Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    164s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    totalcmd_datenschutzerklaerung.htm

  • Size

    3KB

  • MD5

    2209d1334f10103745b249b73f43e6b8

  • SHA1

    40f4df0131ccce8320190339fef80e7451f4d457

  • SHA256

    26ba8e05bfd77a7b00b958ef60d5d6f0e40e6b10fd6283f71c176180fc2eeb0a

  • SHA512

    2f89b8dec6e8c5649499acdc6970235c6e56853574339eac7fe53dbf93915153dba5f26c4bd3bf93c16370ca163a1a8dbc0dfaac3c68fb73a98a86141df03d6e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\totalcmd_datenschutzerklaerung.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdfec36cf2f346cf8e1fe8418f43f5a2

    SHA1

    a557afbc72df55153e991327b413c1d14df1e7e6

    SHA256

    117fe04d42d2bfb1972c231929a4d1b332b8ba20671579912af9560d954451e6

    SHA512

    6509a313cfb116155305eab181165c6414c81f8f7f1dacce675af8ed13e9b0fc0e78540af0ca08c56ba441b428e624d895f2d4883169fb6fd60e2ad2d4aaf095

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63a836a411d50807d48b0b73e8a1edf5

    SHA1

    e8fbb43137d1a2ece5e1453cc3c828c59569e97a

    SHA256

    08c138579d9bd5bf949f8755c903b9bde870880a059ee196719ddaadaf228b63

    SHA512

    cc52cf658035c3f2408c79e5ce295a51621d63be13e6ff5027a329d9c4344a9aeb4f372086cb3f15143dccde2481c864755361d447b5fb4d594dc8cd30b01ca0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc4a520ef0bdb1b4055ed35fb5876587

    SHA1

    e3a1ccaa77896f57c24018c5bd30a4f9aeed2972

    SHA256

    6fc301b2853e5f60e8ea6fd4428c0fa070d838da1feebf82287f0b5d98a793fc

    SHA512

    935b7ee3155beeab31bea53f163e2e0829409ba150d1932ed7c117280e7efbd5a59e744a75747a2d9e062537a9ee082a8a646963da23d26edcaccf911cfd0a16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5237f07d7e292de833fdc2e91c04a897

    SHA1

    f11d5cfdea60802dbbfd69bcfa62dd9bdd8c5576

    SHA256

    cf3c87c4d6daedd359209c7a3c44fa2ed6b6707b788a1eea31739d94cdc5d1c6

    SHA512

    d5452c0f1b4cb9de22acc8eeef9f0cdc3223bf0903c7810f1bc9d33fc836c9841384fa2cb74baacc17efdb3a64811985e34887c5c220b65111e2b52e4b3c305b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44ddee594495d2191f3be8b7ab683849

    SHA1

    83ced4851bb09bc39a3670ced637edcdc86b03a9

    SHA256

    755b6acce6097036a882aa715a8ef426159c9fc9a0310a51f85f1f3fe6b398b7

    SHA512

    53ab4b4b58696de342f3360ea9f74d414f8190108611e399a213531cf98839884b6b5669b37fead8cd3548dcf935552dea4beadd0f1b06ea3b98fcd2914c2b87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1976c0838e2461daa0f40622a271f185

    SHA1

    8e9222034853cfdfe82ae4f7f27c382cc000c683

    SHA256

    a821962ee21daf75d01827b2e31527f9e308fbcb6c0f589217e956e0bb4a414a

    SHA512

    4d65bb16f6f3d368d22ea65d2ff2c67559f906331c70f8c64f9f350edb5267e4b4dfc14f5921d36e5444abe6b2dd0af3777c05726e0c8349748e261c9541f4ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58986cc2c04001f66556a9df646164d5

    SHA1

    ce196e585f2a41f4a8d2c5b9ed74f951fb786db8

    SHA256

    9a4632bf8b95a89649b5f3e7f158554e449d8dfecc420d70f5551339c866dad0

    SHA512

    5df73d465cb30b64cc2bace37dacdc7f26da554ef4e4e7607f6d870a555cd61fbb0a12bf7d5f7053fe04a86cef899f002c42fa95cff9a2e498e0ae6adb0daee5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdf2928a916cbe81f03a4ef7dae5f214

    SHA1

    7b593483365cdbaf670bf17a499d256c95536f5a

    SHA256

    e4e7eadae7be70628a77a8251f68ab6e363ed613c783b66e3127736793b0f53d

    SHA512

    4624c385b3d3e46f06f0c890ac651d641ee6f14cb4d26451f67575584f47b662c30036b94e1c5cb598379fb470a23a88950a8839be3f7e257453d286ea0b5cec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0c4db63e956eb6d68d2301137ba6fbf

    SHA1

    613396ec7a61ee55d044d866bccc903603f5b094

    SHA256

    6ed6c45edca89bbafa61fe4800c144392121e050d32e7586a8052af485d2429d

    SHA512

    80e7ede0a6d43dbd167901a0156a2e653c6efae22037921debb54ff21e52723f741ff495966d290a3a3d478dc55dc3149f2f9943759360b191837317b986bfed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54e07b9bfd4244d3fd6d8bfb8473a168

    SHA1

    1d30e4a781d627d1f7aa84857f3f59689227f16b

    SHA256

    f0553cf3edc8c6702708a1ce2d5087bc01322081dc56297e5ff30677cc87c3c4

    SHA512

    156f7b1bcf173787568893d671db9adb4480be69962c6832aa14224dbdbfaad22ea961bb2ef3971c95ddcc6f4e2f4085921917be4d2f3d249f941d88540a8642

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD8B4.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF656.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit