Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_uk.htm

  • Size

    114KB

  • MD5

    ee5debcf16d309d049ac633b5834a58b

  • SHA1

    ad9e5e501bc770bd22695b81482bffe1fc5fd62a

  • SHA256

    7ae8f11037e5639b61064b8b0e881fb32c1a047f6877f9737541454d2eee80ed

  • SHA512

    21f6d268794424f57639614d97edb81109d01f402886a242b120f206bb1fb770475ec2b3885884e13cdc1af09e2d982be999ce38150c7b69552b1ff899278506

  • SSDEEP

    384:CBd+WmQvJOWzmSBkhpJ4/HweDM1C1ytpXjAoLU/S2wVIEMpaMtM/LPWZdO+2+FX6:HhzSEXeyag

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_uk.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    367351801c69d0585960682bd07a80f2

    SHA1

    8ed8524bc6489e8dcc03984b0806de5ec13d8aff

    SHA256

    e2e1de81c28b3aa2a0bf78e1e3e000c6250879ccae2ce2b6548e44f86888a375

    SHA512

    75f11209c3e7311ec5f25baf071095b6ab5ccb81b46348de0ee0d160cf664eca1655222424d98583975986383a979512b5ed1134c967a73715dd71a4cd0a3415

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62b74004b00b8cbc88f929df61b40e7e

    SHA1

    9d28cebd3f904ae5d93ed8153098cc5156e9d911

    SHA256

    22b4afd7436402d538ee927f3ca6dc4726b62e51c1de6042de84a653c57920d2

    SHA512

    83cc94a59d1d9c6dab9771dce47cae606d2129e334e0e46b138646071539bc1db9e0718b12b4b0e3b5a08ff88d2fa7bef31c587b74ee11580065f71c9775c15c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4fcb7d1b227824fc7e2237fe8aa445f

    SHA1

    4fb0f67a47b7419fea4cc476aedd7a5e5a5e2581

    SHA256

    be687b484c8f6245294ef585101c98e5a158256fa29b9a90a7029ac6ff20c081

    SHA512

    994652eff000ca84ceb88b59808c820b225c245acda495cf672c39b697c4567a064d5f1319bf16c583bf68beeb919766709e31a5457c19984ec0bd854ffdb48a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebda0eb43f268ca87d42abfc09e7ebcf

    SHA1

    379773519a457d869a5ff6fb5402ec4f8bd9a73e

    SHA256

    57ec7235806bc96514a3f68078bf1eebe572ab44b598b011453a5bd26c742760

    SHA512

    91131065ab2930736a957eae03a9bd93e05a6e3c9993770d1015ab5ed6515c4bdbbc0e790bc4c0f1bea8f992e273600bef03b13f03c044cd26b3e3dc15b965b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cae98392b32269ea91a74aaf23391479

    SHA1

    a099b229e243ecf91ee4c6f98aa98f7fad3e7a28

    SHA256

    0e6f91643cf5c09dc58f3eef61a1ea5929285ac0c3f6860091ccb2bfd5569224

    SHA512

    8f0a3535edf9fefe5a2d00742004ca7d5a6f0334826d539a81b33ef922a031ffab321d42f09ed468913e9e4e89542f7cdc5d3e38ef47b5535751ffd6702e445c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a95687b650424b0be359b3e3d3c7072

    SHA1

    f0045a64cfd7f3fb740592981ff8c4395f4e0afa

    SHA256

    c88b6ecd3f78a4cf088b953825c9ae2131e8bff0064519a38d8fd3b630c44ba3

    SHA512

    66c489713a7a127d57d7c2e3a05234d118c0af7a047c10c11f4056f01c9361ad3d2dbef7bd06af09be31f47a3c6821ff393c8e42fe1305f946358ba86291ed00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4e11e2fd7057a31e3bf52846329f53e

    SHA1

    a88ed1cf9f725ecf0257223eaa66dfd638f32f6b

    SHA256

    1bcafb7d41deb8d36b341213f68e710609aa55af28eef541ef7ee17e1efe66d3

    SHA512

    8738d6454e6f340be5b50cb7263911d60ac2c0b737c8cfd2af61dc0917cdad2feac6053cdb8d49a57ca91c27dcebb02ea7446afbbe72ff3406add9e28ecefa37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c5e59a8da66a1fa987e9768a04dd5af

    SHA1

    01e2df0bd0cbdd0c637673d5927c1e62e0478b63

    SHA256

    006599c2df59ba7c44048a748d0efbcb9f4ee7e78a374e09ca63b4b4ee5c0397

    SHA512

    c40c50c60c3f91bf465b1e69eb05f1439ce278e815dafb2beb4b1ee4bc4e947f2660946d846c18cca8fb280ab02108ca6cd879a83bf54b995b4955def375fb5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fc087422ec5115314b486c0211c5669

    SHA1

    bb6772ba602ce8d0bd74dc5ab93d3e4bf111c67d

    SHA256

    a8f3eddea06e8b6688ec10b47370211f46f76a838b2b3dd81ba81fec230b7403

    SHA512

    17b24e8ee917dc55744e80bf084e7828eaf7bf1c47143fe123163fdf665895bc5b147e7a305ab73aa4232a5447b4066ca1e9d64ac45b5342d076c864e1beee74

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6828.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar685A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit