Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    168s
  • max time network
    167s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license.htm

  • Size

    6KB

  • MD5

    407f13382c8d7a039a9eaef44f79642e

  • SHA1

    d16f70c6d1703efc33823ab385ceabd8447ac1bc

  • SHA256

    657c157f78e360d37e2485f6245b4f87789ece5a2b150a4f4fe9fead0c6facd3

  • SHA512

    213e32e5f04199153ad3702e8706b0399fdb8c683a47dfbde7dce8a91ef7786c7d43830eeaf5d03fade136a74ca0908eabd797be806d15c106a2e070579ada9c

  • SSDEEP

    96:27r6shoCs4pHbHF0cRKKxUREEQAk5cVB54x/XHFCWFJYJzzTF3G3zVHCU:DsmQHbHxRKKME6FWXHZLsXTF3G3BCU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    713a2857466084fd96d8a3effdd6c56c

    SHA1

    ebd816556a935fbb9642299c22256ca6591779be

    SHA256

    caf73033fdc43469c0837d5f026a10d809be41511f2670340687ee6d4982d612

    SHA512

    9625ba09be2e01dfc409d29c997d678f3519105cdb1b5dbb6ef39ef007d44c12c2b039943ee5df5454669f89f13012a86d8bb48ea6cc8d2968da68ab353c22a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    270800ffe821c0b98494459edb0b8be6

    SHA1

    aea36acee8f372185bbf7aa16e5f456251fa71de

    SHA256

    bb61d681b0f558d89f5c4d8746612aa5955cfd03e5bb678014715ff416378f75

    SHA512

    c57173262f942db5f8bc7b46d6212f41b1aca52b904e8e1a399ed40d2e5d296c8df74a41eddbeb07859a335e303a9992c8ac24eb77660bbf647b70469d9d34ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    391d0d74a665796c886fb8a969e34ce6

    SHA1

    395b3cc923b0f5b4224844b9d4e3ed440a253ba5

    SHA256

    185b806d3aa8f29c8148f5d45252ca8f520fba0cc44159f5da2fae3f308d7bb3

    SHA512

    ace9b3c9b691bc0a1a26ba50e4b23070bf47cbe7f6e9331e02cd32fb686006dafc6591379bcbd04c142c51ea624b6994e79a7532512128a38fc01ff484a51aea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b2ca48b2863b1b8b1389cef042da33f

    SHA1

    8f4e22419b4db66f6c75230af875fa36494ffaab

    SHA256

    0c4931943904ecb4904d051759b7840c5736fc291bc629b2bce0e23a2cd91006

    SHA512

    0ff1ac975409744c7172aecb4a64528c01dd0b642276d4c75ef8acb272f87f3f150e666b32e7aba08d526e8c7cfa6170884338fce66fa9a63061b798226b930b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c6d5afd32824ce946da7e8376f380c2

    SHA1

    e032a102bc831ac56863c583f28d2971f3337238

    SHA256

    1d51d3d3dfefe8ba9376e260dcb226266440edaf7761847fcd611a7d9564eba8

    SHA512

    999e79a1cb0c7ee4768627192cd6ef95c2cf06d6e6885fc7d16caf0bb8a87bf8dc309f1603f024aa72097e8af1db6fab1a588adac86a7f23011915d7478d3368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81c950929da0951bf60b656d58bbc922

    SHA1

    90d3df4e705c559bb7724b485089a84857996e35

    SHA256

    23150df6aba2bd8272962ca1675cd907e9edc0103faf1e234ca41001df02f8db

    SHA512

    49ab142314c82871244f6677b5edf2ce8d6a00c3420ac2c077d66d11a1b1f78c0699bd906559d392d3295475783aeb0be30df04f2c7f64aac152c384e8d3c462

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    825036d98590570465393e4bb07328c3

    SHA1

    eec8012b77cd3ac2ebf934b8e41e63bea41a2afc

    SHA256

    4975cab98035f7943a4af9e3b03366d873312211b3e7054ea33734a81067d67b

    SHA512

    560c20de1a1d19b66a0e1c9e96f512207100054ea4658f8b0bc2e60e7478f4377e2f6a7287f5f53233e5865721ac1b5c5b2078813d8028a543b170460eb04426

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fae20f7bb71d464bd945712bf352b3c

    SHA1

    5a42703cbade18d1f963bcbcb89b6108a4a66a0c

    SHA256

    8f10f484b52b2cf46f44d07572190fef3b8b56220aa4c916b54da889cc258c24

    SHA512

    4ac91abf300d4642b9a91149feb5577d6a8f5e6c909bc84e81eab4fa585f4b1a9a5381075e6d9c58dc6053fa645bf788c72e57e31b3fae3bec081ff6834003e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ff2c5d3b54170c08dabd1616968307f

    SHA1

    f04cef871ea37c06e3a77b930380accab700eb39

    SHA256

    0991f5f603e92c64ba942ff3cc695be0cbc8c2317bc43dc98f76897cc2de3dd2

    SHA512

    d7a094b92c9bef8ff6cd8ce04af3f106a8b24d0322dd37164b007130762fc4b58a6ab13cb8b6220c1e126fc8e694370f4aa2a87936826f69dbb9dbad45d9a33c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA69C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD27.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit