Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_datenschutzerklaerung.htm

  • Size

    3KB

  • MD5

    41cb1edf3388232ed16c7827671b6437

  • SHA1

    0f48049463f07cbd9da8a8c32431e3cd398dec2f

  • SHA256

    d4e95c717f4af725ace14cdcf249171f842186b56c365c9897c5f273ad41af57

  • SHA512

    0c649466d7af3ea3c3985b94f44b5d689fab96226c7667fe798727faabe798edb92cbf8abcc67ec559377da7250c19fc15a116d09e3521c0445d2ee66585fd63

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_datenschutzerklaerung.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abc808085ca700e50d6fa126d7a86cac

    SHA1

    2a77a78d4b1d0396bd0c4c85e933e0ce2bcfc3dd

    SHA256

    5b520e4ae0bb604db8c5108d8a378b8084fc370056502558609b877bc883788c

    SHA512

    3b61bd553f385cc8ec9fac72e97046f98ca21807c8f11ebb7428a7b592793a37edde3c3ef4a3551ca8f76ce87ab3ddf4df247d41ce79fb5e7c835e9854e9f035

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bea3689cda271a693ca1b7f450c83f6b

    SHA1

    d74deaeb33597189ce73be3316ba42b79d23dcd2

    SHA256

    aed1f12985841c0219ba961f4d01d08c8d3b78093da97ed95695243d9451a019

    SHA512

    b96a4067af6662c3691b729f6518c50602bea88f804f614177c9da2c6439c4e5623d697e51ef12847a98a2cba28c3b9445c1475b934253b2d2b648ce2fc32d47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b93d5b1c028992c0a7a741d9d51b6c62

    SHA1

    9f2d2d3bd0d787041eb603aa49809339eb7a938b

    SHA256

    14a38d1b6a632c89a4bda5a03250808a3a8cf55e848bbee8ccf93ff932506158

    SHA512

    5edf83ec134d9015aa9949484e2b838af4f3d73509d9c4fef313037bb66e9dd623e806e6ebf933959212cec04bcc1ed6dc46bd3c5d4ac8198c67af096ca83ea7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    048878a63af0009fd2c64a2b9a1add2a

    SHA1

    a370a9800ad4dd9fc12fb9f77aa45906f124b118

    SHA256

    85526b4cbe9b3aeea4305e3b389582f179e0fd25dbb517ab2657dfd236d834b6

    SHA512

    3d6abd7be4ff8b7f9302173ace0570d913e91ff6f3d4f5d34fc791f207971e271a48baa9d96b3b2bebc2b5e21d3055908cb16af59e599137f6d6148d1d462c5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00993c53715c11a0a9c2efe067c4eb1e

    SHA1

    93e04efc060d756c0ffd51f8c37219d665d53070

    SHA256

    69cf4d561bdae16d88e296f268b3250d381cbce026e486c3eca3f8eb21b88b49

    SHA512

    0cde3b00a1040a1c3275b3ac6f1ee06dee458e32827b79c5c128318b7b680eb363b2a84bb23d1fe681d2b1d32ea3cf6294fbd413cd7a71ef406d935dafe9538b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    342cebdb0259deb0d7837cac9c1aee9b

    SHA1

    258625ec1731f7cf635eaa5f3f6432df611fca9c

    SHA256

    c05ced19a72d129736eace764c4fddf04b37a7459360c4a6ccd9e411f1a54b26

    SHA512

    e44c2dcd904b5b6cf090612427261103992074910226cc470c6d5e92521d9a5c5300069a3a783d7d65b129801aa553bb1254bae437c08d8697f9c940c8bae9f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cc289c36d8a8c42d72571cda79cfe37

    SHA1

    8285622d11d279e0e32b098b517cf550977719e5

    SHA256

    0beece0d0d35668a6437d98f00dfec169acc58a40139e3ddb02e968f90a7be36

    SHA512

    d941238f38f8674836aaaf23f1fd64b120383b965f2e6565e6d32250f06adb5bc338501f836f584d0183a827046755aa93c40b50ba918676320cc7d9c9d9d9ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9501c9fd8813995897a4b5a642624e22

    SHA1

    11beae8c0fb6ea49a34f3ac5117bb9c55adca545

    SHA256

    8aefce7641aefd486816663178c19455a0df14fd263e36dfe727b2c11cd19aee

    SHA512

    5fa977d93f0690b0e32b0a723409903b7d4ab2c4e390e434b7e6fef1a72a5e4cbde15f959b6c28e907407c011fd5b867049dd79be24e16b7b0d72190d79a397a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c37430f10fe29279eeee92e37171497d

    SHA1

    6fd5fba17c6ec272563bf12128f7600c186107c0

    SHA256

    b66d73101c8485c39e1867879cf23514b7bf09d1970c64e3058738979e51ad6b

    SHA512

    69f53a5d55b24abef225c4f465d4951b955d0e07782e64f86e806873d9f8b9419795361331dc5cba05d8d28f95baa6287151d7281fb234affe116131df6cf89d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c03d92f39c30a07d55a42fa51434b52

    SHA1

    dc4e06b0dba378c631824397bd0d21def71b52d3

    SHA256

    29e5a99c5abcf2214cb9ad2b323d286722b32528f097b222a0afb6b3eb5dce10

    SHA512

    f764d082259840a13922e4841bec653117e53fe787577b272e28307bc17b288821f18f46b0032df48ea12d0ced40a507d3ff779e5a61503fde922987d2d9be77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0384ae886f13079ed6eac61f428132d2

    SHA1

    1f06d71bee861943ab08755efe8b7ec06f9184a4

    SHA256

    0f627c90a399eab9e4092b2b080ff19dfff6bcd40d5edca33e2104278cd354e0

    SHA512

    0956ca3bc3cbbbd659eaa411d72d5da6a50ed1faf0cbebd51b537e19fa8e27fd34bf16d76a26ef2b2ab9c0fd3f022f9c23a92ddbf924e4999c0595e6b4f1995c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    705dd6c1c13bc3c7c4ae20422fc1fdc0

    SHA1

    59a2e963cfddfc2c99ec141bb0f2357b1ea41f8f

    SHA256

    67e9e12359ace7f52ba42029463a47cdd2ffe034fcc8ddcad5c37cd995eba76d

    SHA512

    394695a3f7de99d9efbd77b5c89f0d9fbd4accf6bab31bd2e14b568f385a1b06b6948ab809ad742297c181190cb3bb87c265deb0a0461b3ebd122bfbf25adf63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e83bbd541488e63bd14ee608b6cbe7a8

    SHA1

    ef7087ff787abfbc326436f265727ea238e70a95

    SHA256

    d6e57833d66a398124ec9589375cfe4341226e375cd45109e0b357701c474856

    SHA512

    25060e4c30ba7755619ca187cda280c40c0d4dbc8af8c1118e74782bcf26685ebc3d53b7a4c787b26c79b0e8ed5ca3eb32409f37dc5dcde88a62f6f5b0d5faf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30d046de6d32c79386e1810bc172a59a

    SHA1

    1fbedb310c40baff1603e2db3d00e53ccf4b3afc

    SHA256

    6e412068c7c57b7d743ed74ae32f37b9b1380033861211a34191d51969b37771

    SHA512

    5a70453148aba0d0fcaedbeffbef3e21eef42d18c203b70ee1c6ef22f4fa37242244405b8106ffdbc6453d347764b80c15a6e09e4541a2b6d9fc3c49af323bab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dabc148c31d85789c7dd636958595405

    SHA1

    b5211b8c39ed9211028dd434bcdd6e11065f1e52

    SHA256

    accb24cd41c7ef03431c11bccd2e2358e3c4f4462f52595a26a75e45dbb27926

    SHA512

    ec4e2f8f0aee853e0947867907f700a55205d1ca048645e85229462abf523487a78141748540310028c99674e9837e0bf7975d4a54dd12af13c8c6c87cca2209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80c6f1938249a1707241da43f9ba17a9

    SHA1

    e0b737dc87187fe1adad9dd655144a93935fe812

    SHA256

    ff840dcdecebe64783f448bf2fe6bca9c7aea0991bc90429db28bf1b4f730f8e

    SHA512

    0a27d7f8de65e37ff4f1f3794ada75c9e8e17d50072a1b3781c9174b8c6e8cf0ef1748729246760a8953dbead253534200c53c56a3608705448baeabe7d15d9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82e5a2f8690010f8f237346df1aa7b67

    SHA1

    2c04940894bdd7da6b2ff9cd5b8a10d46cc68413

    SHA256

    385372766db84674427cc368987a02c3751dc68b86f2714b26d0fa694ac05673

    SHA512

    2726bffbd4557796e2221d6a0ad06c06a94f06a2dd5b067a41240a320ca31a81f366d2d784cf104001c3375db3fa08767fbe258c60334231dd388740b5a52544

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1a977747e35d6b1179e0daba2c7c81d

    SHA1

    850882f385fb09fbbdaf8cb7d93aa30f9b2f5e80

    SHA256

    ffb4b6539dce722636007f4383e74f6bf282c64aaec51065b9b2c744668b7f2b

    SHA512

    6f770322d342c7aba07e15ab03c5e7c3bafbb37040d0250a28cd27cef3bd92eed8363af8d316e1587c78c2b5178487546427679da4ea7036ea82ca99f90b0586

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    802a542cc61d68f981a3ca8aea6ecde1

    SHA1

    e386063757c6030b456b176108119ebd131e2ef7

    SHA256

    a2a1b0a5be4f5534ddecd32f573627cc84ab5e4f7bab46781152d54af78d0ba6

    SHA512

    0e4d5ece3ad15d19c11ad32063f07b5a9686de3fb9fdc7b1673529a0736cf8f6f6fcbf3dc887d4f402caac20f9b98da55918313c14e698361f9ae3f55b1f00c6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5E0A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5E9A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit