Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_es.htm

  • Size

    61KB

  • MD5

    31772dae5e7e480072ed6d872134201e

  • SHA1

    4c19adebf12a2aa4be9773ee4226fcbc79b89e84

  • SHA256

    f088fe7faadb088d3f63ad8f6d6eea2d88abf4e7318e31e17dbe52d5e4f92707

  • SHA512

    5f19c826336d100b5d104002eb0b35dbaf24889225630a3e9c31aeab3d77d912adaec0470d1d0fbd2e60956a11eaccbff385bd7d28ef8acf7dbccc9434fe8e2b

  • SSDEEP

    768:hLYLmYEm9UhhJ6TJ5w7NKVwvTAybuosWqPOg+YS3+brRzf:hlYjikW7NKVwbootYXfS3Sx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_es.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1648
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1648 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46bb6c5a293140f69781da5fe6e0aac7

    SHA1

    e10c4ebc1b6db5763d803350a43a5b9a0beb1eb7

    SHA256

    c243f470f8d88cc8e517e12951c19ffbef8c6a92f78d3660482a589caa019b7d

    SHA512

    ff55b97bbbc058dc0facad6ab53af43b6d23f8ca5b7ad33257a785857212e16f6312439d5ae27c6ce5c0b8bfacd25a1e8d5fc299d8711d77626602a0992b3d1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c853673a197934d8e3d3ec23e6b8244

    SHA1

    29a28e87cd85d77128413d4bfa564787dba6136c

    SHA256

    a02c27564b353bd1bc4480e2588d36092000265bf925fa66a5f90a8d29c9a373

    SHA512

    a824d1f6d13e6b4e662bfbd174109f7e907481d86782656e715ceaca02ddbcce72f584658a91f333fb6aaca50732664bdfe4c4c995c0c4eeef83d5c32a31af44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    594b9fefd92da53f68437e642708efe9

    SHA1

    2b05b3ae3cec764bf90e82338b9063bc218c3d94

    SHA256

    c0e8fea4ff183fcaa2af3dba362676e380996750d07c7219590e08c27ff37d3b

    SHA512

    bdbc33004fe01cc6a55405491679678bfb1b0889a4af54209c3662da7a46ca87c9b93e15d46b8ec56694b599ee5f771467b58383b2f20d58ef244b89e53a1fed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e0b0ff77cdbbd8e95b50d6d7c7b010d

    SHA1

    6e21352cc01274d50c009fcc83ff104f6c67e10a

    SHA256

    0e5cf4a0a02e7ccf4aaa23b9d267e69fb90c6f54c1267baf5705504c8d6bf924

    SHA512

    989a8d941e7cf46f35b581e62f075023ba000d2e12c1b13ea2db3b82b8a64c842bcc72960b7091fad1ea0630b33b2f65b11536a5b1d313b73fe3b3342dfda849

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62e279e66397ad31a6ad1f6270fb7e64

    SHA1

    e88d69aee349b078589ceb73e52a9cb84e375d50

    SHA256

    c0071e4b586eecfed3522324e1f4d08556255718b3bee49a111a3cf08ef32bf0

    SHA512

    25d24ad282ef2c934e10e718bedcacb2136d1e7edcea7073e6cfa3281079248db37f8675843b889f3a1b9ee3af1665bfe061419227cb628bfba9d41934339f6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7809dc47d1eae3687eac1c3d00d244e6

    SHA1

    59371e5736df4c53a4184e54497c243c6ce5388e

    SHA256

    3c578c61dbc567ff9524c13424701131eee174996c4a62bf4beed1b499a907ad

    SHA512

    85707320f206ca7bd9373767e2fd540b162429c5de595f46400dc324c605042cb94416d39ee93984350ee08759887cfee47c2b0007120639f5d1147b678fc785

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc1f4fbec940cf7e6c4e3dbb2b83a9ba

    SHA1

    e339a6d658c14bd16e93dc67f947e3db667dcaf5

    SHA256

    c822fe5fccf60e563b9aa51f459c66f1aa7480a64fa26ed3211f07a76421c790

    SHA512

    c5f334b5149504f0a7a5351704b2ad5cac97c6bcba706ee99cfcfa75671950a0af2f98637442624f514c2cf337509a0ea26bb1e48d3e436444a111152bbceceb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fabac6f4adf171c04edd80f9beadd636

    SHA1

    14ed0db076544b55ee3d1b868eb3e4f7fc3d5427

    SHA256

    ee683a442d71ca3152f1b2035203825fa738a234a122022bbfd04ce0acf69ed1

    SHA512

    5b8af154b7ed5dc80c3fd794df46f1d5f08ccdf9c2ea47cf69ea0bcda034bfc166e7b103dd366c8cb77efa1cba310d2483e1037423480e5f4d3f4e95cc0c2260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6444e5c5f36d589168a8633b4b992e8

    SHA1

    83091f6038f629faf55d9e8bd4efcb1f3e5bcd46

    SHA256

    2f7088b70a6fdb69ff6588447914e688649eec3cfb3893bf10277d0305027d00

    SHA512

    8a1696742d3ef8a0cae8f698ac7e3926c0ce5e260aa7553bad1cdac7d675cae3c2979798976ade86938a107bb59a79179c5e1647ed4cc1fba358249c0e93348c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6413.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6435.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit