Overview

overview

10

Static

static

7

975bf6a402...cb.apk

android-9-x86

10

975bf6a402...cb.apk

android-10-x64

10

975bf6a402...cb.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    157s
  • max time network
    161s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help.htm

  • Size

    53KB

  • MD5

    a249587defc4f17f972785d38bd76df7

  • SHA1

    a359c29f7a850e01688890e1990022992e353493

  • SHA256

    2c2727cf87a4a33c0fabcc1c61ebc978e9ab6bc362689a22571ec768f1361393

  • SHA512

    24a81603830a66fd4e06d6747ef55a2e1decf8cc2e27aa159e3bd06244749c323e78487d5ade8e0178dae9ed5ab77818a8e8015654673d3bd5b3ee619bcc5ea4

  • SSDEEP

    768:FWAtJoDQSUPSEXVe5wSCFz1K4I8Cnsro7:b6kxPSGowS8E4I8Wsa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5cbd5fabf15cec985d10499a7295543

    SHA1

    539b3f62c0a7e8507f09c7072a92724cbdc1cf25

    SHA256

    e97cf871ceb42cd974dd5e3ef6a69fcace256e46c31c8c35aacfb8bd2ce8b279

    SHA512

    26dc9cf2e7926a8bae9dc0a079595a1caa64069cdd42fc045ad34655089feb763a9c5f561ad67eb6fbc27c9cf62e4cdd7b55468ae10856f955ce7a80defaa8da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    076b72de9c3106b03d4a21debc8ff5a3

    SHA1

    fda2fd13a370e434f16b3f65e1c3fe9fae6cf05c

    SHA256

    89c8e15c5e97511dcc1bb13b9ef40c99e15152bd6c3f468eda9ecc0834def08c

    SHA512

    2c39bb2444f43d551031348fb7e1970196085a2b4ca74c18aa6d9d3a9048e4b5a220921fcc2945b51bfe3346c318d21156c5d3d7be7ebd60a7bcf3973e6befff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfb8eb280ea9c7f62f0080277b3d3611

    SHA1

    b6a0d7bf5e3fd8bbc141a0bc67eef3f7b9bda610

    SHA256

    861f54f6c11ec47695b64c7a5b05f32ed01348f36ca32e24982a96cbb61ad51f

    SHA512

    f82a615d1f1d261555dd9ce0c2d28171d482315d9bf825a714a9749d3ee7feeb0850d33c9fc8bd6c859f2046493ad764bb61e7fc66fc1109d576211ba0158ce0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a84119e17228bcdb7d8cde4994a14753

    SHA1

    c214bc7807825d63bea45808d2d08174fe96b822

    SHA256

    f3409748c55ffb9fdbc127b6c3ef8113d13c6792d0c3083bd5d10baecbb64172

    SHA512

    106c3658f7b42ec3611e9750063aea6f4682cbbf1541c6852576978a58ebba8fffc84896d887676b1a2bb092389c868afe2365a61b3ac758c90eb56d78bfc151

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72857e5099e8e1de7d8af3e869050a19

    SHA1

    ce76715c6b5485d5f90b9f5a525c011995266b42

    SHA256

    1a2a1b0cf96388a864ed97e2b4731e20b6e8358ec532ad549f302297ecf76ac5

    SHA512

    696ef252766c5a865b1fbcc4594262a64c16cfc3bbfef4c271da01f48f04e4b3341e8241683fd527cfd495308873688415a69b3af10d487af020fd552ac1a8b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0beea77c4b9e33a35d9e616947826506

    SHA1

    fad676d589363edebda13dddc474c8c50dbe1d0a

    SHA256

    af6682399ea7ad8dfbe283141db746b25a48f34ef7cbd47e36ba6d647277e423

    SHA512

    348b7710df31892b428b185ddc51da395e0679d191400c2d4380d69ca2c3cd0515695d8b7e26bc12339a1de10e3831a47617974258496775396f1030757d8567

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e849e0216e477a9ad95114e94bf42a39

    SHA1

    3302a2b0580ec8119f98dfb92474b38066b8e210

    SHA256

    9b3002129436edfbf242ff3895440dba0a40c2782a7bef77926a1deba49c0edd

    SHA512

    e27b794b3389c575b674242fa9add5127f9bd758ac5c8f798e94aca2e92b091f8d3eeca731720430ec44fddcee5feeb48f83c02a150d8417141058e218f7a753

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    119d7fdceb5c6f885b0b3b444ffa1b66

    SHA1

    9c39ace60dc48036351017ef30491ee2d18d71f3

    SHA256

    b82aaf33d49f816139f73e342c7fdac96091255f2d3fcb7c9f877c766460cf5a

    SHA512

    93c6dfaa60bd36a2535417bb5e938a92fd2a4049747789e4be2bac42e1f9d83a0664bf506b4524fa44a1e74b0b09da3b13e5d13ac1f54848bbb61bc54ff5ba30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54cd1414cfa9260efc3eafc4950a9054

    SHA1

    d5b930527a4a6ccb99753b74b9e5dd7da63726e7

    SHA256

    95453de3c36f68e8e819e38071d468285c16c14e35f37785ccf7f6f2a381a0eb

    SHA512

    98caec11e621017183e3d71c2cb3a11d1f71c27bceb6d8facdc865468ad8f0489ac57efb3f61a120c7f0c57712807ba6aa7b6aa1c858cfd10efe1db02bf48520

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc4c18a3b5627c0c98cf95df4cec6102

    SHA1

    0b0ca16f0473c54aae5d2b894cf6eb4d75bcec91

    SHA256

    cdb39d84990451fa0c5216a864aa6538c9969774fd93acd20cd7a2775ace0687

    SHA512

    15807e6724a32ef291da866d7e36b4fee3ddda30ae55916d534e2c9a810eeffe17d0c7dd4bb4ada5b583877bdc845c9f912f8d883c615176bf76fa3b6ace941f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c5f3c4dc770201324fc2956961ed3c9

    SHA1

    3dabf04472eb5661518d6a91b28d35e332f91bab

    SHA256

    dd0f534960a53b6acd4fbf12090618171c521f0ea505bed2a9c7b058adbe9591

    SHA512

    3e0dac5e374334e635bb634f9495fb41eec0f5625a967c9d6d7ecb573a84070e0a88133c92bbf4aba0c0a67dac97bb50e65453e258f35deb978a76ab9af7438a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34a886fed38cd73d15feb4f89cc3dc92

    SHA1

    4fb0e7c537c0f26db6729ffaf00731e33638c106

    SHA256

    898d0b4a40fc8a70b45425242d438f661d43f0da3f14aec789d79485666b208e

    SHA512

    9ab5f9a81bd8e4a3007f255821aab908a3da5ca86cf34c3c0911be0728b0e42baf5076e7a73db79b31e4108c7f60cdf440b3ccec45a2afb2828fa6b6df0fdfb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24cd0215b7931f049387dcc6fd1c27c4

    SHA1

    1cade25de0a04c520766bb407049567b4350730e

    SHA256

    457562c0c5834ebfb5247ac9a182d8cab7bfb7a4f90dd24f55c72530ed238d02

    SHA512

    a1100c48d3a56e34ed5085d0af52544a667dbe568e8e750298b6b0d88bac6757b2970e6b140a16c2de484f56e9a1f777930931c472a4b4dee859c938b557c347

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b77ae2044b56399d6a1ce202e9a00452

    SHA1

    c4552344655bc753f49b57a1f5eb56b71aee4220

    SHA256

    c7f94a8bf0dccc4f8dfefaa9703f7a473e092e5f20233d0dffb15408aaae78c3

    SHA512

    a612af643130370dc1f5172b601b67c62f0d91cdf2e5a564eca75a4d70d69286ee02cb092becabe1de6043f79cc5bda16122ee3acd9992064d03606bc8d80844

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8be80025684a89a933881dbdd3c48b87

    SHA1

    9e4f473a6dfd8c0fff108ccc8a1b7c6c886e7cd9

    SHA256

    69444283e4a3a867319e0fcdb761f5359c55fe4b383aa8d0b05f78ab0fd331e0

    SHA512

    83b4ef1e355b788569e7a22ebec7ee8324c9b3dd39da61d42fcb9a4b6cf076f467869bc3194b8f77d7400d211cc268dca6481d87d2ebdb5986c1e9dfafc4db5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1aded73e14c9deb56b8f00a0a2d75711

    SHA1

    260e284016255937345cdf14370f571e05914baa

    SHA256

    3ae2b5e9579524dde3116355d738886b2b89d6235052a46e118d0721475330a7

    SHA512

    18a93e4f1f5c889bdf263e064cc1212a4a90c1fdd6628c605d66b18ce8ec6044e858d4811f2e7e4c525842ca2a66d047a21ccea03e4407559a31040030f8a0b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35800868d6bab2fe4ade05376974a08c

    SHA1

    8bd17cdb2fc2cf1566a7d2f298af6013712281f6

    SHA256

    ab78f3627eddd22c9a5265fe960513a453c4a70c71b5dcaf11a2dc04228050c5

    SHA512

    2f787ee774da159928a5d08251d75f42d41774c141afb7b959198ae308d21c3160c8b237b2b269e1475c3d6b76c1b5dc5126f22ed977860b9bf3dc2b56b8d1c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67e5cf7911b0b8eeacd299ea03f9bb2e

    SHA1

    1c970e088e15cee7c91b0624e292e75a88d1db73

    SHA256

    6c08828e1890120fec07f691e3435cf1b4fc70d183e922e0766a124215dfba3e

    SHA512

    11e20a629ff80501375ae4db7075e2f8e85a5dc69473fe72c650f9b771bb0e8f750e08ba662049c0bfe1d3803534154f0b25a4e04952f170a72a8bff3ceac40d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47302bf8b9ecccde0ef568aef734bb16

    SHA1

    33f9e4e0581cb4c77fdbbeb5fb6d18f0db62b574

    SHA256

    e8e3ef51231c6cf673d38450d5474ef828c160433972f9cf961d79f73e77644e

    SHA512

    40f83cd1c12c95841645933266258785db18e36b0be8e658e640e3a47e8860349251a4c311e2a39289e79a9af552d75ca9957af2ff9175e889638e9b92d94b7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBA99.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD704.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit