Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    162s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license.htm

  • Size

    6KB

  • MD5

    407f13382c8d7a039a9eaef44f79642e

  • SHA1

    d16f70c6d1703efc33823ab385ceabd8447ac1bc

  • SHA256

    657c157f78e360d37e2485f6245b4f87789ece5a2b150a4f4fe9fead0c6facd3

  • SHA512

    213e32e5f04199153ad3702e8706b0399fdb8c683a47dfbde7dce8a91ef7786c7d43830eeaf5d03fade136a74ca0908eabd797be806d15c106a2e070579ada9c

  • SSDEEP

    96:27r6shoCs4pHbHF0cRKKxUREEQAk5cVB54x/XHFCWFJYJzzTF3G3zVHCU:DsmQHbHxRKKME6FWXHZLsXTF3G3BCU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1388
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1388 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d3d29e883d751746f32ffc039fea20b

    SHA1

    2b24a3e158424e6d9fc59ebccb05b593369226cf

    SHA256

    54b751df16a50475314da8b968023d56b25796b72b7c307fb2d391181930d4c9

    SHA512

    ed0db906291d9ad1b9452c3e48e6a091c0558d11e3a9e09b21206c1c8d36895337cf7cd8c74e3352ae403ffc51f036215d4c77197178df12ec2f851938cd1a4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    641130b147d8083c28b7ae0663db86f9

    SHA1

    c0541f053d651ec9f52c8f272c4a626760e8ecba

    SHA256

    7efd2a178dd1ab6f3e5eaef671da971e32cf47c6397404db496c05ee3f8c7fec

    SHA512

    4bf74afc868aecdb7ed956384aeba47e539447565770b0f25cf63349c2e42024bfd2f46d02e2b8850a90202381a8b865071e64cfcc5d55585cd698108d2a42c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0aea2168bb9772f6bef249b0143348c3

    SHA1

    6e8b96112a5906a2e7dba19c268a9d41e52617bc

    SHA256

    935d8ed297d1b72cf75b05d8dd9dbfe6d074b8cff50884eacb422aa967ab9e18

    SHA512

    8976089896688ccec780d594ec0e407b87c2be210b1c0564d03685fd064bfc1c6f9de322976802fb1ff40ce73c4f440f3d631f0f29db1754958cd15dcb027e1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e188f916cc945e4bae1b6ed3a9a4a598

    SHA1

    0867ca555a809e06c12559c49c039cf1b41eb36f

    SHA256

    9804f4bddf4e6ad5474543b50777e8c9896d8ae1f33daf7eac284734166ef423

    SHA512

    bbbd3ed2edbe09accdc713363c7442f9cb45098fc176bceba81e6a2a1cb12878e05b6afe3a0886dad4d7b6ef071493dc5db8bda0344a17a86a7777ba6cdd8066

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6866071dfbac62e013642414178b68ef

    SHA1

    b119dcb0754446462df5e6ca225c1951bf6674ae

    SHA256

    878d8ab63c3526e573460a59c3c7cfe1679c7ffc684ff3688d0d3f7f036d7419

    SHA512

    1b54529d0e5291f3eca6e832021e599bf1107ee86ab1ae39428d27dbe16a4ad812171892c63034e069e90d58952c723d6a5e7792cade5d21021c611dfcc011e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    639b9dd50abb39e958af984c45df7495

    SHA1

    4b9f1869179588878758053c1b5d8d9b229f8236

    SHA256

    de4f8b1695e9fbf30f1a9b68c471488cd51dc6714d70ba04e848ef5640c93095

    SHA512

    08e49d484b441c1f903af9757a78a14f11735db89878d2a1db249728825a60bb6f8fa48fecd6053fa9ad023b3bea0dca455055bee98e3c2818eff04f3ff7bb2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0c6cc199c236065c759313606707b57

    SHA1

    b497b71fa7620c806aeeec650e127b4e7c082c45

    SHA256

    75f5944b1402ba1e98699f1c661006ac3e4fcea914446595a5a01fb8daa3951f

    SHA512

    5b30ed48d8b179f2e07b9bd6e252fae2008750c656394c443e1f64ca6a10ef2b06aedb105b98a758f4606a8836fe97c0870cc61e307357deb7fc9b474bb950b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9b19e314b91795d956b8b8037ae1b3c

    SHA1

    b2e37f4a2d289856b4f604045b9c4abb976ade24

    SHA256

    2e098e0bab3b8517e8d19c0511f05a6a0282e59e89c33569ce68d993a9496c19

    SHA512

    84b2ffbf834f4f58b2617de08586d779a706e9a5095fe5a22dfc52de92ee9b96c45428a25e70df574a2c950f6f925ca949b3fd92cba35e11777901e2053b2fd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb0272c1848374f0119bd8fe3094658d

    SHA1

    63a2c23b0e0ab9dcfe29f9b72cb1fba48d006d22

    SHA256

    a71599b66e000c3e7b2b9d0a7e3beadc3795c5229fda1cc7b74d5a96de3a3f21

    SHA512

    fc38729a8f8f831ac11e4b1138d38d4c1c66e8243969c24b53615f8e7da83efdf69fe99ffd5389a3e1b2faf892a857f85f562cc36ce890e166d68b5c17031f0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1276fa1895daa656b699cc80846f82c

    SHA1

    7b8039b298f01ad893b2ffec215d3fe83f0094cf

    SHA256

    ae94ead8ba3d0d10a602ce295210939002d6d3d1b2635b5240d0c8f60d5c184e

    SHA512

    285d6e590710ced616b02c572acf027935f2d1252e758d33e26fa882d77541d9b5696358da9aaff6cfafdf63a58b939cc74ec7813a477bd1391f8da58baa96a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bf1addf7b7c0a4ba3880ba19711c7bd

    SHA1

    d23cb263f282170c7e8f09151fab0ad2f33ac138

    SHA256

    83805e8f904c65385e58263d7a2d88eb76317830e378a7ccc0a73a2bd0d64b4c

    SHA512

    73ddaa1f3ff15742333ee0f1ebff26d3c66c6a21229cbd3bbab195e44891a9d1a1a7f2f23f5e53942bb7a696490f039516572ff1f25c50251b9fbf3dc996cb32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36b182ef66a85fcaefa999d96b46b2cd

    SHA1

    5299bca84d47ae7ab868f3b04fb29e7f38833948

    SHA256

    7beaa848f359d140d01bf775d7280d4dd85c4537dab7f7adccd5db4c5afd5f1e

    SHA512

    21e80c78f9cc182a75f828e5e4c36927fb10a97a7c1a6eb772c79addc4b3b55a086fd0938294d9553e88e3c29fccf3c5da2b766b1eeba014d2c7d9115f0483fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03736c736f439abe107893a5b6470c6a

    SHA1

    ec1bc0e4c4f16ab7e7be459234135b872b48f224

    SHA256

    92ef2003929b8fb97c0a45c0eb3d6d4090d4e85743f83d2ecd484033969d0e3f

    SHA512

    637fc51102d5342d90000b1791b89d83b4b97ffb45e1c0ba1d03bf0934a199260b5acc0776bf86fd1d2d8ed1883ab8a14a8c7b5babc2708b54abfd7bb322b79e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0e73cdc8b738bd8c5e9fda15f369a4f

    SHA1

    8f463e8b09cb71c74def5ef0b05c12044bdfe8ec

    SHA256

    3fb27814a62fae2c01898809a44ad66319ae5463585deca09127aa4df902fdf1

    SHA512

    6dddf0c92893b6183673d5dd470dd302be44cd3d3bc0ceb27339130123242870e92aa4eeab46f9bb4586a6e968bd0ed60600e1c8ad1d9ec57713b572d9300699

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89a0ad70c2c03c0c63c86aa1071982f5

    SHA1

    57f6d4ebd99d33f60ad0ec9762b444607e83bfec

    SHA256

    ccc83690c715d3f7317a0b5daf2c19a79e1778a036f3733231614c771eaaca2a

    SHA512

    5dbf341adf4dd56d614080a10c955036f7c8f82af7f5bae49028771605f9ca451fc2a252a584e116117c456a1c904cd5913b422ef4d5584b040dec78bfa3d41d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0208fd1cf6a55fb926fa4669b938fd26

    SHA1

    dcc73d9bb5dec7f0a9aa820690feaab9631cae4a

    SHA256

    6272f2f1e2e1d1ee9f31047f300dafa0634d22b48873c16bdf473eba463462ff

    SHA512

    ca9b4a115c9f14557eee9c20ce3163328322008846082ac23f7595f65222512a491b2f36d0f570c05cb20f70d5728b0a53d34815eeb7d29eced8ad5a50cd3662

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07591245948ea67f2ffc4eb6a16428a7

    SHA1

    0c15df3d782d39b9e02ded9e19df6e285b8791f2

    SHA256

    93c8ee30672e05bb8eda47df4e31b4dfd37c85f851c850af316fa0f21166a8b3

    SHA512

    31e9b8fd10aaa2ab73ba13df4f52b55612dba0aa931705be52f61e45169b0ea9146d6775e97d8f37e38d457256d34e382131c9867f4fbadd76167d9201165435

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18c615add307c768bc7491a14e25ebc8

    SHA1

    e63ff7d98d79c62c272509831da732308a194e45

    SHA256

    36ba21c9d379d7a78631232f67f2acb7545192043ca95701df6488db8817fda8

    SHA512

    3a2ca96b4d3c824d1e062f1bbcffe5f27fe9bda19b5775676b579c0e81177cf89a1506ed725631122b998584638f7c540e7bd73be9ac6db1f53d68bc3c377023

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF23D.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF8C6.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit