Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    privacy_cn.htm

  • Size

    42KB

  • MD5

    49b9a40f599b1089ad0b0394c47c1102

  • SHA1

    d0b0fdb5f6596afedf37032eee87290683b911d3

  • SHA256

    735ba8ee4875ef6529757139876824ac572d255b17db2c75a9887053fd0d9b16

  • SHA512

    43a9be239f71d82efdd06855b9532c9a25a3cd9af3c41fbe407a6b10542bdfd1a3da76b154f0e5d6487a5b66a2521a3f88598982b190660301aef99cd03d5bb9

  • SSDEEP

    768:XEqzEM+RdDBF/f51efzdYSFXKtrhs6WIssFXVqCrX8J/2ue5AFuanVzA+tZxMAXp:2jupQFX9As23Egvxj8TWK0HWZ4Mu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\privacy_cn.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51de5c8c2e4b675d9bf4148628db6958

    SHA1

    a201ba028037174c10aebf76d1d54db00cda0eda

    SHA256

    9d18f66affe77e3ecc20c1a0eb3cbabf57b2712831740ff93f3d4202cc7624d2

    SHA512

    b2d10665cadb882c1806c1a43011ac824eb9ad88a9af95a75ffd8bc5cfbcbb2eaa3b6fb74ba5f494c212c8115e471c9ad1c1ce283c0c41035c9e1826e85046c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e47174f308d5890cf92e6c24dd16d5c4

    SHA1

    ba87e79899153d45ac30b1059929355c2c2b12a7

    SHA256

    236f042785529ab69ca31f7d7f946a4440ee67ef016daa2eeaa2ce91ffebc805

    SHA512

    2e6810e53eaa08e2c4fabe4d154798439323a5fe3853095798a72ff657e80b1990e38d109569006e548203d254184bb3badb11291008bc32ad590de9f178b411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8c622c456271f0697b1ced52983bbe0

    SHA1

    e9c813399336924111490e4159584f2461b94674

    SHA256

    7835b6519724ec46a1da23275fab080f4ecfe299c848ea3a027a13d446f29706

    SHA512

    c64f593b203b1482f8097fee00f7da9337b2dec41d016c63eccf16d2f27a109154d5afafc8034da2697029f23c0722ad830df3225a9f3cd1e443fc8bbdc6f766

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6b0ded8e73cf37f4b9950c8cfe6d220

    SHA1

    62ee263f51353f2cf9830013816c58e38fc9122a

    SHA256

    0244c8b460e01d29cf6fb43fa44963ce63b4316001f06c54169ab83874077b0a

    SHA512

    bada480b174e42a53692a48cab081434250fa06b608a8f1b4f1413cf0754eec385c3642bcfb380acdee8600dab64925149984248c7e04fb11577f46bf0652a07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    173255e9e98ec7596f759535a1e41610

    SHA1

    9ab62569f74bfa530ce2fa89bdf52c627cced911

    SHA256

    e107a6c0ffbaf78cfce30586e639c7d4a5424286939cbb839d91cae5bd58c33c

    SHA512

    616b145bfe6b7cee854472be51868bd58ae568d0df488ec2d903a6e6519c5f104e6ed1a985c2d1441d758aa388cf3ee37cfa3f1af33fe8ba7d79410f784a6830

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a5da809b4aeae7ce72f5358bd586435

    SHA1

    d48b15d67b1e90460a886c57d384269ec7d958b3

    SHA256

    77c4524f56e70c03f3504d78e171359e57ee8924779784e0e07a8291bbea86c2

    SHA512

    6fbb8f2fe24b76336d5d194b46c03ade4c17240eb93dae25a3ef5df52d24ecd0f397cb663a4980de2da2b38941af07f1d7b968bce53d00704be261948d985e92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54ddb8d763f826420504355e517f97ba

    SHA1

    2bca21ce6c65646e01525f089ed4e4755aaf55ec

    SHA256

    d65a98e6ac23ed1b9719bb77fa9befe229bd6cbe90f598ef7f50ec26c9972101

    SHA512

    1c49f5e7373705c7bd229f56d7d23adb135db0e15577f9e519f401f0af52e43010fafa09a6f8b5452be968be41231d7fbd0838f570a659dedbcf394fd8146ffc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edb6f31d4e22b4de46b8787ddf77e92f

    SHA1

    796c6b0888b2028ef95595e85ac382bd5627f66f

    SHA256

    d55b370c7d3198231702baaab47e3dbc2af0aaca3eaccb858e9fa8758e65d366

    SHA512

    24cfaf6ef64b310471a4880f10d7ce2b9a799cd61c76225e857a07c6c931bc31723421d8094a1dacc311d59f0c510a6256a681a3cb18302b9a6511a0ca8c67a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D9D.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5DFE.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit