Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    wifi_rc.html

  • Size

    2KB

  • MD5

    efbaf207ad3762724fd4ac6e58022e13

  • SHA1

    4268759d592840b50c3fbbebee5a6758c42f01fa

  • SHA256

    e134d5aa97d09bc401331f323e5b756c5571e902499d97de91316010ffefcd70

  • SHA512

    f8015c27bd88680f3b7c466080dc7c5e5222411d80225c3433f86e76925fda4b781478bb5639c574072b6eb580bd111f08d03c67fb47cc182e1405faeff6f021

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\wifi_rc.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2588 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b584528aa62949734461389ffad105ca

    SHA1

    fa49162d520f1e4ff2fb73592818dfc8a060c16b

    SHA256

    b42c399e4f47ece4b14a32639fed11c250bce9a9a955dba049deeae6cb98daae

    SHA512

    37f708eee3877659c141751c66f479602b86aa5df939c829d44053c6471b0d219b0e33ca8aa83d19bcf6e00ab023fa69461bee37bb5bf27b4ba781bd25b10032

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8983a6bbf5c19ccc1efe376410265d1d

    SHA1

    0ba2c936aca9f58b88d8b24cfd6dd029f8d5cb00

    SHA256

    3b693e95f266dc0580369c30623cc406319342687d678144f154a8d0df3edb2a

    SHA512

    1ec674513972747e8f67e29bd9d2ee55cc42730c149adcdf8f39cd62846c3817066dee27adeb12513e8ca73971f4d9829c2d509051873795346d242a953f33ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4d218829758b0389732357ace8cce0d

    SHA1

    6de1aa48231bbe3be7b2924c98e3d1fb7879038e

    SHA256

    6adc96d092d5671b87e2e8f7b4ad6494eeed429f84449227913656cb3f842674

    SHA512

    4beb65de07e47a41a7ab05d637e19433c239d05bcfd3306ae7e8bb11df65bfef67d8e89401dfe339778afcf522c6fe20c918b9fdc131ace5f20ec654db8a7cbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44b87626c2a148d41f1ef0da8d817a93

    SHA1

    63b5d7a08bd862ed8997e18aef4bf90d48d451fe

    SHA256

    f05e00fba5662de45275037a770759bdc02d4bb533a6bdc43ec00557d9273689

    SHA512

    84780e3a33d2a4971ea20bc245de1c922f717eebb1e794bc54ab630c5ef5cf7c3e3368c73efcb988d9e4ddefa2672d818b611ecf4ab1eeca895582c81f25ea42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a5f2853aec61018d946a0504fdc387a

    SHA1

    6d0aedea37734f08d9ca1fa9df4a9c308e388ba6

    SHA256

    4061f9217c3cdc68491c48461d77b2d7823c83fd852bf0af7ea69a951887101b

    SHA512

    1fce424479daf4f5d26828f9c13de25be92fd3f5ff9ce3d7978b5da2c2cea9e42a84fdbd2abaa9e1ded4fea5674f0f7e5fc7570cdfdf78772722a3795ecc76a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9a0edccb9a584f6d85d0667dfe7b4a6

    SHA1

    cfde2090e22377a33af5facee22e27f64c9fa1bf

    SHA256

    6286bb255ef7efc78c469ad118e7a7cbcacbf01c9c759b69a86c49493acb0d94

    SHA512

    3188a7a0514c7645ea4757421c94dc4da404cb344a2560b2ac2e5575857bbfdda858bd9671654b20a0c5077ebbbff031aed00a85fa087d4f6b4053ef9eab8434

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9325fa59227197cbe1e70664092f8342

    SHA1

    f9c589c19f6cefbefd3da2996deb7a6d45adfd92

    SHA256

    031467f59a305380115da0af67c817c7e7f297ebc31f387f5202d5c56e958842

    SHA512

    8418ee56f8edea5ba713ae14a461170c2c34dda549fed04a66011ca5ef11a41c320c0c375eb53dd5c6cdd6d25aa3e4892ef1041ecfdb4fcc85d8a6ca74f04664

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e20e71263b55f4e20638a19d1f8d176

    SHA1

    2389111396836c5f9a6deaa5f9a43b72a6b7b339

    SHA256

    d959a5cc8755f368204601f328d74eb78d75e7dab805cb4c7161fe04d012be82

    SHA512

    39fd44b6e5af0951675767fb887570a79566622d3f86e594055802d5bffce835a2329b10b4bb143bbed75de81119193327289f69bc36afbce171395f0634322e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e90e2cf9898a7ef2798157d81406893

    SHA1

    c108e80c1f521fcbb058aa5f7f04277a6687459b

    SHA256

    09b80e6d93ed77cd16ddb38b47bbc239498c4b7d257ecef2f259cc62c4e5824c

    SHA512

    11d883d47a08962b75c08cce08c03ea680613ac6c8460e56ace31244f46e7c32b494b7388f6d12ef4138a44cbf3b909839cee04277770bacb5f33cdbf1ffd058

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5081.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar50E4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit