Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_privacy_policy.htm

  • Size

    3KB

  • MD5

    f5bd54f89d624a56a0368d1bf532c60b

  • SHA1

    6fdb247506d811132bc5b51ffc1d82afeb6e72b4

  • SHA256

    eb87dd5ca31a26b9d8a8bc650c324b49027d38242ffc71a89b04e0aae8b4cb4b

  • SHA512

    8dc96be4781bb08b1dcbc3205f59eac592285e98a349a330301ab32e81a25beebd9224880215c62e431d9926c7ed0433e886b61730ada1012ca2f907fcceb263

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_privacy_policy.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1496
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1496 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5a7d576cceb5752c0c398d4c2814b0f4

    SHA1

    79b982685d8f9a601d32dca93c137de540cec208

    SHA256

    92b49247a34bad2d83bd12ca302eba44010f33c2de2803d54252bbd46398006d

    SHA512

    f1c272e7636fed05fe04d97e36d4c82de559cc59908c8651445c531f21a4e783324118f942169ba44394c0b28e040f38eb7a5e40fcfb8a0053ba0d8b552ebb80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d9a264f8915eba50d2669e8a40d1220e

    SHA1

    684aad278381025a2191a1dca6135a7b531b1d7d

    SHA256

    bc9ee4b91af956323a1c1988e7fa23c534d219d376971bf6e11488e91def3e13

    SHA512

    c1a29c97805fb70b05a3bfcf021fdfc02449232485eff3ab27dce62d12153abe93e46aa84e7d8740487f6b83b9b0d5a9c323364bff3d4bc24e367526de30dc2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    92f98e316a50a2f199a20858f4e6a0e0

    SHA1

    dc9f0991a2e67b2b92bd626a41b507273f087891

    SHA256

    f01b316a4b60f4ae7ac075406a4c917e04cb64c724a1fe93eb95949e82fe0de2

    SHA512

    3433cb4381cb9c1ba1f992c896a18b136f6285319d53b7d698ffd7ebd58fa85cae921945c4ca337a2baa5f2d836343c53b2270b0911d3559a3bc719aa58d883c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    31d5beeddba008512780aed5b15744a9

    SHA1

    27f9e60ed33091fa77427decd5560287148334ec

    SHA256

    c451fa181a01a7fe912550ac3bef09dd96256ac9bc871e6c2463d4f7d87f9541

    SHA512

    8dd4cb1783475e4f88707362b8264bc49c6987286e47ed93620360695d79b46c1f8a6202060329753b1a7752c3a69c7367313dc7b4cbf9872496e3493e266cdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b39e60cc5940c4dd8e24ac3e9caef050

    SHA1

    0c2296dacd7d2f2e1fd7eb12925b844df7c879f0

    SHA256

    f428fae292e1be01c18cdf7634bbaefb11cb75f9762cbe9df4a1391bb1cd42d5

    SHA512

    7fd2d42d1cbf726b270ef4d4d2a3b85c7b2f7d330e33cd1cd4e44bd88e0f6003a68218da991ed8ba4095eb7c5c726dc02bc11d1259dd6cf3d0bb32ecdccfabae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1b6395fd2f2ab862e87e7777e8d107cf

    SHA1

    7853b9ce3317ea52e9a5e9da8c4bacc764675d6e

    SHA256

    cd348fb08b8458125baef300739805c0102fb4d949332f131b9f24fcafd95e1f

    SHA512

    3246dc60e56999ce0f4e9d6595407f3ed375acbfa667d19337dc5d1ec9db37e2153a835b0b334598cca0aae428be14b2792a24cd4fa5f37928e44e06eeca7547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    19bfd1c7cd0b0622dbe972e02b071f32

    SHA1

    0a6ea7c1d1502952d3e5eb5aaa028a46450015ba

    SHA256

    04068ec0fb7675192d02a8aa5ac5dc736866bdd1c1e1bdfedbb65fbf5fc69f82

    SHA512

    5a81820fd0c203bcac070f2de2940bab4dc1b026fab7290d6337c23d159bff2fb751cbcc52ed20cfdc5e9dd9778387cda5783afb1e6c1ecd32fbfb4d23501666

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9f60a48ff5e8c2f08d9013c962efaf1c

    SHA1

    5cb83070f1dbc46a6e75e2965f6e008e7549d91c

    SHA256

    14d4c719edd5b92102d801c59bb65d094a4f053417370b40bcaaf6446d5e3941

    SHA512

    3a5ae87a1c8e3819936c81fda92168f0e8295c495b8c62997912e93b98bdb20543abb62e436a99e251446421620e47bc051a70a3cc6c2185a4f80a67c4db2142

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f2e11cb89a7a23dcd2c739a86aa7c215

    SHA1

    f1fdb4e71259a73b945a6dae043121f4bfd66299

    SHA256

    512fad1a887cb3c40bf8333c4ac62145b5ff365e140f71894896749f3025a782

    SHA512

    0f60e139dd63dfb6b6b936df94e42db44d3811cc8d26848f4ae18d54b36cafdfefac27a236b1384f703c71b7dc0c836adeb0756506d7aa806c551ca6e307f474

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    33b1f088f3b5287e1718dd3f7205cbe5

    SHA1

    3f747d95dd272e53d11c121c8e705344959df011

    SHA256

    ede5d182b2fc80d97896ca9bd430be117f9c422ce5a4be988ba2f48d887cad3f

    SHA512

    19971adc4a1290db0356a4f89864cf89fdb4d92f97f29fd41b6f38cbaa910c004345bb5bac016d5ba9413ce7c67c41837b200c37a965dee80fd4ec99380e281e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    798db6244a135bae8619232e95a5cc4e

    SHA1

    a986bd14aad7452008b780b1a64aed30643357fe

    SHA256

    a4974b9ab893095079d4441234ea5419887a3577fb7c76941bd25ea5c7f5825f

    SHA512

    f0089cb4b1ca42c4dfff5abbbcdd862de4bbf1a62b3ced8f658fb9ced357a013b9cec75a318c5e1b2a959a2335b1548b0266fa71164e7c56b0d7bef8b5011b77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    aba46340aeefc8ccd5f73152fe3f1d63

    SHA1

    de0ff330cd5975f63874b80bdbe1055c01702549

    SHA256

    f69ab00d931240944fcc423042b4ec92e7100bb866ddd4a69281feb3fc7618b6

    SHA512

    a30d5ad7778ee84274f865c4c0ff1ec249701ae67a06a61aef3de09edfdd872cb81bfd89a20e605ebc8b265c723efb20282d864449c13fb63fc4818c15028040

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    14a48b007bae78c9ed76a20fbe02c1b1

    SHA1

    19055ebb1de4ab40ef16e3c5a254fc8fbdb9ac2c

    SHA256

    fb9edf723b48c805a50f08aaedfbe373bc6f90be30e787062c04cbc2dc6bcedf

    SHA512

    c0d28c40264fdade8bf5b1425002165e8917d85c55359c72e37d90f7831e440f771a7d669d22bc4c69c595fd1a4d18ca772bdedba319b5fa9355ab464c7f0674

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6811184de912f4efbb416f44de16b1eb

    SHA1

    acacfae41445bf44b971daaf18886fbf03f19153

    SHA256

    065c6c58acb6a0131ff5ab894765d87ca16d737a340f95ddea7ec46add9b4470

    SHA512

    d636ee3c107ec83811d1183b89ba53800099ae26ca3267d40d36c42f8199fe08ee583fc8b19f92ad98489de969443a68d2b18f2dcdbdd4f17a447fcb206a32a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8E1E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E80.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit