Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_ru.htm

  • Size

    58KB

  • MD5

    0b8a2f9f0fefa77f9b5e53371195d732

  • SHA1

    53cdd30958d2863ba976fa4e9e7ceabdd85ffb60

  • SHA256

    88212e9f4c88a33b0147f5aa5dd3f8fa434707b1b925e3d45fb03366e909ec5a

  • SHA512

    5b3f90561d9b819dcfa05ef463c2453786b7d4adddc9ea5d84b2b2ebc07106fd6aa3b906e04b386cda7103e22e10d5430e258983d2aaf8880c4230ef06894309

  • SSDEEP

    768:PRtY5bm3l9Q/DVcYRTI3n81skx61fJBwghQg:p+5C3l8Pu3n81sFBAg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_ru.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd52e76a8b30388368e8869d2b9ad15f

    SHA1

    5561b64d9d2335858670c2ed6eeb6364f5fdce95

    SHA256

    2be80b8529fb2a7e58cd68676ecb9d64031094adf285dd0d7a02febf72e049f4

    SHA512

    c6d1e712a78455507db93e4413ce0529f54a9f21ee7a32ed9f7258ae4207421da9354ddf0e74c27b9d6fb3a1cb9f627a9d679b8f55d61f05a1120736e49a3020

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e59dc5e84641dd63f704ab06bace08c

    SHA1

    8f613b8176fac0edcd9769edb6104e4c64b88a43

    SHA256

    4b106e9d0969cdeb3e9eb3852d7d777dc22813f64fef797b6074c8e11bb5648b

    SHA512

    50bb2fc8aa456d048cf1a2f9a040547ee6be6e32ad23d4c5cdc695830165ff9b3aaba5b9e7919059f7f33d44659631a49f3d62ca6a8d02a7be36e20c09112298

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f1955c8f9c3468ff616d7b9ad063d59

    SHA1

    7e7194ac846e5c0c3003bacac42b1ea4c81b0585

    SHA256

    9b6390c1ce00c0b2da071d381b8255a1f4d23e6f76e704629924ab5660738576

    SHA512

    d5eb251a52cdad29830880a0c700c364b833e9ca6354b58626746bf4b02749555f075eed7fc1ca6a2ef9704b07df7d1d19d264cb80ebe06b518a655ff6674361

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d64e29e1a70d002027e42ebb241ea77c

    SHA1

    7b7bb87bea24c2a2358575df5e47df58c1a91bbf

    SHA256

    b630b8b788f229b8ec0f3e8e039e5c204738a6e379879c9a5f72ddb80ff59aa9

    SHA512

    95f811f1e6b81f51ff083e625085b46463de75eed4adccd0e34bcf1f28c806619216262c5b7604750d0540a1c58773eb82edbd2594840dbb8a7e88296d5a8266

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07e930f48358490d67cc9dc32317a412

    SHA1

    ca95f0db251f1f94cee23ca9326a6562a4f0f92e

    SHA256

    76c379fa608ca49b5124279fad26ac7d3db0971f85282488c81d77d71ea371e6

    SHA512

    c8824452c7cce3883771e77d53676a53114e94a85250fe2d00f90b9310582f3b596e009c989c13aea5ffb59aec204be600afe3002de86a2bf3e23b0561a9a4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d266003a75bf69f371cd85cebd1f4e1b

    SHA1

    987e9dcaadd7f85299faf04ea6e6a0946afb134d

    SHA256

    6474cb84ec5c9fad4bc7ad6b516a729c4a82595a37cb221aa862e69d315f0087

    SHA512

    db137b155206e6b370373daf4e2a3ffcec6128ce5a4545e9faa61d356cc01b839a48b4e2d0d905ecc28ca23e36b2214ed7220d159fb42ef85fecf56ceec069e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a62b216a40546ec85c859616a913a93

    SHA1

    6cf2e9019dbcafa645890afab5d313fe3505b723

    SHA256

    2be9a6b44ba945bb80eef9a0f578c08f92a448c9ce9f5cb7353e019e7424066e

    SHA512

    846daed92c330d679ad87e32e0f679a1ce1d76a30d372020e3c28ef85ab22e312a2b9971c36273cbb3ac7b841e276e954a708a42b4f49b742ab6396f878c94ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1b8f20a0ac0cae60425ee3b4d9ffc22

    SHA1

    ca8014c5dcc1c023c9c70d34aeb42063dda31ebd

    SHA256

    8406220bec444434b232782d164ed6f0b07b14b03e834e855a74a013408d809c

    SHA512

    6cd052b6359da3c87396c7164a637a5d0fa49143ce46c0d81e5355c57dc4f8ee1dd26262ed2ecc6f60a0ae874d42253f231a69679ac0f862d1a0becb0d03d468

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64dd5e0b89ae8405387aaad19f0e0ba1

    SHA1

    95015f6d43f859aa93492c8acce413bf0b63d02e

    SHA256

    31018c9b65c71cf036197b53a06130206a45c261e44d91f21df580fc1fcb8763

    SHA512

    57e1b2f4e7864212fde8a0d6de599f1f7168c4ccbeba3f41d2a61153cfd911fbd97b30f7ff346438c5fc75f64d1706c4937a7916d7792f1e5abbb8b14d32b25b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a4dc5662e7c6087234c7660e2318653

    SHA1

    cc304520bbf6f0af3824fa533a1a549dd5241e63

    SHA256

    fd379073ad97d9127fb06a3360538bec75a8d9e9411226f13510a290cb9d6c20

    SHA512

    4f4ae4cb6f8124c9d72a93469d70f43d5db3138850898ca5d26f01ad98cd0be0353e89669e7cc752da2b250cc5add73cc1f53ed0716eec33b690ebaa98660820

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    829af86d4684c659f866ce0e0f85ff33

    SHA1

    e5f3c09bbccd0fe84967752461f24230cdbd5f23

    SHA256

    850cfd62aedabb7b8c277afe65452e586692380a1eff8381a9207c3828d5416b

    SHA512

    53040f06f743edb6222961c5aac5d6853f4ccdcedc0a5a2a7670afdd38f0b15df448d6a68cd97cab32630e013364f395769dd1ea524518c2aafc44cd85306172

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab512F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5142.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit