Overview

overview

7

Static

static

7

d223178c81...a6.apk

android-9-x86

7

frag.sh

windows7-x64

3

frag.sh

windows10-2004-x64

3

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

platformProtocol.html

windows7-x64

1

platformProtocol.html

windows10-2004-x64

1

popup.html

windows7-x64

1

popup.html

windows10-2004-x64

1

userProtocol.html

windows7-x64

1

userProtocol.html

windows10-2004-x64

1

vertex.sh

windows7-x64

3

vertex.sh

windows10-2004-x64

3

windmill.worker.js

windows7-x64

1

windmill.worker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07/10/2023, 23:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    popup.html

  • Size

    1KB

  • MD5

    73fb62357037eb34747fcd7938f6110f

  • SHA1

    7f78017780b3af9b856138a05422502981a7d301

  • SHA256

    74fb9280c8a5d40daae05938f99351b236159220a3a993b00b984ef992f32c44

  • SHA512

    f8ffff00b1a4dee44c6a57e22d7cf49185535cba64c2121775bbfdea31a6a541f842536af652958eef0cb17ff5dd34b53119f5122721218e0aa3708d640f38c5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\popup.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3d125a00c33e0a1d7a4a31cc4deb39d5

          SHA1

          c3364ebec024fc4b7b5ed039b260117ae1ae74a1

          SHA256

          631d542aeec3c685797c7daacc3f3e07794b0c76b05a36c540c609d6533b1eba

          SHA512

          bff53faa00ab22530e38de05f1d21ada4e95bb77a147ab201f3f8f236b14691b1a513bf9d9dea8c3ada79d02735dae571e427c2fe912f570618073c99c807d29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b5d2853a7ac03309ab93ffa7b0e8d186

          SHA1

          2fccf0d86da8e6b918f9577a1312de5da6bb6a47

          SHA256

          48e378def7e4d54484cd8f4624a7ff1ea033a13d77a4c69dc693a6ce7cd9a8d1

          SHA512

          83c3b260d598af28593bc767d9e2c2e28859bf39fc305d14d63f87383b0c70fef467157abc854f47e5c7db57ec13d4ae34b3a9ac16a1818e8e8acf976359d1c1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4ef9a2f61403b7e514c9c5bf1d55123e

          SHA1

          3b18c26955e44f0cce99c04875af6f0a8e8de139

          SHA256

          7b2386e7b97f400cd70eca280be00b98604384e186dd0b0d3e3a034315d6a1f3

          SHA512

          86f21e4755f403de002bfa29fda3dd784911cfa18aced7be2be15525b38acf5a5a22040ca2a42a41817c199babba0f9f5e00b4b6374e9a0ba3474493e98250fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6a79ffb7817b865e51c018a7ce1711cd

          SHA1

          e2b2fcb1372ca41498d2b9bbfadc1c86ddf46b6b

          SHA256

          f6b6f714119719c444ec53f6d707b0e47a729ab08aa5f3f8754b5bda8f922b86

          SHA512

          1fe5f816f5bd9067ef1cefaea5ea1e8da19b3e03841e1a5430be8ac1ad859d40d7e3d353d9404433cf9f64c9efd6c2ed913bc0e9a10eb4c33df73f0256a64bf7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dbbae7d6dbe05cd74105512b763c74cd

          SHA1

          a6ca3de7b1276bd7c0ed1ac2fc5958050420bc42

          SHA256

          285a7f4c5a005416110ce3494b8154e5733c2b9b1f9a15901a4703b9c8301e1b

          SHA512

          29ff675b3ac0062cf0557b15f75c4bce977282201457aa8ef9ce97c65eab0650fdb8f6869d490378e95ca6d4f5335d9283e90fc1155783d2647c822b3afdc60b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8c807fc6d1ade793f71d2b53939d5761

          SHA1

          2bec7b3e350ceabf292f6b232e50378e2fb9e2ea

          SHA256

          19d19cd4b0567c6b7a19f49c51ab7471fc4d42ada261a3ed3c20e040abed0ddb

          SHA512

          849c25e599fab65504840b2b81172ae440d05c1631a979e551303f387ecf7f13608a99c5dd917223e6ebbd5a8e9f6d59e01dcffa7801a8ea5642628a247a0982

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          559ac40a1c22fe25cad51650513545b4

          SHA1

          674af3741c189f5b9c8f80556713c21d5027fbde

          SHA256

          ac4f8505cdb85c6651865734d08527cf2fad37d0d53a7bd36456ec615e2610a3

          SHA512

          3168ec2df144dd1e842f810e1be25a18af2491183abfb9544592bd7b93cf06702237debedcff0a68e45a3aa43942d7cb1ab6348c6e86d7fe40ef89f4f2e28af3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          683c884575c60a8c8de826efb053199b

          SHA1

          9752d077cdb10dc8c6bdf3fcd8a0172d1a5624d4

          SHA256

          a9aba9a8e571f25ea372ab4e8ce88a888b326601a4e3025bc6e3e5043cca9d91

          SHA512

          025c4e27ad7759d02f746edc798f16344c7aadb435c5032c48ff966cee229536d143a08ffa41cb53592266bbe25dae993f9de9612b17f95f43e4088a38d9140c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5755.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5863.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit