Overview

overview

10

Static

static

7

3077d5358d...52.apk

android-9-x86

10

3077d5358d...52.apk

android-10-x64

10

3077d5358d...52.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_uk.htm

  • Size

    114KB

  • MD5

    ee5debcf16d309d049ac633b5834a58b

  • SHA1

    ad9e5e501bc770bd22695b81482bffe1fc5fd62a

  • SHA256

    7ae8f11037e5639b61064b8b0e881fb32c1a047f6877f9737541454d2eee80ed

  • SHA512

    21f6d268794424f57639614d97edb81109d01f402886a242b120f206bb1fb770475ec2b3885884e13cdc1af09e2d982be999ce38150c7b69552b1ff899278506

  • SSDEEP

    384:CBd+WmQvJOWzmSBkhpJ4/HweDM1C1ytpXjAoLU/S2wVIEMpaMtM/LPWZdO+2+FX6:HhzSEXeyag

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_uk.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    982fad13cfdca7614a110339c6ffbff6

    SHA1

    1ae423416d69a433076e9cce045554e9e045baa6

    SHA256

    a59a66aa77f2348706f1656f7f707fda8a1599a82ae6b69ec5d3b27346330e06

    SHA512

    e8a7e47d46838468233b265e9cfa1d23c04ebde35c4676f1d20f0fea057697d195ea015dd82593474fa52b85ef9d6a5e22ad6338a4f8ee9ba24f9429ea7a1c94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f91bed0d67280bfb5b19d450b63c2111

    SHA1

    efedc63f9a76ff8a61ff38f1572659a4bc93309f

    SHA256

    4a65b4864cf7a93f4b594bdec7d4a2949d8338cfec293733e6bf8670389214b4

    SHA512

    df5415a735bb69c7d8b75eb1a713ea4a8f6871aeedf83009b966b75a8d8a7bd75bd38497e5bad2114ea2ed1485e6bfcc0871103bc01dc4516a726715cea83234

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65469be1a2cf0bf1997501d6864542a7

    SHA1

    5185e219241a64e9c3080aa47c63971e46ed2763

    SHA256

    c49241f83dbdec24d1f94f5b60d283a57bdba06baa0f945af3bb4e6d023f0799

    SHA512

    c82561ff5e0881b3f1bfc5085d8969d4278130114993be759131661c4a184a847a8352fc07eee1717610293e038a4e0740bb78e37df5915719e174b0752798c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bdf2bb0c0a5da4eefcc1d96f288f670

    SHA1

    2a56e6140f8acc9fc6cf17dcda795186e75acde2

    SHA256

    6aa0821d42cae0b4f25b76f5c466c9cfa961e8a1a8ba0d7622ed3eabacd87540

    SHA512

    72f83c4db6cec12d11821c6e3bd07b01fc1b00c30bcc19e2804ec8e741e2dbeb31b877f154f0b8e3ef27578ed6cbb3af6b58ad903a686981b6a7128045614549

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27255d00d59f0fa1e5d25c3369fddac5

    SHA1

    09793d28e0f0a0e9a520dc93d2012a20bcbad44e

    SHA256

    ee41d9f1d002f04f451bf22c86b60918224417b785acc960f67691009c065e6d

    SHA512

    b46ca262e4f71be9d9c385a099516821c36b682c8ac24decbabae314b89c2ed79279b582ec03b2e9c647f789691ad893d7c0db9ba10f9965e7456a3cfdb94567

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7062461d1d1d766714e7ece9be394f64

    SHA1

    05a127fb10986d76accbeb6f3eb776e7ad1431cb

    SHA256

    70d376184438060deeea371c17bada94032e41dda921ef884e6822f5a5d8ec49

    SHA512

    bed74a96d066e3e6c72f38aa24c0358b3363269a3fb7d646f467c41f3c82df5f2a8109b3eb99786c2a6e89e93454fccb9a47a531d9fccf4af37aed093c05c16d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3128d3a5ff6af5dd3be25b99762965ac

    SHA1

    ee303f3a226660adafda9ad55435fafaffb60fa0

    SHA256

    dd4c62b63865fb555abd2974ad7c6dd8abeb71f476bc01721f8e3cf37f194cc7

    SHA512

    1aa413454b1224afcb0f5bb2a7793cb7786ab86b8797b96cc31e464b8ec6f3e582cdbba6117a57b0548f3d71f661e33891169531563b30c837e4a936a0d950aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    253f44733912897fe8108e4621f3b0d6

    SHA1

    f61f2c4a388f9b94ea1760bab48dc0dcec97c661

    SHA256

    2e9ac7e765ee5e47a7395b861cc298aee24e0a29653df098caedd0a4e23b8863

    SHA512

    d5055f7e00a5094a2add09bd554e20e6f09948284b9d41c76e22a50d28d8f5f4f9ea154d469d9af957ae2ebf952878434fbef5c013ecdc99d4532b1b088931e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3c49ce1267bcd5235599137c56315a3

    SHA1

    0bfea700ffc2ee76a6fda711084ff6645f8f4331

    SHA256

    56c5983557edf53c0e26f83741afe1b9b51e26e46bca20a8a078cf4683a8f165

    SHA512

    3ea85245466d6225d58f0a9956215234dab7ad3ea57e4ccd9677fd9384a7dde3d6d9a4dfdf7c53a86626f13f5a225db2c9ff317f09c6619625a1f96514559de4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0992ef0e1337a7c7e055076cca6fbe7c

    SHA1

    2b5f51ef0849ef8b3343ba42722faebf4673ed2a

    SHA256

    eefe76b62958f7e3f7a24036d462c7608931d273480bd24737cef616d2848c30

    SHA512

    a9778e346de7d7ff5b6e508b2d33af254780eee1e1679042ec26e8f3df39c81033622a37f180f991ac34a7dc64f28b34c651d89f522f90afc36ff3112ff4df99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    656ddd8f947e2ea22a851c3423f869f3

    SHA1

    418886e9b7afb25b27e91086710e19c2ef86364f

    SHA256

    2ecf46e23812faa8e003c47b4e02064d3a1c39e8aaebf80b35207070df4415bc

    SHA512

    aa1eb7ff9c5458a1b81f74abd3d3febae173ca149dbb0ff42099e63415939f6668c8eaaec6284f894daeebd56cd0407fd444db115f40a793d802336412d0402b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27e0aecca3354aa7f3feb88f6b4ff6cc

    SHA1

    6c549dbac8867d0a62048c28f967819f9846cbce

    SHA256

    540b9e6363e0d5ece0bb97769e530d006ffc8ff60c8bb95b4f52fb5de9968eba

    SHA512

    f45bf813cecac342a3979b39dbc85fa54242f27f435c7653ad1cb5b4a3141050ea7d457388fec91c01a50f8e2f327f41d9d3fa79167abb6f8fcfbb44b1bcb0c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f15e82f6aa759f054fa016097a657d23

    SHA1

    ef129ab1078013dc4e717651791ab0a9a31c3b5b

    SHA256

    12d25871f12e043886fedbb40acf9e7585c085d98158b2b23623950f516efc0b

    SHA512

    a1f2691d3f82246258408574edcf9e361f8fd748405136f3ef0f2f5475245ea8249ab5ba4bc7c0f39c9cb7fd4aaf52d6463dd86ae4764e04e5385b6f5645d57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea0723a35574fadc81299dd47a4e2bec

    SHA1

    7ecb5fb0d23203aeddfe61724cb6a88bff59b0f2

    SHA256

    0b0f2498bdde99a257a48e01b9fd86b0599d0d24729f5b2cfc5a2ac130d1210d

    SHA512

    2c5ef09e7806202956419caa59108ee449ed90e4e35211f7e105bf8c45eee984ecedd31087a38a7ca320b0c9600a2eb1af3a7c4d8a98a7927fa133b2705d9dbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9ef88d21e72cdb1a1a816b0f1f49d5e

    SHA1

    5b53f741720101d9f3a31c4320a31193d797ed8b

    SHA256

    12f5ca1ce9727574dcac6f06cba5841c2073915b6c48ad7aa78acc523e0dca62

    SHA512

    878fceb98f55456c0c3babed424efa20d76a55ac39270cadc04e1bc27f0aed8acd0ec49393b0ec6dd650ad243602e7c673d67febae9a3a3f211a153f338fa07e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d55896b3bf2e646446b8054a606512e

    SHA1

    4fcce2e16ef48aa5a8de8d993cf942a707f3ec6e

    SHA256

    1f89b02aacb811f0891d5500310405802324b09aadb839ac13f57319da8303b9

    SHA512

    6d6362afa339f9168d888bbe87b3428834e1fbafe6f9e5f58fef486c9432b7fd0ef75cfc638e9b4cfc767da9ed96055076fd2ce77fed78f66a1ff41e7ad12745

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1e19f80f2915a59f1263be21aac55be

    SHA1

    2c7c51b0dd78d2d2ec7aea49f4384cc1077a6c7c

    SHA256

    eb20b0b534fa9e6f25836dc5fd2e4f1bf5a66939983329744b467ef9c7294859

    SHA512

    1af51dd4234b82046930e52c39be4c83864d3a90179f87ffa21567e2d87f0c9d0170e04ac280aa5af2ad268125a41c40638b9360d33e93912b31937c442f290f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    613285fe0d1aeefa6c362586107ecb11

    SHA1

    f5f988aa05e29a6ca2f61e260499346eac14ca68

    SHA256

    ec768793a22e6edcba32e6cf99647bd47c5520f547f11ad21a996984c22ee923

    SHA512

    2bbea0d423b75660ff1043cfa0678960f3612865260f373ae9242f2b853373e79cea891b067d2a4261082e7b0050d45509c76c647ab0e480bc5e2bd6470f134a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4F4A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4FFA.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit