Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_cs.htm

  • Size

    60KB

  • MD5

    0f640786196d6011e01155333821964f

  • SHA1

    066c679b1de3b92ff8ea552d1f80adf6891047b8

  • SHA256

    bf803405fedfdddb8633f549f97f4a5a53f4d1a0aae0726a4e4c2a380a611fc0

  • SHA512

    7f5545021dac362c111d315d4e3b049674d6fc3c8a198330eb35fd562ba6c4c888d4ac16341b10c3b3caa47187759b48ba2cdc12dbda2e1b5f702f3bf2c48a17

  • SSDEEP

    768:Jqj9py4zLWgQgkai1q2esuB+SgvHQ3tSOPz114I8nV213trFi+0IgTagDgrg71gd:+pySnFkaAvHUtS+D4I8V21CTTEM76V3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    abe103700caeabcda4403734cc176df0

    SHA1

    da289049b6e406729af80d296a303e7bc86fb572

    SHA256

    91b1fb9218943a49bf35fea8296d7bc82052e3a7848cfa33765487bc6444fa05

    SHA512

    fbe42e7a739d8b3523dce858c7542a9b37a7f32acc276966fbc4438e93b4c671fc4b76361365f6fa4dba9945bfbdab756497de4aa3e2e2249466a08806d2f128

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    acb762a935f30bb0b7450cc9703ab953

    SHA1

    3207e33421fd48e5c232c59e4b2c5f2f0a572fd2

    SHA256

    59a70c60313ffcbae72b173456e2ab6abc88e77f855ad1f92eaea998852745c5

    SHA512

    cdf37bd3c8fa3e8ce7590a3c7ccbe137e0d12c845c162507abc4d9d9605ffa9731229a870a213ec9b26f940282e992979f4013a1919296ba8be82d95bb8abef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    45010872fc19f60ed5dc48a46620c825

    SHA1

    04d4d987e5c07352144693eb3beb93df89b71784

    SHA256

    550057b19ddfea963ad0b41d1b44dd686728796b23c5b836b9d338d82dfe7d00

    SHA512

    f285b2ed20d7c6a5119dd7f47faf4cd40029b18dac7138d67281f07022af1c5a1a57b1f742f9582e62ccb34e96aa72b66a56331e585262984fb1f2d29b1c8d58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7e90263c97d77c1e4d900d225f3d1ba7

    SHA1

    97ac8822bd04d4d2221edd3333ccb9498db7f6ae

    SHA256

    4e1f38e5cb213dc88f1f740c0979ca638cdc3969c1732aec0e28e5a79692db6c

    SHA512

    a655567ea740416644a12d26206da4c68f8955aa820c50fa17dff2bdde6346e64f7dfc9b96a305115e2ba4012625938169afc627da6dff4b28d011b9740d9b7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0d505e64510722d9c2a3a6e705864904

    SHA1

    41cbfd19a7171b92d973687f9bd712d4a9a88e41

    SHA256

    8a58a38c63a2e2f1d5091221c870c0ed921b13aaa76a47cc49871ca30a505f72

    SHA512

    643d204cc2b4a63398d7850e2e1875286c8d456b634f456a8890ae58ad448e6876fbc33face3c9e9db7c9766fa77a80c341df735f020118db00312fd053933fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    de1e5d0d70136578d4f9324799f353bb

    SHA1

    f0fc509bc18bb4163b344e3b9c1c1e10f3194c2f

    SHA256

    98025456970d17dfba3c7125c33381aeedcb457d817bc8ad59ff42503ddd4d6b

    SHA512

    14816599f20dcfeac447281a6ecc1969bef222b726d77cbe3b573785513a204bffb228f46591b46ca6db21181ead1be4a97f6a4ee2cbb5c3ef6e71f1d595dc9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f326a824cd7b986fc469b5fb6ff4b34d

    SHA1

    7bdbcf6f35ea456f8cd032cb1359a3f8e5caac5c

    SHA256

    96fb95c9b64de5dee5cf2fe8d5c21ef92e5f418f542c04a50a6ed9482ea9a6fb

    SHA512

    9667af1cda1dd26e1ee571e06fc016ee7ea4e13a07655d5bf986d069b7e2bb74e6c43678fe10bb1046d9f89e8d3d9bbd287247dfde266a7cd17a813e77e69a7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a64a33e16c254a06e2226d43aa0d6ebb

    SHA1

    0cb34a4df5bbd91266a7eba5bdc6c58de892b448

    SHA256

    f88a8ee39c38d40a8590103f78d90c7fc38a8f89e62e5d028302eec24b6759fb

    SHA512

    97d4033aa114fa19e0f6d62a8d8d97f9f2dc4802667a3e28cb902bc29b76e6dc0d2702abf5ff674762b966cf585c5e906b36c0836389451ae0eae44881c81e3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dd2f2bede1f2e314fce9d20c6433420e

    SHA1

    124790a3983f85d42645b24951c3500996343e81

    SHA256

    e8af0b920b28ef2c12288b9c5cfbaeca0e0f7ba340000e7e5499e17d0b742900

    SHA512

    8663ce753d55c0214cc45633d2e965b3114d3c2a1328c02926ef71555a02f5351cd981105afc09837822e2a69e8d6c158848732cd384afe20dd8524b6dde7e28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0df4e4fa646ec415a3ad1e253f371554

    SHA1

    767260c0268e81b8f1889c85695aa0a884300b57

    SHA256

    0ea536872e5ac27f83238ecec94fde219b4eced115552ba35a06759d6518973d

    SHA512

    86bf56eaecb1fc9ce367c9cfd4374150a7563b25118e1bb2978b035f72622efcc8da761907120c704e2d0c7c19e2dc324fc73a9d1f14dcaca0bc8abaea81710d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6c72316ff8f8012bf38816f1733e30c6

    SHA1

    b10aec62820884b42c55d242c9b9f5c037e30db0

    SHA256

    35fef440d8cb6abf99e57167b79d9794a3e7cbe316ec540daa6ca369c39f56d4

    SHA512

    41674e4cbb9ebcc6df8dc9c641a68b4782142e5f1a12c56b7537ebb5742b3d44fe3239e42e15358194de2c07f9d995fbecd0d11346625e194fdedcaadc40765b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2050c970562c5716ae981f2bda1b4192

    SHA1

    70415e0f7886064a99c6c14485bb8e0ecf9ac99e

    SHA256

    845d5a516471f343152700f8e8bbb87edd4f6725e0ed634ab0f2def7cb5da08f

    SHA512

    8501f14c644388a2268c186abeea24109731fe3ebfc50a9ebfc7771d6fe8354b689b366e268cae56bef1fd5d66468e1b5ceabe70e2ce5d03d9b4baf527a00dd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    76ec684e810bd1f17c1a2a9e3b1a8acb

    SHA1

    03f1e467e398865b7ea22cd35d19b51c71132f04

    SHA256

    7af5b32853c8c619d93a90a003030297c7f4f2c508b428a99006a0b56baa41d3

    SHA512

    4bc78be11780c396386c99a7d7050726ccf0d16a01ac9dcba703a1b6763dc6d633bd4fc2e7dc00f60dfcdb48872ed57203f9a2c06c3c0ec2140f26b81b7c1902

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    60785817ba43606bec0390d7518047fa

    SHA1

    e78c64b87cc46dbfad12aa19d006755ce39b7ec5

    SHA256

    9504838f0d6ce8e95899aa11b41f55dc53bab2b5319e22f89c004cffaa6d7814

    SHA512

    4215599e44667ff41e9559137f52b01a8b9c2bd85c27506355732e14727cccd8d7333b413cee91abcd2811c3422f9a9f507d7e1a5f1584620935204016bb2cca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7aea3d347cecb3c62e2fbc7b1117dbe3

    SHA1

    5d1c4e22638c162d1187cdf436052c335424e809

    SHA256

    2a427cf8a4ee04a7b351fe2f2aedc21486db1053f7d2b199b8094f0c2facb8d3

    SHA512

    31f35069b30eb4d82d7d44eb96538aea768b90ee173accaa73abd974e42d485f0928f0dccd679c0ae46840ff83ecdfdd8f78c43d678a9d2c5b7d24ca7002c8b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8c1e68863b4c7c30a467931ee8e4bb38

    SHA1

    d594bb1fba460bfaddac8edf83700f754d92b6ba

    SHA256

    461a65588d62648827dddb95290879ea8b2f1d353b95b210afc8277a138aba5d

    SHA512

    16d281c73d7609744f9339e3c9cfc2d1a62b7b7e972a8d42ec87f71ccba804e5cb0469c18dd7858524a244c9d75229fe616f7824b95d1d2aa5d02dd630a18d73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cda18ba1248773929e2d3a678e98a76c

    SHA1

    344b425a86447218bd2648bbc2722a2251508031

    SHA256

    4f4b8efad0ded066a5640776aa4d2d6f781d0b96e8f8debe637ba18925ef655d

    SHA512

    51459d8f900a96dff4d3c218b0d2ba82d3323e762dcdafc625179b4bb523be4e07044bbaf4fe25fac3312c93efdc45476937f0e9886fdd38c32c10a405580420

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    07eb5de358bf2379e6af98ca541aaf62

    SHA1

    168f969209b854330f068fc3e5758ed15392284f

    SHA256

    a5cd8589cfe292fb1fbd29bcdd765ea0d2c245306f842de17a32f7babe1899c0

    SHA512

    d58576b5d9396b2d388b6231efed56acc54a093a014908de3c49c5b465e196c9c7311d0857b19be939336963db2d066006dfb849525396ac861bef5440e19e25

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAC67.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarACCA.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit