Overview

overview

7

Static

static

7

f277534561...67.apk

android-9-x86

1

helper-huawei.html

windows7-x64

1

helper-huawei.html

windows10-2004-x64

1

helper-normal.html

windows7-x64

1

helper-normal.html

windows10-2004-x64

1

helper-oppo.html

windows7-x64

1

helper-oppo.html

windows10-2004-x64

1

helper-xiaomi.html

windows7-x64

1

helper-xiaomi.html

windows10-2004-x64

1

imwebmodelprefix.html

windows7-x64

1

imwebmodelprefix.html

windows10-2004-x64

1

imwebmodel...o.html

windows7-x64

1

imwebmodel...o.html

windows10-2004-x64

1

imwebmodelsuffix.js

windows7-x64

1

imwebmodelsuffix.js

windows10-2004-x64

1

imwebmodel...two.js

windows7-x64

1

imwebmodel...two.js

windows10-2004-x64

1

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

load_error.html

windows7-x64

1

load_error.html

windows10-2004-x64

1

localappchat.html

windows7-x64

1

localappchat.html

windows10-2004-x64

1

login_load.html

windows7-x64

1

login_load.html

windows10-2004-x64

1

Analysis

  • max time kernel
    197s
  • max time network
    210s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2023 00:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    helper-xiaomi.html

  • Size

    1KB

  • MD5

    48328f7ec36d53aac08fd08780261c73

  • SHA1

    6cd5015c48bf42ae6d50c837ef8ef8648a43992f

  • SHA256

    68059da1c097af8bfda9183f186a3e1ada4b8774aec90d5e98ad1dd8199db732

  • SHA512

    7987d4a9cec1d4b7d6f308260ab7113aebad37dc00cccd9d22c3b28ec73c9e0fb64d61c497f41583d073c42ebc3aef7045d89b10f018f3d71f5b3cc8ad89f54c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\helper-xiaomi.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2620
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2620 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae304e832258f58d26812710361961b2

    SHA1

    72832203c46512511441929d1f86e167d9c15bde

    SHA256

    aafbe7563bf359c1a62aca4c091b27625769c31ece124a29108f881e6d33925d

    SHA512

    32ace8f58cffa8239f40281333d5e52d92f6f45d155d4768bc8f7f488c81f6aac97ff83cb9fc9729ccc617900c0df90dce8d985265a248f031ed7d0c4deda0cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ead3be8e1e59a3350a4a64a63d9ae395

    SHA1

    46c7b95a66bb3daa6306cf346404758071c0ef98

    SHA256

    2d3a926cd0d738593401e31b941204c48bdcf9f924f666511f143e91722f18be

    SHA512

    64fe4cec9af6e17a8bfddfd1b55c6c1e422186ee305200c2b4e88541dad0f2233213e0156811c678a3c040c53b428789fffd773f584ed2917d0d45e7202816eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97d80afbf5134bd571ef6ed2a5a572df

    SHA1

    ade5350631ae7cf5613bf39de7f3a3c4e25ff2b2

    SHA256

    302fcfed0ff45f0dd70ca45caeee2a5526d28eaf8a7602dfa049a1f4e391437b

    SHA512

    2d7005b0f5d8bc47953739cd57ce3895154ef393a95821f8516c40c8c1f31f3a79bf43be66bfced25cbc27b5c5ba7af9db8baa87e5138dffb7a9abbe33cda2a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efc861510f46f921740244d652a53a82

    SHA1

    aa14b3bfc78e8ff8cc5f6ca5d2d029f0443d542b

    SHA256

    1df40239689b3754c3b32dfebee94153d697cf61c7e70c31ad6214f0469b5cba

    SHA512

    53de96bcd59e81ba233ba9c47a163d5f71a2530535d489f5f9b6e37a74d3ddbc0020fdcd8a4724ab1161c993ac2cb040b7ae9742585017ab72fc885723ff4911

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c150efdfc77662782112dfabeb7f915e

    SHA1

    0bb76e7ea172dd92dc9bd42718731debfcbc01db

    SHA256

    fb628d7b75446d654237f58e0b2e78078ee5ec92df3b1e9bbf2942c1bf7b6594

    SHA512

    2b1d82548e07cbb66f53b38f4d2053f36203942d57afd28ba61d808a3df864e4692d98a8fdd289b5d00dab46c90f5659b78b10bb4151fbb67ca2fb1e20b20fa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7febaffa09e5850fff6778d3bfa1443

    SHA1

    b9788b74bc0f05d93cc320adc0c2c4b9142f9025

    SHA256

    1b78b68867ed49a5218bbd6f0701e463cea2b43bf087a97928f51435be2759cf

    SHA512

    a9f63129233e031a4fbbe0a0f96d92cf7d063402aaf448ed04ffc4155a0a874a94eaaaa3aaef6a01ead1493a29f8c87d8ec3b7b2c8d5b84af5fd211aaf084c24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a13e2bee0c8a38d31ac6187444bbdc89

    SHA1

    800a8b6504fb19c062f495abd4837b5a3a26c34d

    SHA256

    7261b351dd28480c707709ef38a4755bfe35596b6dc84f6a775de4cebf380134

    SHA512

    8ffad23d1fe368693af1913b647ff8f0baa39be93e27af49557573b3dcd9156c86e56e42dcd0b4c5f6aadd5688b674dfb576b8442bd3b2704ce91636947d8734

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbaab77410e5bc4f2da220a4f3973212

    SHA1

    a345129daa42cf1d114554d01823fa8dd8b84c14

    SHA256

    67903705d878d396ff4d1001c9d5dba17683b4066af6c5e4035f6ad7b7e7429a

    SHA512

    0e91f38d4562ba11580e678af3deb4f0a275c451cbd6597f5875036b970631f90fa9578f70da65667b5a55b6a6f78f76e5ca8149a99b98d7971935e681ae27e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2172776207a537bb1805adceea14819

    SHA1

    3a9e2bd7c96e1552e9251df8af3e0dad2a936871

    SHA256

    af57bc01d515e4ead26d61b7cb139881d35226333b7be0877a5c9b0460fe3f14

    SHA512

    cb8c0d8369517d63b93e1d4de81e6ab625e941fa20a040695e8213ecfb236ceac1f762f7d3ade5516971411e584b719fd4c564adb02f86b27740b0f8eaaf42c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2f9c67f137e3e7375783d754f2c02c2

    SHA1

    6c2956a13d638f00664c88e1cb1df6e586fbb052

    SHA256

    8924d5a2a144b948c633d094f4885129058796494615d1cdac72291c17332a2e

    SHA512

    8ef3c21ba0b8489af77a7ad7f935302ea782201ad1736f869d8d22297b6d5018476962ca272c8e02098e9ceadacc9a9838c350818d372ae15a1060aeab98d344

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a680fea4c23872360a4a18a198533650

    SHA1

    c100a5541797486db725c8820d595da375fe0261

    SHA256

    e49af97141fa26bc8484bff3f429de946d4429dfc9ba54874aa4268faa5a93be

    SHA512

    ddf5092732eef9dab26cd939c00ca71e509d103a1da962d61b4dc47485448760c1e36133cd8625d57de0a4c81fd8e6c9a7cc3ae3a2093adc220c50f06fb75eb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2f9439bebf096e4cf2521b1258dac4e

    SHA1

    7fdc582583042d0a9453db4b38b1448f2ab226bd

    SHA256

    a1daffa8f61d5d553db96ec930ef4fb8b77b84c674ccf134239ffb61e34c08ee

    SHA512

    b4f2806a06ce6394d5a2ae0d5be94e57ae77ff84cdc86352fbcb1777a38873de94dc6177001369f5209ec5fa8d3aa58e56e8049ab5e8398470b6533d484f9b83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1aae5b349aab585064bb032140e2a29

    SHA1

    a0dc06d3767e55520fc9a4d89ba64866f8b25495

    SHA256

    6e0dcdd455bacdbf4c3307cad29894e52374b35184698fc10a9f5b9cd0464026

    SHA512

    2f496cf7ad0a075237a3532d730702a4187f7637d5290b7d2aea5ef1337e67b4cc2d9b2da39ce8e2effdc5a6b90e16775255f8cf93235c49dcb0c496ce9fdc4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc3a5e4fc0b3e2282582363493a62082

    SHA1

    f8cc264ee51fa503d0f9a13df9f30173d92af3fe

    SHA256

    46c50e5bc3940f8598b209a849d2a01c02f2031e2eb4c5d76ec5cce36efed30d

    SHA512

    5245eb5ace7c2fb31f5ed0ee399b5cbef3a331e64c5b3c0402883761e231d388310c18d26e8f0c44f36df419427e060fdfb2c2cf4f2db6a19fd0c9eb6e3da04d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b0eb4b683fbb549a0d7ef0ba341a9fe

    SHA1

    93de9ae5fac870fcb62ece3ca9b41739f1fb4f7a

    SHA256

    9e0db1634eccb82fad89753e00469388e9d6feac77ca227cde1d517609edc7d5

    SHA512

    30b407a7737a4833a10534e9fce72580642cf5003f3a96ffb342a25079caf3999d90288b0f7af0e34f85b0f0d6cf5cb589e31b192f9e873636ad4cd659593930

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bccb28b18b25a68f497f6aed83a42e2a

    SHA1

    a1881a44adf9eead0acd759ae0dc1908ab103b1e

    SHA256

    73372c93257ad67dfcecbedebaff94b9f888a073744cd2f630b8cd54b699c728

    SHA512

    530ff2b24dc19dfa20867a5514d9137a79800fd26cd950efb7ad193f242b4ec6327bdc7be42788c445abc326e84b694b12c349264f16773d02047de2850b442d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    daa6a69e1aaafd1bb0084f4f969d2b3a

    SHA1

    f32cc00298e596364d653a9a9ce973ceb226c1b9

    SHA256

    587d11410a9ccd2b29399fbfa104e87fa310b9c0e20d1017bdea96c3bd51252c

    SHA512

    16087ab41c7797384bac3e0c8f3b28b719d43c0a3bcca895195eaad000870313bedaddb909a869857aced65c06e3560464722c802499d424faddcf8910f4400d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64be16688862fdca9685bd04d020de45

    SHA1

    cd6467858a311ed7369929e9ecb04e3ffb22f71e

    SHA256

    9ee7a145415ef85f47d82d95995108d64b655eb4acb48ba8121e9390858c3b7e

    SHA512

    4305f9d440d0e29e81c73d4557067ed7eea5527a01845ee32da8ffb71f80b4ab5111b0c04c7b8f92feb7d3ef10f6a00f5e88b269cd0a9611923d57b8b4e3b256

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94660caac831ea9c659417e659b36eb5

    SHA1

    8a303fdc60ba7207817d01adf1bc1150fb5f9dbd

    SHA256

    f9b30ea010c764818912862384590cdb9759c31cd322916e5278dfafa780f769

    SHA512

    5679c48b1103a12d7a74d9012d60cb1959cdf8bed875f6f271892351eb28c195af8ef433335283ee846d2f4597611c3b0338497c9d2f3ac78c5e7009780a003d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34b42a221b165ac8d105838f7edbb6ee

    SHA1

    bcef2568d8fb5032f2138ab61424e84f173d8e81

    SHA256

    e05403ccdcfd0522ace7ede1acfea2d2cfb33738575ff38cf36ab50821dd1949

    SHA512

    d00aa56748f4868ffd317b7918299c88f8093935e553db09d0d779e6831c4ce1dd4392965f097eaad494bcb0e7cc9aa009d2ee7bf362e5a018704398fa665d75

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA758.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC807.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit