Overview

overview

10

Static

static

7

hydra.apk

android-9-x86

10

hydra.apk

android-10-x64

10

hydra.apk

android-11-x64

10

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

faq.html

windows7-x64

1

faq.html

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help.htm

  • Size

    53KB

  • MD5

    883888def347f0db8dbdec1fe82be5c9

  • SHA1

    f54280a3690f373a05cf438ca12c3e482bc1ed8a

  • SHA256

    766c2b736da4683d0f7cd5927cab1441dc13bca47af33b0911d5aaaa70da6ab2

  • SHA512

    4538af3b0b7b2786461d37ca6e3b93290ff9d6a6b7820f7dd3bf3840414c06e0c271786a91e5164d8767ecc66645f9a09599af661ddc39384717dbb80d9cc546

  • SSDEEP

    768:FWAtJoDQSUPSEXVe5wSsRz1K4I8Cnsro7:b6kxPSGowS+E4I8Wsa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1672 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bb9d41997fd13cc34018461aeb95eb7

    SHA1

    f867db731caaf80f74a132afc9a215927a84bca9

    SHA256

    1deac24b30fc19148782108a57dcfcc00592ac0aafe88360feeab98f285d64e2

    SHA512

    4b30a9bc9c800d439967c8f9e2400392a39f512a9d4e5d4c26417698ac5b5e56c4e4a63520330154e0f2dbbae8b2889e56fca8f3a3aa9f3f4ee48fa282b9f858

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3e661fa690c68781f4edcb5b11e7011

    SHA1

    264557a59fa7875c65043d60699f9f02646d63ec

    SHA256

    c2455d72f7cf0090d29850fe6fd90c5005658e4d30a6c0c47872bc7272d63f4f

    SHA512

    094804b9b49912b58c4511ebfeea4231ff81a255ff37b3ea75b3eb1a78d6eb662a85447a84ebe06b0e756ee253aeff5cc97463ddf90eef7ab6a711495391fcdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d891090ee275802c8ac904ddb32db7e4

    SHA1

    667f774083fc7db8e7e45c1a2908f870250589a9

    SHA256

    6ba73cbf7328f81546f93f93f2a67bdac822018a47553b7a7a97c31fd527e39a

    SHA512

    6e54194eb60ef0b7ef8a010a65696ecb11dfea7921a465a265bc6fd80ae62f5af37a92c3b24e8fbbf7e449f174924258210f94bbe9ae31732b2dc2609873f71d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57b2792718577c066b90184865a5567d

    SHA1

    b82625eaac28acaa38bb923fce426745187a9c84

    SHA256

    4dc20273c70eac480eebe039a0dd1f233edea46e6be21e45a5c5a25cb3eadbf9

    SHA512

    13b7e04bf3c3fa69662edb8ca5f2a17ac1018ab97873336e35b3219723b6c7491845cc6329cb8f70f065ea7eea5e74e3d1a4a13e67a631b14393f0b9e2348599

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88a02c374cb8a6fbc8761b12d14ddb60

    SHA1

    2dcd6d0d7ab5da7f13fe4f285199df24f89c5418

    SHA256

    ea360746bafe63bf8aaf9c09d98a994ab2b9fedee86d2a5a50c10459c8e64784

    SHA512

    4b2748cd8e8fad575d17467f375706aec8db40083c70a16179a203bdbc27c2add5797e319425f3431fc964598b7825351dacf74dd3a1d06dd987debe0b0ed34d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    925cdd970d3574034be0d6cf5129b8b5

    SHA1

    7c684857d6d720c6306a099a43fa1aaf71921fa3

    SHA256

    350e22468fea6d73fee37396f60fc0828fe28e92903a25bb221d39ab06f6974a

    SHA512

    fd8492342ae7c29d0bb7fa193d9d155e912f633d1acc84a241b9fcd7b4af8b870f071883401543b83f77ec027fd6fc8f81adff0c1498b61d1637a65ae6518a6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a6d31710861c1acf1ee755696ee4f07

    SHA1

    52a935e24bd703b34ad87d4e4e312a6143b3d96d

    SHA256

    ee6c25340a92560acf9c6e1eb711681a2e3deb0408470721e98090ecc8323733

    SHA512

    d721938919cf324b50fdeb2a424eaa8bc0644c1390880fd112040c6020a012baccfdd611336d09b1152819b7a27245981f5fe9a752b0059b1b24f735e4d3c40c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5752b61d872868c29038aa221d75fc50

    SHA1

    710e6ade33e603da2ebcd095465a99836524e8cd

    SHA256

    08374a697d7287b617e0cb7670c7c2783064417aab70e51152a3acfca9bf87d7

    SHA512

    6d6ca85fcfe38361595807da8b3ddc642209f3c8410c4972ed0b13981df384cbff4bf50278c5ec38e1c2f18ca71cb545d36e0f369a42e3b4c85484ca99a05575

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c2e90a22c220b0f33f05cb9e9709096

    SHA1

    344f8380f6373f035fb3bc43b8d55a0ebb9c6841

    SHA256

    eb67f2ba5ce9f8215b08782c257f38139e6a619cb7e7dfd2140753fd30009631

    SHA512

    e678a6811c497c65b25e88256b04824c8a4e98552e7b7e359e104c2b862631dc20889792b8915d0de17111aab75f2e50eae03c1d5fb4b5934d842ab348171c43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3de125747f8ac353adee42d2f889f18

    SHA1

    7c66e3f26f99a0bef31cdc8c61fffd1f30b7043c

    SHA256

    79a8dd862220b4dd1c6dc55a6a77b19abe3a64a9fe9a6e15de2417f6f0a882fa

    SHA512

    2a4748dc19f16d886b9575b29b9fb6b7f8b50a39aba54e0139a1dcb54ea4e3b455f633b6090413ac6025cc40a2d6f85852144b854e939af8f88f467683cf6d8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6223d5af8e584425a37539dfbb6f8d50

    SHA1

    62c0f6260a7822825717ee719b46871c98821258

    SHA256

    ad7aebe0df4992dedfb7aca753d77bb524a3fa83e0cbadd7f83a9d5933c211cd

    SHA512

    289cbf458c296f01549828166548ad98896908060bb59b955ea1cc95d482576ab460c54402c8a13a021b457d7858233ba7ed6353238c88393020e352f24563b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3bb8c6ef6029e3a0aff72db227b94c63

    SHA1

    5a1a57606fc1c3981d3e192b571c6f996434a2db

    SHA256

    608eae72b88c8d7d633e7c9ddc0d7a02878fdb25a3b4b5e2eb968d7b4e75d45a

    SHA512

    e121606cf552535246d1d24ebf03d3e9d5768a288ec9d184fb8a7991882bae23ef0680f67b9ee44d1703d9fe2d47ae594907d7e898317f5754ff6e571f64cf8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad57319d8ebf16fbb9a763843fb1ade3

    SHA1

    50bb131ec7ad9c145caed394b9949e7849849408

    SHA256

    792eb6f81e0a3588abcad297652cb7f2ee43aa9d776fb6c2c0f4fbb948dd45c2

    SHA512

    f77404f686a3377eb8e0f531c2ca9ef3dde7c66f0b31b30419c3db36826c57203116a6a329dac914a52c34550331509c9f5975f217c2f2de21a1b2a3fcc9a389

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0e1a229376d1e04a338bf5dc6983fa0

    SHA1

    fa819129cb21999ee0ac3b31961df0ad62bd48d3

    SHA256

    4ed76993e50d0047dbad8fecf5c011741d66cf3202f002144320a0e83d7425df

    SHA512

    9446d2ff9d2436fa943469a1a748130552e966133d755f99f77a4d30493cb504622e670dfa552bf855a6886d3a84afc1726976f4d071b49c50a8ac40eddd1343

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de8c58be3abbb1a564af40b8d0519301

    SHA1

    ad1997c98503c4c983761db363b8d60719c79051

    SHA256

    0acc7bd928b644e068b880a8a7283f2df8ebe952ba4a1373354e6f59bc3f8ce2

    SHA512

    bb2593bfa9bfd3023abe69b7e34c846d1f93c9b6addaf163a12bfa130c5e71f6a13a82f695842d6fc0d38a4d7e1a8abb8654859fb7b275ea149037205f1e83fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2346c1738d962cb2f1f401f66c4141b2

    SHA1

    f9164030250907744bbcfb27d57d26c86ea91829

    SHA256

    c9dfee72b27860b09277e31f865ebaa0cf3940b7dc145ccd18b032bc24104bc0

    SHA512

    0d6e776b52a67b035bb6a53d560695e71bde532c23af735d50d30d94036727d2de40cfd86b4c6efa16fbb17f0f0a132f4dd5635e9db942cb0a9f04a43b6117cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5547f5add47a92cb0efc8fd848e87a1

    SHA1

    9c84528d50da88f2ef5622004bad4de35ff65798

    SHA256

    fde349aaae48eb8ea73282de2fed5a3a6b2145538059fe30dd5e3a18272bc3e5

    SHA512

    c39205d37ebbfd94a7ee7fd0b6018bec33119fc84f9e5e9ea57e3305d0350f7b36ea732fd8b23c1113dc1bd4ff27d7e65b260abcdae746d41d813b348d7b5033

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08e8144dad7a7dd0d59c2ce8f0b2a186

    SHA1

    adb075a854db6435716e8f3bf51ac28d98b2e45a

    SHA256

    72efb6f32b54bf15df65f7acdd11dfa19a4e5ef4c7233817547213519fda1ce9

    SHA512

    a28535b718e06068c11ae5d7f8014a7da7f6edb6ae09def375af28d9b707fc87dc0aed32951a546f65f0ff5d490a2aff5071a5756fc1c7252e922455cf09d46c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dc81110f3d4b0126ba980363f656828

    SHA1

    bb567e29cccefe7c9c497a54ec16f87723479f3c

    SHA256

    54f14a141fe15187c4ac220c13ec5c0e1aace694290a5195967388d7a355aea9

    SHA512

    584b607fffed9dec7fce7132e94d1a220d7e2293df5b1cf4e687e29fcdeb190c5ed431ca0ec637bb385a5eafbed290e1599eb5a26967becf749c21c0391cd662

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5E2A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5E9A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit