Overview

overview

10

Static

static

7

43f7de64b8...48.apk

android-9-x86

10

43f7de64b8...48.apk

android-10-x64

10

alert.js

windows7-x64

1

alert.js

windows10-2004-x64

1

app.js

windows7-x64

1

app.js

windows10-2004-x64

1

banner.js

windows7-x64

1

banner.js

windows10-2004-x64

1

build-plugins.js

windows7-x64

1

build-plugins.js

windows10-2004-x64

1

button.js

windows7-x64

1

button.js

windows10-2004-x64

1

change-version.js

ubuntu-18.04-amd64

change-version.js

debian-9-armhf

change-version.js

debian-9-mips

change-version.js

debian-9-mipsel

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

cue.ps1

windows7-x64

1

cue.ps1

windows10-2004-x64

1

exec.js

windows7-x64

1

exec.js

windows10-2004-x64

1

flaticon.html

windows7-x64

1

flaticon.html

windows10-2004-x64

1

generate-sri.js

ubuntu-18.04-amd64

generate-sri.js

debian-9-armhf

generate-sri.js

debian-9-mips

generate-sri.js

debian-9-mipsel

howtouse.html

windows7-x64

1

howtouse.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

Resubmissions

09-10-2023 22:34

231009-2hkvjaah72 10

09-10-2023 22:08

231009-12p3xsag76 10

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-10-2023 22:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    button.js

  • Size

    6KB

  • MD5

    af9230c7495336fc8f5bd24375828fe1

  • SHA1

    1906ed00c51642c0cf6abf01129c95b9cc3d44a8

  • SHA256

    2bfea0f926933574818c3d0bfb16dd1907411904c145edf8cdd699b8f226a919

  • SHA512

    aa77ddce359722a9b7989bfb33e5faa3d5391d99f9a099f974504d56b8d390736c25fe7a0c44edcc12c3c25ef885fc1d8bcb270c13aa93e2fb515dfa305418fb

  • SSDEEP

    96:5akGk0DuBst6imOiwiB/CqTZDnAjCvNghrWJdRG1mRp7jJhYyR3jwm:hGk0DVbB5ZqTZDnAjMChqFG1mp7jzJjN

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\button.js
    1⤵
      PID:1596
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2148
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1068

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        8a6fea8b025e648fd6bfc8d1aa22b1a9

        SHA1

        da5136e09af69a4d404e3ea35fac1c18b38997b4

        SHA256

        9bdd5189b7c85edd68ea7c307b530ea07018f05f4822a6bcb9603b3507125a55

        SHA512

        2a1d015609a8980b12f2cb19732c1cb10a3c6153c58d23a9257a2732f2a7659c4624ef3942fde7f3588d3a6adb23e621a422bc5ff1798035e05a3d4e9f38fc61

        Download Submit

      • memory/1068-40-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-33-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-42-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-34-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-35-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-36-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-37-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-38-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-43-0x000001B2FD780000-0x000001B2FD781000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-0-0x000001B2F9440000-0x000001B2F9450000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1068-68-0x000001B2FD9D0000-0x000001B2FD9D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-32-0x000001B2FDB30000-0x000001B2FDB31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-39-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-44-0x000001B2FD770000-0x000001B2FD771000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-46-0x000001B2FD780000-0x000001B2FD781000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-49-0x000001B2FD770000-0x000001B2FD771000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-52-0x000001B2FD6B0000-0x000001B2FD6B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-16-0x000001B2F9540000-0x000001B2F9550000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1068-64-0x000001B2FD8B0000-0x000001B2FD8B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-66-0x000001B2FD8C0000-0x000001B2FD8C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-67-0x000001B2FD8C0000-0x000001B2FD8C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1068-41-0x000001B2FDB60000-0x000001B2FDB61000-memory.dmp

        Filesize

        4KB

        Download