Overview

overview

7

Static

static

7

c718c3cb6f...ca.apk

android-10-x64

fail.html

windows7-x64

1

fail.html

windows10-2004-x64

1

imageView.html

windows7-x64

1

imageView.html

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

night.apk

android-9-x86

night.apk

android-10-x64

night.apk

android-11-x64

problems.html

windows7-x64

1

problems.html

windows10-2004-x64

1

success.html

windows7-x64

1

success.html

windows10-2004-x64

1

test.html

windows7-x64

1

test.html

windows10-2004-x64

1

upload.html

windows7-x64

1

upload.html

windows10-2004-x64

1

wbjs.js

windows7-x64

1

wbjs.js

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    210s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07-10-2023 23:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fail.html

  • Size

    1KB

  • MD5

    aada3edd21602f628a2063dc84d27bea

  • SHA1

    233d0e13ea2c39a6780d866229857ea955abbca9

  • SHA256

    638b62d066f52d3c5a764ad4421f1063d0f1cd519c319079699c161c7ed0a69d

  • SHA512

    dc198d0cf6940fc7332decac3da2acaf0fc45097f698559415bfe03f19bc0cf90ea6010056e9172e6f9de28923b7b66e7087231a77f19693095fe844f71fc160

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fail.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37b3341d0e5cae47f5369e098b446a26

    SHA1

    740a8cb43e45599eeb8e2b4d66e1f6ec77b46b8e

    SHA256

    95e93d7de966dd12fef451ea8df4c29074f5b19c033afbf5dcccb450e33c8338

    SHA512

    3f67a01b2b38d670a0397b0587dbf12d43906f0683c19ba7d9412d83a43dade1a2311fc12291fe26a58674c4ca7e140ef3084d96c7686415fd59631e35503c34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5652692828a794cacae9700e8d99fb50

    SHA1

    0162d5fff24cc2fe7367684245bfeb78259d7ad1

    SHA256

    f7f2538fe85395da0da7635f5b7a2d1490a071d78a4c439572e4fb72ae9e7414

    SHA512

    f1babed9d0a848dc401c6e547d6df0bdc650952ad1cce1bb58ed36cb20506348966d91055a2929afbd74703910030071df8aec39e8b8f81c2b8ec844a45dcb4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f9e88b8349b8b655f02cab108821103

    SHA1

    df3c30250d9c8ff2104da464e3b452a52896eb83

    SHA256

    b2cffe6915a47e628c219cf4765a9adfe1d1e78e1eed31c03f14c828a9f3ddc9

    SHA512

    38fdf358c9adea782aff1fb6374ed4e1d709b3c86267242d37a525ab9e53c339a4c36f5fd26956e577c7a8ac4226fc5b269206b71364630c46d280a2608833c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fee54802f6bbab48d4e6388f54cd54d

    SHA1

    19d3090c4b777311227deb73aea5bb7e04ea232b

    SHA256

    91c067d2abed4e95b99480e4ed4cf3e175b6b57f504571df60cd4ba7bb0fab9e

    SHA512

    51a3cbd3049e645c4decd2df69e59ad17f61619c146b9ded523efebf1c39b96757b1317582fbc4f9dbaf11deb3fefd55f00be071d79275f5bb02a362c2e6ec24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae732565ddc5ee533347f76c039324fd

    SHA1

    6d467e6ca316b5e2c45f8c01f3044915ce00922d

    SHA256

    a92fde5f8e274f1b2dce1256c2450f6396b039c56ee1b7b4f4e049c16b31f6da

    SHA512

    505f3d511b4b11b8b9d19c3348258db9ba6fabe3bfceb10e487bdd7820a6cb59e71655ae2d18f5d9403a1cbd24de6ff8d7e0a301501444abc3ed48f521da800a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed5d1fb93e37209ee01823357ecc2a48

    SHA1

    3e14389a2577ef27aa2ce87f98fd776df6c4ebdf

    SHA256

    0fbb0773214c18bfcff9dbc5a70b9610199c9a12049b238e58baa77ba9074a8d

    SHA512

    5fd2c59333d01072edd20fc6b85b507a83c15300baef91b8aba4582ec6e3c88421c5eeea34ad9f1b0b4107ea06774a37863cce93fae3fa0f6c593104aa25b15f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09de32d0110197f31265b52cee977fdd

    SHA1

    2732b56563ff41e245ceec8815c5fe6ac7745ecd

    SHA256

    753646c791771e280e0c711016a49508351f0731aa780329c112cdd36663c863

    SHA512

    2972ca3baad5cc615dd3f7ef515897b706873b8df073d5870d3b97968541353941fb78fa8d77d24a9ad5787907fe71c888d25482b45e22e68fa8290a36cb7c78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35af4e707600834da285023cf99dd514

    SHA1

    83e1b78355dae89dfc44164ab39a7a0ca54f0e51

    SHA256

    fc4b7434f3e0b8654ab75add01fa7ad070169d2b4bf7004028e09779a79ecac4

    SHA512

    4f10afca09dba9c9662238eed8380ece6c1450e2a17b95ed35d02fbf0e4d73308694f30fa55e2d864a169b74fe89b8d6a6774bdb3c952a47763211b759d777ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01815c5cc09a556f266e5a631a82074e

    SHA1

    6726468ddd4f573277ea5d8fb4a0e4390864716e

    SHA256

    1f36a899970879a0c22b47c6289b24855ec2f8574949d115b9d2080c4eb9a05f

    SHA512

    9abaf44c9d1a082acc9b10619379a5fade3961bc99ed1119d66516a17f171ce38cb648a3b3b0ce904680914956156a4d16fdf22b2fcda9929407ba7147e04b36

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab68A5.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar69D1.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit