Overview

overview

8

Static

static

1

HiWaifu_AI...d).apk

android-9-x86

8

1.html

windows7-x64

1

1.html

windows10-2004-x64

1

2.html

windows7-x64

1

2.html

windows10-2004-x64

1

3.html

windows7-x64

1

3.html

windows10-2004-x64

1

4.html

windows7-x64

1

4.html

windows10-2004-x64

1

a.html

windows7-x64

1

a.html

windows10-2004-x64

1

a2.html

windows7-x64

1

a2.html

windows10-2004-x64

1

a3.html

windows7-x64

1

a3.html

windows10-2004-x64

1

a4.html

windows7-x64

1

a4.html

windows10-2004-x64

1

b.html

windows7-x64

1

b.html

windows10-2004-x64

1

c.html

windows7-x64

1

c.html

windows10-2004-x64

1

d.html

windows7-x64

1

d.html

windows10-2004-x64

1

e.html

windows7-x64

1

e.html

windows10-2004-x64

1

f.html

windows7-x64

1

f.html

windows10-2004-x64

1

g.html

windows7-x64

1

g.html

windows10-2004-x64

1

h.html

windows7-x64

1

h.html

windows10-2004-x64

1

i.html

windows7-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 17:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b.html

  • Size

    3KB

  • MD5

    ba42b30e00e7d230889a6240a68efcb1

  • SHA1

    b4171c5787e53279bb41ef1c5d730d623e303d0d

  • SHA256

    a94c4cae303c9ee1d4ec050a7b39a3139c924b890b12b208d08c3feb2acaa01b

  • SHA512

    8b69c07dc529b43ff37b14181825bb028a23b52373ebb17bbc211f532894f4846622a5663c7d8fb508f156dca074a5805eba5f86803f2ab0e43758ebf5ff0066

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7e90f7d7015ea2980b10dd5b26ed1ac

    SHA1

    5ca9f9230c0c5c30e6c37dcb09e6edad9b101ba9

    SHA256

    0c765cbce7becfd1a48584f4dfdaf61485dd7d593ead696c92e26e3532526961

    SHA512

    b1981ce7c62762b82a517009d5da5b56825c8798d8f40c63b64c16fa356b81a08639b9ba6b495f5d558b70447edccaaa3974e7bd74bf855008a6f57125785134

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73d3db1d4b0392e4a7ac1654f096f828

    SHA1

    68475d6d3b47f9e26bbdad543aa3d1e774bb0b50

    SHA256

    df0890bb1f868e839e96f362b3efdf90f5dbc607ff2450c7a44433bccb57df22

    SHA512

    3479588ecfdb0c43b4765441af88c759740c6ed5c42cfcbe593575cc85a00087495a0300dc2e788c611080801e3eac526505ad8f69d71a29c24941b68d8769f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c2e12098c61ae1e41e94a6930d68051

    SHA1

    e840f5f9978fd55ed6e027077622c0960235474f

    SHA256

    d8d9bfdd5f9ce54596980bb2f2f294e5f8a2e1811798393718fd2af98f3143e5

    SHA512

    e29ba88a019efd5ba2ac3744d69bcc53cec626bef463dd8eb86ffe0074b85eb3100b470d0e52c15aae6bb9ee2205adaec29166707d2aaebf5c966986d0a2abd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1b9c409c5583103018bf7bd8a98b22c

    SHA1

    45aa7a0cdaf7b6b75ade39e3f6ac84d15e8689ac

    SHA256

    9e27d14027f4db551ccc3038c683d9c786992b875f57bbc3281ec24f64240d22

    SHA512

    84712b66859d467cb9acade055ee6bca8a7166b1f4973f74ac2272f11135facc246d6b4e4646f946b6aaa2220a955b09a968a0887c1c0f13800d208f3dab03e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abaf8111050c6de4d3014b90dc67f1e0

    SHA1

    7085b0a85e4895e67b35c23ecb2ea212d7d5af3a

    SHA256

    8988560e4e667f29f52eddbdf34be1d7eb22012880aa8de017354af175af9ba7

    SHA512

    8526766755a9c170454c02e6f45e719532b031c8b6481d4603c64b209fc82746250750c18ef471a449dfce4d40a026b6f4c73a10af0876eb922304497f2f2b40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e964bd471ace37fca6e7b70286ecc098

    SHA1

    6c93d2c63264045932c0cd1b5a49dc13b6e3dfe5

    SHA256

    31b8bc320f18413cee9ebeb3853d2a3773f5a7d400f0febcfcc5078bbba0e16a

    SHA512

    6e735a3c544b6f10923e592596152af8d629ed05a7ccd2bef3bea20df9e52ebba9abfeed436af38882ae75d6f4035734c94623befe2c3e99830c0a27a4282215

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a435c9de4524ecad54d9fbf274d7ca93

    SHA1

    46e14151178178bb8aa9c3356388807bdfd2c68d

    SHA256

    2108d09ff1ce478a1ab40730b326273863387e6f96a812f3908e7403d4408600

    SHA512

    7ca9c6c4d79fbc54b147dc019d4c9dc1f33e83b876780a8fdd9086d5ed071d46947b7e8d271a4a6e2ea07f615162a951d99a1b56ac63c6380f004eaac833fd5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab842F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8EFD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit