Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_uk.htm

  • Size

    57KB

  • MD5

    6f351ddb8050526c77850db00448d3c8

  • SHA1

    dd253c3d52261d3504bfeadeee08266ab01da749

  • SHA256

    6bf22746ea6b58743544aeebb5f47fdc690e19037d4702926567a69ad426c463

  • SHA512

    e52e1b60b6866175249c33e5b72329c02d2a743673d6845d2ccc2051f4e77967367b095714c583d315ad03e849ab6877e958f6beb5314274e263bc03a8362551

  • SSDEEP

    768:m6At7jfON+B88ArRwU5XG0uUOBiKaBb4JKpBbZM5XyZwhDmILSsb:1UOnrRwtfiKaBb4WXMoaqI2sb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_uk.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cce9ed1b8ed75b671fac26d5d47d0268

    SHA1

    9493a2ddd9d3550625c7a99a074f83c35e6781d3

    SHA256

    ac660b6b1e13d54379a7a3ae58664d832d5bf257e933f36a78460d3aa330d7bc

    SHA512

    a6fb79289cfdcb7e60a59b579b4475339c19d7e340b8f61a4f72a5337dd453b3b858e9f827b956c0390a52175b6a139f8f8752476beeb976d51de3e8c0fbfdf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1da7913f59866bed04780ae91e01237e

    SHA1

    99eff3bfacabc260f383e7f9d8eb27a716f17d6f

    SHA256

    b7eaffce6a80e7f674842eaeec5a17028932a1cdd804fa06523f57b14c5db0ed

    SHA512

    d578fd8adb43027e4ceff3c8585a0560e1d0a14ad5d8d11dadffa009b78942364e9d8e28923db236f9efb3247e7c9d93195e3a014537ed30cbceea8a006783df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    10b2bb62059b59cb58dce7a8eabfbff8

    SHA1

    3109aa91ed2fa3ec82fc54626acdb8dbe3c02ce8

    SHA256

    45157a4a1246c0858d0a98c729692089551df52f0ff0d4b07c3de40d427037f4

    SHA512

    c8a01ae3ecc10622f67b5b75585e1994dc2c63b0bbd0e46aa77ae34b7f643c2e5173e59d52a65b15116b0bb1819e0c620a16d40c69dec9423398eff6247c652e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a92531c28ea8603683a47b26a247c773

    SHA1

    2d5f041a882e177b6e0b8776aa91901a6b8c73a0

    SHA256

    dde585cdc9820ff0b41ca673cd827e66fd6df4bd087d7b72da3f1df5f98245fe

    SHA512

    cf56b7400ab9f812a8fd6ac89b11270a528569ba583e9652ef44d99d884ed03e2b2c028401c1c28f01dede00b93ac2d283e23bdc3f8139d86893430a939f7335

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    52fa05795fbf54e6bb1c1ba7ec873947

    SHA1

    0aaf365d7d8e1d7abd360088e7c2f318baebebe2

    SHA256

    5a23f5a40e2c1cd3a2e22d6e4f57824b63da563841278020e32da99e919d89fa

    SHA512

    de1a883e577c2d51e1be4dd19bfbf8e65d0e0dbdc94d2c14e519f0cff74bd39c399b85b6ca6fd1bbe7f81f490512e7670eee20135743d6ebd1b568c485f9fa0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3ed0fd5df4bf3549257d562d357723b1

    SHA1

    7f7e4a1a557f008a39fa2b76b1a36d4971bf1a3e

    SHA256

    21a6f433b4b665bd3340a278b9aea9edfd691b90fe99ee1d0af0088c1ce3f33e

    SHA512

    018cd61845e8d0901767fdccf7683108d86502c9a7a16a596cefb57348073d13bd63da47f886235e98403d55ecb52c2abbecd600e544201332bf4698d20b6f6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    706bb1dfb6117dc9eeb79d7d5273860b

    SHA1

    8bc0f436388cb6277c14ea04af951dd2fd5b1763

    SHA256

    ab76e983c65c2b92bb0a3417cd04114e286ee15e4684ee5b7d6b69341609f42c

    SHA512

    b228765df0f7a9658715051ba1033cc116b666e66d21390c7fcc515028ac54ec66e8bd3a7d30f3d8e1f4737d67df7339287c3f66ea9a47ba233055265c193b7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2ead7667922ccdaa4e7f804309541f7a

    SHA1

    b9c753019189b12323c9cecdf133f50352451826

    SHA256

    d23b7592d05361ba054c187f9277381e71f7d41d1295826596722f9b1ac2c2ed

    SHA512

    ca5ca04ea78f22cf8586115055b4a4b49fa0332c5d183b107cc99e3ca4f5465d396aefd2d1690612917c1b7d50605f0c704284d92170f9303769cec5e6ed4fb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fd39351c8868eac12e3fab0de071149d

    SHA1

    b6e427a0a53eac0a867906226792433766bdad6c

    SHA256

    6f0a502d0a06b3c9dcde25595e60ca7e75204592e2375695910308e8c0f49774

    SHA512

    2b6c5d73685da9485e55fe97cca682ae0720e1d48c040713c9b8da81131f9bc90f423e646a0fd27314e64a5561bca3707dd1012292464281c20c7bd5d7cb2952

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2641fc5ff4185d2777010c887c065192

    SHA1

    37e78b7ad224e2ff405036968d43945a55a278c2

    SHA256

    6ea2cc5eaea2bb4edb78ec873a7b0c9ec9281ae24ff99dabcd76989d57ac7374

    SHA512

    8e531ed372d58a35ed387fb1edbac7466b54ddb723416e4c99fe00aeeea89e391dc3e62ef351853296c07e01f7de4254ca059c75ad08ab48d05b05bc897a8cbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fa1740f90c36dd096d8b9754394043ed

    SHA1

    e9b05da805b3b07577b4b8507fa455956570211e

    SHA256

    beb8c6f11166abecefd1b460a9896aaab296ae6ea9c73c7ddf0771b9f9898fe1

    SHA512

    53fcf38dd1b6669441da19dc7b4ac449a80ec57b6444ef56f3a026be1f7c57c2fcfea2f8ee294734a0fdc17b6b28fe113ccb9f74dda5c6fcf2e7f7d9b01884c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9a20577879eedf669b4f3d40e90e5682

    SHA1

    87e9ec3482da8dfa40bc1dd7a8cf321c2d74648a

    SHA256

    ff8aceb3e1d94058b9c870b4901f9bcaca6a2a8bea5c4f4a97e9b79130963354

    SHA512

    acd222ef38329dabec6bdaf31bf3cccfa8b81ca71ae0a54671d16000d3e7ad234a966f39a59eb5da15a97eccc99d6d7116927f6c5c59bc50458fc20f8e502a0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9b43b256721f9cf51d636ca533f11473

    SHA1

    0d8349df7bedff60f70620c91c7b1e32bd8e621a

    SHA256

    98cf8b31c9fbd1208f99eb18e7e24074951e7619d78c99493dfcd3fecc784110

    SHA512

    17ebce94b28661b684ec19f9fdafcf3a57b4ad1c595baf45e2ad24f3f3bc8d9186dbcc57354d5eb23729568074a2aa7e08cb92e06cd86b1bf68e8e86ffee824d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ce046186aee6a1e85ca1b45623ff8d41

    SHA1

    281d12f0e2d038d26f7678729afafc0abe975f62

    SHA256

    f12718b55e01d962e02ba30885eb3c49e001316bb2d201204c0927ea9b515e1d

    SHA512

    150b2e6abb0c1617c15836f5f44b50d687d2cb0202cc3215322b61b3430635f3d0796422bfe068df8e89ebe730ced88be2b23a708987d274292bf3aa593ba12f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4bab082ec6c0e14334d30ce0718faeb8

    SHA1

    5c650d9d9340bf4e43d205afdf1a83326198d633

    SHA256

    176ac5295de02d30a1b84a272a1e5af46f0050f7ebb0c82348979f3f654241fc

    SHA512

    2b05cc7f2ddf7d9aca6c754759710c7c7137629ffb516bf43dd8f1c0d2d28b372b6607ff321d9d812b1d24b030b4bdb4f8966b532ac859583758fa8c0e349ad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2855c6108dde2718b1d92ceb905c5b9b

    SHA1

    389de7debbc609c7090712f4f07fa7ff5f5dd5d2

    SHA256

    4cadd30215b9e459bdb1199bd52baa44c0093df9445ed31535b72e7d227c3f15

    SHA512

    03e3bee683429947575b14de32699c9153ef2f4dc727c55c154d8ea88e2920bdb406f67ed55e495f5b7a472be88345b82d88ffd2cb1ae40708163b805d01411e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d44991522713ebd15177f12448a825e9

    SHA1

    234213c0f91d9dc14b7b1f34d104db03dcff32e3

    SHA256

    03bb1a21da9166f7437c7c43a79e571f43df4796832a9b620fd6c5cd8f636f40

    SHA512

    fc4705ce32a5c14e9e87767c70285b2c07fdec1aec7c7e6319d44ae2bf0e15fe3c4f3fe3e912868d8760cda1190a42fd7f7831dab73fb99b2d68baf55dcb88d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8C5A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8CCB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit