Overview

overview

10

Static

static

7

3077d5358d...52.apk

android-9-x86

10

3077d5358d...52.apk

android-10-x64

10

3077d5358d...52.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license.htm

  • Size

    6KB

  • MD5

    407f13382c8d7a039a9eaef44f79642e

  • SHA1

    d16f70c6d1703efc33823ab385ceabd8447ac1bc

  • SHA256

    657c157f78e360d37e2485f6245b4f87789ece5a2b150a4f4fe9fead0c6facd3

  • SHA512

    213e32e5f04199153ad3702e8706b0399fdb8c683a47dfbde7dce8a91ef7786c7d43830eeaf5d03fade136a74ca0908eabd797be806d15c106a2e070579ada9c

  • SSDEEP

    96:27r6shoCs4pHbHF0cRKKxUREEQAk5cVB54x/XHFCWFJYJzzTF3G3zVHCU:DsmQHbHxRKKME6FWXHZLsXTF3G3BCU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2948 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cd738cc075254d59b1e49d173d15e8e

    SHA1

    914d810cb71cd4d2be54146a616e66b894f5dfa1

    SHA256

    51899c16754dc1410d8454f979c229bd09ffa7ec0bb33546de105b489f87e674

    SHA512

    b744070ff90994b6ff2ed7d57b81aa8d4f5d94221609564da2826218c61e7e92316e392d68fefbe4dceb0aec5ba191d1633e6792c5b09a99074671ccae1c5789

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    862f057b059ad236a1bb7dff92dbfcb8

    SHA1

    7e58825bdf5ab834ef5aadfc852a99b2e681efe6

    SHA256

    e7fd375fd10870c618ea84c8f5f105abd46029264748b23b3f8db48205cf079a

    SHA512

    e04da5cbfd9ec022a027677f8eb1ae95f5a4e20fa0d09b1f9c8ed935cfa6c99ab064f1c55f14f021dd78ddd5df1414653e7b2ed6aa18c09433b02cab83edf16f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    442b2a2803d88f2f45a81886216227f0

    SHA1

    aba6e81a1dbf5b728183782d06cc8565f4a1e421

    SHA256

    f142fe11c72e5a7830d6160b270b3e8bb2453ba32b9c7dea0a01810d587a8f16

    SHA512

    1d1fdf5c5ae2cf2cc318455e3fca8725f0623a5200bade81576ff506d2cc23c26af2c94566b252a1a22c0c46d3feef333ff386f4a52d0ded5d76599e73fa2fdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4ab77b1bb7412549bb4660d0d62fe90

    SHA1

    ea2fccbf2e574915e86eb686e8edb7f0018e4653

    SHA256

    e8f4e01f09082eead8c56d257762e07ea65b1107fbdbf8c9599fff1c2fadf7be

    SHA512

    4efe6dd2a16d06253816cc46cb27b47fa3640ccfc1c59f85fc711da62175407b40bf12bf34bcbfc94e30399e8a130403fcc102c9176ebd17423ae8c1bf5f24a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71569fb56973f8298d80c494ab0fdcc3

    SHA1

    6064df8933708ec9bcd07c5cb8395211feb10c2f

    SHA256

    2af1192f6b3ec24999eb0176229a04099c566fe057a1177ecdae10896cf471a7

    SHA512

    50eb3a128b220b78f6556a5eb56760471952b3d5affd018bb607eb0840f4aacee3394a548ef0a4fbad9c0806bd03bba0929333d59ba9e33086de1c929e67e002

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9f5a520f9a32b3e61f9856604d9c6ea

    SHA1

    bbe9e870d20dc28966974bca83b5c584aa016ec9

    SHA256

    4b824505ac698d1afe76899f0cafdff5e51518307daa8966589b062ce35862d5

    SHA512

    6bf11ff2330039034f2e28bf5d27fae37748d6caac75aeb9ed3e017b6226e3c7b9d7669601b15473b949c8f9068458fe540d79981fdb303e6cbfc1a3cf41241e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4839bcdb95a47cc6549c8b77ae4ed57

    SHA1

    e04be37fa151d6a4631d9dad3bee14904e82aed6

    SHA256

    1d2d7278a3d4baca5e230f01d0f515dd473f3781aab10e3369c8a1cc5cf33265

    SHA512

    2db635da1f6953b83df9c1664403279930bd73c88d1f85f62dfcd5bb4174ae6d8c084deeb30841a55939350589c00b3dd88a69f6a0e1fbd5d71bcfac9667b4cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1b156e410e9e85267effaf727a639f5

    SHA1

    6da5dd43eaa8497545a8b4c5ed9a3ff8c1941d55

    SHA256

    e97e727b3a52e38b6e53c0b35eb31da51be0549c651dafabb93cd3ab79fe1ee1

    SHA512

    8d09a4899d6e2cf2ce8c87cd5e35c48306cd2a4a05e9621f2bee0bebea4431755a32469cf81c1249acd2d37f8414744016438fdf22b5e24080076b5428f9ca3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d288d941c06101fd4af146d83ed58d96

    SHA1

    2a05fe774175f97d3e74a3267248a655a1c30e38

    SHA256

    a512605f333d8b66fbe511685ebcdf8faa0ac97df5436a701bff22ce4d131ea6

    SHA512

    3c5e6bc1de195744f516af2ffc3649ccfcbf3d2aae641bdc03a26005fb0f11877731edcb0819bbe13e7b2de92313ef9ac08fef7609bf28618c9e336d70957aa1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7CB0.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7D31.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit