    ca05fd1b1cd28564c4cf34d9df1628a59b6a6bf54eed6f507310a1817ab7d9f9

    SHA512

    be72600126bfb03be628a9eabfb46af8c254122729371a463e358356a8eff68fb3b5dc767f9e5dc711d41bf28a95b3a29c5c67ce235167d688a245b24bde4a5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    957b7069773aea8d5507502692b8b3d0

    SHA1

    8bbcb9b50f97ce940d91d352589677993597d0e0

    SHA256

    08f694676ec8da589cd9f540e49788a734f940784d60e1b3d849eb080b29ecb5

    SHA512

    f651344f46ccab2125feabe2885db0910b3f62e6278f6f5e821a6f9ffafe5c7c011833bf8c5f7722a4502eabda7b390e93d09baa2854ec2771e34c2859ce4127

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce221d7ee5e11a5a6921c57a0bcc6fe6

    SHA1

    27443970d2e0bd59f7e5b2f32136b70c4a9f3fd0

    SHA256

    7c1e1f6170aa02a63e0541f66c8914dcf8f7aac8a4f181fd66367118ef59d8bf

    SHA512

    01d64b02586fcbe7e9e23241a218a1b51b1bc7c00177a885fe292e2e6951d6a4e290b04657868eab9f4a2425d03ddd51d62c493d9affc16dff34dc1abb2e2665

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db9bac87ae35df7cf891ce61553e5792

    SHA1

    0e559d4a2c66a0ad19ba8126375c90561dbd5fb2

    SHA256

    3ef556148aceffd64d248b93c50e2e18125eba8f27052b2e9c8e67a75dc6fc24

    SHA512

    ec9f41fd760f6b3766b007892026f4d2b9f416abfc1db1808152d6f8dd7d96451a7731ebff1ff8f350c24ac1de57969841583b419b83e2a56642d6ad6bfa598e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d62700a424021074374fb31e18e932ac

    SHA1

    0f8fd8f87f075f6849ecfffa52718fbdf8ae68a5

    SHA256

    a97af5f5edb3edccb7c109abbf4cf5f6da342b6b93ff0449c7ca296c2cbcc4d1

    SHA512

    c06e29ea3e80676b4345cb827aa5024b4f78cd6155300b06820d8b4695c4b4c98e6f329fff6da1e1500f2216a1b84d0cb1d9fa4905e1723b69f3cdadea25808d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6348.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar635B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit