Overview

overview

7

Static

static

7

4dc9876dab...c1.apk

android-9-x86

7

frag.sh

windows7-x64

3

frag.sh

windows10-2004-x64

3

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

platformProtocol.html

windows7-x64

1

platformProtocol.html

windows10-2004-x64

1

popup.html

windows7-x64

1

popup.html

windows10-2004-x64

1

userProtocol.html

windows7-x64

1

userProtocol.html

windows10-2004-x64

1

vertex.sh

windows7-x64

3

vertex.sh

windows10-2004-x64

3

windmill.worker.js

windows7-x64

1

windmill.worker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    193s
  • max time network
    224s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07-10-2023 23:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    userProtocol.html

  • Size

    28KB

  • MD5

    4152d9874d272b8c6cf2aced0faa4ba7

  • SHA1

    c88738f86f679d96de38554153ff3c4ee854325a

  • SHA256

    b8e69f40a7d3f10017c93c08872a009c37a2ca16eb7381f24396fc9739fbe51f

  • SHA512

    4480da5b53cf24dfacc0909797c51f7e78f968a4e82282a1554b79ec52eec78148fcf7c80abee9be3f0e9a39087b0561c0e3e82558d9678de63a2c210756b868

  • SSDEEP

    768:/oS574Lad2BhAFcO28gZ7Spcs2fW6L5JJ58:gk77cOlpQfhL5Js

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\userProtocol.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a526117f9a4770effc1d2e3efdb6ca2f

    SHA1

    3344214baa8eeb86f02b1cbfdacda5b940295c64

    SHA256

    ba27d237939a0cda033cc69dcf8a9f607e90eba9b4a2433a885c65cf1839b001

    SHA512

    0a6f95669bddb2db5866608b5e7e54c516ac2ee36be304ce98ee014a48d45d2c68efaeecc17c4217027b47c6f4c934069e2b0c475b71b3379b739885c7808c86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b026878036a97f538d9a2c1e0fab22b

    SHA1

    22a469e20c1e074eaa42f7d46edcfeda34ada28b

    SHA256

    ca954ecb4f175290d5f241ef0052ea9f4056522d0f0b2792d4ec75eb1c5c8c57

    SHA512

    67871477a7cccb50cb3f1062aadf09c8888724639d83662d3e1065029cda9d69ba71889e2d3d09c7a90d705b8e00b16bd4c0ede888207381899568ae37a75088

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d085b90d7f73337f391efd78fd9f5479

    SHA1

    b2358070554354f38122f255d6d3b8fdc5983461

    SHA256

    fd3a1864698e9333ee02969a2c9a5bac878619ca34cddacc8864acef6dbb2de5

    SHA512

    85421ef8984521aab5c38870ccd66dfd1e80d651c385c7786f2d4ffe6a41fe6bd77a9263bba0d645d4e16c0873a9f30582652861811c87b61eddc9c5bb0467a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dbdd9217bedfedc4bb0f74bce11c69e

    SHA1

    195fbbdc9c19a2a1c958fb1c6511e61ee5158681

    SHA256

    6d21341868c03493e859cacde1d5360f58e7ee5af0c28420b6a2b6ccfb93b8a1

    SHA512

    fc690847bcaae5dfcb155dca043c5691a2478d7366ea2333309635541aeb625e400b2f6a354db38a5a4d7b44c46c6ecbeb9bcf707d968c0419491efab1c6d4c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d2922aff7ad53c3cfa03c8c24bea0fb

    SHA1

    fe11d0d04823e0cce3d7d3da503e446f830d3d50

    SHA256

    1463b9c70f8a9757f10f5c7306dfe0f1dc64b0d2abf5c2b3349cd41799363357

    SHA512

    ecf8b5085a43b900a9c5fd01edbb7d7b7079655dc892bf095627f038f2085a4577780f9d54088ceb264f70cbaa62f2dadc9d4f6effe6eca0a894aa40cee8182a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    672cce857339fdca73092585e1837e73

    SHA1

    6563f23eff3fbf66b367e80b4433c1a112b2ccea

    SHA256

    4bbff0321f78f8bd4cd7f63601e3f7bf1405251c484bc383506e99fa1f45f2b0

    SHA512

    bbc12f900d00fca664de457977887681636bb1f57907cf4765b7147011fe59bf0a4206a38f92f1e8ea1b535626c3655d883374b29ea7915ec1e9e86ca47fe570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4426401dbb51c27d9e7eb4565614168d

    SHA1

    17b6fdf1b84440600501dcc10adfd7b5c8cd4b97

    SHA256

    563c1615020afc6a53d97bff807fdbf65ea5d726527de5042bdcbd064bb8d952

    SHA512

    55a12416350bfa9cea7e7a3824db2fd7678fce63e73247566a98bb13642ca420abfd4e99b05d8ca2970d17aed1d2020f2476018a27c95ce87ec753e898a42458

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b95034b81bef0649a046a06e800ac4bf

    SHA1

    8fc0004b182487b2fe7024e06ea90562b07f5f53

    SHA256

    ab5ea752020cad76b6a5e84c96df75802d3f4e1a6303a3198fde16b754ae1c0c

    SHA512

    aff9b979166e74d83d580d60b0767b0b6bbc43bbb10c965061039ba5d9358713aad691c7eb3787734f9467b5ef922c07e45a794bd95b52755c6c7d7d5926ef62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95191467e100223220a6af7158e7e3ec

    SHA1

    b5de3a55584075b3f31f003f8eca0383e1ffd9e9

    SHA256

    065d8b0a81867c708f093aa3d0c548095a55bc963a76dfa97d6d9524fe3fe46f

    SHA512

    8759d19d15c1bf0d158022ba958f6294400f63fe16f0d0941d52e4b75ea94acbeec61d6899ba1555d6a1d06790a75e87d411a9e9f90240afb85369540e24d8e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20a273694fa46df6dac21c4bde8237c6

    SHA1

    58b50bf0c9a5c4bdcde23ad624294df7200ed7c9

    SHA256

    3b1b1582168e67bb5eb99b8431ab6f4f815827cacad7fd979f936e6c1bd934de

    SHA512

    661ee2981e58c20bd17ae04211a3dede87feef665e5b7ff1ebf1308c495ed48e59ba80c61fcd80944726e201019b82e7b191bc297fe6ba4b47d71f30f3cf0484

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ab273b077e5f5660538da0ccefa9331

    SHA1

    d28f02030b26b70852e5e1d8e24c633542fe760a

    SHA256

    3fbe1fdf91f038fd2c3eb58e1d04f2883752ac34bedc49f70ec1a3f96a00c427

    SHA512

    77c96e1e89d107a1e15d47255b32970ae7c570edd03c854f6ba29ed7c69912cfa89e4cbf07f34094c4a4f6759b2c0e40ad9edeabbaba4c85f9d6aa510e745950

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98186688eecc9956f6654d0b41e3fdc2

    SHA1

    89ec6fae1e0b98824cbc5025241d06b891f208e5

    SHA256

    5c714ae4f1b51cd2ff94f821b4145ba9e5b043c03b2804fc7376876e784467c2

    SHA512

    9d187664d5f87aa0f1e501d7703687d621ef8664cbeeb71032a095234b810f8141ab84bafcdc52b5c15fff261fa75f219ae7b6cc65902c15cc8336e04146bb50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f298914f69a7532df97fe7d354d2cc9b

    SHA1

    cc263c62059b339a88a71b30481f86cd7c545f10

    SHA256

    8e0bebf94a6aeeea22c4970e314087ba0176fdb04141dab1059b8c2e6cbebc69

    SHA512

    5e1d860cb518e247447dd157083d7df0f99358a03c0bff72753102dc5984e1130b2998cad1dc597aad1057365a50fe184b82e0e3f5ddce1c9d150f4996b11c28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    437b4d2e3c3d6bb5c0d25d1b7eeacc8e

    SHA1

    1bfb3bd3ad4eccd722437245cf1429aae4ea2f3e

    SHA256

    c60d91eefcf4d9695240d7f746a3dd4749ca24b62e17c871fc5538265263f43b

    SHA512

    66552b9ec1d9d05afd83e2d9f812868e619849da2b6dda0ff44137ac6841ea65835ae5f3677136d6c220ba825c2bdc1e84efaaefc492ffe70ee68ea2bd65e6be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31a2d813142613236081c723c4c56c8d

    SHA1

    4959eebc99d31c8241c0ab4075956b186d1db1ed

    SHA256

    56628d69e52f95970c8e0aa4dd51dbf1a17c9dcb511c717f9bc4b669c524b48f

    SHA512

    bbe38509e841249931fb015ef8905539aba931eda46a1da8106a7915479c33b0ff7eda2029d8e7dbc9657da76e22610256c1a7410bb42a6f6774a11c22196406

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62bc094b53ef1ea4d74c813e2c7ead64

    SHA1

    27573b12c9c4994ed2917e08a292f719d5a33a40

    SHA256

    e5bc3281c16cbb0a4468aef7b0184040b7f39f0708d452e3a705528f6f402f0c

    SHA512

    b3a117bd65dca3df8e87c92af05f23d509d1531297368183ec1bb96e98610bdc6d96723cbb5d01b4a31b507b1b5bd72e285a385887e5b75c0e7a7b088c57cccb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69c8e7fc0cbf9325894ebf6e27c5a6e1

    SHA1

    26412450745c9c62e24974d4d8c2fdd422b94e69

    SHA256

    d887cfe7dd96491df304b6373961b1095a12b05b2647a7777a72eb6c57f80e51

    SHA512

    ecb2c13b8d2fff7c1ad07627dafd9cdda4ff092d298f492ed4534d00f6a695ea2936bf4cb6680ac80249a0be80d3c5d4b4ad45e3eff075d1f072e9b31f20a574

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAC2A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarACB9.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit