Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    privacy_cn.htm

  • Size

    43KB

  • MD5

    1a2f4a2ea0d51df86a3cf68da9c7c771

  • SHA1

    3c2781f18cb4069645d23191fa4c1c2dfab88440

  • SHA256

    79c3ca826e2e8e65ce3d7922104a24a785dda2a2450a3a99d15d3602ae516485

  • SHA512

    1c9500e08577c1c92b438549d006ed59ce07214991d4587e3e39247a56acd1fde4104ca42fd22b1992579cb9f83b8ee977b2082a8deb76abb53813842e29122d

  • SSDEEP

    768:XEqYEM6RazBF/p516fKdYS6XCtrhs6WTKIF6VqOrX8J/WueuAFuanVzK+tZxMAXg:9KEIqEDSApKpaf5XfOBWK0H9Zwiu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\privacy_cn.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d734d2d0388a6cd96d2a3e50db8695d6

    SHA1

    db7e225e484970d9b5c0fc2654e3941dfd9eee34

    SHA256

    ec1d96bd65ac7ae7f5dafc1a848b65daa4dc14ca682b795a80453c0842742389

    SHA512

    779a5e8eb4363977dadbaf9767d8fe5e8bc3b916652a7afc06a0d9c3cd926d148bb7d6b7ed23e3902c3712632367e5d33e46f7652bf7d83ca00641f996b2e7c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    de4d32a346d7f407d7118670a61e9f33

    SHA1

    d711426b90361db351563fa65cf89a46e2a37709

    SHA256

    1e73409797732c61f3bbc8528cb9c63d0bf9e0b0daaecaf12b88ddb1a6f7460c

    SHA512

    45c40ec4a62a417112d242fa4ae81b5e71e8b19df6daa0dec7ce94c3e62643fd0a9f1393fe20577d4aa1675f8f004e2da00d994993d138d5bb65c30ce6abec0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bc05df7bb31cd102bd4ff0249ffad56c

    SHA1

    69315851b94cc148cc8f8ac2cf90527cefc47c53

    SHA256

    e019362387e359bef9b7bc49f84d11b28d7b4fe29e8458fc8d366ca239fe6ca0

    SHA512

    947ba9c63a95defa07b12fcac32af4c7e8e1946abbad6e74bad8fefd59caf4b2b794a1c2ca58746bd7f08e0ea88e5aa4f0c9529163033de194cdffaa12e35993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    140c619c325c72bf98da5c11e467c7f5

    SHA1

    1213425912cf4068b705021299228cfba65d923e

    SHA256

    5410924ac4a0158c323582430962b0cc1f2e2cd684899355cca9b859aeb74f97

    SHA512

    2e92532381b221e9d386b392c57bff707d62bf8c307204779e6a3fa4c8ae2a84db82cd1c5a8157345d2612622c98c5245048fc17da674678d65a231ab6be67e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    66b17f55c4663a05980f5c50ad90e03a

    SHA1

    ac3a53ac0df6ae87f53e13133c5bbf262f6d9cba

    SHA256

    51efc2447377cd5ec09ddeb682b9a0869881b919fb08008686c5cda24ba9de47

    SHA512

    0c318500b821f1993e0d3d0f5a5749fca90184dab2bab74ebbcb33df06839c4eaf26c0e595b3bdf7efd0bd916d8d05ad201aac2805a2126d88c76d8334235a67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    eaa8e205ce4ebc98ec810d0ae3ccbd88

    SHA1

    6bbcc50990dd906304a29ff9b6b4ed7fdc5d3c19

    SHA256

    e25c4451c1b10205a5382ed9a50c51c202c2f791df5d2e1589c7b17f5d2478ef

    SHA512

    54ba4f4001fa0360e069f0c77684f2d4983679763e153c125fa2c4e8c7ba40a9eac7c4842c1df94170845593458e3ad992d5c7e867e26629317f1747745f7c6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    af6df7ddc29d5ff1bfba886bf650767f

    SHA1

    e5817edec51ec56cc440d5f73ce11e3a7a0f5def

    SHA256

    58eaabfb6bd47d5f8cc97dc466953def7e22809ebc65c623593afd756392819a

    SHA512

    639b850121d7fc656681f98523b03d7ce8ef8cfdbc6b40fd86edd04d0b9316e3de3479890e6f681e8988a97cf0afd772862b029ea54b75f2340f9551528c8b85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    49e546d4fc322669708d642e0ab2e679

    SHA1

    cd3db0ef45032be063605dad75ca7fffe112a236

    SHA256

    543e082efe0ee57aaec698f070e4a3cb1620d92036a85df1fa484b4be70e40bd

    SHA512

    d343e3c5f384edfa02ce2aff5739ed565afa00fe3fccc1f8b425f34a61ab05cc9adb32b8c133f0eb4d1e5bf036f7c7861acba54016e6a5ab3242e86c596b5850

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2abf1cb8b6fac39981e179ca84ea99e5

    SHA1

    e676c0e9e6e78c632a0794b3dfa30fb454df2b05

    SHA256

    47576155edcdb03f36b6d16f68f6b679f2f1a43604bbf8d6363d4be69e2f4de9

    SHA512

    264de1b46ac8dc66d9956929cc408a047c39aa76ea35349d5b2403c85560fd147d3743ed6135c37cf0645d39b45d85c94b0a9df68ab7a2e67b51edac293dda8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bcab2fd57073332162cdec9c486b01d7

    SHA1

    a82d9fa8e1bb892ad95ba5c6f4d582e062359ab5

    SHA256

    42866634523e836b4fbfdbb687f4f9ba37207f0c00bdf9d7208e05bfee02909a

    SHA512

    c63581d1a0d51660e30c46370dfa7cc7d35d3cfd6584289ba21991793df1b5bfcac572242fb22121eacd3dde94187acfbbe039db9c0acf61606b5b15162b7e3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8ea3aee2bc9c4eb99085491c9a79c2e0

    SHA1

    ce058ee079b156fae7babf31c850ce22d3fe5063

    SHA256

    143d4677efda0cae5e06e484d133af6f46126e78b46c54ddaf5101858a451598

    SHA512

    0b3647ace3617caed031958a52966894eb3470b798cc8d3bc4c2930c5b16012b479a801f085091efbfea0276773fb60ec5909a833d31eee7c863d507d5720f9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cdb779fee7164d76722ef2ff18d1e5cb

    SHA1

    7a17c0f4729f2c64e8e0b199a50a5f7f444ca0c9

    SHA256

    4fcd6dee97c9bfbf6452ffe847661e2f9b2ed9aaab0e4ecc9a64121bce07da5b

    SHA512

    461ceda56ed3a3df02bcef981f204852df9e55405f3de90145dec20c32203e9201f0a2b9ad148a7c6f395674e3151147b802d7b6532672e16a9a476533b9edab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8061a917eb5acdf3ccbf9415e79a77ac

    SHA1

    6c72997195926b7622798b5dd0d4921a6a1c6be6

    SHA256

    0a4727eb389340016f6b5fb6b08080787a2ce8987d55f5b9d9db701831976d6d

    SHA512

    c4ac361530d10a0885b71435c9a45beaaf15e70931f73b9ec4113f55b18f9491e06e888df2598f89e3c72f799e445b843e79321e71ec80f4ee50caccab20787d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8d9f7575c3ae29b44269a0c2a2b15764

    SHA1

    deadf95981b2b8cd0ec7cef6f16b5013b4ef509d

    SHA256

    ad4326bca124af43ec6455285d2c1e3c6d1d40f29d9933f00d795974d69b7cb2

    SHA512

    e91d8c8045443f8d8201bcf6a5a43d036a7c7311cb29471a1cab6065c35098628b49ff9a8242a65942dfa183d5cb7523e763bec318f888666e57c04daeffd8a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ae532256861380b1d404ef01eca56adc

    SHA1

    4e930ca7ad049dbc501e907da0e7b1907719e4cd

    SHA256

    d3b2eb3af49819936e9073d25849247b49f59dedd71a06d3cb0084e795fba90d

    SHA512

    a3841669579afd96e4c0d8812138094084823b2f4b42b453cdedacd0d2617878968bd13008ab754bc49aa83e6d843e44a6aab482c47d2c6d9c74a40e238f51f5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9BA4.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9BE8.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit