Overview

overview

10

Static

static

7

3077d5358d...52.apk

android-9-x86

10

3077d5358d...52.apk

android-10-x64

10

3077d5358d...52.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_cs.htm

  • Size

    60KB

  • MD5

    0f640786196d6011e01155333821964f

  • SHA1

    066c679b1de3b92ff8ea552d1f80adf6891047b8

  • SHA256

    bf803405fedfdddb8633f549f97f4a5a53f4d1a0aae0726a4e4c2a380a611fc0

  • SHA512

    7f5545021dac362c111d315d4e3b049674d6fc3c8a198330eb35fd562ba6c4c888d4ac16341b10c3b3caa47187759b48ba2cdc12dbda2e1b5f702f3bf2c48a17

  • SSDEEP

    768:Jqj9py4zLWgQgkai1q2esuB+SgvHQ3tSOPz114I8nV213trFi+0IgTagDgrg71gd:+pySnFkaAvHUtS+D4I8V21CTTEM76V3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2144
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2144 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3c300a1d516bd2a5280aebeb74593a22

    SHA1

    036d8060fed41301298cb6e331f602080421135c

    SHA256

    c45519e072c8138d5afdf457612a239d1e8596cf5f4bd56d39b378c92422cafd

    SHA512

    a56ae5adee80fc4f27699156e750025828e8f1ef5e98af40b5ac6ebd20c437adf4f17e8abff5660dc861943103b4d6858e736e3a91b7da47c328df32bbfa6158

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e92e95c0bf2e8e5a7a3a138330afde60

    SHA1

    0f40661ef73f9a8b870c059b1331607e690c58b9

    SHA256

    c28a05feb5958a2d7c5dec42dcb4d502e80fa2c1c52d709fd0116413f4ad100b

    SHA512

    27f926f67070a9e231773e252c54194c34d2347882ce2a5717f48af1873431fb9e53d515a7dfdeecf7dd1780acb228154c33d9d3d93b5a293c0c525baa080c31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    acc51d2342f8e4975dbcf7b545a3f8a2

    SHA1

    63553d47a5fc092e5131318912503f917e63b99d

    SHA256

    18082b90acfdcbbcce56616aab5ca2e13925ab9f8535031c498bf1a5a259e4db

    SHA512

    21eaa1ed85478760b2eb5afa47e96aa1c639d557d1dd1f332f8796aad5472c0c809139fdd04841ee6716e68ea5ff0f04c189b311849c3d03e1dc3fa04798459e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    22201cfb8ce64a0efad5ec3d9e928f08

    SHA1

    2d6054bc87b28146ef2591927471e230dbf848ca

    SHA256

    e193718968d245d9f2627ad6373f7bfb810cef6b7dbbd9daf908cc70fa359c84

    SHA512

    bf9f2c903cde1648c3685f2dfc54367452f653f4d838921dc0d90e153dc27fe0e0a7bb38c6214dcecb5e1f8456ce38c0c0b44bf665159208c5d02f0a4aece0c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    59ddd9bbefc5eaf054970e8003df99e6

    SHA1

    0613477d31f2a4679e009939d90d89ee0d8d8263

    SHA256

    1168099abfb9a5dcce6a6ee5e28009d126e801f3f64f4c6d46b9773aff8bc1ff

    SHA512

    c8a071fabb11372ae694a57ee35b2b4662d0dec79b544ca3a0ec19f929eedd2fe0d2b8e6094f5963876b66dcd4861156a0b3224200a94c356c798a7aed792434

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f0ec9f1b679e87aee5d8678719c02df4

    SHA1

    fac7c5a29d98d5dc834e43ecc660c7625025229d

    SHA256

    9589b675e742b0e720fa4d37ec6fa175d9b24174a26f814089b7e9170377a357

    SHA512

    470b03caec58116e697a71c3290abebcb88ce2fbd46aed0f8e2bc263585033c40f0f2a90d51f77a9874e286a350f792cd1934375b92d7e5e8de8433087b90cb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0710f4b2c74f359d2fb40667b73c3c9a

    SHA1

    0c1cafb3b36bb2b0a785db0d135c3aaa8a8e10b7

    SHA256

    2ff0d3124eedbd4adca647e109db18489f27ef659446c3931cedaf0bcbd8118a

    SHA512

    db2f9722ecace066c5af3db6b936fc9c018ba0fb8d5922af3a9f6ee8f66db4e3597e3c0597b43224aa38d51c5c65d83ab211fa2bc26f5f05e2d720e0f6a6cd22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    170bbb406fbe88734faa765cbd897a62

    SHA1

    30b15187d0d9c82e3276deb11349e64315839a90

    SHA256

    7936a6b2038c72e4c7456175869f925337de82e6b670d7de249557fd641a3aba

    SHA512

    53659544cd2165ceedb67f7e99128314f07a8c70a00ac8cd3d1d88b45d734db8977c0fb194cb47528d731690a25ed4f34d81087116b5ddf5383b2dccbfad55a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    544288daf5a7984060d6613c125849dc

    SHA1

    af6da9cc7079a497c7e139740e4f63abf9436b65

    SHA256

    42f5c7d087fae9863152234f10ae5780744cd6a17927af9fed7f397dc0c34be2

    SHA512

    4d6a7456f860811cdb84659e92c9d4b395ed8bbbdd7b20de36b98201e9994308b4ceb425b8897835d371cef19a606b476289ff49a782fbb604430b074f6c2a60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    960d6fb66bfb44fbb84f2ca0cc4c80e0

    SHA1

    2dc50573770adf61bb7d5ecf9a9025a2ecfedb6e

    SHA256

    5acec6ca35216b779685f4a69e9b2f3cb832e5d76aa8cc65a70a5afa855d6d55

    SHA512

    14744ec1915653bfd210c70b8f345a66c99d722e729dba63d269d62de4afa6f2fd65de41a383cd7caf2cd1ad6f03a42784c78bc102b4ccf9f06dde2d58eba28b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d15785d478b7d8ece4ee83a804bd3200

    SHA1

    bbcd377f10024ddb85fb72ddfbc3855a74dc2372

    SHA256

    78e942bee3f52a9d31842d49f599eee4339715c13e5eba6f477ea493e4373edb

    SHA512

    c8a49228fb90a4379e89ee0a6d384341922b9692d80777aca1e5e85b7ef83ec0f0fdee940f6f695fdd00d3f3ee54bcee689b79f6bf3390f30a28a39378f7b739

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9cc22c3d128a27a99c2c57864e1d3552

    SHA1

    20bc6c43d9578d48e2faaada56b15cfd75a5df95

    SHA256

    c6dcee51d17052c26e618821550cf99937964b4bb64cf4e9aef54ccd9677f4de

    SHA512

    c6f18a3caded612ce444f42ddc0a3612f6f16d2305de742bf09affb6a8471e71c35e1b6906d15ee811a54ef4d0dbbb068e9b169360c690cf47844720cbe31b0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9cc22c3d128a27a99c2c57864e1d3552

    SHA1

    20bc6c43d9578d48e2faaada56b15cfd75a5df95

    SHA256

    c6dcee51d17052c26e618821550cf99937964b4bb64cf4e9aef54ccd9677f4de

    SHA512

    c6f18a3caded612ce444f42ddc0a3612f6f16d2305de742bf09affb6a8471e71c35e1b6906d15ee811a54ef4d0dbbb068e9b169360c690cf47844720cbe31b0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5aa15a6e10f0bc9c1c819458138428fd

    SHA1

    cf69316cc31d9941ed09ab36473128f4f40af9af

    SHA256

    f76c6e97003b017b97f44da8aeeb3728d34a34318a5d09283acf3259d276cc05

    SHA512

    4de8f274ed824b7f4d609579d573173efe9ce2502f006c7adfe15f0af25ee49b779e4154dcb435f137f870ca7a8e49a4b4c0be206d7851820eeb309ae12c3c58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    737f51bd271ea59a922e504b1c2e9348

    SHA1

    3367684b00a11ba6d3f9188f6453975275044895

    SHA256

    f379ae351cd245ebfeb913b7931d87f5cb8412b12f9333379f24bada95275545

    SHA512

    0a0125f6da04f81f179fa55ec34404f1b9de11be94f434b695fb847ebf0c40255656e188413083ad4727553e74f3773cd23190b8555735b784f07a34fe96e5df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d15377494ca3b508a58ebef4ea78d50a

    SHA1

    0675a66041fc9aa6e7e4b66f49a7d6a520e642b8

    SHA256

    ef251838cfe73e879eed8f41b75115a837f654ae0a6aa7f49d7f8e4c10cd0dc8

    SHA512

    4c72c8c58c8a0204b70eb6da7ba768e4808ffe1fca019087f2e38c2c64abb7dce0fb607bbb6a873ce385886c340eee3f45a93ab2ff1bf822d4dc2a7e3787317e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6d5b46e74c9162b868c4527ee19595ee

    SHA1

    c1137f0bf6ac05368a4e5253f90d815d5ca94fc5

    SHA256

    8d18151d518431e84e7fdad75f54842de109a205c108ab109b3fce7d00a8b05a

    SHA512

    2268b2076193f84c7d690087517ead70984562f5b37e3579bb1c466b2bd7a58b9aaf63c77cec32a27fee3e448c2af32505f4045d7296ff1b5dad89b499bff2fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    961880547d4781b11135a85cdd1c7c98

    SHA1

    beee6dd7e01645d4da0f1a2d12c84e7e0b057534

    SHA256

    d9e5c3f11c621282606b5e7f4037120aa503879b2a9d96480039bd6616ce7d95

    SHA512

    4300a5e785800040187c0a69c4638fb94c4d681f8ae077ea7d5a28829b44c8e002a7e5cb7e83be4d9b7cb3bb1a1f57abecbcfc5e618306993a33d2c8a7c14bfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9bced057c05e73188455e41fc9e0632a

    SHA1

    07c2d13fbea56b7da4b8e6831efdd46d59d26aeb

    SHA256

    4627fde1592aa2da3a38ae12abb054ca09e35cf8af7996efc28a04ad6d383923

    SHA512

    bc7c76b904fd455ae02037c8d51a2e0bdc1b7414b54e6ecbb096c868f823ed0c7ecbf45a33ab6701bbb6305d4b172cbb72073d6c28ee10d3d624254894185118

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB4F0.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB541.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit