Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2892
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2892 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7d8440143566696a2eacbdd077056ecf

    SHA1

    9032f9ed864cf860835fd97a22fba369660cc641

    SHA256

    de876438f1e5db3dc74a758ed6a4923fe8af4fe5357f0e46b9155753880e638b

    SHA512

    4a5cc783be5212bf9bbc26143b3a025e2ae809709bb6b3502cb41377df17eca1958e8c49054089d6a43f91c79934c70e1c4cc167dc0f17a0092b1b264942e146

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7c74324bd964634dffd1b3c9ec09519c

    SHA1

    d3b380ab6d562945ca2cab0d51d596067bbc3efa

    SHA256

    66cce3173295551ef21685e55e5c6d6fa2dff83e025ab63d7cd7b938840dd4a2

    SHA512

    8c3ca96c58c24ed2c2c76e2ea3c77e372d81afd197e49d55331276aebd03fbb606bac2993296de399d43409fa01055ddeca66fb6c601ab7aa7f085f337180017

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3302721bc5159489b36c7413ef104bc7

    SHA1

    fbac6db6d539cf618bf6c432b304aceb92809d13

    SHA256

    1a487f1b09dfec4e77342ef1d76811de3708352050f9f1b253325282b90b26a9

    SHA512

    d4816639f975a1103d01ada8fab1535fc7984b913e17af9b38d4b1d1ffeb8e80ec14b2c064709a926afa4a38adbfd47bedfcac64ea10cd2e1dae0284cf25d895

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3c3bdfc51aeafca535c87344bcd7d116

    SHA1

    24e0cdeb9491f77d14ed12982f58bd4a83184722

    SHA256

    a72e1d71375627060f32bb4d37b5fed4fa6d96884d55f126e7a1fac25b3bed72

    SHA512

    137ddc63a6b66b377c6341de872e8893d47ac74b917edd3deeb34915e8549348cbb3c499c33fdc0d547444c793444b3b3ae5324a2a5a9222c227f84fc3ec5ae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    518335e17aa3dab3d5c1afc51bc01c59

    SHA1

    f19381f2849591e00df45af311051512279a86d5

    SHA256

    a5a638d72254419bd84b1fe38be234815479a970eefb6ba8a3e63362a876befd

    SHA512

    713a80cc60e446730245a49f95c3e87358057250dee2068fb2859f7c3451fb54e1f5ff0050a9dbaba0201a797161ebd46f38a6f15a781adf28e8cf82f43f2cba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    82908e20cc3423d081fa44829d2d3cb4

    SHA1

    ddf92bc56a352b86998605247df29d8d41ec7537

    SHA256

    c474407403c81f10b417506d9a8ae2b5cfbd5bc657861db53b9eb1468c9776cb

    SHA512

    bd3e0ee6ec641621d4032120ac433ea4b9e0e4f172d1c8a86415192ad0e2d24430394c0a6a37979cd48845f44ec4d4fb18323a3c9805ff73812a4b209941da25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    da8e7b0e7e07e743fc7ee246050e8c4f

    SHA1

    d65588e92215db68155880476bc386b6c6dd4e89

    SHA256

    64746f890488f5c5822bee22592a89ebf3ce90d4418927b4acecbab151c933c3

    SHA512

    874b9f52f413064ac79597fe830dd63a5de079a6debbf0f5e825655afff7c51abfa217e95f0a9daf281489212c8727d7d5baad360982bc5700a9c9121c10ecbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3dd32250e8f63e61fa7ab989d1bb5c4b

    SHA1

    1b2cd55df39824079a912c98dcfcc22a711fd643

    SHA256

    cab80c98ec72c06425dffaa1d29bd45f9a4071675ea4b69fe84b6054c8d3ad45

    SHA512

    a20e54d5442eabb3b2293a8f91a19c0388db7f4023935d9a996cbb802c50b0cedaa1b06c35055e6b0d6274d701083043f249d698ed0a36e2a32b2dbfa4c3ec1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a596dce2b2b5ed6677bad1600cd58cf4

    SHA1

    058c67c2103fe02a6bb6c112e1cb74d78370a34b

    SHA256

    81204a3048cbd2663ba7a97643ebfe1cf07f3b8f2e77067fe24fbd7305d61938

    SHA512

    2acc5d61f1ffd8b81d9de2ce051e04e77b75c03dad0b03b144bfb42d1d3fadc001b4a696e00d8a5b8575ee8a9430c60a3b84dadc104c68dfcaf42aa771746ad4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d783348ca2425395177d79e1520a93ed

    SHA1

    90214f303c4efa447b7d4b9a81a7631d645ed638

    SHA256

    f1788dd5782924b4a0b125b84c8745ec6fe31a5ba507a69f03080e68d923ce21

    SHA512

    75d308ffca7d02538c45709f78a3d749e50ffdc9ae5b4292bb71031e1063b195655f71c85b4c53d4af720390553d1386fcacc3436fdd846496c5040d8a06bc1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d783348ca2425395177d79e1520a93ed

    SHA1

    90214f303c4efa447b7d4b9a81a7631d645ed638

    SHA256

    f1788dd5782924b4a0b125b84c8745ec6fe31a5ba507a69f03080e68d923ce21

    SHA512

    75d308ffca7d02538c45709f78a3d749e50ffdc9ae5b4292bb71031e1063b195655f71c85b4c53d4af720390553d1386fcacc3436fdd846496c5040d8a06bc1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    16f725eeefec1803f2df185b65bb2d93

    SHA1

    9947b4d8287e8e52187de78ba893bef8ba092cf1

    SHA256

    41f2ec6a8a27bf202d988fe7983ee30a6b814130a49fa6db82ecb0b40ca91938

    SHA512

    65c747bd37270d02d0d59695511631a215825715ae756e0cec524c11c38d04d84beb15697feee649b6c6fd894b983ae25788d45ef1601639146ce806666d26ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9decbdd21f40e5e6f14953380bfb69c7

    SHA1

    7691080d09a6c7e83a5307856d1262563b5e88b3

    SHA256

    67f6a94b32bfebd182a9ec7f6b64b5866d7e9b24dc6e9ae7c7243e83f3060f3d

    SHA512

    a728045c079857f00aae068aaa493d5224a7807767092ee8ed5e4b4897bf77d9e11a960cf7b19b5636b8a1c2ab4f642d90cbc2b29b854ad79c601917cdeb5fa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f7ebe4a2cbe2dbac6583b08e1b19cd1b

    SHA1

    a17002154ff9a78d8b82be71956f3f119e8a892c

    SHA256

    ecd1cbe667940a18c7e0c7e0aa16c52d120846504d3c5f25771ca25e578668e5

    SHA512

    3bc02cfc99845da7f0926934e173accb57a3bae40957579fd6d61da031e2fcd1fa03fb04d5d50b3bb18e25c3f0f4c48f6ae9d94ee52534f95689a30c6317d8b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    12c25077a8d8e879c6978c2f40dd56c3

    SHA1

    93da07e845a4f62bd505648a36ff11eaff6f9779

    SHA256

    7c4ef8c7dbbb5c37e1ebb607d10f7eed4fe28af8c0035bc9140fecefe7046bfd

    SHA512

    0661f6c99e9f9f3ad2aa2d256edebdc8bed4bbf1603c9e3a49fb2c52ca9a7fb3988327e2eb58aa6a8077871b2227f4aaab9415e8422ca1a4776c2c7b51404d29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    42b78d65f6208c806c15f7cc8aa1dc07

    SHA1

    71cdf04262d99958a9243dffd5db7edca5d782f1

    SHA256

    a360d015e744b925993240b5c9d816601eb38473a352bf951677ce8ad84b066a

    SHA512

    3cfa78a315d5af132b506eef103e1dab2a798d692be72d0a09abec061f4d83c836d0e73b830fdeb1d49bf48526a76475974d149f8d20434d02814bb15c424eec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bb33e60e4410fa2bd4d5f1626204502b

    SHA1

    a0cffa9fd35494162d7901c27386af5bc6ac70db

    SHA256

    e4aa7d17108e19b4e061dbc952a43bfb1e7124eae1e3888c441d8ef96829538d

    SHA512

    2e8a0517451c8f5c4193e826b500c7e1adcb71765632146d674c4f52335d97b7424b38c68f8d9a6e25549fe57ff39d460914c22bb5294a317ff23b907e8317e5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8F27.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8F5A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit