Overview

overview

10

Static

static

7

9cb020a79c...df.apk

android-9-x86

10

9cb020a79c...df.apk

android-10-x64

10

9cb020a79c...df.apk

android-11-x64

10

appboy-htm...ent.js

windows7-x64

1

appboy-htm...ent.js

windows10-2004-x64

1

t-rex.html

windows7-x64

1

t-rex.html

windows10-2004-x64

1

vk_dex.apk

android-9-x86

vk_dex.apk

android-10-x64

vk_dex.apk

android-11-x64

Analysis

  • max time kernel
    136s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2023 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    t-rex.html

  • Size

    80KB

  • MD5

    16911fcc170c8af1c5457940bd0bf055

  • SHA1

    eb44540186285271130b056fa6099b1988319fc4

  • SHA256

    dc72cfc1f1d2a5013bb9de34f8cacf5e26e542d7d713fcbe09b865b4aaca6ddf

  • SHA512

    131a00b7895a40ea0fb355ecc5292b3cbbcd23b45dd59b07da1b8eb86501ff0ec698ab5446687cd7ff5fba03d97b7a0b6e47196dc284a51c677cf04dbe13e393

  • SSDEEP

    1536:V5OdudTTa8udsB7g1BuqHkFT5VgYzMGgbJsMPz:Vq0y80I7OuikXm3bJsMPz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\t-rex.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2144
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2144 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e80a29c7703ee58027a6233249e2fefb

    SHA1

    57ca383ff499fe8aa816fbe11b572db7377b10e7

    SHA256

    0ab84804598b5c38af1a2b3ddb743e45c5b6a51db7fb521355f4d6d463988e67

    SHA512

    524cfe05080a953c7e408faa101deb7257e2ea58f098285da97d2ccd749395cab379c9f8d399569a134d917eacbb16182c39d123648a9e82e6654ddc7aa74721

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f80a2ac360cf421d041337b795df77d7

    SHA1

    0d86ad6825859f50394bd549601b4c583db6e37b

    SHA256

    b2855509c616c93feb6200cf851f51bc4a144fae1e833773a61b1f8c42c7ae9b

    SHA512

    35b7a79532512819a229876ab669586cc278e193be3939b59546dec8deb35534209f498b50c63da58d78c9fc58722c8140245e47847af0e21b61a8e9ba5ddbdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ad0586d0fd9f4e2d4854cf4ac663fce

    SHA1

    3b398c34c0524d8b459c5121d226715b542f50ff

    SHA256

    f23289eff1bab45dc3fb4e6917eb35478ba98209e778646db902febe1461337f

    SHA512

    efc421031fcd6d58675a71b09feeb70e3b83defc07790c2a8c8a9008e7b2a09467ebb78f1654fecb6480ff930d286fa32787d06dfb34e052f2704355a2ccaa60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    adf7b7fb03d5109cf68a3a00dda8d112

    SHA1

    101f77331c6c649f557d0365d54a3d02921406f9

    SHA256

    48cedb4e5cbf649124246b3442f58f0d74a1df12ae07b9f939ec472d3c26a26e

    SHA512

    86053ad1995f8666327dd33232b489666ebd27388b53272ff27a8039353d0a2d8b7b803854929317164653a5f45665dcefffa7d9bc54ae93af7d2fc07b475732

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b494ee8c366fe3b13d6953d3a28fee6f

    SHA1

    6eeae4e3cb33fea7f039a77b6f1137474f18e287

    SHA256

    16004e12242c58c2beb4d2aee12fa17d57496b1fc82ccda1566ea1d23a03793b

    SHA512

    c128cb3fd3105fd85042ef419ca77f0d5045581d04db6008b275f59b6e0e9da78a0d25c16806b86eec744cd8052655244d15676be7a2307facbf500142ff60c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24af098dd3a15c5e1bdecd9ef075e4a4

    SHA1

    5d5e40fa36a4c6c24d0a76f285e854fb1984fd10

    SHA256

    c80b9cda07176262b3ac3e692659a748266a427e6fe44cb5730d01d2e0fb96d2

    SHA512

    ee61197ad007d7dd5d46b5dfdad139595253125b51f0d7f99e8373f8390ccec7e2fcf901423cba97cf06f82d78412a59deb0825c920b11c7299d7ea0fc218f69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2375fbe3e68b4d7c2ffa6b2572c9a02

    SHA1

    e7be5905ecdc4a53c04690a31bdaaaa782f7afa6

    SHA256

    38cfa80b71bdb253322a2368c9d37d7b1cbf103b424276928ccf089365b7b85c

    SHA512

    47905697ff000a01049108a62993a7ca61baba03b5c073040288836efd67a69f0de5f458e8f64294fb3a9deeb2de855300d9ff99821d4ee538dd29262b503b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f89e8328d92d585bd18bb59e84edbfa3

    SHA1

    eb32c7e6228dd2c364f2d2f5f1d71d4532c3f602

    SHA256

    c846e07a7346ac58fb4ee73c873219905a98e87579c9bacd307e22ad578c04c9

    SHA512

    c6971355111c81d5398c4dbb484b651573b2c950bc708eceac323d565f58ddea42fbec6644de1d8c84214187a112c03991bb827f3ceed4c36d5c2a0f894b6677

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5369f0140c0a2d31070cd4a2e399b354

    SHA1

    b5b7921642186761247125a2ade632a3a8f1c2da

    SHA256

    92ad23bceb6c828c7be61a987329195e2b353ee420c3af942232524f02edb36d

    SHA512

    3d4d392b42f0c91474235562279b6fab62e99fe57ad2c3fe3859e8b135d5ef6025dbdab220ccb25a062b520463b7e0b5d18b115961acf69e56a672020e43f1e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be31c3b553b40771dc405adaf0b7bf40

    SHA1

    80cd75435c60215116a8f8812e41deb02bd82f9b

    SHA256

    da7b898c6dbb7310adfbbdd2f0bd47fd4e531aa8f49721b5fbfcb0c082029177

    SHA512

    f589a29c53e3378073bed56429eeb4b166d9ed5e54ac2c2cd0fa7d0168efa48b2609bad20d3adfba187c7ae1413f689663a032d39db5e0b25e5ccc40029c1036

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b74ad472b0c6b7c5be37eb7180d633b

    SHA1

    8bab8597d3ee58160856a04d6dca28eaf34fe02b

    SHA256

    874cb226d296c7b7b6970d969726082d09602b4f6efb600f062af846db40448b

    SHA512

    f21a2c74802d25df395c25ec0f4772d59821a6fc92e048086f43c21e9bd89a1f80055b643c9f0bbc75d7c883561d6267b5a133a91d37c13e92bbf48a7281b14c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    027ac38d37efaa650c87cef465558ec5

    SHA1

    3b4673f3feb6561a66b37477a4a665c7b23cd1d7

    SHA256

    1b623776522d12a5b47d70df3200ec0a7cb941aea113df41ef5dacaa3241d5f5

    SHA512

    dcb5c63edaa963b75a44bab9931973019355e64e3003fbe8d7615baee1d2ec357d28b8f07a5692bd2f75b9c9f09367b70e7bc98cd2d072c7fb0752feb7231d21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd82b9f217902fb07b0ddebd78f2443e

    SHA1

    1ad8b17bd94fe891931d7887a28b493ecc35ccdd

    SHA256

    79a6e95b9af1ed19471387d5cd645455cf4b0d6edab494a9b03286aa026bcdd2

    SHA512

    4ed22543ee4a4b5671ab1752d6ca404ae6fa186b59298d3fcf530ed6586c61a63a3e885dc19b3335e394cc037cc21d7ae7ef3cbe94c4bf056dad0904ab6411bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    903c0304e17a0bac5e51f67e8b542b10

    SHA1

    e5108e1b252fcd3d1f48ff294be7bf89b5f5cf3a

    SHA256

    fa3d5579ed52aec70426d6376bba7269c4da7ff0bce00a418f7c3e50db8cda90

    SHA512

    fbee05139ec67fec00c1ed409bbb58e570f9a128d7caa2465eb30a5519625d9c34ea02847b645c1a15a999162c13f6d30e0ed9d0e2ced575fbb129234c15a59e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    779d78044bd28c4ca1dcbc4e7d354a81

    SHA1

    7b83119a61d599e359dc9138503568d3f4503e78

    SHA256

    33f0f16eb488a61b48cc862ffe34e4aeea5517a50146b0f86a4c0973d87fdba2

    SHA512

    748afbf7ee6d9940856fa243ed82e3eb71abb99c180b3848817b5945a610833ac60bbd0ed4808f9d02762022863e06043af74932cc4614ad1f2a83b478d673ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b354782ae9340836617f80aab50e7944

    SHA1

    aaf2b6fa4ddb74ba7c77bf792756057f7d46f608

    SHA256

    24d52848b52b1e98a0761f27e21d474ccde642decaa7944d2f6170f4563ec9a6

    SHA512

    de14cd60a2da1ff820b4938b716291541998fc2bff092604b89e1c88c548f570da0a2eeca8ea12e44c324723808d39a6fc48c562a98ac794ba504ddca5a2b25c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e487e582ff4ff1824848731cc3ea16b9

    SHA1

    ced554f0e510f5a715f2722a1e401c511b591e19

    SHA256

    396a5228333e14345ab5e46b1f340bf1a4e14a8152d57c7f0a41b7cd2e895aea

    SHA512

    b268c1c907c23f1bef9559d78ba71eaff152978cb42db4e37608b8887164700d382cf4c0b13e4a56f293d5ff2c6f29bfb362d6bc535d33901b88b6052fe58f1f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6144.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6204.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit