Overview

overview

7

Static

static

7

89cb774edd...c0.apk

android-9-x86

1

en_alias.vbs

windows7-x64

1

en_alias.vbs

windows10-2004-x64

1

gpen_handwriter_32

debian-9-armhf

1

gpen_handwriter_64

ubuntu-18.04-amd64

gpen_handwriter_64

debian-9-armhf

gpen_handwriter_64

debian-9-mips

gpen_handwriter_64

debian-9-mipsel

libwbsafeedit

debian-9-armhf

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

news.html

windows7-x64

1

news.html

windows10-2004-x64

1

jquery.1.7.1.min.js

windows7-x64

1

jquery.1.7.1.min.js

windows10-2004-x64

1

privacy_gu...n.html

windows7-x64

1

privacy_gu...n.html

windows10-2004-x64

1

privacy_policy.html

windows7-x64

1

privacy_policy.html

windows10-2004-x64

1

privacy_po...o.html

windows7-x64

1

privacy_po...o.html

windows10-2004-x64

1

privacy_po...d.html

windows7-x64

1

privacy_po...d.html

windows10-2004-x64

1

privacy_po...o.html

windows7-x64

1

privacy_po...o.html

windows10-2004-x64

1

privacy_po...e.html

windows7-x64

1

privacy_po...e.html

windows10-2004-x64

1

user_agreement.html

windows7-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    193s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2023 00:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    privacy_guide_children.html

  • Size

    79KB

  • MD5

    c31a3ec28332a889634f0af1d578f4d6

  • SHA1

    0be7f3543d9284963074cdb499af68a661ca53e2

  • SHA256

    3ed6e38fed6137ad57236bee026e2884d7837c489eac86abd688b1b0e426d2e5

  • SHA512

    4bc7a1273aa673cc48b965772781b750b13f2d2414c8714ef940133f4bc2987276d91c83c1dfb943d068d08e8594d4b32b08e83bb1f1f44625d35c2748515caf

  • SSDEEP

    1536:J4kvBDmQOAMUWTM5Yx1k4FgMAzD6p2PIFOv0mchKtRn+MEasDgw:JhvBDmQjPW5ksiD6pepn+MWcw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\privacy_guide_children.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c92a6d17c18f030074fd0f4eb54cf94

    SHA1

    21febc1596dec1ee9951406fd720aa76f066aa6e

    SHA256

    4e43c85276a4914c49f8e0a0d929875d7a7a61ad51fb503763cf6809e4737a78

    SHA512

    c45da7ff629786a45315d33665f8567218c6b4e463cb9bc117ff6f6d269f12a88bd88178c6da3ba262d29c408b9e8d56b55d5b4d8bab0ec343dd90e0d985e261

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9174e704f6bef9ced463d8e9f2db80e0

    SHA1

    88232d2aeaaa64252bceeb24a28de52b428f6c68

    SHA256

    03d65c5f1380cd582cbc92cb419d311b674c6c37c548f12c47f650317957cb8a

    SHA512

    2b26b804f735605ae5ec5126dcff48e566ce635ae426fd9b6524b39cb6a1887c508cd110a99858b57f9a6d2081bde72dfd627df486a88e9a62124e5f00238e8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8060536d636f12f00f9631ca75234a1

    SHA1

    ca3e8ac05cbf2155a90eb9e1cfdefac7ed788552

    SHA256

    3e113c6e621a600d81e8b8fdbbe69a30ebd1c8bdc9540967715a2db14a09a216

    SHA512

    eacad0cf0c8f919854954826e39073a60159c674a59b145a073a65dedb4fa4a44dd95d368428ac67b4fd428266c6d739fc6473e3ad5df93d7fd224e7e8c7621b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01b77d9fe9be502e3a32c0b158075123

    SHA1

    71f980ccfbca0ab3bdbac256cfd05ed9a30130f6

    SHA256

    ccd2670f21737e8cd9ec3abb556aed439ffb167b1ee565268a3c34a68982dde1

    SHA512

    033b9d3a91207468e99326f6f579c7257f2005b1408f62902d9f3f8503136c575f64a686bdc08041a1adb0676a46736519269dc1fe3646b512fa64b1e088942d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2004dc445f77d268b23ad0b35d8d983e

    SHA1

    7f6ff2ec6463ed79becb9d15caf9ce5bfe6b7c36

    SHA256

    a0e1bc585f8c73ce912f8c004b4f2c299d506498f577bd31647745116f92ee10

    SHA512

    f8fe6c83cdfe58aad1000deccdaa41f0477a8a4f79e2cc6321961dfd0f7cc67e9a4a5563dbe5d1684febc7845b4a11853dd86143aef3a17598d8906149ebc92c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e5e812788527943e55f752b125460f0

    SHA1

    4bf531c0d423f812efc77aff3da25dc0ecf8960d

    SHA256

    a715f7b0e9e23d34308c45cb778daa254b7f079646e4593c26dfd431c3ee101a

    SHA512

    ea40a517f5cf5ff7b0994c5a9bfc3f8b35be97dc9598aef02e2163d0ec744c174fd4357e83760a21d5b7f7a465f06da995546bae8e0a73bb5d4469f6d06ff988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b184fa1fcc7debc8254f74c4f995c775

    SHA1

    d76a858e359355a2c6a5f54e4fce033390e45e0d

    SHA256

    b353e00482cca2a9fc657b8e4fd5efe71e9ceb127c5988b963d17e910399a44b

    SHA512

    785cc12a7dc5e89841c3a40940fb08ca89321974df9c8b6e8af59a8533c15936c3e9a115e26945c0c7808d580236b7379030c282b803f83fb079e988d7d63ef4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fbce28f4f65fe4454887d9d54c4c664

    SHA1

    d92db86b23d8ad01f12f5d11928a1ed570c4e4e4

    SHA256

    688bf4482d6adf3de586817084794defa16b33c689cbb62d47cfaad6903f5e49

    SHA512

    e605aeedcade45552f1c202ff7d82513920f980ee2689b0ccf2ab4980d326f12e4b796ff46bedf10cde8b3962d8b1321092e2c0bff9483744491c6b83d9d309f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD8B5.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDA5E.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit