Overview

overview

10

Static

static

7

30d557fef0...d8.apk

android-9-x86

1

30d557fef0...d8.apk

android-10-x64

10

30d557fef0...d8.apk

android-11-x64

10

appboy-htm...ent.js

windows7-x64

1

appboy-htm...ent.js

windows10-2004-x64

1

t-rex.html

windows7-x64

1

t-rex.html

windows10-2004-x64

1

vk_dex.apk

android-9-x86

vk_dex.apk

android-10-x64

vk_dex.apk

android-11-x64

Analysis

  • max time kernel
    134s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 10:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    t-rex.html

  • Size

    80KB

  • MD5

    16911fcc170c8af1c5457940bd0bf055

  • SHA1

    eb44540186285271130b056fa6099b1988319fc4

  • SHA256

    dc72cfc1f1d2a5013bb9de34f8cacf5e26e542d7d713fcbe09b865b4aaca6ddf

  • SHA512

    131a00b7895a40ea0fb355ecc5292b3cbbcd23b45dd59b07da1b8eb86501ff0ec698ab5446687cd7ff5fba03d97b7a0b6e47196dc284a51c677cf04dbe13e393

  • SSDEEP

    1536:V5OdudTTa8udsB7g1BuqHkFT5VgYzMGgbJsMPz:Vq0y80I7OuikXm3bJsMPz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\t-rex.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f907438ff455add3ff0caeda5f8b366c

    SHA1

    69759fde5e42baf5699309653b94ccef7eb49d14

    SHA256

    2df945632e958bad06b2894ba6de3a0fdb5556ffb84e59425197808406bccdd2

    SHA512

    36ad8f2001c2ffebb6c813a5f9886d245b5e258699b2c864dc2d735d2f3b4267a208e6fff17ffe3985ec44ad701b01a3c97012fee9e9addd1f86d1d0a47318b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5466077cea3d0c58ec9b52166bc253d7

    SHA1

    c54d261dcfc39ae5a53f70479be180ef997170d9

    SHA256

    dca2aa75a0946f9711a95862fbfe7039f2e336f7ea1e708e6a41a546fb1c7acb

    SHA512

    3df76ede40410516a86a7ec76dd67b639f58cc63e1d3c1fe54800f1ec27eaf84def1b03976a61e56e40d093b90f2fd20c7896a3a01c207af1f85f8514e92aa53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ef874bf9a4f2897ee7577e4b9640fdb

    SHA1

    4f9305910d58e0a83efc002951d51f2867395a76

    SHA256

    ec4b9fc06cfb0fb87bc9a659e3ab375d09e2a46396860bd60aaafb78d2120e69

    SHA512

    081766b97891aab5edd7e82684de5558e3bcf267aa26c6e464296bb1d1ce75d4f9d725776e10bfa3843505294ff07e58af61986bdba73513925d2dda0d330fc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    933f30b4927b7476cae7ad40a076c0cf

    SHA1

    54a8a9304125777d79ddbbca05b761f7df378a3d

    SHA256

    966115cf795a4ca3fe4112db9713419e7d256d74ec02006691e0983bbb8c0152

    SHA512

    8e82880a9031b1980009b065987a59dc0137de79b389549eb10becb2e2d9672642fb093d94c685193012801fae1c9feab6a294f843c7596365c59918bb998346

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebaed56de4b341a59c8617dc0382c1c8

    SHA1

    f6f2d0dbe362ee8dc37e97620869f7cc52f40602

    SHA256

    50ed38268ad4e6629b8bb0929fcd2ab521bea52705fb1d034971c6d66696ba7a

    SHA512

    3563eb2507f7ca712c79bcbe973bc68abb0dbda058884ad18f9af2fe6b6d2cb7ffa9b6ba87a7a6ae12c6825091bc7e48892058deb2890eb721949b82daa86de3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95101e3121ebc0b4324d1ed69d0b67fe

    SHA1

    460e5c000b4c48c042fa2fc696e43efdf8af5484

    SHA256

    c1e7901ed8cc4d881c08103bc57a95dd69f207f2184607149453672cd15af931

    SHA512

    d98663d5e20de9502e971984b0ae3b4ef0341d9df05e0d9598f6d5b9ad6b58d51e90b1a874b6e731d9bf59589845812ba12eb1da8167c2cd06f9616db4825c29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70337399bcd104090948b69983fa1e83

    SHA1

    f9167612203d656931c7fcafe22f17b6599f0aff

    SHA256

    ee52c6fd39975b9abcea3520bba30c322269025f41aa4e8e33aeef5260d32ab4

    SHA512

    b618c2d7b2b69af28590d8662184dfe9664eac1b55ee272d2d68b7434eafb976774930368b6e46318a394d1ce16cdc7bc8e4a1ac1c0630896619c6ef2d428c3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dbdcc081daff440c4b6165769bcdcf4

    SHA1

    b7d2f717a0ab9ce6c883ceb2521a7bb57d9b89dd

    SHA256

    b7cdd3b51b9328e87fc498ff1f9e07adee7918d9eed2eba58d4f630f75a37617

    SHA512

    b9d4244d7f91fea02174bf5bb0900570f03a6ba2e038c981e220ca17b2429141ce877e899f2d349f71c69c7092ea2881a266c05722edaba1963c85ef49d3d906

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a41245e0807b38de3c77707a034018a

    SHA1

    56e8cf691802aec19e7699dda6857de8891890fd

    SHA256

    2c8b222eceed6a8e16250c6aec19cd266424e1b170ea66db01ccf10c1fe56d97

    SHA512

    786348894cecdf27c2758e9969733094e870464f2f7ac494a788bc7c340dd166233206b54542187ff7d55c8c0ccd64df3c8412a182857336c44a6c35c5a62a2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fff460f0ec9ba55ba8f3bc02c67c6294

    SHA1

    6fefbf5a3470c408a5f0a3875a464277534a1828

    SHA256

    c5f6c6f4843975a7acb56a36f4840efa5e9d23ff83234bec951b981893a47f97

    SHA512

    759c3fe08968941e83b66e8a18c674fe91013baaefce16326543a368beb466488917d8d780cacc77e1f54031350c6e0e5b63656f42423de6195b9bae9d4331d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5311b6db80b9c9ede5bde50303d7439a

    SHA1

    7043ae2704221c5a7e2cdf84580e1bdfa4356be5

    SHA256

    4ccda533530d17d838316683618720cf6615e6779da077efaa079da7bb490ebe

    SHA512

    c2511d66bf771e4b30f412e9c2b3763e8814f05fcba553dd7f631a9add905e2bee8e62c262a5ae8e815c5ad4d1f8de702635d4edaac8ed78b4303c4572edad84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc338775a146595436580b215f82d65a

    SHA1

    c836c86a1a895af5003ce5c126c656faa7c2bdb0

    SHA256

    c5041b5e4d7d47bd4d520c343f0e1da090e5e0461763fa162d232de32429e3e2

    SHA512

    2d51fb0c98a56fb2e1323b7867daa7f24d85e43754ef23503b5c2e85d197d233d4f9c9a648114e674a083dd5966c3338d4c3ce650ef99b7194ec8ce6d54bbf47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    955e32e5500df5586f460b31ea94e8dd

    SHA1

    cf02725cc5adf982e53810ce788ae84df39feda6

    SHA256

    2c1d0d285effa2ac203ae7fe0319013b1fc2f1360d257d84d310651002f25b44

    SHA512

    30afda7f2e44bb84a5a112a0c5cc533ad8f12e9ac3a058e9ce557fc983498c0d2c4d67d28f6833b61d4bd0ed65b61cc50a33e7c79a51873edb73c0218fd1af5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    79eeb58e6ab993e589d3b09c0c6d2e78

    SHA1

    d02756025d758098cc115efa59e4ded37485e0ee

    SHA256

    3bab9324b3668a2c8866af8c9cc43a9b10379d0ecb9f17acee7f411011686fff

    SHA512

    4a1dba993aeface5b3652d9eaeceaf3f133ebfac9e0a4d0bd79f88b0cfa5b1727604c0d0dc5ead9c69250b3bce3283a759cba6abf4f6b463688a76473afcc29c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a860a5944892cc9b248949ba22e545a3

    SHA1

    963eb8b3b85ae26616ec03d0348a2591042c8816

    SHA256

    a71b02fb6b08a92047dd379ded924780663dcf9af3283b7b19da632450494e17

    SHA512

    9de52a05414841081bb8fe364f3b307dd8ece1d2fc7f0ef631bfcb733f9cc5fe0c1f4b027a3d16d6d3855f4f2627e94eaaa1f4f4ac30e04a384970910b2489ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a41928e2028d37efa6b955ec3ed9015e

    SHA1

    fa8b45d51c5298dc916d696990dc03ef6e7d7f81

    SHA256

    ed094597504d1b75f199cdc873facd329194e12d739ec7a200422aff0c9bcfb0

    SHA512

    d4f104b3194a9407743df3f4058137e2df6877d786742355ceca9cd2a3ae029a6535eaa75a97ec227039a5a23385309284b32fe73d5a3dab88efa35f73158678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27c12ffcea3a6f8439e3d4634b8e3ae1

    SHA1

    3d7607f85cb23cd37b1cc8780a14802b6bdef3cd

    SHA256

    c10cab2bec56a8cad072d6a9c6b472a95b06f5a09939e882a5527697151cf92e

    SHA512

    dc762575113c311e30a2d2a0d67b0ec8b7ad49fd3385175c69e34c4a5f905d01ec4a1b1ba5b3b6fdb973612ca5b34172df6183e51012e26b4931850a8aafd8c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4dfa50270aca0b5e5644bd86e11a21a

    SHA1

    f22c805f6f34fc31c79fc160dcdf8e20e5295df0

    SHA256

    c8bb9bd35820473c1dcb93c4239d2ec9391a03b523118491bbedadcd2cb2d7a9

    SHA512

    ec54c7e5f7226f1452813056a2688ecbe91ec7fca7b7fb076d11d7b869aa2fe1aff675d3e5651a8c5ab2eb29f96947100b52af59cd4ea1fa9e2e33e77dcaa050

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0b951ca7abb80aa0e90bf83d1c8c108

    SHA1

    48ba2c9d2d59eda744f36d0b065443f9b1fdb7a9

    SHA256

    b336c44d86d53b28547e993e340be5fcb0153ba5f02f568f5476d5e0ddd7d90d

    SHA512

    c516e23d1c726461c3109772403623916fb7ac48836a38234842ef44f057eb08b89033309cef2c17705eb4db9f053a3f2f04600c53e5856dd1f6c5c3d8a118b4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6C3E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6CBD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit