Overview

overview

7

Static

static

7

f277534561...67.apk

android-9-x86

1

helper-huawei.html

windows7-x64

1

helper-huawei.html

windows10-2004-x64

1

helper-normal.html

windows7-x64

1

helper-normal.html

windows10-2004-x64

1

helper-oppo.html

windows7-x64

1

helper-oppo.html

windows10-2004-x64

1

helper-xiaomi.html

windows7-x64

1

helper-xiaomi.html

windows10-2004-x64

1

imwebmodelprefix.html

windows7-x64

1

imwebmodelprefix.html

windows10-2004-x64

1

imwebmodel...o.html

windows7-x64

1

imwebmodel...o.html

windows10-2004-x64

1

imwebmodelsuffix.js

windows7-x64

1

imwebmodelsuffix.js

windows10-2004-x64

1

imwebmodel...two.js

windows7-x64

1

imwebmodel...two.js

windows10-2004-x64

1

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

load_error.html

windows7-x64

1

load_error.html

windows10-2004-x64

1

localappchat.html

windows7-x64

1

localappchat.html

windows10-2004-x64

1

login_load.html

windows7-x64

1

login_load.html

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    172s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2023, 00:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    login_load.html

  • Size

    237B

  • MD5

    1eb969b356e28c96b6b88481a98e64e9

  • SHA1

    dd2e14b292aabe3d64c6a0fbf375da2bef288576

  • SHA256

    4f9d6a12febbd8c70fde022b57f7209f1689e0532f6fcc45d852ced974e14002

  • SHA512

    73ff28440c17b9ff1ff27f8b2a9868f4d9940bda8d9f8db766cd1f53bb015d54f3d929a5aebf8a6fecc19a1d0ddc8aed16de70b366a82b83fdb0d45f158e973f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\login_load.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fef241df44d7597a19ba242b5cc11f5b

    SHA1

    a72d85878c89b08be5a8b71331e0a735535bd6c8

    SHA256

    e5897575d7ecec976205297aab8933bdf6ea2112fdb0f5cece5282e0139bb43a

    SHA512

    b1490ebcac22089ed16c68b7206f0ec2444111e5198f68ca9248afb09679afe2a12d1e9e8116add5bf75ae266a2098a2b4aeab289611d96c6183f1cda4947a0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02df637f4146e088397ef962bf1719af

    SHA1

    508d4bf6880dffd376577aef578a6786a1e48d4c

    SHA256

    94b7632743ea4ac263005fa244002fc9994656414cfa88cf30580eeff50b7fd8

    SHA512

    94c96eb75cb5d9f21e72bbcaf30b59fbf1ce98d74a1592d787f01907f2bbb56656c840265850259a70579c79adc6192c1a7fda4d95c02c06cdfd6849dfd90729

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    929dbbc3812210eb7f3eaa5596a19236

    SHA1

    1914a48c3cede34f7be1c47401d684922a954b47

    SHA256

    661349787bb7fd88b048c79e02badbb24f95c7f08e72b1bfca30c4f77b2885ef

    SHA512

    a20275f2910c4a586115e7880e38e950cba28f2afcb8a818b45f814416dd43ad2f234131181c6d729c340ee2f543b529576b3d75b461ccbb62401deef88dd832

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd3a67f3aa292c8d13b54cfd52cda54e

    SHA1

    7254cbfc256ede016a5dec55e1b6ea7e4e7c8c8b

    SHA256

    2ae7c697ce052a278e0206951298c9c2d7e10494c0e43cdbad406f767db09e70

    SHA512

    9550b653d7ae30c9582442b387045d2831a6031b535f299c7a640e33cf4671e570d24e32d4864091f24db3458b06689b2eaea421f3c5d9917652de959db218d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d150b039b9e83e594e4009b542242ebb

    SHA1

    d74e7b349a528722444b35d5f675a7f490c9982a

    SHA256

    136051635e15254b056ba07bf920e930a629f802ad4c7e6a8e0a16ed8ac721ed

    SHA512

    72f0720d2ca3ed21e4eadc76eb756dfea1f0763030fe10ac35ef0b56a9bc39e37e95852e848330a8777cff4004a74e92cd9b61ba583259386ddbfbb0bca73231

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da9aa6de7fb280d4c5815815c56a55dd

    SHA1

    14a9e62a2a34147840b4127cd8713c2d1740d694

    SHA256

    16f9e2fe29cf88706b7e65d54b89c7400706fd67f44df572c2de4f61fa594dcb

    SHA512

    3139c4e1259ca87cb0458dfe858f1c80e7ff244740cdb2cb82d314a0109d7b3eac2fa6acbe4a0d79a23eed3153ead59011fd8b93685420ae1b58f55ebd34b1ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59bb188ad9a13adca9768d7df853d92d

    SHA1

    bc7c39ee5bc2736d06985b9aedd466b830adfd36

    SHA256

    6c99244cd037c6cf6e7785b3520e2f5b8037333c12a5d7fc178cfafeb6e4c49d

    SHA512

    0a35601feac2dd5f9c8da94c9cd5ae0dac4e1e56c6fa52ce18df86efebf75f1fa7808696f2f06e0cc63d6dc4264b4f94b899b971335be337ef0be0f8f41c7bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c433c76ef241147209561cf4910c2793

    SHA1

    5db3821b35507a0bb1898976776162fee54fae55

    SHA256

    d5d0ee306cafc112b7005a898e5ed3ebaa72a249bf6d99d38a992700ceaed899

    SHA512

    006b1a8370c7ee6cc2665c1b9496ea3e41ccb3e3932153f03440bfef69907b6f23a4c9064f63cddd77c68ed7d36f64f4aa9fb21732644f3e14815d2d8ac9ba52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e40293b52c87f84beea3aac394045bd

    SHA1

    4e6d66f384297efec9b11ab3b2197ec5c3cb2351

    SHA256

    6fae29f4071d1f40f404e9828cfd27007ec11f1f643fd8d2d000736cea0bd294

    SHA512

    c852c62f14a9ab010db378a47ef13dd8dd65e56e84543c802067bceadc98521d5412eaeb73ed847f161cdac25bfe0c13408eec82a4ff28a3da7280e0ca06c8b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2839a32eccb2dc6a4b8a73666252a91

    SHA1

    0ef498027142299ce40175ac9835406645731188

    SHA256

    4e55f523dd72d3160cfc4e625622e3a82a8e415397f814148fd0daf23d046e61

    SHA512

    9b711b7a1208f2b219618b91c2dcc26005f50339fa4ce92b21bf5ad5e402240028652e96461ccd5cb7a7b09714c2922108c110ae58826d7e4ffbd1bbec8188da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF099.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF0AC.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit