Overview

overview

7

Static

static

7

268ab69eef...0c.apk

android-9-x86

1

268ab69eef...0c.apk

android-10-x64

1

BR.htm

windows7-x64

1

BR.htm

windows10-2004-x64

1

CN.htm

windows7-x64

1

CN.htm

windows10-2004-x64

1

HK.htm

windows7-x64

1

HK.htm

windows10-2004-x64

1

TW.htm

windows7-x64

1

TW.htm

windows10-2004-x64

1

ar.htm

windows7-x64

1

ar.htm

windows10-2004-x64

1

armeabi

debian-9-armhf

armeabi-v7a

debian-9-armhf

cs.htm

windows7-x64

1

cs.htm

windows10-2004-x64

1

de.htm

windows7-x64

1

de.htm

windows10-2004-x64

1

en.htm

windows7-x64

1

en.htm

windows10-2004-x64

1

es.htm

windows7-x64

1

es.htm

windows10-2004-x64

1

fi.htm

windows7-x64

1

fi.htm

windows10-2004-x64

1

fr.htm

windows7-x64

1

fr.htm

windows10-2004-x64

1

he.htm

windows7-x64

1

he.htm

windows10-2004-x64

1

in.htm

windows7-x64

1

in.htm

windows10-2004-x64

1

it.htm

windows7-x64

1

it.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2023, 00:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cs.htm

  • Size

    4KB

  • MD5

    7ab1368f393babf245669e44cdffc710

  • SHA1

    242bf016da9095fac3f1c79eaeb704e3094d21bc

  • SHA256

    25fe7bc72acf556066bb777844234e2ac6854174dcadf88efbb87d3a2ba4706e

  • SHA512

    99642b8cfcab1bf1190621c05768803a777c767ed922385ffcf297b96c50af2094296fc5327acbc8fb68fe69ee0781a42d98499cbe4109d13194af4eed2d50b1

  • SSDEEP

    96:qAghclETuFmQ2tng0sKbt8p23udqrMOD4cxV/4OmVzy:qUeQ2tFs0l44SNy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a3b16195e95de0b1a515ff11bfef818b

    SHA1

    70e1b0257f359e9698063ed55339fe33289cd75d

    SHA256

    604eac8919a305a95b42f406ade7a0d7b7ba1fc7e2eb55c15c0b027445a35032

    SHA512

    a4d31295995b130977cd5997ff936b850a8c02492f061a8fb1fefe4b2ceb74a2ba977b3dcd32e14063019b00641dbc1836237cec3c0c2bd99aa72cc0c64f9f71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0dc81089a8cbb60ddca278757a9c23d0

    SHA1

    729af7a572f6ff2215c10996dee2c29839f6bf41

    SHA256

    0305c827ed2fcf49d988c035ecaef321bcfd51242176fac0030ff517d400a85d

    SHA512

    7e2d0abf1f2a3d0c91809956e4907cf9de9ba93293b8fdbc8bd7f4e95b4bc6adb210ae6bc7108b6daea1736ef2c9d2b7510e6ce459f7586937eca8a9067c4174

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    84e5ff9fc1362b91fa926897c8a96614

    SHA1

    b7b0466e2d6388924664b3adf04124279ecdb6f8

    SHA256

    c51fe52754478024e6d2c9ff2bdb9ef136105d1dfbd27585937786b999d210b2

    SHA512

    6c71018bd2a5304f4fe430cc274d95395a8a91a1a99e3e0ec9802c15a07cf68f5b1fc0eb5e6e5acf0885b50c1fcd755281e34e829adfa051e23e5833bba3bf74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e22e71a942f1c160ff9212e64728201c

    SHA1

    a5693cc7eb206b315249258680428b7c600b1816

    SHA256

    974557cb4b83d83e0486257c72a5a2ed92825b0eee5e341340e7a4e20422059d

    SHA512

    d0361622e675519ce4a5c2f164f096d02803cf617dac4bc96a881ead1cb0b8b8433e3aeef91c7394a4e4e64c7cc2e342480b9246768f3fef5745f4b040907bc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    09704f284c3cebbbea067b95e28c477f

    SHA1

    eae11c78de719cc41a0b35b63daf3b8e36e9c880

    SHA256

    dfacd840e7d6326acd5fb31307f327c12f1efe6763c321f082f7ffe9a786ccec

    SHA512

    4d36160871e71857bfd82d80a3517cdcd33a7947db722f43d574d439d38aa458f06395297a1a15a7fddeef02f1d4607ff95091b633091bd95be36276c0a3930b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e8cb87f3953c97009996dedae9d08b5c

    SHA1

    0e5224312a9bca9709d2e875b926da61f8b58225

    SHA256

    118b483f1f87e71611869bf242d0b183ab9e25dc3496f08019950b7aabe880ab

    SHA512

    89d99aa454e25399f62c5aa55c4870877f7efd7ebb556a3dd569ab3c9888d9b57adc346df5303fdb9ed3744218fa29c7ea9aa83b40501e4996a4045384cb7ea9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    31a591b6a8400ba179bd3486331b45d6

    SHA1

    486f701324f3bf4666d81fcada608b028cc1cbcd

    SHA256

    062f4e9eb92d78aec491dc9ff4746dcef54ab12fa8b3e8375ace979527b878a2

    SHA512

    f395471e9fe33b337122494987ad673e3a3bfe6e174bf68991851980fa637dd845c2d45dfc2f9dbb1e0ce782859fcbe28f64a2a8f9ad3a68b75612b1f6e220c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0db8c428d88f7898ddb168d64a14de07

    SHA1

    4259d6ac940c783d78965ba40d4ee23a6e436edb

    SHA256

    734d678dc275a66f3f452ac73555339f44ed2ac31d0fd014d089de468fb1bff5

    SHA512

    7d2189750b61d664a52b1ce0add400885087b407ef43b653ba5215500ea1bad15d541c6365dddac9daff4a8b3264a0ba23aa1741c2ff29b405868267d9cb11d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b7430595d8ad032e3ec4a62f0c800122

    SHA1

    0dd26f9dd53eae1784f774112173173015d93732

    SHA256

    2392febce7b2668d64fb64ab625cfc3cedcebe50fb4d849f864308928f47138c

    SHA512

    f232b8df9de8c3f933f328b564e80a24dd5f1ac606542ed3854edbe28f8b8b067288208fd674dbb23e4680572a8a980e0231229a0e46443bcab1d8a0c1d6e46f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    321d9630673972cf3152272e61edd05c

    SHA1

    8b82d2cf0249badec16a401e4e86e27618e551f6

    SHA256

    5c5d2ef1246bc754b82396bdff4cabb22f4cce16320cc57396b3743d5898d873

    SHA512

    77771cb44f8335671d31e9b5b860e2ff02110121e335ce00f0634503f6c00b6a96548eb4fa221b5db76a95b3b5df1066f47936c0070622c9419a6d34cb0dd4fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0c03977c61eb9d130277ed6671202f53

    SHA1

    b339a38c68df39aab659a0502edabde082f8a57b

    SHA256

    ebfcf9ca860a2cc658c7d67140eba0546ccb8f365924dcc9a09c919494450867

    SHA512

    c265e68da7631afde7469fdbcb6b99e200f169e3e1f866c5cc1ea0f95875682067424826321e96084709c70247cf186239e6648e5e060374ad102ddd2501801f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2e97a2d710f31a72d8a1f0c70b10e63d

    SHA1

    840163aa271a96ae03778b52240210e80a3cc679

    SHA256

    88032a8a141727dcf20fcbdbb786bc25b3253b630e390ddf1d95f5ab882d7d47

    SHA512

    9405602d6d05ddeeab4a1e8722af4061fa9f0704ae209e21f8fa31a7a87c5f88726fc9a26bedb0f23459a3105ce113ca40443e2fde82f120dcf2f7f7274ce13b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    01ad4d9a3351daa2387c84d03f6d65a9

    SHA1

    399e414be44f23838e74311197498c64054d81c7

    SHA256

    78a556c790d992320fec9c8504d4273e8d32bbd212c4ec46c5653470952e8c62

    SHA512

    1a0f7aee7a8ea51e37787eecaf5610a0437b7bf09c053b7ec7bf78476e2c23966e306a3d08bc96693db90fe6b1bc26da6a89b12f6701ed0a465804479e1313b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    51954a3b17a825dfe49f7626eee266d1

    SHA1

    146e7557ba97f3e87d1856c0d21e4907daf44b02

    SHA256

    8ffe1c7cf1cfe8e996f5b68c8a56d9ee4aefe461799ef394efc3e61841b2ef27

    SHA512

    1458c629b38179d33ebdb5fb930f4455881be5a03af67fe7ce081ba3c27322bf45a0ca2b04d0a7ff11fab096bc3a79f54c91d9ecc8be77066885e089a04311e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    51954a3b17a825dfe49f7626eee266d1

    SHA1

    146e7557ba97f3e87d1856c0d21e4907daf44b02

    SHA256

    8ffe1c7cf1cfe8e996f5b68c8a56d9ee4aefe461799ef394efc3e61841b2ef27

    SHA512

    1458c629b38179d33ebdb5fb930f4455881be5a03af67fe7ce081ba3c27322bf45a0ca2b04d0a7ff11fab096bc3a79f54c91d9ecc8be77066885e089a04311e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    761b18aff343e0c33d158ce3163d651e

    SHA1

    6dec7ef0ebfac390f2451c0db1e6279260391ffe

    SHA256

    b6c46939b5fd3ea4ab0918e63b4d77770ca6cfee5e71de8f3c692d459e2b4a2c

    SHA512

    e88e4971b0000166fb4e172e1d673898db6f93efdbcd784c6973bacf35cec1420fadcd98f06c6412b6a0f4c566dade811b3b59e87920d6966e00780f93314bbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d384c16462adb2bc5fb8d6d208712f13

    SHA1

    ca4a6ce6d48e0b18ca8c09c211bdbcd2605276b9

    SHA256

    cc03b007217d95bb4c5349f1291b15f1bb019201997a9ea5c38f9062bb9ab2b1

    SHA512

    9794a832a71b0432edb48e2fa43cc0822eb3b1e6197c94c31478291732cb27f59b0ddf651afeed6073aa311942c225c532758706d8b096daab9f3ff512407608

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b8a6aa32d84bd4e2f53ec840208e67ee

    SHA1

    c32a236cea545f5966ecee1f04a33950e3bc3e12

    SHA256

    c0448db47a2f303f5606d47ef44f7c04a690d559547cf50c0b6ae2ca91d49d00

    SHA512

    8d7d46f94925711901461ec9b1c3a6a688c5d8fd69dbd2c7d4511a5bded6edb27fd3c2b28c05db335b76a1ebe57e0bbe4b2d45a54705ee4703bef2123a76c9f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2a16dd95e80da10ec0604642d1ae3db3

    SHA1

    fb24b00f424bd3a033074b76159fc2622135b594

    SHA256

    58ebbc03d8141483d85e091081c3f6fa96e8f6c460ee4fc190ccf7eca6fa123b

    SHA512

    40edf209fa54174a20ea7638bf1908b51ba4effcd8637241ac32c540bd056aa955f926f419815928a1e36582247676b85ceb9c5adeed7e6ee1d0b5e7f7b1097f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ee9aefeadba97f67593bdd4af99b6d45

    SHA1

    a9cb4972b753949f81894427abc31208fe6fbc83

    SHA256

    a57ddba5e0fd7a55378350bb916dad5123f829fe863f2d8fdc12ecbdfedebc38

    SHA512

    08509010684fb8c3d2c764de1b75a7bcc455b3d18fa5cb78aea70b00ffe60224bc4da8090cca7984f1ccc83d132e32f31924018e8dcb71d9109e24f069d934f5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab99F1.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9A52.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit