Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    playstore.htm

  • Size

    4KB

  • MD5

    b5761ec7f4412406c8f521379cbfe466

  • SHA1

    621c6720da697ab81116bfdd6bf81d1c8ad5e7a1

  • SHA256

    27b9dbf27f7d81fc3cb84c6b3b2430a14fcf78d82d351d38b92dd18537f0bc26

  • SHA512

    e4115829d744cfe44891eb753c4b2ef042d6d5397e5138899ddcfbf9f5a7ac84f2a47af3ca496e11505ca501b8ccadd51b276adafa42d709525b337049d7ed4d

  • SSDEEP

    48:mB79CNoW1ii1n8BfDaqDUMmckWmk1ZVEsMToZtME1NOar5McIp9AMF3Y:mB79C2WT16DaqAMv5ZxoMMUbMrHBFI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\playstore.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2200
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2200 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55a5b96901a7ce65fc411f8d319fbef5

    SHA1

    65eb3fd9cf50d9d30972f0b7eef118724d50d91b

    SHA256

    d5b11bf386de9b18719cbd372e4ac44dbdf66f9ad90162e91cd7a6a0afa0da4e

    SHA512

    387121a942b6778af405ff3485fa2ce6226a4dfcb92c7a792af09b7be0f17ba70b06a63e682a47a8bd62998005e235fc70ba3580b61ef45e8d0c7c410d0c5713

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8e6a5a11abbbd706af9cb81a0e50a47

    SHA1

    41142170cf1c321313f470dc31e306da675df91d

    SHA256

    a9b0e4a3fa86cec464fadd16b27b18de709c74a317613e80d9106f1e52b9ae22

    SHA512

    bfc28df6ba83043e02ecc51f50169a9bf144e52a83c61d0c02b5e6076e699ed374b7ac23d0de727e03cd31856a3ad522367063e66d3e30dd6cad656a9a4ae9be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62812fdedb0a2f6c89a3a12ef76685b7

    SHA1

    f3df8432ab199d2e0e36e124d13cc53b70df7026

    SHA256

    668ceba432f7585c663e7bb3ed905bdb3a4625826fe675c3aa2dffd50396bcba

    SHA512

    37249a7dc30b92fe14647fa19621b124ecd4a667e9f7acc277267577ad416e2a4f2efe611c1718b012cecfabf5f6498f809dbe26d4157ad1c681846268a0d601

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af09c8f15bd2ab0fe8f24282cd46488c

    SHA1

    b8b67d1af18dc371b55b6dfd48df7baae4635272

    SHA256

    a97453c251c33046f16710ff59620bb83714b71037d1ad74ccd43f66b4b87957

    SHA512

    d514fce5a722db60970c50d8936c828e94691c22e0f9cfd3207a0442b1f2d165713f9701cc94b9b32d0016d9873a31ed8b031465037f671cc692b7e33f3c4900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dabd62de4b10d9c6ff1b4a95fadf689c

    SHA1

    1256b6e89f4114f700f0522ee2975ebe80d4a538

    SHA256

    2f779760076103fd827ef6546b01279b8519154751d8f8194e572ec0dacfb010

    SHA512

    8fcbaad069080031361daf9792adf27c3ca526a4799e42cc3d4de3bbdd38aefd31998beb9f9ddcfa3802b857dce7867923793f6134c4d1e00b6a850306953897

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9da08a1ac3daa76d666ab0b676de0c51

    SHA1

    7233b6da08afdfff32cb8eeb2ad774f58a7a4355

    SHA256

    3fb2d6db02b50efe261534d1cbc7d9be38d6f305571cffcad79e1b9c24d7e55a

    SHA512

    55ea0e652ab278b71d5c02483a9ea9415b7afeaf4fe5beef27a0e058264b4d8bd8e10fd3300136e8606d07909ff4293e624a019369d3a2955f223a6d59316c28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6b3eda77cbac07797dda02e63619a62

    SHA1

    5c6623994c55fda0fc78b6ad473781a16fab0ee4

    SHA256

    4107a0a90b0eb9f30f413af80a16b71d4b9f4b404f1e869d95d53fbd9d443fe5

    SHA512

    5e6e7dad305e66246f57428d1fd0252e2b2472c93fd66abfac4dbf8ef3eb6c00980a85d25fd189df8ceec4e4e91bbf6d9afbac4b77f985c63a83bd7264c7dadb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    759969a3b59b9886553900beb56dbc9f

    SHA1

    b8c6783153eefdda0aeabbb06bddf4cf25e9ac2e

    SHA256

    acaa8665155bdfed089cf7c89338fa72750914d241be7ff269f5f3e52211ce43

    SHA512

    30a642c51c8cb45105fe6619ee5e37234a0d23752d33fda5ff99218de707a373d8de8ae796552eac4cf8d783d8f2c83d6756b93eeb9364de70cd019618fd43fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b947497279b23338d0e4223470a2039

    SHA1

    dda5d2fd8e2cd44a8006fadb0ad91e776be6adee

    SHA256

    def54eb7c9a3d65a136bcc489150239fc93fbac2ae9444099d37d0c27edbb063

    SHA512

    12f28bdf0004cb34b8f2ef97bf0c0974aee60d161dfbbe40572da199452e7d711b7f1865afaa14e733020a781b3012ea2ad458c36f7c3253aca51eb5a6d30f55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e79c382ceca4de383770ea71f7a7eb0e

    SHA1

    51a6ed343858f14469bcce3c715beaaab9380eb9

    SHA256

    2fcde1ad411ffae4d7e739e53b1d66510c52d2404aae3100548421d89823a612

    SHA512

    5cc6dd030fcd4cd8b58119f707addfd623120d7545380e9451863b07915827e2d225eb2348576776d3a0bd36e6cce2c04a551da897824b0828f24ba005ccd093

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab57F3.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5882.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit