Overview

overview

7

Static

static

7

ef8eb8c9cc...f3.apk

android-9-x86

1

imwebmodelprefix.html

windows7-x64

1

imwebmodelprefix.html

windows10-2004-x64

1

imwebmodel...o.html

windows7-x64

1

imwebmodel...o.html

windows10-2004-x64

1

imwebmodelsuffix.js

windows7-x64

1

imwebmodelsuffix.js

windows10-2004-x64

1

imwebmodel...two.js

windows7-x64

1

imwebmodel...two.js

windows10-2004-x64

1

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

localappchat.html

windows7-x64

1

localappchat.html

windows10-2004-x64

1

windmill.worker.js

windows7-x64

1

windmill.worker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2023, 00:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    localappchat.html

  • Size

    2KB

  • MD5

    5e6a280dcfc9be1daf48983ad4316a42

  • SHA1

    eac5cf38fc0580237d522f54ab7b970dc9e9fa30

  • SHA256

    036336385be7e60aab69d26087194b7719b6b04cecc8b43b27ebab52ec95d596

  • SHA512

    39e99d183c020e08cd1d017215b1a1950866482994f1b045ffe70cc9995bd02fb7d407d7b9d769157a6258da6f9db4155b0f76056f21405b72530f49e5172ea1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\localappchat.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2168

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6966ca746e5665576c2f3916ba5b2355

    SHA1

    48ccff9e8741cf66af1fdb97689f44ff6eab3327

    SHA256

    d2847825a42de20ef52585445129d7ef4cdd5a1d06e909255874a788c9519136

    SHA512

    fe208b93c3055b37edde61541ee83941daf38f90b3aec13045cbafd44186441377da37894d4fb60154f81bbfd8465f3d606f3d715a7e0b35d8258b0548963a9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41e2d9e00c96043eca928f11cb72bcd3

    SHA1

    e0c434fbf644e4346a6986f04055a244666c58ee

    SHA256

    8424c7e8b90f7cc870702b5b00c625239a3d9770ace9231d5f9b1c4428c48509

    SHA512

    488f001777bd0c7d000b0820c2f6f1f3a9f7e370347605876e177db9f6d9678e6141eb7472bba2ca2163af9b161e0fe9630db44c492cba2518b355f56c3f6fba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb11fd17af391fbff65cb8887e777941

    SHA1

    8b644ef656bfa12f5f2f4802eee2b85d71eca99f

    SHA256

    55a7ee5ddbacc995ab6c37842719e61c0f0d336142a3c17e99bf99b7d8309653

    SHA512

    486c6edc997d27392a4af07e0d5f1ff7e19a1910a63f2897f5b1cfab5e7c425bb57462a798432f42fe021dbb28b7c5c6db9d8b59c4fc02bf44d9346ef2c42e54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e08f65406504e9a04d1e9b0cd9fd5c81

    SHA1

    ca7810e58dac1fb9699ddf950dde0930dfceb811

    SHA256

    7cbd2cd5244ce3100882ef3912accfca5ca96ed4003b5d3e075f4eaa92e049a5

    SHA512

    6a61c8a7f128b2a8673624caafcad7f952de7500ba8757c3b5b638bf224fc9942c57bf37a308334e1bbf566e1db82805564b9b195f0e588a3e82b9ae44818488

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05bc3aa6bcccb68e90014d7861843513

    SHA1

    43942f4ff645ee52e1a44291e4fdf4808445b910

    SHA256

    7d0c817004ff7f1b825522fe32fae0bf44892e88afee934128f4b07d24f7da6f

    SHA512

    f309b1164323e90b2d8892b1b52791cc6e97b32ae4020cb7c8a416795d9af621b1e54671dbb7919f9ad617d7f6eafac034ce92e714361f85b401f58bc3432a95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c09e551481f7acb8947ee4abeca23827

    SHA1

    63f429f603db64fca7737db7254d5cb920d05657

    SHA256

    6ddc9aaf6d838670ce73ff355704ee2cbc04efca038e08795498715a66682af1

    SHA512

    26992860f4199ed3d88a287518a277aeec6aca0038797d55a0c5ddd19f4c1f536a1a2cd5d8ec034db63b96d5bd6d09d8cf467cbf7e10538538f51ae074feb4bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d1bbd614c594d95c1f93f373beb1bb6

    SHA1

    7eaf7f2511934e3a815af6d4d9f33c3b7c90212c

    SHA256

    86fd40a08ded09dc69373addbec88ff2bc85f0c0d0311d54b3b670a26515dd6e

    SHA512

    bcb316effd740f5f05196285f4cbd130eecba38c80ee9f4e412044151befdc0cc9b53879749b6577c499bd89445797a2c8d9fd0326c66002746db7fc930eeb4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91fcd1782c1dabae1b11b079338d4293

    SHA1

    d7a9c9fd9483b22ce5769debe0cc196e3d4af6ef

    SHA256

    7a9df7ff19eff4cdf81308f96e2f9b7022e13f2ea0aab38bc8231b3ef8755b2a

    SHA512

    ff03968ac5e1ec458701effc2eb177f410aad6c19d7ad1e06931dbfc862f9c96a808bc01c12c2db7ceeb703c1aa9ec933b745d615fe64d84fda32c191c6c326d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    228c3a182a05ec595b9cf890846c5484

    SHA1

    67803b22e3bb5514047af9f88f18426a7abea261

    SHA256

    2e0684543d9d1aecae63609eeb7c212131dfb447d811ec45dfd9f040a2bb3563

    SHA512

    703f69ef9ef5db0eebbd16731c95b387738b03902cf22a8c0a817c63e1ad2b7d22964005a860960229dbc374e35ca040e90f42b4616b0aa9cfd10760df7edba3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ba17fb9f19e6161d29405e5d7772467

    SHA1

    3a8da14c5ed9cc55f04002215d1e9addcf4693ef

    SHA256

    fa3d0cf9e5032d58b43e4f2594ca53e1b5045b7b383d98b3409ae5e1d7c09e99

    SHA512

    6f4ce8e250489d9ea57cd4459c00eb836f745a0f554bb80f6f2b6099e5eca7a46e24b137da3c490b53d1d023db62cf258b46217c6c19462625a72f19479caa56

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5ED4.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5F84.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit