Overview

overview

7

Static

static

7

AirBrush_v...m_.apk

android-9-x86

7

ABPrivacyA...e.html

windows7-x64

1

ABPrivacyA...e.html

windows10-2004-x64

1

ABPrivacyA...n.html

windows7-x64

1

ABPrivacyA...n.html

windows10-2004-x64

1

ABPrivacyA...s.html

windows7-x64

1

ABPrivacyA...s.html

windows10-2004-x64

1

ABPrivacyA...t.html

windows7-x64

1

ABPrivacyA...t.html

windows10-2004-x64

1

ABPrivacyA...u.html

windows7-x64

1

ABPrivacyA...u.html

windows10-2004-x64

1

ABPrivacyA...s.html

windows7-x64

1

ABPrivacyA...s.html

windows10-2004-x64

1

ABPrivacyA...t.html

windows7-x64

1

ABPrivacyA...t.html

windows10-2004-x64

1

origin.apk

android-9-x86

1

Analysis

  • max time kernel
    142s
  • max time network
    186s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 03:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ABPrivacyAlert10034zh-Hans.html

  • Size

    2KB

  • MD5

    265dca34c48a17100bd8f92fe6a75217

  • SHA1

    c8691e61210180d57a19931d7b92c772cf9c627f

  • SHA256

    256f46a6e94da487fb5b0a016ea3f2cab3e5b31209e7febbf22f340b31ef16c2

  • SHA512

    4b624bc758104e0c07ac8af7740bf19cba4a4be2275708e4a1383cad0093b0e4121a3c4157599798991c0bf59e409a069c7596f3a5cdfa3064fc3a17ecf2c7b5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ABPrivacyAlert10034zh-Hans.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2760 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7920fd2cb10c8e8e8d7d0a6ad76b1f75

          SHA1

          144d0b1df5d145688774462e73a0975805940cc3

          SHA256

          e03e52f12b270c3e76cde90c6253d409f79ce5c22b109bf082b700e5a26f6f76

          SHA512

          e78dcd36868458089f95f68f647cb52d657f334d300fd70ec0f98998def9663a3328debf474ddb8d235b97bc4e77151f74c14761bb7b1f758148cc632e38f675

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          37b645aaec06304443cda82e22f8e639

          SHA1

          4dc8caf411bcf7b7cbae7f43c5eeb234ebe0fffe

          SHA256

          d68b9fef718ff8dc7c8097835c1a6460799c82441cadede3beaee879f3e58054

          SHA512

          525cc2b7c524765da4760257f610a1ea7a8cc40c8e7d5621c0ff420ec5efd6bfb4649046f2ee3fbe56f4bbecd73ac3466e478254ed16f53c8168b092e11418f6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ef1a3267d218cf31ec66e0aade05365a

          SHA1

          0a20a4fc0cd29e880abab3e6127bb18a5821448b

          SHA256

          b24e23a289375f51e500908e3d52644df2e6d4d2abd8b0169f0f0a4a7766e6fb

          SHA512

          be8a441e2dc93aeb5bbb6a8c7fe9a40b6143ebb1f854b3f81fd4b4b53420bca53bab0e7a87bddcaf400421e884cf10fa81e8021c4a1f41b4a0ffc9ca5f2cecf9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          442e36fddea4fa6c0bcc4713ee77ea58

          SHA1

          5f7d8994a592c361d5a45f67333ef7a7cac4524b

          SHA256

          5fb1904d5cb70ef9798d07c68157e9f8ccd2e739bb1a7b6472876f664f46aeee

          SHA512

          2ff356a5c0a6e2b88a4b4ea1fd7091fadc2424605e3a1c089d4974417ef99019e7593054dbcc76d00c57a51dec3660b19704e2df7b2b924bacdac74e2a7b706d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          82e9204d85cb8e398a246042243bf4d5

          SHA1

          68b86ad192194ab27e2b0df31b72352f1f791103

          SHA256

          09e3a0d86ae22835d7469f1293f75a9b8bea2c7280e8f3b2f2d25d41454076a8

          SHA512

          821346c42067bc87a1ca392e11c32ac506f52197e30f9e0aa11a452698fd67e5e7f94efc035cb5bbe375101d541d0e911e746e8cec17994209c4b546ed0d755b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          52e1ce8e65a060c450538160751cd2c1

          SHA1

          52b2b1972ce1facdd2df195a066a0a15d305475d

          SHA256

          f20c295f1b6a490b9e2dab6ad1e3f8fb0ffe66c5cd607f8f25b0e1b51b04e31d

          SHA512

          3db2e7e41a96434340c884e4a8382c08b1d7506760eac0e0f5f9cbd6c7c05882b9c2b023d264cc7a53f359409bc2e8bfd42e3420d786c4145bcbdd1f78e6b6f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7b8809b4236f11055444c500f7e53831

          SHA1

          e923b452785fa1f9c7c60f4e25923c1972dd2e1f

          SHA256

          f7eba5375de7fdd9160e6c976d4a99fb65fe950940a50eb0f02a957a9db95028

          SHA512

          72475ab6a7c26f07ff37cd619acd824ddfeb120c6ee7c32354a51aa51c536499ce09d17e97d47fba8e698d74004c97df251cb5c92e9ae498ac6e956b93e1350e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          93c9b8b57db8b612adc9863e75cc85bf

          SHA1

          491e37c9f7833f3a6b65459f8a4fabc3917fc1a7

          SHA256

          62fdbed47a86d5f3f4f79ddae6fac1699ba5ec3be4bc2adad10f734a0a9156f5

          SHA512

          78e46f4e8c5d4d2ca0546b5eeae8733ae1140ce523cf2e81bbe5ad7f9c8767713f89a516dcbe4d67eb102339cf18b75fc611883b4010f8c562b83dbec8147350

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d13e968ca91bdde6b11d210a7fd775d3

          SHA1

          016c3b36806a4e591f73383f7c3770fd22c4ca8c

          SHA256

          2207cf4d679f6912df6c22ecc0adb4208e62b85e6798d03056c5c7aea76c21de

          SHA512

          082b2370b28dbe5c360ec18f85cb60e21cacfcfad4c47774013738de78c34dc172b7b8e602c1df51352e3b8838a855910caa878bb018c64f0feaec1631330c02

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ae5893a192d12cd379250220098afcc9

          SHA1

          8471a80ecc96bbb2190c2afd0ac6ffcd9c721b49

          SHA256

          79de2c8e36e735e9929bfb139c4eff31322e2270200698096bbbdf768203354f

          SHA512

          16f119095c6bd198bd6d58bd919a9c6759891cf9cd40109ecd04516cdc2a1bf92aa99adde98fb75340716ac84a135b686b94d7909658e338a8d6961e21c6a33a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7f9d694959b2e38795404153e4b7ee09

          SHA1

          4e9f10ba8eb6fa94802939da9049a4a439422677

          SHA256

          80cf674ad6276f72f5995f4e966aeb8348ff76a21926c37e57484b7888e61d4d

          SHA512

          c81829dbabd65483bb39a1282330652c6703c564a05f1980360ea8a8199982e770ed85ab6818574e64676b903362f08cabc253c8859d99b6ededaf9509d12450

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1bb7896ec2e4d9896861a6b4814fc8c6

          SHA1

          17fa420fe5a53d36281fd87981952f7af668c6c4

          SHA256

          d25bd59a0f6936df28e564bb52156dcc9135bce3d540d7ed3216da4fba9aa30d

          SHA512

          0754bcfd6b87f4be8794b11bad48342cc0bec8198358b3446566effa2d2c86d5147035cee4dd248b0f8e66d4df877fa98b0f52a0397a91d36995ac7b1f983164

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          90ddea8ab579efa5fe849438762b5189

          SHA1

          0556e442b327ea7c199dc6d86c2fa86e704d3f04

          SHA256

          7f4677c64d13bfca2043bdb606b4cada44c170079209699cf4280dcc2229b447

          SHA512

          c05e3c9408b9a69dd3dca1434377e07594b021dd996654875a77f8d853a4d9eb6a6a46bb303c77de8a3501fa0d24589c87c6b15c4e6fc5d81e3e2303a2b4c3c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cb7b6472a1486fea60524a0595f9754b

          SHA1

          42e0bac339c437e49eecf69f5306a0cb55257c80

          SHA256

          6086d12f630942b31a02357d5b823f76688a209a4a6ce435ef261c8c6e5511ae

          SHA512

          6655a010e80e5f1a036d4174cfdb90391db259122334c282e04fcc92a1091109255d5ca97f6ea40629029a67d436c526ffc3e4469b52276bdcd9a86628777256

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7d8946ea8300dc29df74087c75ab6a51

          SHA1

          d0828dedab412c7cefec9102f28702c89ed680eb

          SHA256

          39e38336b795f61dbb3db58be503f6f802d1f9e21515c4e2cf627fe760d807b0

          SHA512

          759bc319d1a522a180e6c80793a3797383eb635423ea2290bfab966e5fe7031c709bd48d42ded169061b050fd23b8501276fcac675807786851754b522d23ad5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          213402403f14ee0457b598e27a82b313

          SHA1

          477e755aa469b6b461b4d80b8fea3e0e8b5f437b

          SHA256

          7eff2dd1b7be40143a9f96a33c3ce9ce8ceb62499b065025cb7603b1c4915c53

          SHA512

          88bca706f18a3f792df70412b0249e73ee187c6216446f856c28f5c1d318db388d0e7c1a69dd6c7b9af032156d762489ee960f6138f24fb453379b107989aeee

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c8a52752714ef4e1fc84fbcef7c3af1e

          SHA1

          468a082ec22829efa01c7cdf38582d3bd852a7a9

          SHA256

          b123a7b1d7e9be5e12444e35e05a6780cb65c8b600d14269d86dcab830fecdba

          SHA512

          89ad995cd90822467b08fe092aec70bf9bbc87774d5e746b66211e099b62ba8fe30ba462b7cc0366b75b1f50d6e5b00e267f33a45e8c70a98d62a2ecc1a45a19

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9159bd9c7f305f29bfb5f619408ee8e6

          SHA1

          f5a4dcf9930a2b63d73c852a02ce22089a7d240f

          SHA256

          242bd4fce1c5f414c4c9bcab61ab49ae2d25a49165ceddb0e4f43611bee783de

          SHA512

          93246300b17425f07e20ffabb380a3c3f3ee53add50cadeb5eee122436e501263434bae7f962f719d73ee111bbb5dbcb6ae39ff94d25056191cd5720789a7ff4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          140dfc418a62832f9955f3e9ee4a4e95

          SHA1

          d1dbbac56526a203b2299823b342a42b206a84b7

          SHA256

          373b13f5f8cccc88cc3a7b95bfd2feb2a97b2fc8c3e4f8658e364e9f9809c350

          SHA512

          a787f44390bdfde4b8dbe0d3eaf23da48154f4444236b742405515d9125fe4013b733fc5e8b0e31030e7c7560d00923517782904cf034647749cf570b7b59123

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab1B8F.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1CCC.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit