Overview

overview

7

Static

static

7

4dc9876dab...c1.apk

android-9-x86

7

frag.sh

windows7-x64

3

frag.sh

windows10-2004-x64

3

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

platformProtocol.html

windows7-x64

1

platformProtocol.html

windows10-2004-x64

1

popup.html

windows7-x64

1

popup.html

windows10-2004-x64

1

userProtocol.html

windows7-x64

1

userProtocol.html

windows10-2004-x64

1

vertex.sh

windows7-x64

3

vertex.sh

windows10-2004-x64

3

windmill.worker.js

windows7-x64

1

windmill.worker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07-10-2023 23:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    popup.html

  • Size

    1KB

  • MD5

    73fb62357037eb34747fcd7938f6110f

  • SHA1

    7f78017780b3af9b856138a05422502981a7d301

  • SHA256

    74fb9280c8a5d40daae05938f99351b236159220a3a993b00b984ef992f32c44

  • SHA512

    f8ffff00b1a4dee44c6a57e22d7cf49185535cba64c2121775bbfdea31a6a541f842536af652958eef0cb17ff5dd34b53119f5122721218e0aa3708d640f38c5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\popup.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0f5ec1ba08090b0a8235e141d053fc0

    SHA1

    b6672643040a34e1d1f6d44756b60c0ef2a4d21b

    SHA256

    9592ec16fced8cbf69c592001ce1b2094b0f3a30bcfc933624f9fa587c849811

    SHA512

    44770faed5d7beb67c631c551f3aa076493ae13fdf6aacd7e68e52da0c7d33b7de05685d290ef888e879ad4a4de0554ccf9b2bf92dc7df52d5cc3fc07b849f00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7319925501e194be7265d890778e06dc

    SHA1

    16fec0404dde63ec132e62c335d20609ce125d98

    SHA256

    0da4c8bdadb4f27e75d8ec38f07c08813c8336cfa2e1426f275f08edbba6279c

    SHA512

    ab5837da0d844ed59f67144037374c5fd1a727ae83bb725456490fc885d6eb1c424dd38e297b822e9067c10a8e6edc148ef1b50d0448a457fbaaa1d74eccd3ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa49945fb9af779164b0eaaebbab97b2

    SHA1

    4b376a52d15ec1eb259bf3058bec171a25f06178

    SHA256

    19f6da1af3e1d46b1497bb74c1c9476d432f87d940438756a1e5280b1009eed3

    SHA512

    94bf29ee522e3ccce0c3087d08fcea3b6b7a55a17461f527a2b06cce949efdf9f6b7acde2415aa39efc8f1904976552d20677c6a9b6f6e137cc4234d80574014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    824e3af48aa740d9c0f0e5c6cba0d3aa

    SHA1

    15d3e393bb6a0859750f6c92ddc466e057710c23

    SHA256

    5931fbd99654b223c77c45cd38adba20b18b9b4c514cffb59089931975011a76

    SHA512

    baa6e3384d54d5b8ea2abeb0c922a5d620da4d0aebc9b687d2f5bb5debbd8e29602c9aa7137b601e91c58d28d856e067140afa04f606d2a964502b4af234a9b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a8eaa9e75314347eb58f584df119ad1

    SHA1

    3b01e529ccc4ad647d0fc2c51ea4f70190bf71d5

    SHA256

    21fcc2124540860df89e0a20eaca2b1befa9fc66455fd92f7293e6b389c5e466

    SHA512

    09fde9df5e11df603950fbf90c3338c6b3f40a3eef1ce3bce5ef31ecaab85dcc63412a9ca70a631d4aa43a9ec0576abbdbfa4934aae7f43a9d46009a9ab287b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9fe32546be2b09213ef874cfd308ca4

    SHA1

    c0f6be189cf1a9c1e9c1772e1ffafae9445a9d9b

    SHA256

    c8147415d03ba9a14d67ea270facd64ee1428ec8b8541e450e65d9e4755b619a

    SHA512

    0b9a9d96562561ccdba3cf0be932aa7f387062b4677944be3ab839fe10a0751d83f35e646bbb37fea079907708832efbaa770c05b201134ffc3e15376f737b9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21b6dee9f4ad42d0bcc72052a5be7955

    SHA1

    519ecfb02c55e356e4358ab4efb47157f8da7719

    SHA256

    cc3284b9d21aa08e6707cb7be1a040d404e7cf036f247bba454a875c013bb638

    SHA512

    d9bb6ee8ba2824a065ba66096fd005f08bc0b0e6f9613250a6be5fb32ef3f790617944445ed4e6d44490e4ab177e93c2eb0840da196dd38a9f048019c447ba4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11f82471e4d3b2607b581289f990d684

    SHA1

    c74a2b430f40d97e487bd6eb28c5b6660a8dc7fa

    SHA256

    7cdc1e695f99bcc584f31dd1cfd6fe6c0d21913634fe7652c303010036973b09

    SHA512

    1b1137881373ff35991d2afe9f060abd7f2dfd431f4a66cc6613ea126a8d352ffb78ca6bce924a078bb3088a106f4b44ba28c636ac3be3a55e8be8cf50fcdeb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a53fcfd138edcbfabb7e28bf1758ac6

    SHA1

    7f072c18e7e3bfd2dabad138cfedab6885fcf950

    SHA256

    09e741b3e463c6d0c4f0b69ea302eb1aa5157fe68718560864ec094089f625b6

    SHA512

    48db01ef16b9b957b114e4eb553afe02c67d11efee8fa199c09b0ac6eb209eca58ee28cb1bf99e088e9ecc1b1f22725bc6dab49a9e03f9f6714e126c1691588e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9DB9.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9E77.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit